RSA Security, LLC. has been paid approximately $10 million by the U.S. National Security Agency (NSA) to “install bugs into the company’s encryption software so that the agency could spy on its customers“, according to a recent report published by The Hosting News. Another article, published by CNet, stated that the Germany magazine, Der Spiegel has reported the NSA’s Office of Tailored Access Operations (TAO) of being used to “access computers, hard drives, routers, and other devices from companies such as Cisco, Dell, Western Digital, Seagate, Maxtor and Samsung” and used to deal with “hard targets” and “systems that are not easy to infiltrate“.
A statement was released by the RSA, as quoted in The Hosting News article to say, “We have worked with the NSA, both as a vendor and an active member of the security community. We have never kept this relationship a secret and in fact have openly publicized it. Our explicit goal has always been to strengthen commercial and government security. We have never entered into any contract or engaged in any project with the intention of weakening RSA’s products, or introducing potential ‘backdoors’ into our products for anyone’s use.” As briefly stated in the CNet article, the RSA “intentionally allowed the NSA to create a backdoor into its encryption tokens”
The most recent report from Der Spiegel revealed more details about how access to computers and other devices was gained through the “backdoors and other spyware“, according to the CNet article. The CNet article indicates that the TAO accessed the “protected networks of heads of state worldwide” and that they execute “sensitive missions” while working with both the CIA and FBI. and . Additionally, it has been reported that the TAO broke through the “security of undersea fiber-optic cables” and intercepted “deliveries of electronic equipment to plant spyware to gain remote access to the systems once they are delivered and installed“, according to the article. Der Spiegel reported that the NSA division called Advanced or Access Network Technology (ANT), uses a “50-page product catalog of tools and techniques” to gain access to numerous types of devices, according to CNet.
The CNet article highlighted some quotes in the Der Spiegel report to say, “For nearly every lock, ANT seems to have a key in its toolbox. And no matter what walls companies erect, the NSA’s specialists seem already to have gotten past them.” The article also quoted the report to described the TAO as a “unique national asset that is on the front lines of enabling NSA to defend the nation and its allies” and that it’s work is “centered on computer network exploitation in support of foreign intelligence collection.”