nsasecurityprimary100052681large500
Data Privacy and Security

Some hackers are unknowingly gathering intel for the NSA

The U.S. National Security Agency and its intelligence partners are reportedly sifting through data stolen by state-sponsored and freelance hackers on a regular basis in search of valuable information.

Despite constantly warning about the threat of hackers and pushing for their prosecution, the intelligence agencies of the U.S., Canada and the U.K. are happy to ride their coattails when it serves their interests, news website The Intercept reported Wednesday.

"Hackers are stealing the emails of some of our targets... by collecting the hackers' 'take' we 1) get access to the emails ourselves and 2) get insights into who's being hacked," a page from an internal wiki used by the agencies reads. The page, last modified in 2012, was among the files leaked by former NSA contractor Edward Snowden to journalists and was published by The Intercept.

One such cache of stolen data is known internally to the Five Eyes alliance -- the intelligence agencies of the U.S., Canada, the U.K., Australia and New Zealand -- under the code name INTOLERANT.

"INTOLERANT traffic is very organized," the leaked wiki page reads. "Each event is labeled to identify and categorize victims. Cyber attacks commonly apply descriptors to each victim -- it helps herd victims and track which attacks succeed and which fail."

The victims whose data was pilfered by hackers and is part of INTOLERANT includes: Indian diplomatic missions and navy; Central Asian diplomatic missions; Chinese human rights defenders; Tibetan pro-democracy personalities; Uighur activists; the Tibetan government in exile, the European Union Special Representative for Afghanistan and Indian photo-journalists.

Some of these victims coincide with those targeted in state-sponsored malware attacks previously reported by security firms and believed to be of Chinese origin.

Analysis of the INTOLERANT data points toward a likely state sponsor based on the level of the hackers' sophistication and victim set, the leaked wiki page says.

In addition to gathering information from data stolen by black-hat hackers, the Five Eyes agencies also monitor security researchers on Twitter and blogs as part of what's known as open-source intelligence or OSINT collection.

A program codenamed LOVELY HORSE that was created by the U.K.'s Government Communications Headquarters monitors a long list of Twitter feeds, including those of high-profile security researchers Tavis Ormandy, Alexander Sotirov, Dave Aitel, Dino Dai Zovi, Halvar Flake, HD Moore, Kevin Mitnick, Mikko Hyppönen, Mark Dowd and the Grugq.

Evidence of the NSA and its partners hijacking botnets and the cyberespionage efforts of foreign intelligence agencies was also revealed in a report by German news magazine Der Spiegel in January that was also based on documents leaked by Snowden.

PREVIOUS ARTICLE

« The Upload: Your tech news briefing for Tuesday, February 10

NEXT ARTICLE

Buying Uber might give Google a ride into the future »
author_image
IDG News Service

The IDG News Service is the world's leading daily source of global IT news, commentary and editorial resources. The News Service distributes content to IDG's more than 300 IT publications in more than 60 countries.

  • Mail

Recommended for You

International Women's Day: We've come a long way, but there's still an awfully long way to go

Charlotte Trueman takes a diverse look at today’s tech landscape.

Trump's trade war and the FANG bubble: Good news for Latin America?

Lewis Page gets down to business across global tech

20 Red-Hot, Pre-IPO companies to watch in 2019 B2B tech - Part 1

Martin Veitch's inside track on today’s tech trends

Poll

Do you think your smartphone is making you a workaholic?