The Swedish Kings of Cyberwar

President Barack Obama with then Swedish Foreign Minister Carl Bildt at Stockholm Arlanda Airport, September 2013. At a joint press conference with then Swedish Prime Minister Fredrik Reinfeldt the same day, Obama discussed surveillance by the NSA.
Pete Souza/White House
President Barack Obama with then Swedish Foreign Minister Carl Bildt at Stockholm Arlanda Airport, September 2013. At a joint press conference with then Swedish Prime Minister Fredrik Reinfeldt the same day, Obama discussed surveillance by the NSA.

On April 24, 2013, just weeks before Edward Snowden went public with his leaks about mass surveillance by the National Security Agency, General Keith B. Alexander, then the head of the NSA, welcomed a group of Swedish intelligence officials to a secret three-day meeting at NSA headquarters in Fort Meade, Maryland. In the delegation were Ingvar Åkesson, the longtime director of Sweden’s National Defense Radio Establishment (known as the FRA, for Försvarets radioanstalt), a shadowy Swedish government intelligence agency, and five members of Åkesson’s senior staff. One of the aims of the meeting was to discuss Sweden’s growing importance to the NSA.

In a 2008 law, the FRA had been given expansive powers by the Swedish government to vacuum up all communications traveling over fiber optic networks into and out of Sweden—including e-mails, text messages, and telephone calls. This was of great interest to the NSA, not least because a large percentage of Russian communications traveled through Sweden. In 2011, the Swedes began sharing their surveillance data with the NSA, which included—as NSA officials described it at the time of the meeting—a “unique collection [of communications data] on high-priority Russian targets such as leadership, internal politics, and energy.”

Noting the Swedish spy agency’s unusual technical abilities and reputation for secrecy, NSA officials also viewed it as an ideal collaborator on its hacking and cyberwarfare project, called Quantum. One of the Quantum programs was an ambitious operation called WINTERLIGHT, which aimed at secretly hacking into high-value foreign computers and computer networks to obtain not only communications data but also any information stored on the hard drives or servers in question. Possible targets might be the administrators of foreign computer networks, government ministries, oil, defense, and other major corporations, as well as suspected terrorist groups or other designated individuals. Similar Quantum operations have targeted OPEC headquarters in Vienna, as well as Belgacom, a Belgian telecom company whose clients include the European Commission and the European Parliament.

According to NSA documents, WINTERLIGHT was using a complex attack strategy to secretly implant a malware program on the targeted computer or network. The NSA’s malware would then divert any signals between those computers and the Internet through “rogue” high-speed surveillance servers, called “FoxAcid” servers, allowing the NSA to access in stealth almost any of the user’s personal data—and even to tamper with data traveling from one user to another. The implications for both spying and offensive cyber…


This is exclusive content for subscribers only – subscribe at this low introductory rate for immediate access!

Online Subscription

Unlock this article, and thousands more from our complete 55+ year archive, by subscribing at the low introductory rate of just $1 an issue – that’s 10 issues online plus six months of full archive access for just $10.

One-Week Access

Purchase a trial Online Edition subscription and receive unlimited access for one week to all the content on nybooks.com.

If you already have one of these subscriptions, please be sure you are logged in to your nybooks.com account. If you subscribe to the print edition, you may also need to link your web site account to your print subscription. Click here to link your account services.