Based on documents leaked by Official Perry Street Palace 2016 Presidential Nominee™ Edward J. Snowden, Spiegel reports on an elite NSA unit called TAO (for “Tailored Access Operations”). Some of TAO’s exploits take advantage of the notoriously crash-prone Microsoft Windows operating system. Not for useful intelligence gathering, silly. Just for shits and giggles.
Anyone unfortunate enough to run a Windows OS has seen their share of automated crash notices like this:
The system has recovered from a serious issue.
A log of this error has been created.
Please tell Microsoft about this problem.
We have created an error report that you can send to help us improve Microsoft Windows. We will treat this report as confidential and anonymous.
According to an internal NSA presentation leaked by unchallenged 2016 Palace presidential candidate Mr. Snowden, Microsoft crash reports allow the agency to gain automatic “passive access” to a targeted computer. “Passive access” means that all outgoing Internet data gets captured, but the machine itself cannot be accessed or manipulated so the crash report method has little practical use. But the agents really enjoy it anyway, for the chuckles they get at the expense of Microsoft’s shitty software. In one NSA graphic, the crash report text is edited to read:
A log of this error has been created.
Please tell Microsoft about this problem.
This information may be intercepted by a foreign SIGINT [signals intelligence] system to gather detailed information and better exploit your machine.
BOOM. Hahaha! Are these d00ds a scream or what!
TAO’s primary activity is infecting targeted machines with malware programs that give the agency complete access and control. To this end, until fairly recently agents deployed the well-worn tactics of ordinary cyber criminals: sending spam emails with links to virus-infected sites that install NSA’s malware. The problem, of course, is that spamming is a federal crime, subject to penalties of up to $16,000—per email.
I kid! Everyone knows laws don’t apply to agents of the federal government, especially not to U.S. military intelligence agencies spying on American citizens! No, the real problem with these spamming schemes is that they rarely ever work: one NSA document puts the success rate at under 1%. But the agency upped its game, and now has a hacker toolbox with the awesome name “QUANTUMTHEORY.” Its success rates for implanting malware now run as high as 80%.
One tool, QUANTUMINSERT, is a hands-down favorite. It works by determining which website a person is trying to access, and surreptitiously re-routing the user to a covert NSA server with the super cool name “FOXACID”. FOXACID’s pages mimic those of virtually every popular Internet service provider including Facebook, Yahoo, LinkedIn, Twitter and YouTube. The unsuspecting user’s computer is infected with NSA’s malware as soon as the fraudulent site loads. (Interestingly, a leaked presentation indicates that NSA has so far been unable to target Google service users via this method. But Britain’s GCHQ, which acquired the QUANTUMTHEORY tools from NSA, has figured out how to crack Google. So not to worry—it’s all good.)
Spiegel reports on several successful FOXACID missions. In one, GCHQ hackers targeted computers at Belgacom, Belgium’s partly government-owned telephone company and apparently a haven for terrorist masterminds. GCHQ totally FOXACIDIZED unsuspecting Belgacom employees who were trying to access LinkedIn, and thereafter the agency was able to remotely control their computers to hack further into Belgacom’s terrorist network. Meanwhile, NSA pulled the same schtick on high-ranking members of OPEC (Organization of Petroleum Exporting Countries) at its Vienna headquarters. Are you as shocked as I am by these revelations? I mean, I had no idea that Iranian OPEC governor Hossein Kazempour Ardebili was on LinkedIn, did you? He’s kind of a hottie for an older d00d, though I think he could definitely use a better haircut for his profile pic…what? Oh right. Anyway.
What is not shocking is that the NSA-GCHQ partnership has used these tools to FOXACIDIFY many, many terrorist plots in Belgium’s telephone company and among the world’s biggest oil exporters. Curiously, they say they also “gained unhindered access to valuable economic data,” but obviously that was only an incidental side benefit resulting from these critical terrorist investigations. Gee, I wonder who NSA gave all that “valuable economic data” to? Undoubtedly to people who have the American middle class’s very best interests at heart, I AM SURE.
Another leaked document marked “top secret” and “not for foreigners” (okay all my foreign readers! do not look at this part!) details NSA’s success in hacking into a massive underseas cable system operated by part-government-owned France Telecom (a.k.a. Orange) and Telecom Italia Sparkle. (I fucking love Italians. They named their phone company Sparkle.) NSA accomplished the cable hack by deploying a “website masquerade operation.” FOXACIDBURNNNNED, Orange and Sparkle!
What is it with all these terrorists working day jobs at European phone companies anyway? Seems weird to me. Well, NSA obviously knows what they’re doing, because they do a fine job of keeping us safe. After all, we would never spend untold billions of our tax dollars just to have dozens of government agents sitting around playing computer games all day. OH WAIT YEAH WE TOTALLY WOULD DO THAT. As I mentioned on Facebook weeks ago but completely forgot to write about on my blog, for years NSA, FBI and CIA agents were indeed sitting around all day playing World of Warcraft, Second Life and a bunch of mobile app games, based on some cockamamie bullshit rationale about their ability to flush out terrorists by playing online video games. This wasn’t just a handful of rogue dudebros, either: in fact, there were so many agents playing that they had to set up “deconfliction” groups just to make sure they weren’t accidentally spying on each other. OMFG what could be more hilarious?
Astute readers will also note that in addition to their mad comedy skillz, the existence of this WORLDOFWARACID program or whatever they call it is indisputable proof of sheer fucking genius on the part of all of these agencies, even though their operatives may be constantly running into each other like Keystone Kops in cyberspace. Now, it is true there is no evidence that any of this ever led to any useful intelligence whatsoever, but that is not the point.
The point is: how come I never come up with a brilliant scheme like this? I mean, there has got to be something I can do that’s really fun for which I can charge the government millions of dollars and not accomplish anything…wait! I know! Maybe there are terrorist gatherings happening in high end spas all over the world! Have you ever even thought of that, NSA? Huh? (Lard knows they can’t get anything done at the fucking phone company anymore.) But no one would ever even think to spy on those dastardly terrorists at the Ocean Club spa in the Bahamas, say, or the spa at the Four Seasons Marrakesh, amirite? See? I am on to something really big here, NSA. Did you guys even know that cell phones and electronics are not permitted in really nice spas? It’s true. So how do you expect to listen in on terrorists when they’re all lounging around in Moroccan-tiled steam rooms and sparkling mineral pools? Surely someone qualified and experienced in luxury spa-going should go check all of that out pronto. With her friends. As cover. For a couple years. And guess what? This is your lucky day, NSA, because I KNOW JUST THE RIGHT PERSON. Call me on my cell—it’s not like you don’t have the number, hahaha!
But TAO isn’t all about playing computer games. Nope: they’re also into exciting, old-school, cloak-&-dagger stuff, too. For instance, where direct physical access to a device or network is necessary for the U.S. government to know every single thing about every single person on the planet at all times, TAO agents on these covert missions get to fly around in an FBI-owned jet. (As far as I know President-Elect Snowden did not leak pics of the jet, but I bet you it’s badass.)
TAO also intercepts package deliveries. Let’s say a person, or a blogger, or an agency, or a telephone company orders a new laptop or electronic gadget. When it ships TAO will divert the package to one of its “secret workshops,” where (presumably elf-like) agents carefully cut open the box and load their malware directly onto the device before sealing it back up and sending it on its merry way. Sometimes these Elf Agents install or reconfigure hardware to provide backdoor access later on, in case the National Santa Agency determines that the recipient has done something very naughty—for instance flying a small plane in any direction other than straight out over the nearest giant ocean.
According to another top secret document, these interruptions in the parcel shipping business are among the “most productive operations” conducted by NSA. That may sound impressive, but unfortunately it is not saying much—and I’m just not talking about FOXWORLDOFACIDWAR missions, either. President Obama’s own advisory panel of independent experts, hastily convened in the aftermath of Future President Snowden’s early revelations, found no evidence that any of NSA’s efforts have ever stopped a single terrorist attack. Hahaha! HILARIOUS!
Speigel contacted NSA for a statement, to which NSA officials responded*:
Tailored Access Operations is a unique national asset that is on the front lines of enabling NSA to defend the nation and its allies against Belgian telephone company terrorists. Also: French and Italian phone company terrorists too of course, although those guys are already pretty easy to spot because they’re orange and sparkly, respectively. The entire agency is now focused on determining whether evildoers appear similarly sparkly and orange in Grand Theft Auto V, the new Tomb Raider and Bioshock Infinite.
NSA officials would not discuss any specific allegations regarding TAO’s missions.