The National Security Agency (NSA) is using one type of Google “cookie” – known as “PREF” – to “track and hack its targets“, according to information contained in an article published on the Tech News World website. The article defines “PREF” as a “tracking cookie” which stores the preferences of a user and calls it “a mainstay of the online advertising industry.”
The article indicates that the NSA is sharing information with Tailored Access Operations (TAO) a division of the NSA that is responsible for gathering intelligence regarding cyber-warfare. The shared information is reported to contain log in credentials, cookies and the Google PREFID, according to the article. TAO, according to the article, “custom-builds software attacks and has software templates to break into common brands of routers, switches and firewalls.”
Several industry experts commented within the article on these reports sharing interesting insight. Marc Gaffan, cofounder of Incapsula, is quoted in the article saying, “Cookie data is another layer of information on top of networking data and location data that [government] agencies use to correlate identities, locations and activities into a single profile that can help them assess risk.” Maxim Weinstein, security advisor at Sophos said, “The NSA has found a way to use data intended for a different purpose to its advantage“, according to the article.
Google cookies have been used to focus on hacking targets “for some time“, according to the report. A report published by The Guardian in October stated that “NSA and its UK counterpart, GCHQ, were using cookies for Google’s DoubleClick online advertising service to identify users of the Tor online anonymizer” according to information in the article.