What if you knew that every post, every picture, every message you've ever sent on Facebook was being read by a government agency? Would you feel free, for instance, to speak out against a government? Or post certain photos? Or would you be more cautious?
Ask yourself these questions. They may not be hypothetical anymore. According to a newly leaked report from Edward Snowden, the National Security Agency (NSA) has, or once had, an extensive program called TURBINE, which used an automated system to pose as Facebook, so that it could implant malware on your computer and watch your every move. The story was first reported by the Intercept.
The NSA reportedly used a "man-on-the-side" attack to target and infect "millions" of computers. The agency would pretend to be Facebook and trick unsuspecting users' computers into thinking they were connecting to Facebook's servers. Then, the NSA would hack into your hard drive and steal your personal data.
The TURBINE program also used spam emails to infect computers will malware. The malware installed by the NSA could then gain access to the users' microphone to record conversations, webcams to take photos, record browser history, save passwords and logins, corrupt downloaded files, and take data from flash drives that users plugged into their computers.
Although the program started in 2004, it began to pick up steam over the next few years as the NSA hired more hackers to install new types of malware. Back in 2004, the NSA limited itself to 100 to 150 "implants," which were specifically targeted at individuals the agency believed to be threats to national security. At first, the malware was sent manually with actual people overseeing the process.
However, by 2010, the NSA no longer cared about hitting specific targets with malware. The agency allowed an automated bot to act without oversight and target users indiscriminately, whether they were criminals or not. Once the bot had taken over the process, the program quickly escalated to include as many as 85,000 to 100,000 implants, according to estimates.
Facebook stated that the NSA can no longer pull this trick with its servers, but warned that other social networks may still be at risk from such attacks. The social network added that it had no knowledge of the program until now.
"This method of network level disruption does not work for traffic carried over HTTPS, which Facebook finished integrating by default last year," Facebook told the National Journal. "If government agencies indeed have privileged access to network service providers, any site running only HTTP could conceivably have its traffic misdirected."
It is unknown if the NSA is still using these techniques to infect computers, but chances are, TURBINE is still very active.