Title: TURBINE

Release Date: 2014-03-12

Document Date: 2009-01-01

Description: These extracts from a 2009 NSA presentation describes the agency’s system for automated malware injection on an “industrial-scale”: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.

Document: TOPSHJE17/COMINT7/RELIO USA, FVE/

(U) Automation

(TS73//FEL) TURBINEcan talkto active & passive sensors/shooters

■ (TS7S//REL) Maintenance tasks on routers

■ (TS7S//REL) Dynamic targeting criteria

■ (TS7S//REL) Detect and trigger responses to long polls containing GUIDs

■ (TSVS//REL) Don’t wait for the target to read the one precious dorked message

■ (TS7S//REL) Industrial-scale exploitation. B/ery time the target runs code from the server,
why not run TAOs instead?

(TS79//REL) Liberates operators for higher-order tasks

■ (IS/3// REL) If you stole an already-existing FbR you may not need as much
bespoke dev

■ (TS7S//REL) If you’re pretending to be the server and never talking through
the server (FOX'HUFF), you never play exploits through the provider’s sensor
net

■ (TS7S//REL) If you define/build an app profile asaTURBINEmission, youcan
run it across all TAO holdings under TURBINEcontrol

■ (TSVS//REL) Iterative harvesting

1

TOP SECRET7 / COM I NT//REL TO USA, FVE/

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh