A February 2012 document called ‘SIGINT Strategy 2012-2016’ outlines exactly what the NSA plans to “dominate” the world’s Internet and telecom networks.
- Strong commercial encryption works — and the NSA is trying to destroy it. A major goal outlined in the blueprint is to “Counter the challenge of ubiquitous, strong, commercial network encryption.” One of the ways it plans to do so is by using human spies to influence and weaken encryption standards at tech companies. Or in NSA speak, it plans to “counter indigenous cryptographic programs by targeting their industrial bases with all available SIGINT and HUMINT capabilities.” (HUMINT means ‘human intelligence’, or spies.) NSA also intends to “influence the global commercial encryption market through commercial relationships, HUMINT, and second and third party partners.” For an agency that claims to care about cybersecurity, these efforts to harm internet security appear front and center among the agency’s goals. NSA says it must “defeat adversary cybersecurity practices in order to acquire the SIGINT data we need from anyone, anytime, anywhere.” By defeating strong commercial encryption and ensuring no one, anywhere, can have secure internet communications, NSA endangers the security of everyone’s information — including yours, Goldman Sachs.
- The agency has much of the world’s data — but does it have the technological prowess to make sense of it all? The strategy document suggests it does not, but that obtaining it is its top priority through 2016. The first goal listed in the document reads: “Revolutionize analysis– fundamentally shift our analytic approach from a production to a discovery bias, enriched by innovative customer/partner engagement, radically increasing operational impact across all mission domains.”
- NSA says it knows that its ability to obtain digital communications information worldwide “will only endure if we keep sight of the dynamic and increasingly market driven forces that continue to shape the SIGINT battle space.” In other words, the agency knows it has to have spies on the inside of technology companies in order to have the information — and influence — it needs to both tap into and shape communications platforms and encryption standards. Aware that its collection of vast quantities of the world’s communications data relies significantly on the cooperation of private corporations that manage and process the information, the NSA plans to “identify new access, collection, and exploitation methods by leveraging global business trends in data and communications services.” Part of this expanded collection will, the agency hopes, involve integration of “the SIGINT system into a national network of sensors which interactively sense, respond, and alert one another at machine speed.”
- Believe it or not, the NSA thinks it needs more legal power: “The interpretation and guidelines for applying our authorities, and in some cases the authorities themselves, have not kept pace with the complexity of the technology and target environments, or the operational expectations levied on NSA’s mission.” The agency continues: “For SIGINT to be optimally effective, legal, policy, and process authorities must be as adaptive and dynamic as the technological and operational advances we seek to exploit. Nevertheless, the culture of compliance, which has allowed the American people to entrust NSA with extraordinary authorities, will not be compromised in the face of so many demands, even aswe aggressively pursue legal authorities and a policy framework mapped more fully to the information age.” Congress is currently considering a range of bills that would rein in the NSA and FBI’s spy powers. The NSA, meanwhile, is plotting to expand its ‘legal’ authorities, as well as loosen the ‘interpretation’ of statutes to enable more collection, wider latitude for analysts, and likely also broader sharing of our communications information in and outside of government.
- NSA is well aware that knowledge about our ‘digital traces’ equals power over us: “the traces individuals leave when they interact with the global network will define the capacity to locate, characterize and understand entities” — by entities they mean us. Knowledge is power.
- Even amidst a crackdown against leaks, a war on whistleblowers, and internal witch hunts in government to identify people who may harbor ‘subversive’ ideas (such as a respect for individual privacy), the NSA plans to expand — rather than contract — government agency access to its vast data collections. “To remain a value for the warfighter our information must be immediately available at the lowest classification level,” the document says. “Products and services from NSA will evolve into forms and across boundaries that mirror the networked and agile manner in which people interact in the information age, and we will share information, responsibly and securely, with external partners and customers.” The agency identifies “shar[ing] bulk data” as one of its primary goals for the 2012-2016 period. Can we look forward to state and local police fusion centers getting access to our bulk records? Just imagine if your local sheriff or police chief could rummage through your emails and phone records, no warrant or probable cause required.
If that isn’t enough, New York Times journalists James Risen and Laura Poitras describe the NSA’s plans to map the global internet, down to the device I wrote this on and the one upon which you’re reading it.
Other N.S.A. documents offer hints of how the agency is trying to do just that. One program, code-named Treasure Map, provides what a secret N.S.A. PowerPoint presentation describes as “a near real-time, interactive map of the global Internet.” According to the undated PowerPoint presentation, disclosed by Mr. Snowden, Treasure Map gives the N.S.A. “a 300,000 foot view of the Internet.”
Relying on Internet routing data, commercial and Sigint information, Treasure Map is a sophisticated tool, one that the PowerPoint presentation describes as a “massive Internet mapping, analysis and exploration engine.” It collects Wi-Fi network and geolocation data, and between 30 million and 50 million unique Internet provider addresses — code that can reveal the location and owner of a computer, mobile device or router — are represented each day on Treasure Map, according to the document. It boasts that the program can map “any device, anywhere, all the time.”
The NSA says that this “Treasure Map” isn’t used for surveillance, but only to understand the global internet. That obviously makes no sense. What’s the difference between surreptitiously gathering non-public information to understand systems on the one hand, and surveillance on the other? And isn’t the NSA’s number one job to spy on the world, anyway? As the NSA itself said: “the traces individuals leave when they interact with the global network will define the capacity to locate, characterize and understand entities.”
The NSA’s blueprint for unlimited power shows that the agency, if left to its own devices, will continue barreling full speed ahead towards the absolute destruction of meaningful anonymity, privacy, and digital security for all people in the 21st century. A year and change before the Snowden revelations shook the world, it argued that its legal authorities must be expanded, citing the American public’s ‘trust’ in its capable hands. In the wake of Snowden’s truth telling, after having learned about what the agency actually does with our money, congress and the public are moving in the opposite direction.
An important first step is to pass the USA Freedom Act, which would outlaw the bulk collection of our phone records. Given the expansive and chilling plans laid out in the NSA strategy document, that might seem like a half-measure that will have no real effect on the government’s out of control surveillance state. But if you don’t think outlawing bulk collection is important, consider what your life would look like if — as the NSA appears to want to do — the three letter agencies started opening up those data troves to our state and local police.
A new map reveals the NSA’s massive worldwide malware operations:
A new map details how many companies across the world have been infected by malware by the National Security Agency’s team of hackers, and where the companies are located.
Dutch newspaper NRC Handelsblad reports the NSA uses malware to infect, infiltrate and steal information from over 50,000 computer networks around the globe. This new, previously unreported scope of the NSA’s hacking operation comes from another PowerPoint slide showing a detailed map of every infection leaked by former contractor Edward Snowden.
The practice is called “Computer Network Exploitation,” or CNE for short, and it’s carried out by the NSA’s Tailored Access Operations team. A yellow dot on the map signifies a CNE infection. The NSA plants malware within a network that can flipped on or off at any time. Once a network is infected, the malware gives the NSA unfiltered access to the network’s information whenever it’s most convenient. The Washington Post previously profiled the team of “elite hackers” who make up the NSA’s TAO division.
The British intelligence service liked this strategy too, NRC Handelsblad reports, because they successfully duped a Belgium telecom company with a fake LinkedIn account. A strip at the bottom says the map is relative to relative to the U.K., Australia, New Zealand, and Canada, the “Five Eyes” nations that share intelligence.
The bulk of CNE operations take place in Europe, South American and Asia. Some are speculating CNE operations focus on Internet service providers, telecom giants and other similar companies to better facilitate massive information collection.
Where the NSA’s team of hackers fit into the organization’s greater intelligence gathering structure is presently unclear. But another new document, a February 2012 memo leaked to The New York Times about the NSA’s goals for the future, shows exactly how extensive the NSA thought its intelligence gathering would become. They wanted everything:
Intent on unlocking the secrets of adversaries, the paper underscores the agency’s long-term goal of being able to collect virtually everything available in the digital world. To achieve that objective, the paper suggests that the N.S.A. plans to gain greater access, in a variety of ways, to the infrastructure of the world’s telecommunications networks.
NSA might have illegally broken into telecommunication companies fiber optic cables to spy on Americans:
People knowledgeable about Google and Yahoo’s infrastructure say they believe that government spies bypassed the big Internet companies and hit them at a weak spot — the fiber-optic cables that connect data centers around the world that are owned by companies like Verizon Communications, the BT Group, the Vodafone Group and Level 3 Communications. In particular, fingers have been pointed at Level 3, the world’s largest so-called Internet backbone provider, whose cables are used by Google and Yahoo.
The Internet companies’ data centers are locked down with full-time security and state-of-the-art surveillance, including heat sensors and iris scanners. But between the data centers — on Level 3’s fiber-optic cables that connected those massive computer farms — information was unencrypted and an easier target for government intercept efforts, according to three people with knowledge of Google’s and Yahoo’s systems who spoke on the condition of anonymity.
It is impossible to say for certain how the N.S.A. managed to get Google and Yahoo’s data without the companies’ knowledge. But both companies, in response to concerns over those vulnerabilities, recently said they were now encrypting data that runs on the cables between their data centers. Microsoft is considering a similar move.
“Everyone was so focused on the N.S.A. secretly getting access to the front door that there was an assumption they weren’t going behind the companies’ backs and tapping data through the back door, too,” said Kevin Werbach, an associate professor at the Wharton School.
Level 3 is not a household name in Colorado like Verizon or AT&T, but in terms of its ability to carry traffic, it is bigger than the other two carriers combined. Its networking equipment is found in 200 data centers in the United States, more than 100 centers in Europe and 14 in Latin America.
Level 3 did not directly respond to an inquiry about whether it had given the N.S.A., or the agency’s foreign intelligence partners, access to Google and Yahoo’s data. In a statement, Level 3 said: “It is our policy and our practice to comply with laws in every country where we operate, and to provide government agencies access to customer data only when we are compelled to do so by the laws in the country where the data is located.”
Also, in a financial filing, Level 3 noted that, “We are party to an agreement with the U.S. Departments of Homeland Security, Justice and Defense addressing the U.S. government’s national security and law enforcement concerns. This agreement imposes significant requirements on us related to information storage and management; traffic management; physical, logical and network security arrangements; personnel screening and training; and other matters.”