A top NSA official revealed some secrets at a recent conference.
A top official at the National Security Agency has some very important insights on how the agency hacks — and what you can do to give them problems.
Rob Joyce is chief of the NSA’s Tailored Access Operations (TAO) cell, a very secret division that has some of the best hackers on Earth, and recently he was at the Usenix Enigma security conference in San Francisco to spill some secrets, according to an ABC News report.
Joyce doled out some advice on how to make it difficult for the NSA to track individuals, and how TAO goes about going after a target.
He said there are essentially six steps: first there is reconnaissance, then initial exploitation, followed by persistence, tool installation, lateral movement, and collection and exfiltration of data. Joyce then delivered a stunning expose on just how deeply the NSA gets into your network — and why no network is safe.
The reconnaissance phase involved looking for weak points, poking around at the architecture of the network, or looking for vulernablities in the people on the network. At a certain point, the NSA knows the network better than the owner of that network.
NSA hackers essentially be have like any hacker does, trikcing users by getting them to click links, or directing them to a site infested with malware.
Once inside, Joyce said the hackers install light tools that will give them a toe-hold in the system, allowing for heavier ones later. Joyce naturally didn’t expound on what kind of tools.
Once this is done, hackers move laterally. Typically, the hacker doesn’t get where he or she wants to be once in the network, and must move around to find the right data.
So what should you do if you’re an individual or company who doesn’t want the NSA snooping around? Limit access to the data to as small a group of people as possible to close off as many entry points as possible. Also, segment networks and have an administrator who can spot an anomaly.