NSA’s TURBINE Pumped Malware Into Millions of Machines at Once

As if his US-policy damning appearance at SXSW earlier this week wasn’t enough, today Edward Snowden released a new set of documents detailing the NSA program known only as “TURBINE”, a system designed to distribute malware en masse to as many machines as possible within the shortest amount of time allotted.

Published this time around by internet magazine The Intercept, the set of by-now-ubiquitous PowerPoint slides reveal a campaign concerned with one one thing and only thing only: scale.

Where the NSA was only penetrating a few hundred computers ten years ago, TURBINE was the program that helped launch that number into the stratosphere, infecting tens of thousands of computers with highly advanced automatic surveillance tools simultaneously with little more than a single keystroke.

“One of the greatest challenges for active SIGINT/attack is scale,” explained one presentation from 2009, marked top secret. “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture).”

The Register

According to the documents TURBINE has been in operation since around mid-2010, and has potentially infected hundreds of thousands of machines since first being switched on.

Terrorists aren’t the only targets of the program either, with system administrators and IT professionals ranking high on the list of “persons of interest” who were being monitored by the US-based spy agency.

By exploiting the computers and personal devices of the people in charge of massive corporate or private networks, the NSA is able to circumvent the traditional channels of breaking and entering and instead rely on the sloppy trust of an individual to gain access to the files and folders they’re on the hunt for.

TURBINE was adaptable too, changing its attack vectors almost daily to match the cultural shifts that come with the boom-bust nature of new websites and social media hubs on the web.

First, they designed a spoofed version of Myspace that could trick users into downloading infected files without their knowledge. Then, after that site died down and Facebook was on the rise, the code was redesigned and retooled to accommodate and adapt to user’s changing preferences for where they logged in to connect with friends and family.

It’s clear that the NSA has followed the habits of internet users closely over the years, and has done their absolute best to track, mimic, and exploit the trends that guide them accordingly.

You can always stay up to the minute with all the latest information on the NSA and Snowden Leaks, and be sure you never miss a beat with our coverage here at VPN Creative.