It turns out people around the world forget to update their routers.
Popular misconceptions of hacking imagine hackers sitting in dark basements hitting keys in no specific order, taking control of computers. The NSA laughs at that idea. The agency focuses on attacking routers in foreign countries to monitor and control information. Most of the hacks target communication systems of China, Russia, Iran, and North Korea, usually concerning the spread of nuclear weapons.
Hacking routers is an ideal way for an intelligence or military agency to maintain a hold on network traffic, Marc Maiffret, chief technology officer at security firm Beyond Trust, said. Routers are rarely updated with new software like systems for PCs. “No one updates their routers,” he said, and routers do not have security software that detects breaches.
By hacking a router, one can re-route traffic to a different location. Sometimes intelligence units physically place hardware implants or software modifications rather than working remotely. The CIA’s Tailored Access Programs and NSA’s software engineers possess “templates” used to infiltrate common brands of routers.
“For folks at a place like the NSA or any other major government intelligence agency, it’s pretty standard fare of having a ready-to-go backdoor,” Maiffret said.
The government plans to extend its $652 million “Genie” program of hacking to cover millions of additional foreign machines according to a secret document leaked to the Washington Post. Currently, the malware attacks tens of thousands computers and routers each year. The US government treats all cyber operations as covert and does not acknowledge them.