The National Security Agency (NSA) has since 2004 sent spies into private companies in a bid to compromise networks from within, according to documents leaked by Edward Snowden.
Agents sent in by the NSA targeted global communications firms under a highly classified 'core secrets' program dubbed Sentry Eagle previously known only to a handful of officials. The documents published by Snowden mouthpiece The Intercept indicate operatives in the core secrets program worked in concert with companies to weaken encryption and spent hundreds of millions of dollars to break security mechanisms.
Draft documents published online detailing Sentry Eagle explain that the program used the "full capabilities" of signals intelligence (SIGINT), computer exploitation, defence and network warfare to ensure the protection of US cyberspace. The document listed facts ranging from unclassified to top secret necessitating "extraordinary protection", and demonstrated the chasm between unclassified information the NSA saw fit for public consumption and that appearing at times too sensitive for the eyes of allies.
Programs in the latter camp include an effort dubbed Raven which, according to unclassified information, reveal that the NSA "exploits foreign ciphers", and also worked with US commercial companies to weaken encryption systems. Publication of the "facts relating to NSA personnel (under cover), operational meetings, specific operations, specific technologies, specific locations and covert communications related to SIGINT" were all banned under these efforts.
A sentry program called Owl proved the NSA worked with US and foreign commercial companies and "partners" to make their products exploitable for SIGINT; Hawk detailed network exploitation; Raven on cracking encryption; Condor on network attacks; Falcon on defense, and Osprey on intelligence agency cooperation.
The documents revealed field agents working under the Osprey program for target exploitation (TAREX) alongside the CIA, FBI and the Pentagon. These personnel dabbled in clandestine 'off net' operations, intercepting and compromising a targets' assets through the supply chain.
These TAREX agents, thought to linger in groups of two to three, were located in Germany, South Korea, and China, along with US sites in Georgia, Texas and Snowden's former workplace Hawaii. The documents revealed the NSA had invested "hundreds of millions of dollars in high-powered and special purpose computer systems to attack commercial systems" and that it worked with "specific US commercial entities to modify US manufacturer encryption systems to make them exploitable for SIGINT".
"These [secrets] are being provided to you based on your 'need to know' as determined by the director, NSA/chief, Central Security Service (CSS) and Commander, Joint Functional Component Command – Network Warfare," the documents read. "The facts contained in this document relate constitute a combination of the greatest number of highly-sensitive facts related to the NSA/CSS's overall cryptologic mission."