The Dutch newspaper NRC Handelsblad reports that documents leaked by whistle-blower Edward Snowden reveal that the National Security Agency had deployed malware to create a world-wide botnets that ensnared as man as 50,000 systems.
The operation, which was conducted by the NSA’s Tailored Access Operations (TAO) unit, infected systems with malware which could lay dormant until activated by the botnet’s command and control servers (C&C), then sniff out and exfiltrate data which was funneled back to the NSA.
The intelligence agency described the operation as employing “Computer Network Exploitation” (CNE) techniques, more commonly associated with hackers and state-sponsored espionage tactics that the U.S. has long condemned other nations like China for conducting.
The following graphic published by the Dutch newspaper is said to be from an NSA presentation outlining the scope of the operation, with infected systems spanning five continents:
The CNE operation was designed specifically for “enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks,” according to documents.
Read More Here and Here…