NSA May Have Undercover Operatives in Foreign Companies

The brief reveals new details about six categories of NSA operations that fall under the Sentry Eagle rubric. These are also known as the NSA’s “core” secrets and are identified as:

Sentry Hawk—which involves computer network exploitation (aka CNE), the government’s term for digital espionage. (For example, programs like Flame would fall into this category.)

Sentry Falcon—which involves computer network defense.

Sentry Osprey—which appears to involve overseeing NSA clandestine operations conducted in conjunction with the CIA, FBI, the Defense Intelligence Agency and Army intelligence. These operations involve human intelligence assets, or “HUMINT assets (Target Exploitation—TAREX) to support signals intelligence (SIGINT) operations.”

This is one of the biggest reveals of the report. Apparently, under Sentry Osprey, people responsible for target exploitation operations are embedded in operations conducted by the CIA, Defense Intelligence Agency, and FBI to provide technical expertise these agencies lack. This would include covert or clandestine field activities as well as interception, or “interdiction” of devices in the supply chain to modify equipment or implant bugs or beacons in hardware. The TAREX group specializes in physical subversion—that is, subversion through physical access to a device or facility, rather than by implanting spyware remotely over the internet. The report doesn’t indicate if the kinds of modifications made to equipment involve sabotage, but it’s possible the alterations made could include planting logic bombs in software to destroy data or equipment, as the Stuxnet worm did in Iran.

Some of the TAREX bases of operation overseas appear to be located in South Korea, Germany and Beijing, China. But domestic centers for these operations are also based in Hawaii, Texas and Georgia. The NSA also handily keeps TAREX personnel stationed at U.S. embassies.

The Intercept’s Glenn Greenwald described this so-called interdiction activity in his recent book No Place to Hide, which included a photo of NSA agents opening packages that had been intercepted enroute to their destination in order to implant surveillance beacons in them.

Sentry Raven—focuses on cracking encryption systems. The documents state that the NSA “works with specific U.S. commercial entities . . . to modify U.S manufactured encryption systems to make them exploitable for SIGINT.” It doesn’t name the commercial entities or the encryption tools they modified, however. This activity has been previously reported, but the stark declaration here underscores the cooperation that U.S. companies appear to be giving the NSA.

Sentry Condor—involves computer network attacks (CNA), the government’s term for computer and network penetrations that involve degrading, damaging, delaying or destroying systems.

Sentry Owl—a program involving collaboration with private companies. The report doesn’t elaborate on this.

http://www.wired.com/2014/10/nsa-may-undercover-operatives-foreign-companies-new-documents-show/