PRISM leaks: WTF, you don't spy on your friends, splutters EU

NSA: 'Meh, everybody does it...'

SANS - Survey on application security programs

Berlin has accused Washington of treating it "like a Cold War enemy" after it emerged that US spooks spied on targets from friendly European countries.

Vice-president of the European Commission, Neelie Kroes, told BBC:

Of course it is a shock and it's not acceptable at all. It's not acceptable because it is a friendly relationship... The member states should sit together and make up [our] minds how we are dealing with this. Of course, talking between friends, it should be clear first that it will never, ever happen again...

According to a report published in Der Spiegel over the weekend, American spies bugged the EU embassy in Washington and its offices at the UN in New York, as well as a key building in Brussels.

Der Speigel's allegations were based on a 2010 document leaked by PRISM whistleblower Edward Snowden, who is thought to be holed up in Russia and hoping to flee to the nation of Ecuador, which may grant him asylum - although there is currently doubt over whether or not the country will extradite him. The German magazine said it had seen evidence that the NSA boasted of targeting "third party partners", which do not include second-party countries like Canada, the UK or Australia.

The claims were backed up by an article in The Guardian, which referred to documents released by Snowden that showed US spies targeted 38 missions and embassies worldwide, including allies like Turkey, France, Italy, Japan, Greece, Mexico, India and South Korea.

The newspaper also published details of American surveillance techniques, which include planting bugs into communications gear, tapping into cables, collecting transmissions and using a system called Dropmire to spy on diplomats' encrypted fax machines. Agents also used a system allowing them to download the entire contents of a hard drive.

The news hit hard in Germany, which remembers the blanket surveillance carried out by the Stasi during the dark days of the Cold War.

Steffen Seibert, spokesman for Chancellor Merkel, said: "If it is confirmed that diplomatic representations of the European Union and individual European countries have been spied upon, we will clearly say that bugging friends is unacceptable. We are no longer in the Cold War."

Eurocrats have warned the Americans that their surveillance scheme could stymie plans to sign a trans-Atlantic trade treaty, which would create the world's largest free trade area. Officials in Germany, Italy, France and Luxembourg have lined up to sling mud at the US.

"Partners do not spy on each other," said EU Justice Commissioner Viviane Reding. "We cannot negotiate over a big trans-Atlantic market if there is the slightest doubt that our partners are carrying out spying activities on the offices of our negotiators. The American authorities should eliminate any such doubt swiftly."

The European Parliament President Martin Schulz said he was "deeply worried and shocked about the allegations of US authorities spying on EU offices", while Luxembourg's foreign minister and deputy prime minister Jean Asselborn said work should begin immediately to rebuild "confidence on the highest level of the European Union and the United States".

The documents leaked to Der Spiegel suggested the EU's United Nations office was spied on along with the Washington outpost. Both were named as a "location target".

American spies were also alleged to be involved in an electronic snooping programme in the heart of Brussels five years ago, striking at the telephone system in the Justus Lipsius building, which houses the EU's Council of Ministers and the European Council.

Calls made to the phone network's remote maintenance system were tracked back to NATO headquarters on the outskirts of Brussels, in a part of the building known to be used by the NSA. If true, this would allow NSA agents to listen in on top officials' calls and monitor internet traffic.

In a statement, the national intelligence director's office appeared to confirm the allegation. It said that "as a matter of policy, we have made clear that the United States gathers foreign intelligence of the type gathered by all nations" - which includes friendly nations, by the looks of things.

During an appearance on the CBS news show Face The Nation, former NSA and CIA director Mike Hayden said Europeans "should look first and find out what their own governments are doing" before becoming outraged.

However, he told US President Barack Obama that more needed to be done to make sure citizens knew exactly what sort of surveillance the government was carrying out.

"The more they know, the more comfortable they will feel," Hayden said. "Frankly, I think we ought to be doing a bit more to explain what it is we're doing, why, and the very tight safeguards under which we're operating."

The NSA used codenames for each operation, giving the name "Perdido" to the spying programme at the EU's offices in New York - a word that means "lost" or "missing" in Spanish and Portuguese.

Snooping on the Greek's UN mission was called "Powell", while the operation against its embassy was named "Klondyke".

The operation against the French embassy in Washington was "Wabash", while the one aimed at its UN mission was called "Blackfoot". ®

Combat fraud and increase customer satisfaction

More from The Register

next story
Parent gabfest Mumsnet hit by SSL bug: My heart bleeds, grins hacker
Natter-board tells middle-class Britain to purée its passwords
Obama allows NSA to exploit 0-days: report
If the spooks say they need it, they get it
Web data BLEEDOUT: Users to feel the pain as Heartbleed bug revealed
Vendors and ISPs have work to do updating firmware - if it's possible to fix this
Samsung Galaxy S5 fingerprint scanner hacked in just 4 DAYS
Sammy's newbie cooked slower than iPhone, also costs more to build
Mounties always get their man: Heartbleed 'hacker', 19, CUFFED
Canadian teen accused of raiding tax computers using OpenSSL bug
Snowden-inspired crypto-email service Lavaboom launches
German service pays tribute to Lavabit
One year on: diplomatic fail as Chinese APT gangs get back to work
Mandiant says past 12 months shows Beijing won't call off its hackers
prev story


Designing a defence for mobile apps
In this whitepaper learn the various considerations for defending mobile applications; from the mobile application architecture itself to the myriad testing technologies needed to properly assess mobile applications risk.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.
Five 3D headsets to be won!
We were so impressed by the Durovis Dive headset we’ve asked the company to give some away to Reg readers.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.