If the news, or perhaps more accurately Russian propaganda, is to be believed, spy gear for US covert operatives consists of an ill-fitting wig or two, sunglasses, a paper map, a compass, and a pocket knife; the items found on Ryan C. Fogle last spring when he was apprehended by Russian authorities and charged with being a CIA operative. The real tools of the trade are more sophisticated and technological – earlier this week, for example, The New York Times reported that the NSA is using radio wave technology to spy on computers not on the Internet.
In addition, the documents released by Edward Snowden and a report in Der Spiegel suggest that when it comes to US surveillance methods, the tools of the trade involve considerably more technology.
The German newspaper recently published a document from a National Security Agency (NSA) division called ANT, which reads like a catalogue of secret spy tactics. ANT's programs have bizarre and slightly hilarious names – from HOWLERMONKEY and JUNIORMINT to DROPOUTJEEP and WATERWITCH – but the details of what they do and how they do it are more chilling than humorous.
Der Spiegel did not cite sources for its extensive look at how the NSA tracks and captures its information, though it has used Snowden as a source in the past. Laura Poitras, a journalist and documentary filmmaker who was instrumental in bringing Snowden's NSA documents to light, is also one of the story's authors. The data it obtained is a bit outdated, coming from a 2008 guide for spies, but that only serves to make it all the more alarming since the NSA's tech tactics can only have progressed since then.
One such tactic is "method interdiction," which refers to when the feds intercept packages en-route to the recipient for a few add-ons they didn't order. Malware or backdoor-enabling hardware is installed in workshops by agents and the item then continues on its way to the customer.
There are dozens of ANT programs, but here's a rundown of just a few.
This backdoor makes its home at work, hiding out in Proliant servers manufactured by Hewlett Packard. Hardware is implanted by method interdiction. Even if the spyware is removed and a system wiped, IRONCHEF lives on.
Good fences might make good neighbours, but if you have an ANGRYNEIGHBOR, watch out because they're inside your home. ANGRYNEIGHBOR can track objects in rooms, listen in, and check out what's displayed on computer monitors.
Being offline won't stop SURLYSPAWN from logging keystrokes. This tactic, which is part of ANGRYNEIGHBOR, does not require a software download; it uses radio frequency to communicate keystrokes from as far away as across the street.
Also part of ANGRYNEIGHBOR, TAWDRYYARD is described as a beacon that typically helps locate units deployed as part of RAGEMASTER, a $30 (£18) device that can intercept video between a computer video card's VGA output and a monitor.
The NSA doesn't have to go through phone carriers to track the location of phones. CANDYGRAM can mimic the GSM cell tower of a larger network to silently observe from afar – whether that's keeping track of an asset or identifying hostile surveillance.
Computers running Windows can be attacked from up to eight miles away via an 802.11 wireless exploit. Officials turn to this method when a wired access is not a possibility.
Using remote access or interdiction, IRATEMONK is implanted on target PCs, and can then drop payloads whenever a computer is powered on. According to NSA documentation: “This technique supports systems without RAID hardware that boot from a variety of Western Digital, Seagate, Maxtor, and Samsung hard drives.”
Amidst the uproar over NSA spying programs, meanwhile, President Obama launched a review of the agency's tactics. Tomorrow, he is expected to share his recommendations for curbing surveillance in the US and abroad.