Is the NSA Using Fake Facebook Servers to Spy on Internet Users?

3 Flares Twitter 1 Facebook 1 Google+ 1 Reddit 0 StumbleUpon 0 Pin It Share 0 LinkedIn 0 Email -- 3 Flares ×

According to a new report recently released by The Intercept and based on information obtained from Edward Snowden, the NSA may be indiscriminately spying on millions of Internet users worldwide. Over the past 10 years, the agency has planted malware on millions of devices around the world as part of an initiative it calls “Owning the Net.” One of its strategies involves setting up fake Facebook servers which it uses to fool devices into thinking that the malware plug-ins they are receiving are ordinary data packets coming from the real Facebook page.


According to the report, Internet users can’t protect themselves from NSA surveillance by using normal encryption procedures and tools. These NSA surveillance tools are designed to bypass the protections of encryption tools by capturing information while it’s still on the device, before it’s encrypted for delivery. Facebook’s Mark Zuckerberg has come out against these surveillance techniques. The NSA itself has denied the accusations. Nonetheless, the rumors flying about the ability of organizations to launch massive surveillance operations means it’s more important than ever to trust the distributor of your devices, like you can with

TURBINE and “Owning the Net”

The NSA has been using malware implants to spy on Internet users since at least 2004. It developed the technique in order to gather intelligence on Internet users when more traditional methods of surveillance weren’t possible. The malware implants are capable of transmitting information from the infected computer to the NSA, recording VoIP calls made on infected computers and using infected computers’ cameras and microphones to surreptitiously record video and audio of events going on in the room. Other implants allow the NSA to track Internet browsing history and passwords and log keystrokes.

Originally, operatives working in the NSA’s Tailored Access Operations (TAO) unit installed and managed these implants manually. They gathered intelligence from 100 to 150 devices around the world. In 2004, however, the NSA developed TURBINE, software which automates the process and has enabled the NSA to add thousands of new devices each year to its surveillance network. The widespread surveillance initiative, known as “Owning the Internet,” received funding to the tune of $67.6 million last year.

Mimicking Facebook to Spy on Internet Users


The NSA originally infected devices with its surveillance malware programs via spam emails that included links. Clicking on the link would cause malware to infect the user’s device in a matter of seconds. As Internet users became more savvy and suspicious of spam emails, this tactic became less effective.

The NSA began launching more advanced tactics, one of which involves disguising vulnerable websites as fake Facebook servers. The user enters his or her login data, and the NSA is able to infect the user’s device with malware disguised within what looks like an ordinary Facebook page. This is what’s known as a side-channel or “man-on-the-side” attack.

Upon learning of this technique, Facebook founder Mark Zuckerberg called President Obama personally to “express [his] frustration over the damage the government is creating for all of our future.” In a post on his own Facebook profile, Zuckerberg said, “To keep the internet [sic] strong, we need to keep it secure. That’s why at Facebook we spend a lot of our energy making our services and the whole internet [sic] safer and more secure…The internet [sic]works because most people and companies do the same.”

Zuckerberg declared that he was “confused and frustrated by the repeated reports of the behavior of the US government.”

“When our engineers work tirelessly to improve security, we imagine we’re protecting you against criminals, not our own government,” said Zuckerberg.

NSA Denies Impersonating Facebook

Shortly after the report was released, the NSA published a statement denying claims that it has impersonated Facebook in order to infiltrate computers with malware for surveillance purposes. The agency stated that it abides by all applicable laws in conducting intelligence operations, and that it does not use its technology to impersonate American companies or target global Internet users beyond what is permissible by law.

The information leaked by Edward Snowden claims that the NSA has been impersonating Facebook in order to collect intelligence from Internet users’ computers, and to conduct surveillance using users’ own devices. In fact, NSA surveillance operations have allegedly reached a massive scale, with surveillance software surreptitiously installed on millions of computers worldwide. It remains clear that the situation is murky at best.

NSA Headquarters image by National Security Agency from Wikimedia Commons.

The following two tabs change content below.

Enjoyed this post? Share it!


Leave a comment

Your email address will not be published. Required fields are marked *