Ten Things We’ve Learned About The NSA From A Summer Of Snowden Leaks
By Andy Greenberg/ Forbes/ September 9, 2013
The truth is coming, and it cannot be stopped,” Edward Snowden told readers of theGuardian in June. At the time, just a few weeks into the publication of documents that the 30-year-old former National Security Agency contractor had siphoned from his workstation in Hawaii, that prophetic statement might have seemed like grandstanding. But close to three months later, the collection of Snowden’s revelations has grown to the megaleak proportions of WikiLeaks’ Cablegate or Daniel Ellsberg’s Pentagon Papers, with no end in sight. For those who watch the watchers, Snowden may well have become the most important leaker of the 21st century.
Snowden himself has managed to take refuge in Russia and disappear from the headlines, putting the full spotlight back onto his bombshell documents. But as with all megaleaks, the sheer number of scoops he’s enabled threatens to overwhelm anyone tracking the NSA’s still-growing scandal. Here are a few highlights from what we’ve learned so far in the Summer of Snowden.
- For more than a decade, the NSA has been working to systematically influence encryption standards or insert backdoors in the code of commercial encryption software to enable it to access Internet users’ communications, according to documents Snowden leaked to the Guardian, which were shared with the New York Times and Pro Publica. Though the published documents lack many details, the protocols the agency may have the ability to break or circumvent include Web encryption such as Secure Sockets Layer and Transport Security Layer, the Internet protocol encryption and authentication technology IPsec, common virtual private network systems used for anonymity and secure remote access, and Voice-Over-Internet-Protocol. (VoIP) The backdoor-planting projects, known as “Bullrun” in the United States and “Edgehill” within the NSA’s British equivalent the GCHQ, have made “vast amounts of encrypted Internet data…exploitable,” according to one leaked document.
- The German newsweekly Der Spiegel wrote over the weekend that it had obtained NSA documents revealing that the agency has the ability to access a wide range of information stored on smartphones including iPhones, Blackberrys, and those running Google’s Android operating system. That information includes contacts, text message traffic, and location data–the paper alludes to the NSA’s compromise of “38 iPhone features.” Despite losing access to Blackberry’s messaging systems in 2009 after a change in how the company compressed data, the agency noted in a document that a breakthrough allowed it to regain access in 2010.
- Snowden-leaked documents obtained and partially published by theWashington Post revealed the makeup of the so-called Black Budget, the $52.6 billion of government funding spent on classified programs. The budget showed that the NSA received $10.8 billion for the year 2013, second only to the CIA’s $14.7 billion. The budget confirmed that the NSA employs an elite hacking team it calls Tailored Access Operations, revealed the agency’s focus on hacking network routers and switches rather than servers and PCs, and exposed a program to combat “insider threats” by investigating 4,000 employees, which was (ironically) shelved to focus on reacting to WikiLeaks’ disclosures in 2010. The budget also outlined how much telecom firms are paid for their cooperation with the NSA’s surveillance.
- Newly-revealed surveillance targets for the NSA, according to various Snowden leaks, include the presidents of U.S.-friendly countries such as Brazil and Mexico, international organizations like the U.N. and E.U.–going so far as to bug embassies and hack the U.N.’s video conferencing systems–and Al Jazeera, the first revelation that the NSA has surveilled journalists. Earlier leaks, published by the Guardian, included a program that mapped out the frequency of NSA’s surveillance by country, showing a focus on the Middle East but also including American targets. Another document confirmed that President Obama has asked the NSA to draw up a list of potential cyberattack targets, including ones that could potentially disable enemy infrastructure.
- Internal audit documents from the NSA, obtained by the Washington Post, show that the agency found 2,776 incidents in which its staff had broken its own rules governing surveillance in the year leading up to May 2012. In one case, a surveillance operation continued for three months before the Foreign Intelligence Surveillance Court, which is designed to oversee the agency, first heard about it and ruled it unconstitutional. In another comic example, analysts collected phone calls from the Washington area because its “202″ area code was confused with Egypt’s country code, “20.”
- Even when the NSA follows its internal rules, it’s offered a surprising number of regulatory loopholes. A document published by the Guardian showed that the NSA makes broad exceptions to its mission of only spying on foreign targets. That includes collecting and storing information on Americans when it’s judged to contain “significant foreign intelligence” information, information about a crime that has been or may be about to be committed, is related to “the unauthorized disclosure of national security information,” or is involved in assessing “a communications security vulnerability.” In another exception, any encrypted data can also be held long enough to crack it.
- Documents given to the Guardian revealed that the NSA helps to fund the spying operations of Britain’s GCHQ, in part to take advantage of the U.K.’s more relaxed regulations of its intelligence sector. Over three years, the NSA gave more than $150 million to British intelligence services, and 60% of GCHQ’s “refined intelligence” also reportedly came from the NSA’s analysis.
- Other documents focusing on GCHQ and published by the Guardian showed that the British intelligence service has the ability to tap transatlantic fiberoptic cables for raw Internet data, much of which is shared with the NSA.
- In a slideshow first published in part by the Washington Post, a program known as PRISM reportedly allowed direct access to the servers of companies including Google, Apple, Facebook, Microsoft, and others. Most of the companies implicated in PRISM denied any such access, but several, including Apple and Facebook, responded by offering details for the first time about how often they cooperate with surveillance requests from the NSA and from law enforcement.
- The Guardian kicked off the Snowden saga in June with an order sent to Verizon on behalf of the NSA demanding the cell phone records of all of Verizon Business Network Services’ American customers for a three month period. The order, which dealt with only those users’ metadata,specifically requested Americans’ records. In the following days, Senators Saxby Chambliss and Diane Feinstein publicly stated that similar orders have been issued to telecoms for the last seven years.