Feeds

NSA: Inside the FIVE-EYED VAMPIRE SQUID of the INTERNET

You may want to move to Iceland at this point

Internet Security Threat Report 2014

Snowden Anniversary One year after The Guardian opened up the trove of top secret American and British documents leaked by former National Security Agency (NSA) sysadmin Edward J Snowden, the world of data security and personal information safety has been turned on its head.

Everything about the safety of the internet as a common communication medium has been shown to be broken. As with the banking disasters of 2008, the crisis and damage created - not by Snowden and his helpers, but by the unregulated and unrestrained conduct the leaked documents have exposed - will last for years if not decades.

Compounding the problem is the covert network of subornment and control that agencies and collaborators working with the NSA are now revealed to have created in communications and computer security organisations and companies around the globe.

The NSA's explicit objective is to weaken the security of the entire physical fabric of the net. One of its declared goals is to "shape the worldwide commercial cryptography market to make it more tractable to advanced cryptanalytic capabilities being developed by the NSA", according to top secret documents provided by Snowden.

Profiling the global machinations of merchant bank Goldman Sachs in Rolling Stone in 2009, journalist Matt Taibbi famously characterized them as operating "everywhere ... a great vampire squid wrapped around the face of humanity, relentlessly jamming its blood funnel into anything that smells like money”.

The NSA, with its English-speaking "Five Eyes" partners (the relevant agencies of the UK, USA, Australia, New Zealand and Canada) and a hitherto unknown secret network of corporate and government partners, has been revealed to be a similar creature. The Snowden documents chart communications funnels, taps, probes, "collection systems" and malware "implants" everywhere, jammed into data networks and tapped into cables or onto satellites.

The evidence Snowden has provided, by the bucketload, has shown that no country, no network, no communications system, no type of communication has been too small or trivial or irrelevant to attract attention and the ingestion of data into huge and enduring archives - under construction at NSA headquarters and already in operation at its new Utah Data Center.

Operations have ranged from the systematic recording of every mobile telephone call in the tiny 380,000 population Bahamas, through Angry Birds, World of Warcraft, Second Life, intimate Yahoo webcam images and direct cyber attacks on the data centre networks of Google (carried out by British allies at GCHQ from bases in the UK). Under the covernames of WINDSTOP and MUSCULAR, GCHQ data from UK cable taps, including direct intercepts of US email providers and ISPs, is provided wholesale to NSA. NSA has also deployed two overseas Remote Operations centres for malware management at Menwith Hill Station in Yorkshire and at Misawa, Japan.

There are parallels to the banking world, too, in the pervasive and longstanding networks of influence that have been created with the aim of influencing and controlling policymakers, and which have assured minimal political change when damage is done. Merchant banks like Goldmans have long worked hard to have their alumni in positions of political power and influence, in control at vital times.

Seeb spy base revealed by The Reg: part of GCHQ's £1bn project TEMPORA

Last month, accompanying his new book Nowhere to Hide, journalist Glenn Greenwald has published 180 new Snowden documents that lay out the NSA's global reach - 33 "Third Party" countries, 20 major access "choke points" accessing optical fibre communications, 80 "strategic partner" commercial manufacturers, 52 US, UK and overseas satellite interception sites, more than 80 US Embassies and diplomatic sites hosting floors packed with surveillance and monitoring equipment, and over 50,000 "implants" - malware and tampered hardware that has rendered most commercial VPN systems and software transparent to the NSA and its partners.

In GCHQ and NSA Sigint (signals-intelligence) jargon, common or garden "hacking" is never talked about: the insider term for such activity is "CNE" - Computer Network Exploitation.

NSA's access to optical fibre cables worldwide can be "covert, clandestine or co-operative," according to one of the leaked slides. The covert operations described in the Snowden documents include secret taps on other companies' cables installed by employees of such firms as AT&T and BT.

The published Snowden documents have not yet described NSA's special activities to get into cables even their overseas and corporate partners cannot access. For more than ten years, an adapted nuclear submarine - the USS Jimmy Carter - has installed underwater taps on marine cables, "lifting them up", installing taps and then laying out "backhaul" fibres to interception sites, according to a former Sigint employee. Cable companies have speculated that the submarine tapping activity may be connected to a rash of unexplained cable cuts in recent times affecting fibre cables in the Middle East and South Asia; the cable breaks could serve to prevent operators noticing as taps were installed elsewhere on the same cable.

One previously unrevealed outstation of Britain's secret internet tapping programme has been operating for almost five years in the autocratic Persian gulf state of Oman, according to documents obtained by Snowden in Hawaii. The station, known as Overseas Processing Centre 1 (OPC-1) is part of GCHQ’s massive £1bn project TEMPORA, which GCHQ wants to use to harvest all internet communications it can access and hold that data for up to 30 days.

Beginner's guide to SSL certificates

More from The Register

next story
NSA SOURCE CODE LEAK: Information slurp tools to appear online
Now you can run your own intelligence agency
Azure TITSUP caused by INFINITE LOOP
Fat fingered geo-block kept Aussies in the dark
NASA launches new climate model at SC14
75 days of supercomputing later ...
Yahoo! blames! MONSTER! email! OUTAGE! on! CUT! CABLE! bungle!
Weekend woe for BT as telco struggles to restore service
Cloud unicorns are extinct so DiData cloud mess was YOUR fault
Applications need to be built to handle TITSUP incidents
BOFH: WHERE did this 'fax-enabled' printer UPGRADE come from?
Don't worry about that cable, it's part of the config
Stop the IoT revolution! We need to figure out packet sizes first
Researchers test 802.15.4 and find we know nuh-think! about large scale sensor network ops
SanDisk vows: We'll have a 16TB SSD WHOPPER by 2016
Flash WORM has a serious use for archived photos and videos
Astro-boffins start opening universe simulation data
Got a supercomputer? Want to simulate a universe? Here you go
prev story

Whitepapers

Go beyond APM with real-time IT operations analytics
How IT operations teams can harness the wealth of wire data already flowing through their environment for real-time operational intelligence.
The total economic impact of Druva inSync
Examining the ROI enterprises may realize by implementing inSync, as they look to improve backup and recovery of endpoint data in a cost-effective manner.
Forging a new future with identity relationship management
Learn about ForgeRock's next generation IRM platform and how it is designed to empower CEOS's and enterprises to engage with consumers.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Mitigating web security risk with SSL certificates
Web-based systems are essential tools for running business processes and delivering services to customers.