The NSA (National Security Agency) has a well known penchant for spying on American civilians in the name of National Security. We now know this thanks to the brave work of former CIA/NSA Contractor Edward Snowden who spilled and is still spilling the beans on their activities.
Now comes news via the online news site The Intercept that the NSA was planning to spy on Chinese and other East Asian Nations using Apps found in both the Apple iTunes Store and the Google Play Store.
Turns out the NSA plan, hatched in collaboration with the British, Canadian, New Zealanders and Australian Intelligence Agencies aka the Five Eyes Alliance back in 2011 and 2012, had planned to exploit vulnerabilities in the way certain App API (Application Interface) communicate with a Cloud Server or Website as explained in Android Browser Security Unfixed as Google Wants you to Upgrade to Lollipop.
The report, which was also published by Canada by CBC News, is one of several documents leaked by Edward Snowden back in 2013 that have many Americans and US allies calling for more oversight on their Spy Agencies.
Americans, however, seem to forget that terrorists arena longer Arabs or rogue groups living in a desolate Third World Country, but also on the Internet. They are able to use Social Media Tools in a manner as described in Social Media Marketing – Advertising and Marketing in Ja on a Shoe-String to recruit the naive and vulnerable Americans, British and Europeans fed up with their country.
NSA’s Project Irritant Horn – Five Eyes Alliance using smartphone Apps to track Terrorists Suspects
Dubbed Project Irritant Horn, the idea is to use this particular vulnerability in certain apps to spy on certain target living in countries that are potential hotbeds for recruiting Islamic jihadists by ISIS or Al-Qaeda.
The aim of Project Irritant Horn was to collect intelligence data on suspected terrorists suspects and their organizations. This unprecedented level of access to their smartphone would allow them to peruse the following things on a suspect’s smartphone:
- Online search queries
- SIM card numbers
- Device IMSI (International Mobile Subscriber Identification)
- Location of the smartphone
According to the NSA, these regions of the world, often ruled by oppressive dictatorships, Military leaders or despotic Tyrants, have the potential to be the genesis for another Arab Spring styled uprising:
Strangely enough, the strategy being employed by the NSA in the report seems a little odd.
Instead of just bribing App developers to install back doors in their popular apps as explained in Android Browser Security Unfixed as Google Wants you to Upgrade to Lollipop and using that to spy on these targets based on their language selection, their doing it the hard way.
NSA using Alibaba US Browser Flaws – How your Apps may be Spying on you
They were basically planning to hack the Servers for the App stores located in the following countries:
They would then exploit weaknesses in certain apps, such as Alibaba’s UC Browser, which has known security vulnerabilities and is used by some 500 million persons worldwide. More interestingly it has language options in Arabic, Urdu, Mandarin, Korean and other East Asia Languages.
With their knowledge of its vulnerability in a move similar to the hackers in my article Google Play Store Apps with AdWare threat to Android Security they would be able to track who download these particular app from the App store.
NSA might by Spying on Allies – Possibly use of spying using apps that track keystrokes
Once the downloader was identified as a potential adversary, then like the hackers in my article who used the vulnerability to send their victim’s adware, the NSA and their Five Eyes Alliance comrades planned to use their access to the app to do a variety of tasks:
- Remotely control their smartphone, possibly being able to turn it on and off
- Send mis-information to confuse potential targets
- Spy on their inbound and outbound communications via their various Apps
- Use the smartphones sensors to track their movements within their country
More troubling or at least embarrassing, is the fact that the NSA could potentially use this hack of the App store servers with other unnamed apps whose ACTUAL functionality involves collecting keystrokes e.g. apps such as Swiftkey to also spy on foreign Nationals, as Alibaba’s UC Browsers is also popular in the countries that the US of A calls Allies.
NSA’s strange spy game would have made the US of A lots of enemies. Even more troubling is that the report doesn’t indicate if the Five Eyes Alliance had executed Project Irritant Horn to scratch that Jihadists Arab Spring Itch or it the ointment of co-operation was not salve enough to deal with their International issues relating to ISIS and Al-Qaeda.
Still, more reason to upgrade to Google Android 5.0 Lollipop!
Like the post above? Check out these related posts: