Exclusive: Report reveals how US spy agencies stole 97b global internet data, 124b phone records in just 30 days
97b internet data, 124b phone records stolen by US military, govt agencies
Published: Jun 13, 2022 09:46 PM
Photo: headquarter of NSA in Maryland

Photo: headquarter of NSA in Maryland

The US military and government cyber agencies have remotely stolen more than 97 billion pieces of global internet data and 124 billion phone records in the last 30 days, which are becoming a major source of intelligence for the US and other "Five Eyes" countries, a latest cybersecurity report showed.

The report the Global Times obtained from Anzer, a cybersecurity information platform, on Monday, once again revealed the "black hand" operations of Tailored Access Operations (TAO), the cyber warfare intelligence agency under the US National Security Agency (NSA), which has been using advanced cyberattack weapons to indiscriminately "grab" data from internet users around the world.

An exclusive report published by the Global Times in May disclosed that China captured a spy tool deployed by the NSA, which is capable of lurking in a victim's computer to access sensitive information and was found to have controlled global internet equipment and stole large amounts of user information. The Trojan horse, "NOPEN," is a remote control tool for Unix/Linux computer systems. It is mainly used for stealing files, accessing systems, redirecting network communication, and viewing a target device's information.

According to internal NSA documents leaked by hacking group Shadow Brokers, "NOPEN" is one of the powerful weapons used by the TAO to attack and steal secrets.

Anzer's report revealed another weapon platform, "boundless informant," which is the NSA's exclusive big data summary analysis and data visualization tool system capable of colleting, managing and analyzing data around the world illegally obtained by NSA's remote control system. 

According to terminal screenshots from the platform, the NSA has remotely stolen more than 97 billion pieces of global internet data and 124 billion phone records in the last 30 days. 

A cybersecurity analyst told the Global Times on condition of anonymity on Monday that TAO is the largest and most important part of the intelligence division of the NSA. 

Founded in 1998, the main responsibility of the TAO is to use the internet to secretly access insider information of its competitors, including secretly invading target countries' key information infrastructure to steal account codes, break or destroy computer security systems, monitor network traffic, steal privacy and sensitive data, and access to phone calls, emails, network communications and messages. 

TAO also assumes an important role. When US president issues an order to disable or destroy communications networks or information systems in other countries, TAO will provide relevant cyberattack weapons, and the attacks will be carried out by the US Cyber Warfare Command, the report revealed. 

According to the report, the various departments of TAO are composed of more than 1,000 active military personnel, network hackers, intelligence analysts, academics, computer hardware and software designers, and electronics engineers. The entire organizational structure consists of one "center" and four "divisions." 

The "center" employs more than 600 people and is responsible for receiving, sorting and summarizing account passwords and important sensitive information stolen from around the world by network information systems controlled remotely by TAO.

"The NSA's global indiscriminate intrusion has long been supported by a vast and sophisticated network of weapons platforms, of which TAO is an important weapon maker. Some of these weapons are dedicated to the products of US internet giants such as Apple, Cisco and Dell, and have been developed with the support and full participation of these internet giants," the expert said. 

Media reports showed some US internet giants have set up a special government affairs department to cooperate with the NSA in developing cyber attack weapons and provide the NSA with special backdoors and vulnerabilities. Internal information leaked by Edward Snowden showed these weapons could be used to conduct mass traffic monitoring and hacking on any internet user around the world. 

According to publicly available information, most of the cyber attack weapons have already been handed over to the US and other "Five Eyes" countries.

The report also showed more than 500 code names for cyber attacks and data theft operations conducted by TAO have been disclosed, which proves that the US is a developed internet country in the world, as well as a major country in cyber intelligence collection and data theft. 

In 2013, the US spent $52.6 billion on global intelligence gathering programs, of which two-thirds went to cyber security operations to carry out cyber attacks on foreign countries and domestic targets in the US.

A large number of TAO's cyber attack weapons have also been shared with some allied countries. Media reports showed that GCHQ, the UK's security and intelligence agency, has used NSA's cyberattack weapons to conduct long-term attack control and communications monitoring in the European Union. 

"The US is taking highly engineered cyber weapons as the winning advantage in future cyber warfare, and is investing resources and increasing chips regardless of cost, bringing endless hidden dangers to global cyber security," the expert said.