Bonesaw and Botnet
As each week goes by, we get more and more data on the US security snooping. The latest is around Bonesaw, with Wired provide appropriate coverage.
According to Defense News’ C4ISR Journal and Bloomberg Businessweek, Endgame also offers its intelligence clients—agencies like Cyber Command, the NSA, the CIA, and British intelligence—a unique map showing them exactly where their targets are located. Dubbed Bonesaw, the map displays the geolocation and digital address of basically every device connected to the Internet around the world, providing what’s called network situational awareness. The client locates a region on the password-protected web-based map, then picks a country and city— say, Beijing, China. Next the client types in the name of the target organization, such as the Ministry of Public Security’s No. 3 Research Institute, which is responsible for computer security—or simply enters its address, 6 Zhengyi Road. The map will then display what software is running on the computers inside the facility, what types of malware some may contain, and a menu of custom-designed exploits that can be used to secretly gain entry. It can also pinpoint those devices infected with malware, such as the Conficker worm, as well as networks turned into botnets and zombies— the equivalent of a back door left open.
Now what’s interesting is the “map displays the geolocation and digital address of basically every device connected” reminds me of an interesting article around botnet that made the rounds in May 2013. Now clearly there is a conspiracy theory to be had here with regards to the Internet Census 2012 research work making the rounds, and then a few months later Bonesaw. One has to assume that Bonesaw leveraging similar concepts and ideas to map internet connected devices and merge the application with appropriate hacking tools that are generally available coupled with bespoke.