System administrators seem to rank quite high among NSA’s favorite people. They’re not necessarily targets of the agency’s spying practices for who they are, but rather because of what they do and the networks they can provide the NSA access to.
According to The Intercept, the NSA often tracks down personal emails and Facebook accounts of system admins to infiltrate networks and the data they carry. Titled “I Hunt Sys Admins,” a new document from the Snowden stash classifies them as a “means to an end.”
“Upfront, sysadmins generally are not my end target. My end target is the extremist/terrorist or government official that happens to be using the network some admins takes care of,” the document reads.
These individuals are targeted through various methods. For instance, to handle admins still using Telnet, the NSA has a tool called DISCOROUTE that was designed specifically to “suck up and database router configuration files see in passively collected Telnet sessions.” The data could then be used to create an address book that pairs up networks with personal accounts of sysadmins to exploit – a to-do list of sorts.
When the network is complete, the agency’s top hacker team has to query the database and automatically start exploiting the network.
IP addresses of computers used by system administrators can be determined by monitoring the length of SSH sessions.
It’s rather unclear how precise the hacking attacks are and how the agency makes sure that it excludes American citizens from the group. Basically, given the agency’s methods of seeking out probable system administrators, there’s a lot of uncertainty and chances are that US persons are not, in fact, excluded, as requested by the law.
“A key part of the protections that apply to both U.S. persons and citizens of other countries is the mandate that information be in support of a valid foreign intelligence requirement, and comply with U.S. Attorney General-approved procedures to protect privacy rights,” said NSA spokesperson Vanee Vines with regard to this particular concern.
Of course, this is the exact statement that the agency has given out every time there has been any doubt about the legality of its operations. It was revealed, however, time and time again, the intelligence agency does in fact collect information from American citizens, whether they are located in the United States or are abroad.
As per usual, foreigners are sitting ducks for the NSA to pick from.