26 November 2013
A February 2012 document called ‘SIGINT Strategy 2012-2016’ outlines exactly what the NSA plans to “dominate” the world’s Internet and telecom networks.
- Strong commercial encryption works -- and the NSA is trying to destroy it. A major goal outlined in the blueprint is to “Counter the challenge of ubiquitous, strong, commercial network encryption.” One of the ways it plans to do so is by using human spies to influence and weaken encryption standards at tech companies. Or in NSA speak, it plans to “counter indigenous cryptographic programs by targeting their industrial bases with all available SIGINT and HUMINT capabilities.” (HUMINT means ‘human intelligence’, or spies.) NSA also intends to “influence the global commercial encryption market through commercial relationships, HUMINT, and second and third party partners.” For an agency that claims to care about cybersecurity, these efforts to harm internet security appear front and center among the agency’s goals. NSA says it must “defeat adversary cybersecurity practices in order to acquire the SIGINT data we need from anyone, anytime, anywhere.” By defeating strong commercial encryption and ensuring no one, anywhere, can have secure internet communications, NSA endangers the security of everyone’s information -- including yours, Goldman Sachs.
- The agency has much of the world’s data -- but does it have the technological prowess to make sense of it all? The strategy document suggests it does not, but that obtaining it is its top priority through 2016. The first goal listed in the document reads: “Revolutionize analysis – fundamentally shift our analytic approach from a production to a discovery bias, enriched by innovative customer/partner engagement, radically increasing operational impact across all mission domains.”
- NSA says it knows that its ability to obtain digital communications information worldwide “will only endure if we keep sight of the dynamic and increasingly market driven forces that continue to shape the SIGINT battle space.” In other words, the agency knows it has to have spies on the inside of technology companies in order to have the information -- and influence -- it needs to both tap into and shape communications platforms and encryption standards. Aware that its collection of vast quantities of the world’s communications data relies significantly on the cooperation of private corporations that manage and process the information, the NSA plans to “identify new access, collection, and exploitation methods by leveraging global business trends in data and communications services.” Part of this expanded collection will, the agency hopes, involve integration of “the SIGINT system into a national network of sensors which interactively sense, respond, and alert one another at machine speed.”
- Believe it or not, the NSA thinks it needs more legal power: “The interpretation and guidelines for applying our authorities, and in some cases the authorities themselves, have not kept pace with the complexity of the technology and target environments, or the operational expectations levied on NSA’s mission.” The agency continues: “For SIGINT to be optimally effective, legal, policy, and process authorities must be as adaptive and dynamic as the technological and operational advances we seek to exploit. Nevertheless, the culture of compliance, which has allowed the American people to entrust NSA with extraordinary authorities, will not be compromised in the face of so many demands, even as we aggressively pursue legal authorities and a policy framework mapped more fully to the information age.” Congress is currently considering a range of bills that would rein in the NSA and FBI’s spy powers. The NSA, meanwhile, is plotting to expand its ‘legal’ authorities, as well as loosen the 'interpretation' of statutes to enable more collection, wider latitude for analysts, and likely also broader sharing of our communications information in and outside of government.
- NSA is well aware that knowledge about our ‘digital traces’ equals power over us: “the traces individuals leave when they interact with the global network will define the capacity to locate, characterize and understand entities” -- by entities they mean us. Knowledge is power.
- Even amidst a crackdown against leaks, a war on whistleblowers, and internal witch hunts in government to identify people who may harbor ‘subversive’ ideas (such as a respect for individual privacy), the NSA plans to expand -- rather than contract -- government agency access to its vast data collections. “To remain a value for the warfighter our information must be immediately available at the lowest classification level,” the document says. “Products and services from NSA will evolve into forms and across boundaries that mirror the networked and agile manner in which people interact in the information age, and we will share information, responsibly and securely, with external partners and customers.” The agency identifies “shar[ing] bulk data” as one of its primary goals for the 2012-2016 period. Can we look forward to state and local police fusion centers getting access to our bulk records? Just imagine if your local sheriff or police chief could rummage through your emails and phone records, no warrant or probable cause required.
If that isn’t enough, New York Times journalists James Risen and Laura Poitras describe the NSA’s plans to map the global internet, down to the device I wrote this on and the one upon which you’re reading it.
Other N.S.A. documents offer hints of how the agency is trying to do just that. One program, code-named Treasure Map, provides what a secret N.S.A. PowerPoint presentation describes as “a near real-time, interactive map of the global Internet.” According to the undated PowerPoint presentation, disclosed by Mr. Snowden, Treasure Map gives the N.S.A. “a 300,000 foot view of the Internet.”
Relying on Internet routing data, commercial and Sigint information, Treasure Map is a sophisticated tool, one that the PowerPoint presentation describes as a “massive Internet mapping, analysis and exploration engine.” It collects Wi-Fi network and geolocation data, and between 30 million and 50 million unique Internet provider addresses — code that can reveal the location and owner of a computer, mobile device or router — are represented each day on Treasure Map, according to the document. It boasts that the program can map “any device, anywhere, all the time.”
A new map reveals the NSA's massive worldwide malware operations:
A new map details how many companies across the world have been infected by malware by the National Security Agency's team of hackers, and where the companies are located.
Dutch newspaper NRC Handelsblad reports the NSA uses malware to infect, infiltrate and steal information from over 50,000 computer networks around the globe. This new, previously unreported scope of the NSA's hacking operation comes from another PowerPoint slide showing a detailed map of every infection leaked by former contractor Edward Snowden.
NSA might have illegally broken into telecommunication companies fiber optic cables to spy on Americans:
People knowledgeable about Google and Yahoo’s infrastructure say they believe that government spies bypassed the big Internet companies and hit them at a weak spot — the fiber-optic cables that connect data centers around the world that are owned by companies like Verizon Communications, the BT Group, the Vodafone Group and Level 3 Communications. In particular, fingers have been pointed at Level 3, the world’s largest so-called Internet backbone provider, whose cables are used by Google and Yahoo.