It has already been widely reported that the NSA works closely with eavesdropping agencies in the United Kingdom, Canada, New Zealand, and Australia as part of the so-called Five Eyes surveillance alliance. But the latest Snowden documents show that a number of other countries, described by the NSA as "third-party partners," are playing an increasingly important role – by secretly allowing the NSA to install surveillance equipment on their fiber-optic cables. The NSA documents state that under RAMPART-A, foreign partners "provide access to cables and host U.S. equipment." This allows the agency to covertly tap into "congestion points around the world" where it says it can intercept the content of phone calls, faxes, e-mails, internet chats, data from virtual private networks, and calls made using Voice over IP software like Skype.
Malware malware was written by a major institution in eastern Yankistan.
When researchers from Kaspersky Lab presented the Equation Group espionage malware, many in the security community were convinced it was part of an NSA operation. Now, Kaspersky has released new evidence that only strengthens those suspicions. In a code sample, they found a string named BACKSNARF_AB25, which happens to be the name of a project in the NSA's Tailored Access Operations. Further, when examining the metadata on the malware files, they found the modification timestamps were almost always consistent with an 8-5 workday in the UTC-3 or UTC-4 timezones, consistent with work based in the eastern United States. The authors also tended to work Monday through Friday, and not on the weekends, suggesting a large, organized development team.