The Channel logo


By | Darren Pauli 14th October 2014 05:28

NSA Sentry Eagle placed spies in private companies

Latest docs show firms in Germany, South Korea, China targeted

The National Security Agency (NSA) has since 2004 sent spies into private companies in a bid to compromise networks from within, according to documents leaked by Edward Snowden.

Agents sent in by the NSA targeted global communications firms under a highly classified 'core secrets' program dubbed Sentry Eagle previously known only to a handful of officials.

The documents published by Snowden mouthpiece The Intercept indicate operatives in the core secrets program worked in concert with companies to weaken encryption and spent hundreds of millions of dollars to break security mechanisms.

Draft documents published online detailing Sentry Eagle explain that the program used the "full capabilities" of signals intelligence (SIGINT), computer exploitation, defence and network warfare to ensure the protection of US cyberspace.

The document listed facts ranging from unclassified to top secret necessitating "extraordinary protection", and demonstrated the chasm between unclassified information the NSA saw fit for public consumption and that appearing at times too sensitive for the eyes of allies.

Programs in the latter camp include an effort dubbed Raven which, according to unclassified information, reveal that the NSA "exploits foreign ciphers", and also worked with US commercial companies to weaken encryption systems.

Publication of the "facts relating to NSA personnel (under cover), operational meetings, specific operations, specific technologies, specific locations and covert communications related to SIGINT" were all banned under these efforts.

A sentry program called Owl proved the NSA worked with US and foreign commercial companies and "partners" to make their products exploitable for SIGINT; Hawk detailed network exploitation; Raven on cracking encryption; Condor on network attacks; Falcon on defense, and Osprey on intelligence agency cooperation.

The documents revealed field agents working under the Osprey program for target exploitation (TAREX) alongside the CIA, FBI and the Pentagon. These personnel dabbled in clandestine 'off net' operations, intercepting and compromising a targets' assets through the supply chain.

These TAREX agents, thought to linger in groups of two to three, were located in Germany, South Korea, and China, along with US sites in Georgia, Texas and Snowden's former workplace Hawaii.

The documents revealed the NSA had invested "hundreds of millions of dollars in high-powered and special purpose computer systems to attack commercial systems" and that it worked with "specific US commercial entities to modify US manufacturer encryption systems to make them exploitable for SIGINT".

"These [secrets] are being provided to you based on your 'need to know' as determined by the director, NSA/chief, Central Security Service (CSS) and Commander, Joint Functional Component Command – Network Warfare," the documents read.

"The facts contained in this document relate constitute a combination of the greatest number of highly-sensitive facts related to the NSA/CSS's overall cryptologic mission." ®

comment icon Read 34 comments on this article or post a comment alert Send corrections


Frank Jennings

What do you do? Use manual typwriters or live in a Scottish croft? Our man advises
A rusty petrol pump at an abandoned gas station. Pic by Silvia B. Jakiello via shutterstock

Trevor Pott

Among other things, Active Directory needs an overhaul
Baby looks taken aback/shocked/affronted. Photo by Shutterstock

Kat Hall

Plans for 2 million FTTP connections in next four years 'not enough'
Microsoft CEO Satya Nadella


League of gentlemen poster - Tubbs and Edward at the local shop. Copyright BBC
One reselling man tells his tale of woe