Attendees at the Chaos Communications Congress in Hamburg this weekend got surprised by the NSA’s surveillance capabilities, thanks to security researcher Jacob Appelbaum. Jacob went into further detail onstage, describing several individual devices in the NSA catalog and their intended purposes.
NSA used exploits that allowed control over iOS devices and any phone communicating through GSM. Appelbaum detailed a device named NIGHTSTAND, that targets computers through packet injection using a drone or in most cases, an unmarked van. The Linux-powered device can exploit Windows systems from up to eight miles away. Nightstand may not see significant use today given that it dates back to 2008, but its existence suggests that the NSA also has newer, more advanced WiFi surveillance gear at its disposal.
Update: Cisco is formally investigating the potential hack. “On Monday, December 30th, Der Spiegel magazine published additional information about the techniques allegedly used by NSA TAO to infiltrate the technologies of numerous IT companies,” wrote senior VP John Stewart. “As a result of this new information coming to light, the Cisco Product Security Incident Response Team (PSIRT) has opened an investigation.”