NSA Looking to Exploit Internet of Things, Biomedical Devices

NSA Headquarters in Fort. Meade, Maryland. The Agency said it is interested in using data from the Internet of Things for spying.
NSA Headquarters in Fort. Meade, Maryland. The Agency said it is interested in using data from the Internet of Things for spying.

In-brief: The National Security Agency is looking into how devices connected to the Internet of Things – including biomedical devices- might be used for surveillance, according to NSA Deputy Director Richard Ledgett.

Civil liberties and privacy news site The Intercept notes that the U.S. National Security Agency (NSA) has taken a keen interest in The Internet of Things as it looks to collect foreign intelligence.

In a report on Friday, The Intercept’s Jenna McLaughlin cites NSA Deputy Director Richard Ledgett saying that the agency is interested in mining Internet connected devices, including biomedical devices like pacemakers.

“We’re looking at it sort of theoretically from a research point of view right now,” said Ledgett, at a conference on military technology at Washington’s Newseum on Friday.

Biomedical devices could be used to track terrorists and foreign intelligence agents, for example, in a similar manner as cell phones have been used in the past. However, Ledgett said that there are currently better ways to achieve that goal. Asked whether the Internet of Things would be an “intelligence bonanza” for the NSA or a disaster, Ledgett replied, “Both.”

“As my job is to penetrate other people’s networks, complexity is my friend,” he said. “The first time you update the software, you introduce vulnerabilities, or variables rather. It’s a good place to be in a penetration point of view.”

Ledgett is just the latest NSA senior staffer who has opened up about the once secret intelligence Agency’s thinking vis-a-vis information security (aka “cyber”). Back in January, Rob Joyce, the head of NSA’s Tailored Access Operations (TAO) spoke to a conference in San Francisco about how the agency compromises targets. Compromises of credentials are a key factor, Joyce said. “The NSA is also keen to find any hardcoded passwords in software or passwords that are transmitted in the clear—especially by old, legacy protocols—that can help them move laterally through a network once inside,” Wired reported.

This may be the first time the Agency has gone on record about its thoughts regarding connected devices, however, indicating that the U.S.’s chief signals intelligence agency isn’t oblivious to the wealth of information that new connected devices and infrastructure can provide.

Source: NSA Looking to Exploit Internet of Things, Including Biomedical Devices, Official Says

Comments are closed.