It looks like you're using an Ad Blocker.
Please white-list or disable AboveTopSecret.com in your ad-blocking tool.
Some features of ATS will be disabled while you continue to use an ad-blocker.
"Upstream" collection (from fiber-optic cables) and direct collection from the servers of Internet Companies (PRISM) account for most of the records gathered by the NSA. In addition to such sweeping surveillance, though, the NSA also carries out what it calls Computer Network Exploitation (CNE), placing malware in individual computers to surveil their users. When the agency succeeds in inserting such malware, it is able, in NSA terminology, to "own" the computer: to view every keystroke entered and every screen viewed. The Tailored Access Operations (TAO) division responsible for this work is, in effect, the agency's own private hacker unit.
The hacking practice is quite widespread in its own right: one NSA document indicates that the agency has succeeded in infecting at least fifty thousand individual computers with a type of malware called "Quantum Insertion".
Speaking at the European Parliament, Jacob Appelbaum has disclosed a program called "Quantum Insertion" where the NSA is compromising consumer-level routers in homes and using them to redirect traffic to "FoxAcid" servers. As he describes it, FoxAcid is a system that detects the activity of targets and the system inserts itself as a service you are trying to connect to. It then masquerades itself as the service the target is trying to connect to while gathering and profiling the targets system for vulnerabilities in their browser or client software. It then can attack the target in a purely automated fashion and compromise the computer of the target with no human intervention.
The Quantum Insertion program allows the NSA to hit targets abroad. Because the FoxAcid system relies on a "race condition" on the internet, the fake page data has to beat the real page data in order for it to be loaded onto the targets PC. If the NSA is not physically between those servers, it cannot under normal conditions intercept the targets request and push a fake page from FoxAcid fast enough to beat the real data. Quantum Insertion resolves this problem by compromising consumer-level routers and using them to redirect traffic to and from the target.