Is NSA's TURBINE just a high-end botnet?

The Intercept's "How the NSA Plans to Infect ‘Millions’ of Computers with Malware" by Gallagher and Greenwald describes more Snowden documents including an NSA system called TURBINE. While I encourage everyone to read the article, I kept asking myself, "Is there anything new here?"

I think the answer is "No." Most of the techniques described have been done before to one degree or another by various hacker groups. If you review the HBGary Federal documents released by Anonymous several years ago, they also described many of the same goals and techniques HBGary Federal proposed for clients. Even my 1996 paper (has it been 18 years?!) "ATTACK CLASS: ADDRESS SPOOFING" describes various spoofing strategies, including rerouting packet flows and session hijacking.

The Intercept's article is just another example of the increasing professionalization of cyberspace conflict. You can think of TURBINE and related components as a high-class botnet.

Cyberspace is a contested & valuable space. Virtually every government, criminal organization, and patriotic hacker group is developing tools, techniques, and talent to do similar things. You and your site may or may not be targets of the NSA programs, but there is a very good chance you *will* be the target of another one of these groups using similar techniques.