Forgot your password?
typodupeerror
IT

Inside NSA's Efforts To Hunt Sysadmins 147

Posted by Soulskill
from the most-sedentary-sport dept.
An anonymous reader writes "The Snowden revelations continue, with The Intercept releasing an NSA document titled 'I hunt sys admins' (PDF on Cryptome). The document details NSA plans to break into systems administrators' computers in order to gain access to the networks they control. The Intercept has a detailed analysis of the leaked document. Quoting: 'The classified posts reveal how the NSA official aspired to create a database that would function as an international hit list of sys admins to potentially target. Yet the document makes clear that the admins are not suspected of any criminal activity – they are targeted only because they control access to networks the agency wants to infiltrate. "Who better to target than the person that already has the ‘keys to the kingdom’?" one of the posts says.'"
This discussion has been archived. No new comments can be posted.

Inside NSA's Efforts To Hunt Sysadmins

Comments Filter:
  • by RabidReindeer (2625839) on Friday March 21, 2014 @10:33AM (#46543121)

    Small-time admins maybe. If one works as part of a larger team, automation and documentation is king - any such backdoors would get anyone into trouble, quick.

    R
    O
    T
    F
    L

    Worked in Fortune corporations. If I don't stop laughing soon, I'll pass out.

  • My take on it. (Score:4, Informative)

    by Noryungi (70322) on Friday March 21, 2014 @10:47AM (#46543225) Homepage Journal

    If you are a sysadmin, and you have a Facebook page, LinkedIn account, social-media-whatever thingmagajig or Slashdot account, the NSA may well come after you.

    Remember: this is written in plain sight and the NSA created fake Slashdot account to get into Belgacom.

    I am a sysadmin. I have a Slashdot account. Maybe it is time for me to say so long, and thanks for all the fish. What Beta was not able to do, the NSA did.

  • by Midnight_Falcon (2432802) on Friday March 21, 2014 @02:34PM (#46545537)
    As ineloquently as RabidReindeer may have put it, he's 100% spot on here. I've done security audits for big companies with large teams -- admins insert backdoors al over the place, then their buddies figure out they did it, and instead of being reprimanded they start using it too for convenience. Just because they have a big, publically-traded company doesn't mean the CIO/CISO cares about anything more than compliance on paper.

I'm all for computer dating, but I wouldn't want one to marry my sister.

Working...