Analysis Of U.S National Agency Malware : It cannot be denied that nowadays information is a very important asset for any organization, states or individuals. In recent years most of the countries shifted towards the field of cyber warfare rather than the battle from the ground zero. U.S national agencies have also adopted the same method in order to prevent their harmony against the state enemies. In this paper, we will see the main methods and malware used by the U.S national agencies in order to protect their state and to spy on their enemies.
Keywords: NSA malware, U.S Privacy issue, Prism, U.S Surveillance program.
Analysis Of U.S National Agency Malware
State-sponsored cyber hacking and spying has come up in the news more often in the past couple of years. Some examples would be stealing classified information from militaries to use as their own, agendas such as hacking film producers if they release a certain movie, and the use of wiretapping and stealing personal data. With growing amount of confidential info that is stored in databases and personal workstations, the amount of state funded hackings and cyber spying will increase dramatically. The goals are to gather intelligence, steal technology and designs, steal personal information, to sabotage, or to vandalize. Countries and people are affected negatively by cyber hacking and espionage. Government supported cyber hacking and spying uses capital and support provided by governments, from time to time secretly and without acknowledgement. Stolen trade secrets and designs make the company less competitive when competing manufacturers duplicate items and sells them. It costs the United States alone thousands of jobs and billions of dollars in damages a year. People also have personal and sensitive information taken from them, such as social security numbers, bank account numbers and records, and personal emails. With the continuous security threats facing the consumer, more money is spent to avert and guard against such attacks.
Some of the Famous malware and tools that were used by the U.S National Agencies
The PRISM surveillance program was both used by the National Security Agency and the United Kingdom’s GCHQ. The purpose was to provide mass surveillance for data gathering of web users and governments. Phones of world leaders were tapped and bugged to monitor them. Encryption keys were broken to ensure that national security would be kept safe. One of the positives of this PRISM surveillance program was that it foiled an Islamic plot to attack New York City’s subway system. It questions whether public favor this type of mass surveillance program in the name of national security or do they want their privacy more than anything.
Flame computer virus
This Piece of malware secretly examined Iran’s computer grids and transfer back the intelligence information to prepare for a cyberwarfare movement, according to the officials
The United States and Israel supportively developed a computer virus Flame that collected intelligence in preparation for cyber sabotage aimed at slowing Iran’s ability to develop a nuclear weapon. The effort, involving the National Security Agency, the CIA and Israel’s military, has included the use of destructive software such as the Stuxnet virus to cause malfunctions in Iran’s nuclear enrichment equipment
Regin is a malware and hacking toolkit used by United States’ National Security Agency and its British counterpart, It was first openly shown by Kaspersky Lab, Symantec and The Intercept in November 2014.The malware targets specific users of Microsoft Windows-based computers . Among computers that were infected worldwide by Regin , 24 percent in Saudi Arabia, 28 percent were in Russia,9 percent each in Mexico and Ireland, and 5 percent in each of India, Afghanistan, Iran, Belgium and Pakistan. The ‘back room’ of the creators finds collisions in SHA2 message digests, suggesting a lot of CPU time is taken up.
EternalBlue is an exploit developed by the U.S. National Security Agency (NSA) according to testimony by ex NSA employees. It was leaked by the Shadow Brokers hacker group on April 14, 2017, and was used as part of the globally WannaCry ransomware attack on May 12, 2017. The exploit was also used to help carry out the 2017 NotPetya cyberattack on June 27, 2017 and reported to be used as part of the Retefe banking Trojan since at least September 5, 2017.
Privacy issues help end NSA spying programme
The NSA is was allowable to carryout surveillance within the US territory but it managed to escape this restriction thanks to one section of the 2008 Foreign Intelligence Surveillance Act (Fisa).
This let it snatch the telephone calls and messages of US residents which specified or generally included individuals outside the US it was watching out for
NSA had been broadly criticized because using Fisa and gather up lots of e-mails, texts and other material sent by Americans without taking to apply for a warrant.
In its statement, the NSA said technical restrictions, privacy problems and the struggle of carrying out this type of surveillance had driven the consequence to end spying program. It also said it would erase the “vast majority” of data collected via this spying programme.
The forces to spy laid out in Fisa were expected to be examined by the US Congress and are set to be restored before the finish of 2017. Numerous individuals from Congress have been disparaging of the spying exertion and lawmakers were relied upon as far as possible its degree amid the renewing and survey process.
The US Federal Intelligence Surveillance Court which supervises NSA requests for surveillance warrants has also criticized the Fisa spying programme,.The NSA had defended the Fisa-allowed spying, saying that it had helped it gather “critical” intelligence.
As a matter of fact, a country should not in any manner compromise with the national security, and should exercise all possible powers within the legal framework of that particular country to monitor suspicious activities. However while doing so there is a greater possibility that normal civilians unnecessarily come under the surveillance of the authorities, and ultimately results in violation of right to privacy of an individual by the monitoring authorities. We need a healthy balance here, too much trust in government is a bad thing.
The violation of Personal privacy in the name of national security is nothing but a way to mislead people. Already we know that India is going through a crisis of corruption almost in every field, even the aadhar card details have been breached to a foreign authority. If this violation happens, maybe even our credit card details and all our important documents land in some wrong hands as nowadays almost every other person uses PayTm or Online banking. Even their personal information is on cloud databases. So this idea of ruling out personal privacy is not at all justified in the name of National Security.
- What is Malware? How Malware Works & How to Remove it n.d. https://www.avg.com/en/signal/what-is-malware (accessed March 24, 2018).
- Nakashima E, Miller G, Tate J. U.S., Israel developed Flame computer virus to slow Iranian nuclear efforts, officials say n.d.:4.
- Nguyen D. State Sponsored Cyber Hacking and Espionage n.d.:10.
- Regin Spyware Collects Government and Industry Secrets, Then Covers Its Tracks. Popular Sciencen.d. https://www.popsci.com/insidious-malware-collects-intelligence-and-covers-its-tracks (accessed March 24, 2018).
- NSA exploit EternalBlue is back and powering WannaMine cryptojacking malware | TheINQUIRER. Http://WwwTheinquirerNet 2018. https://www.theinquirer.net/inquirer/news/3025754/nsa-leakedhack-eternalblue-back-and-powering-wannamine-cryptojacking-malware (accessed March 24, 2018).
- Gallagher R, Greenwald G. How the NSA Plans to Infect ‘Millions’ of Computers with Malware n.d.:15.
- How Leaked NSA Spy Tool “EternalBlue” Became a Hacker Favorite | WIRED n.d. https://www.wired.com/story/eternalblue-leaked-nsa-spy-tool-hacked-world/ (accessed March 24, 2018).
- Global ransomware cyber attack: Hackers exploited US spy agency NSA’s tool to trick victims. Https://WwwHindustantimesCom/ 2017. https://www.hindustantimes.com/world-news/hackersexploit-stolen-us-spy-agency-tool-to-launch-global-ransomware-cyber-attack/storyLOw5de24gOPXnOS2QNK3AI.html (accessed March 24, 2018).