PRISM leaks: WTF, you don't spy on your friends, splutters EU

NSA: 'Meh, everybody does it...'

SANS - Survey on application security programs

Berlin has accused Washington of treating it "like a Cold War enemy" after it emerged that US spooks spied on targets from friendly European countries.

Vice-president of the European Commission, Neelie Kroes, told BBC:

Of course it is a shock and it's not acceptable at all. It's not acceptable because it is a friendly relationship... The member states should sit together and make up [our] minds how we are dealing with this. Of course, talking between friends, it should be clear first that it will never, ever happen again...

According to a report published in Der Spiegel over the weekend, American spies bugged the EU embassy in Washington and its offices at the UN in New York, as well as a key building in Brussels.

Der Speigel's allegations were based on a 2010 document leaked by PRISM whistleblower Edward Snowden, who is thought to be holed up in Russia and hoping to flee to the nation of Ecuador, which may grant him asylum - although there is currently doubt over whether or not the country will extradite him. The German magazine said it had seen evidence that the NSA boasted of targeting "third party partners", which do not include second-party countries like Canada, the UK or Australia.

The claims were backed up by an article in The Guardian, which referred to documents released by Snowden that showed US spies targeted 38 missions and embassies worldwide, including allies like Turkey, France, Italy, Japan, Greece, Mexico, India and South Korea.

The newspaper also published details of American surveillance techniques, which include planting bugs into communications gear, tapping into cables, collecting transmissions and using a system called Dropmire to spy on diplomats' encrypted fax machines. Agents also used a system allowing them to download the entire contents of a hard drive.

The news hit hard in Germany, which remembers the blanket surveillance carried out by the Stasi during the dark days of the Cold War.

Steffen Seibert, spokesman for Chancellor Merkel, said: "If it is confirmed that diplomatic representations of the European Union and individual European countries have been spied upon, we will clearly say that bugging friends is unacceptable. We are no longer in the Cold War."

Eurocrats have warned the Americans that their surveillance scheme could stymie plans to sign a trans-Atlantic trade treaty, which would create the world's largest free trade area. Officials in Germany, Italy, France and Luxembourg have lined up to sling mud at the US.

"Partners do not spy on each other," said EU Justice Commissioner Viviane Reding. "We cannot negotiate over a big trans-Atlantic market if there is the slightest doubt that our partners are carrying out spying activities on the offices of our negotiators. The American authorities should eliminate any such doubt swiftly."

The European Parliament President Martin Schulz said he was "deeply worried and shocked about the allegations of US authorities spying on EU offices", while Luxembourg's foreign minister and deputy prime minister Jean Asselborn said work should begin immediately to rebuild "confidence on the highest level of the European Union and the United States".

The documents leaked to Der Spiegel suggested the EU's United Nations office was spied on along with the Washington outpost. Both were named as a "location target".

American spies were also alleged to be involved in an electronic snooping programme in the heart of Brussels five years ago, striking at the telephone system in the Justus Lipsius building, which houses the EU's Council of Ministers and the European Council.

Calls made to the phone network's remote maintenance system were tracked back to NATO headquarters on the outskirts of Brussels, in a part of the building known to be used by the NSA. If true, this would allow NSA agents to listen in on top officials' calls and monitor internet traffic.

In a statement, the national intelligence director's office appeared to confirm the allegation. It said that "as a matter of policy, we have made clear that the United States gathers foreign intelligence of the type gathered by all nations" - which includes friendly nations, by the looks of things.

During an appearance on the CBS news show Face The Nation, former NSA and CIA director Mike Hayden said Europeans "should look first and find out what their own governments are doing" before becoming outraged.

However, he told US President Barack Obama that more needed to be done to make sure citizens knew exactly what sort of surveillance the government was carrying out.

"The more they know, the more comfortable they will feel," Hayden said. "Frankly, I think we ought to be doing a bit more to explain what it is we're doing, why, and the very tight safeguards under which we're operating."

The NSA used codenames for each operation, giving the name "Perdido" to the spying programme at the EU's offices in New York - a word that means "lost" or "missing" in Spanish and Portuguese.

Snooping on the Greek's UN mission was called "Powell", while the operation against its embassy was named "Klondyke".

The operation against the French embassy in Washington was "Wabash", while the one aimed at its UN mission was called "Blackfoot". ®

High performance access to file storage

More from The Register

next story
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
Call of Duty 'fragged using OpenSSL's Heartbleed exploit'
So it begins ... or maybe not, says one analyst
prev story


Top three mobile application threats
Learn about three of the top mobile application security threats facing businesses today and recommendations on how to mitigate the risk.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.