On Tuesday afternoon, the New York Times reported that the National Security Agency has placed malware on nearly 100,000 computers around the world for offensive and defensive purposes.
Based on information found in NSA documents and gathered from “computer experts and American officials,” the Times confirmed information that came to light toward the end of December regarding several of the technologies that were available to the NSA as of 2008. The NSA's arsenal, the Times wrote, includes technology that “relies on a covert channel of radio waves that can be transmitted from tiny circuit boards and USB cards inserted surreptitiously into the computers. In some cases, they are sent to a briefcase-size relay station that intelligence agencies can set up miles away from the target.”
The German Publication Der Spiegel published an interactive graphic two weeks ago detailing many of the ways that the NSA uses hardware to spy on its targets, including a “range of USB plug bugging devices,” which can be concealed in a common keyboard USB plug, for example. As with any hardware, though, many of these spying tools “must be physically inserted by a spy, a manufacturer, or an unwitting user.” Der Spiegel writes that the NSA refers to this physical implant as “interdiction,” and it “involves installing hardware units on a targeted computer by, for example, intercepting the device when it’s first being delivered to its intended recipient.”