7 December 2014

NSA accused of intercepting emails sent by mobile phone firm employees

4 December 2014

New claims against National Security Agency’s surveillance operations based on information obtained by Edward Snowden 

The allegations by the Intercept website are based on documents contained in material provided by Edward Snowden, above. Photograph: Pontus Lundahl/AFP/Getty Images

The National Security Agency has reportedly intercepted emails sent by employees of mobile operators in an attempt to find security weaknesses in their networks that it could exploit for surveillance purposes.

The US government body has spied on hundreds of companies and organisations, including those in allies such as Britain and Australia, as well as in nations America regards as hostile. It plans to insert flaws into communications systems so that they can be accessed by their operatives.

The allegations, reported by the Intercept, are based on documents provided to the website and contained in material provided to them by Edward Snowden, the whistleblower and former NSA subcontractor who is now living in Russia.

A covert operation called AURORAGOLD that started in 2010, if not earlier, has monitored the content of messages to and from 1,200 email accounts associated with mobile operators to intercept relevant documents, the article states.

By May 2012, the NSA had collected technical data on about 700 of the almost 1,000 mobile networks worldwide.

According to the article, the information collected has been shared with other US intelligence agencies as well as those in Britain, Canada, Australia and New Zealand.

Very few companies that have been targeted have been identified in the documents, but a map found in one indicated that the NSA had some degree of “network coverage” in countries on every continent, including Germany and France.

Another of the operation’s targets has been the GSM Association, the London-based trade body that sets standards for mobile networks around the world.

Its members represent the interests of 800 major mobile, software and internet companies from more than 200 countries and include the likes of Verizon, AT&T, Facebook, Intel, Samsung and Vodafone.

The documents supplied by Snowden reveal that the NSA targeted meetings held by the association where new technology and policies were discussed.

A GSMA spokesperson said the body would not make a response until its lawyers had examined the relevant documents.

Mikko Hypponen, a security expert at Finland-based F-Secure, said that hackers could exploit any security vulnerabilities or encryption weaknesses inserted by the NSA into communication systems using data collected by the AURORAGOLD project.

An NSA spokeswoman declined to discuss the tactics used by AURORAGOLD of whether the operation was still being conducted. She added: “NSA collects only those communications that it is authorised by law to collect in response to valid foreign intelligence and counterintelligence requirements.”

No comments: