TURBINE (US government project)

TURBINE is the codename of an automated system which enables the United States National Security Agency (NSA) automated management and control of a large surveillance network.

The NSA has built an infrastructure which enables it to covertly hack into computers on a mass scale by using automated systems that reduce the level of human oversight in the process. This system places and controls implants – a form of remotely transmitted malware on selected individual computer devices or in bulk on tens of thousands of devices. As quoted by The Intercept, TURBINE is designed to "allow the current implant network to scale to large size (millions of implants) by creating a system that does automated control implants by groups instead of individually." The NSA has shared many of its files on the use of implants with its counterparts in the so-called Five Eyes surveillance alliance – the United Kingdom, Canada, New Zealand, and Australia.

Among other things due to TURBINE and its control over the implants the NSA is capable of:
 * breaking into targeted computers and to siphoning out data from foreign Internet and phone networks
 * infecting a target's computer and exfiltrating files from a hard drive
 * covertly recording audio from a computer's microphone and taking snapshots with its webcam
 * launching cyberattacks by corrupting and disrupting file downloads or denying access to websites
 * exfiltrating data from removable flash drives that connect to an infected computer

The TURBINE implants are linked to, and relies upon, a large network of clandestine surveillance "sensors" that the NSA has installed at locations across the world, including the agency's headquarters in Maryland (Fort George G. Meade) and eavesdropping bases used by the agency in Misawa, Japan (Misawa Air Base) and Menwith Hill, England (RAF Menwith Hill). Codenamed as TURMOIL, the sensors operate as a sort of high-tech surveillance dragnet, monitoring packets of data as they are sent across the Internet. When TURBINE implants exfiltrate data from infected computer systems, the TURMOIL sensors automatically identify the data and return it to the NSA for analysis. And when targets are communicating, the TURMOIL system can be used to send alerts or "tips" to TURBINE, enabling the initiation of a malware attack. To identify surveillance targets, the NSA uses a series of data "selectors" as they flow across Internet cables. These selectors can include email addresses, IP addresses, or the unique "cookies" containing a username or other identifying information that are sent to a user's computer by websites such as Google, Facebook, Hotmail, Yahoo, and Twitter, unique Google advertising cookies that track browsing habits, unique encryption key fingerprints that can be traced to a specific user, and computer IDs that are sent across the Internet when a Windows computer crashes or updates.