{"id":31273,"date":"2015-05-08T02:00:08","date_gmt":"2015-05-08T06:00:08","guid":{"rendered":"http:\/\/quotulatiousness.ca\/blog\/?p=31273"},"modified":"2015-05-07T20:52:17","modified_gmt":"2015-05-08T00:52:17","slug":"quantum-insert","status":"publish","type":"post","link":"https:\/\/quotulatiousness.ca\/blog\/2015\/05\/08\/quantum-insert\/","title":{"rendered":"Quantum Insert"},"content":{"rendered":"<p><a href=\"http:\/\/www.wired.com\/2015\/04\/researchers-uncover-method-detect-nsa-quantum-insert-hacks\/\" target=\"_blank\">Kim Zetter<\/a> talks about some of the NSA&#8217;s more sneaky ways of intercepting communications:<\/p>\n<blockquote><p>Among all of the NSA hacking operations exposed by whistleblower Edward Snowden over the last two years, one in particular has stood out for its sophistication and stealthiness. Known as Quantum Insert, the man-on-the-side hacking technique has been used to great effect since 2005 by the NSA and its partner spy agency, Britain\u2019s GCHQ, to hack into high-value, hard-to-reach systems and implant malware.<\/p>\n<p>Quantum Insert is useful for getting at machines that can\u2019t be reached through phishing attacks. It works by hijacking a browser as it\u2019s trying to access web pages and forcing it to visit a malicious web page, rather than the page the target intend to visit. The attackers can then surreptitiously download malware onto the target\u2019s machine from the rogue web page.<\/p>\n<p>Quantum Insert has been used to hack the machines of terrorist suspects in the Middle East, but it was also used in a controversial GCHQ\/NSA operation against employees of the Belgian telecom Belgacom and against workers at OPEC, the Organization of Petroleum Exporting Countries. The \u201chighly successful\u201d technique allowed the NSA to place 300 malicious implants on computers around the world in 2010, according to the spy agency\u2019s own internal documents \u2014 all while remaining undetected.<\/p>\n<p>But now security researchers with Fox-IT in the Netherlands, who helped investigate that hack against Belgacom, have found a way to detect Quantum Insert attacks using common intrusion detection tools such as Snort, Bro and Suricata.<\/p><\/blockquote>\n","protected":false},"excerpt":{"rendered":"<p>Kim Zetter talks about some of the NSA&#8217;s more sneaky ways of intercepting communications: Among all of the NSA hacking operations exposed by whistleblower Edward Snowden over the last two years, one in particular has stood out for its sophistication and stealthiness. Known as Quantum Insert, the man-on-the-side hacking technique has been used to great [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":""},"categories":[4,15,13],"tags":[925,157,476,895,129,913],"class_list":["post-31273","post","type-post","status-publish","format-standard","hentry","category-britain","category-technology","category-usa","tag-edwardsnowden","tag-encryption","tag-espionage","tag-gchq","tag-hack","tag-nsa"],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p2hpV6-88p","jetpack_sharing_enabled":true,"_links":{"self":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/31273","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/comments?post=31273"}],"version-history":[{"count":1,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/31273\/revisions"}],"predecessor-version":[{"id":31274,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/posts\/31273\/revisions\/31274"}],"wp:attachment":[{"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/media?parent=31273"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/categories?post=31273"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/quotulatiousness.ca\/blog\/wp-json\/wp\/v2\/tags?post=31273"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}