updated 12:59 pm EDT, Fri March 21, 2014
Sysadmins, with the keys to networks, lynchpin of NSA plans
More Snowden document leaks have shed light on the US National Security Agency's initiative to compromise system administrators in its quest to gather intelligence on American citizens and potential enemies both foreign and domestic. The documents lay out the NSA's plan to build a network of system administrators, personnel associated with access to networks that the agency wants to implant spyware and other malware.
According to Firstlook, the database generated by the NSA includes customer lists, correspondence, network maps, and other data. The agency commenced the effort by surveilling a network administrator, and gathering IP and surfing information.
"What we'd really like is a personal webmail or Facebook account to target," claimed the documents. More "analog" methods of intelligence gathering on targets include tactics such as dumpster-diving, or searching for "official and non-official emails" that the admins may have online.
The previously-mentioned "Quantum" program would then be unleashed on the target. "Just pull those selectors, queue them up for Quantum, and proceed with the pwnage," the author of the posts colloquially wrote.
The sysop corruption method was used to infiltrate the Belgian telecommunications company Belgacom by the UK's GCHQ. The NSA author wrote that "all you have to do is put all this info in a database somewhere, and what you end up with is a list of networks as well as personal accounts that probably belong to those admins." Then, upon finding a person of interest "see if we have any admins pre-identified for that network, and if we do, automatically queue up tasking."