By the middle of 2012, the NSA had infected more than 50,000 computer systems around the world with malware.
That’s according to secret documents, leaked by NSA whistleblower Edward Snowden, detailed in a report from Dutch newspaper NRC Handelsblad this weekend.
Presentation slides seen by the newspaper show a map of the world, showing access that the NSA has gained to computer networks and data connections across the globe.
The NSA has a term for the planting of malware inside computer networks – “Computer Network Exploitation”, or CNE for short.
A specialist NSA department known as TAO (Tailored Access Operations) employs over a thousand hackers to help them break into computer networks and plant malware.
The malware, of course, is not the financially-motivated malware typically seen by regular computer users – but instead designed to not draw attention to itself, waiting for months or maybe years until required to steal information from compromised systems and feed it back to its spymasters.
As NRC Handelsblad describes it:
The malware can be controlled remotely and be turned on and off at will. The ‘implants’ act as digital ‘sleeper cells’ that can be activated with a single push of a button.
Even if you don’t think that your company’s data would be of interest to the NSA, GCHQ or another foreign power, it’s possible that you have a customer who is of interest to them, or are part of a supply chain that could lead to an espionage agency’s ultimate target.
For that reason, all organisations have to protect their systems with the highest diligence, and cannot easily assume they might not be a potential victim of state-sponsored espionage.
Anti-virus veteran Mikko Hypponen summed up the situation well in an article published on this site last month: “who we’re fighting has completely changed in the last decade”.
Read more in the NRC Handelsblad report.
Found this article interesting? Follow Graham Cluley on Twitter to read more of the exclusive content we post.