617.938.6200
NSA whistleblower Edward Snowden is at it again. A top-secret document obtained by him has been jointly published by CBC news and The Intercept. The document details surveillance strategies that the NSA and its allies were working on. One of these strategies involved exploiting the Google App store to inject malware into smartphones of people they wished to spy on.
Dating back to November 2011 through February 2012, the document is a result of a collaboration between the NSA and several allied countries: Australia, New Zealand, the United Kingdom and Canada. Counting the United States among them, these five countries formed the "Five Eyes" alliance.
Spies from each country formed a cyber eavesdropping unit called the Network Tradecraft Advancement Team (NTAT), the group from which this document was born.
The slides within the document elaborate on a plan called Operation IRRITANT HORN. The NTAT deliberated about exploiting app store servers. The idea was to use man-in-the-middle styled attacks, intercepting the connection between the app store and the smartphone attempting to connect to it.
In doing so, the surveillance groups would be able to stealthily insert malware, spyware and basically whatever else they wanted into the data packets being sent to the phone. The smartphone user would be none the wiser that their data security had been seriously violated. The spying groups would've have free reign to monitor their targets.
In addition to spying, the surveillance groups also wanted to use the app store exploit to send "selective misinformation" to targets, perhaps to spread erroneous information to confuse enemies and disrupt their communications.
IRRITANT HORN was created partly as a countermeasure to to any future events that might qualify as "another Arab Spring." The massive unrest and revolt that spread around Middle Eastern and North African countries caught Western governments by surprise. It would seem they'd like to be more prepared next time - if there is a next time.
The operation was mostly concerned with conducting surveillance in the African region, particularly Senegal, Sudan and the Congo. But app store server locations in many other countries, including France, Cuba, Russia and the Bahamas, were also targeted.
Despite the fact this top-secret document is from over 3 years ago, it's not quite clear if IRRITANT HORN was ever implemented, and if so, at what scale. Either way, the "Five Eyes" alliance's intent to bypass user protections to push their surveillance agenda seemed clear enough
Sources: https://firstlook.org/theintercept/2015/05/21/nsa-five-eyes-google-samsung-app-stores-spyware/
http://www.theverge.com/2015/5/21/8633815/snowden-nsa-google-play-samsung-man-in-the-middle
https://www.documentcloud.org/documents/2083944-uc-web-report-final-for-dc.html
Base Image: http://culturemob.com/google-play-store-alternatives-great-app-stores
