11 Dec 2013

NSA Uses Cookies to Spot Hacking Targets

The US National Security Agency analyses cookies and location data to identify potential hacking targets, according to The Washington Post.

Along with Britain’s GCHQ, the NSA uses the Google-specific tracking cookie to find new government targets to monitor, a leaked copy of an April 2013 NSA presentation shows.

Google’s tracking mechanism, known as “PREF cookie” does not store personal information but associates unique numeric codes to each browser connection, which allows Google to track individual users. It can also isolate a user’s communication history to send hacking software.

The information is shared with NSA’s Tailored Access Operations division, which participates in offensive hacking operations.

The leaked document also reveals the NSA is gathering information from location-based smartphone apps to track the physical location of certain IP addresses.

"As we've said before, NSA, within its lawful mission to collect foreign intelligence to protect the United States, uses intelligence tools to understand the intent of foreign adversaries and prevent them from bringing harm to innocent Americans," an NSA spokesman told the Washington Post.

Ed Felten, a computer scientist at Princeton University, recommends users to not allow themselves to be tracked for advertising purposes as “they are making themselves vulnerable to exploitation”.