It’s no secret that the NSA has both the method and the means to get inside your computer if it has a vested interest in doing so. The existence of its secret specialist hacking team, code-named Tailored Access Operations, was first revealed last year – the unit has all manner of sophisticated ways to hack into your devices, monitor your microphone or web cam, and steal your personal data – provided the NSA is genuinely interested in you.

Or at least that’s what we thought. But oh no, simply having this ability isn’t enough for the NSA, which along with Britain’s GCHQ has begun automating these kinds of targeted operations in the last few years, working towards “industrial scale exploitation” that has the potential to infect “millions” of devices with malware.

These operations were exposed in a fresh batch of documents leaked by Edward Snowden, and published by Glenn Greenwald and Ryan Gallagher in The Intercept this morning. The documents detail an automated hacking system dubbed TURBINE, which has allowed the NSA to increase the number of its malware “implants” dramatically – back in 2004, the agency had only infiltrated around 100-150 machines worldwide, but by 2010 this had expanded to tens of thousands of computers. The system is designed to ultimately scale into millions by infecting devices “in groups, rather than individually”.

The NSA’s spyware implants can be delivered in a variety of ways. As well as old fashioned methods like sending emails with malicious attachments, the NSA has developed much more successful “man-in-the-middle” attacks. Even more extreme is the previously disclosed QUANTUM system that’s capable of using radio waves to hack offline computers, as well as spoofing popular websites like Facebook and Google, and returning malicious packets to a web browser’s request before the genuine server has a chance to respond.

Even more worrying is the way TURBINE selects its targets to be hacked. It draws upon the masses of data collected by advertising networks like Google and Yahoo, with targets identified by “selectors” including Google preference IDs, cookies and unique identifier codes taken by DoubleClick for its targeted advertising. Using such data, it’s possible to track people’s web browsing habits, and this allows TURBINE to select “groups” of people to be infected with its malware. When asked to comment, the NSA declined to speak about TURBINE, but told The Intercept that “signals intelligence shall be collected exclusively where there is a foreign intelligence or counterintelligence purpose to support national and departmental missions, and not for any other purposes.”

Obviously, the ability to automate spying at this kind of level is a massive boon for the NSA, as it allows them to make the most of the exploits they use to attack and infect machines. Virtually all exploits have expiration dates, and if they’re used carelessly this can reduce the time it takes for them to be detected and patched. Interestingly, we might recall a report in Reuters from last year which shows that US government is the world’s biggest buyer of “zero day exploits”, which are flaws in software unknown to the developers.

These exploits become exponentially more useful with the NSA’s automated system. TURBINE is able to search for potential targets that fit pre-defined characteristics, such as people visiting certain websites or ad-targeting IDs, choose the exploit that’s most likely to succeed, and fire it off at its targets – all without the need for human oversight.

The big worry with all of this is that it illustrates how the NSA’s hacking network is slowly but surely evolving into the untargeted dragnet that everyone’s so wary of – just like its tapping of undersea cables, allowing it to sieve through communications for keywords, and its mass-collection of phone call metadata.

Just because the NSA has the capability to carry out ‘mass-hackings’ doesn’t necessarily mean it’s definitely going to do so. But then again, given all that we’ve learned about the nonchalant way it goes about its business, it’s hard to come up with any reason that would stop it.

Main photo credit: Dalo_Pix2 via photopin cc; Slides courtesy of The Intercept.