The National Security Agency has implanted software in nearly 100,000 computers around the world — but not in the United States — that allows the U.S. to conduct surveillance on those machines, The New York Times reported Tuesday.
The Times cited NSA documents, computer experts and U.S. officials in its report about the use of secret technology using radio waves to gain access to computers that other countries have tried to protect from spying or cyberattacks. The software network could also create a digital highway for launching cyberattacks, the Times reported.
The Times reported that the technology, used by the agency for several years, relies on radio waves that can be transmitted from tiny circuit boards and USB cards inserted covertly into the computers. The NSA calls the effort an “active defense” and has used the technology to monitor units of China’s army, the Russian military, drug cartels, trade institutions inside the European Union, and sometime U.S. partners against terrorism like Saudi Arabia, India and Pakistan, the Times reported.
Among the most frequent targets of the NSA and U.S. Cyber Command, the Times reported, has been China’s army. The United States has accused China’s army of launching regular attacks on American industrial and military targets, often to steal secrets or intellectual property. When Chinese attackers have placed similar software on computer systems of American companies or government agencies, American officials have protested, the newspaper reported.
The NSA says the technology has not been used in computers in the U.S.
“NSA’s activities are focused and specifically deployed against — and only against — valid foreign intelligence targets in response to intelligence requirements,” Vanee Vines, an agency spokeswoman, said in a statement to the Times. “We do not use foreign intelligence capabilities to steal the trade secrets of foreign companies on behalf of — or give intelligence we collect to — U.S. companies to enhance their international competitiveness or increase their bottom line.”
Parts of the program have been disclosed in documents leaked by Edward Snowden, the former NSA systems analyst, the Times reported. A Dutch newspaper published the map showing where the United States has inserted spy software, sometimes with the help of local authorities. Der Spiegel, a German newsmagazine, published information about the NSA’s hardware products that can secretly transmit and receive signals from computers, according to the Times.
The Times said that it withheld some of those details, at the request of U.S. intelligence officials, when it reported in summer 2012 on American cyberattacks on Iran.
Hong Lei, a spokesman for China’s Foreign Ministry, said Thursday that the U.S. “on one hand has been playing up the cyber threats from other countries, and on the other hand has been implementing cyber surveillance endangering the sovereignty, security and public privacy of other countries.”
Hong called on the U.S. to “work with the international community to create international regulations and build a peaceful, safe, open and cooperative cyberspace.”
At New Delhi’s Institute of Defense Studies and Analyses, cybersecurity expert Cherian Samuel said, “If it had been any other country doing this kind of thing, the U.S. would have come down on them like a ton of bricks with punitive sanctions.”
Associated Press researcher Yu Bing in Beijing and writer Nirmala George in New Delhi contributed to this report.