Given that we now know that the National Security Agency (NSA) has the ability to compromise some, if not all of VPN, SSL, and TLS forms of data transmission hardening, it’s worth considering the various vectors of technical and legal data-gathering that high-level adversaries in America and Britain (and likely other countries, at least in the “Five Eyes” group of anglophone allies) are likely using in parallel to go after a given target. So far, the possibilities include:
- A company volunteers to help (and gets paid for it)
- Spies copy the traffic directly off the fiber
- A company complies under legal duress
- Spies infiltrate a company
- Spies coerce upstream companies to weaken crypto in their products/install backdoors
- Spies brute force the crypto
- Spies compromise a digital certificate
- Spies hack a target computer directly, stealing keys and/or data, sabotage.
Let’s take these one at a time.
Voluntary sharing
As Ars has reported before, one of the major telecommunications companies in America—either Verizon or AT&T—went to the NSA in the days after September 11, 2001 because it “noticed odd patterns in domestic calling records surrounding the events of 11 September and offered call records and analysis."
Between fiscal years 2002 and 2006, under the STELLAR WIND program, taxpayers coughed up $146 million to pay for software and hardware to search for, sort, and identify nuggets inside that vast amount of data. The NSA's legal cover was the Patriot Act’s Section 215, which compels companies to hand over relevant business records.
Just this week, the original author of the Patriot Act said that the federal intelligence community greatly overstepped Congress’ intent. Still, telcos won't likely suffer consequences for this kind of sharing. In 2007 and 2008, corporate lawyers for these companies leaned on President George W. Bush to propose and pass retroactive immunity for this type of data sharing. (Such immunity was upheld by the Supreme Court in 2012).
Tapping undersea cables
What if companies don’t want to play nice? That’s no problem. After all, spy agencies like the NSA and its British counterpart, the Government Communications Headquarters (GCHQ), simply have direct access to undersea fiber optic cables. Or, as was the case in San Francisco, a digital splitter that shunted a copy of all AT&T’s data traffic to the NSA. Across the pond, it remains unclear to what degree companies like BT, Level 3, and others have tried to resist.
Legal compulsion
Thanks to slides provided by former NSA contractor Edward Snowden, we now know that American tech companies are also likely being forced under legal duress to hand over specific data in certain circumstances. That probably means that the United States legal and intelligence community is putting pressure on companies like Lavabit and Silent Circle to share certain data. Beyond those secret e-mail providers, other household-name firms like Facebook, Microsoft, Google, Apple, and others have also likely been compelled to hand over subscriber data and/or their own private keys (such as an SSL key).
"Protecting the privacy of our users and their data is a top priority for Facebook. We do not provide any government organization with direct access to Facebook servers," a Facebook spokesperson told Ars two months ago. "When Facebook is asked for data or information about specific individuals, we carefully scrutinize any such request for compliance with all applicable laws and provide information only to the extent required by law."
These companies likely have gag orders (whether through National Security Letters, Foreign Intelligence Surveillance Court orders, or other similar legal tools) that prevent them from speaking about who was targeted, when, why, and how, as well as what measures, if any, they took to resist.
"We provide customer data only when we receive a legally binding order or subpoena to do so, and never on a voluntary basis," a Microsoft spokesperson told Ars in July 2013. "In addition, we only ever comply with orders for requests about specific accounts or identifiers. If the government has a broader voluntary national security program to gather customer data, we don’t participate in it."
HUMINT hums along
But what if spooks want to take a less front-door approach to getting the data? That’s also not an issue as the GCHQ (and presumably the NSA and its partner spy agencies worldwide) have good old-fashioned human spies in place.
According to The Guardian’s reporting from Thursday:
To help secure an insider advantage, GCHQ also established a Humint Operations Team (HOT). Humint, short for "human intelligence" refers to information gleaned directly from sources or undercover agents.
This GCHQ team was, according to an internal document, "responsible for identifying, recruiting, and running covert agents in the global telecommunications industry."
It’s highly likely that the other members of the Five Eyes group—the US, the UK, Canada, New Zealand, and Australia—which have unprecedented levels of intelligence sharing between them, also engage in similar types of classic espionage. It’s safe to assume that there are agents, contractors, or other allies at various points within the private telecommunications infrastructure at major telcos across the globe.
“[It] doesn't take too many people at your company to help bypass crypto—just a few in your data center or someone at a mobile carrier who can get the key database,” Matthew Green, a crypto expert and computer science professor at Johns Hopkins University, told Ars.
Weakening the product
The original source documents (PDF, labeled top secret) even say specifically that the NSA and other intelligence agencies are working directly with companies to implement weaker standards.
The SIGINT [Signals Intelligence] Enabling Project actively engages the US and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs. These design changes make the systems in question exploitable through SIGINT collection (e.g., Endpoint, MidPoint, etc.) with foreknowledge of the modification. To the consumer and other adversaries, however, the systems’ security remains intact. In this way, the SIGINT Enabling approach uses commercial technology and insight to manage the increasing cost and technical challenges of discovering and successfully exploiting systems of interest within the ever-more integrated and security-focused global communications environment.
The same document indicates that by the end of this fiscal year, the intelligence community expects to “shape the worldwide commercial cryptography marketplace to make it more tractable to advanced cryptanalytic capabilities developed by NSA/CSS.”
And this is hardly new: the slides provided by Snowden also show that the NSA has been lobbying agencies like the US National Institute of Standards and Technology, which previously approved intentionally weaker cryptographic standards with a known backdoor in them. This is likely to be the Dual_EC_DRBG standard that had known flaws even at the time. However, there’s no evidence that this algorithm was ever in any widespread use.
Brute force
While the NSA probably doesn't have the capability to brute force a strongly encrypted e-mail—something along the lines of a 4,096-bit PGP key—it probably can and does brute force its way into all kinds of other things that might have valuable intelligence.
Still, in an online chat earlier this year, Snowden wrote, "Encryption works. Properly implemented strong crypto systems are one of the few things that you can rely on. Unfortunately, endpoint security is so terrifically weak that NSA can frequently find ways around it.”
That could include everything from the passwords stored on a captured laptop to accessing a corporate network via poorly encrypted Wi-Fi.
Compromising a system
Beyond that, the NSA and other spy agencies may from time to time release malware along the likes of Flame and Stuxnet. Stuxnet, for example, exploited unpatched (and unreported) software flaws to infect machines and used stolen certificates to masquerade as trustworthy software.
Breaking and entering
Finally, the NSA can go whole hog and conduct a highly targeted attack on a very specific target for the purposes of data exfiltration or sabotage. In recent years, there have been a number of high-profile examples of specific data targeting of companies, nonprofit groups, embassies, government agencies, and others. While there is no firm evidence that the US was behind Operations Aurora, Shady RAT, or Red October, it’s likely that the United States and its allies have comparable or greater capability.
As we reported in 2011:
The attacks themselves used spear-phishing techniques that are by now standard. Apparently legitimate e-mails with attachments are sent to organization employees, and those attachments contain exploit code that compromise the employee's system. These exploits are typically zero-day attacks. With a PC now compromised, the hackers can install RAT software on the victim PCs, to allow long-term monitoring, collection of credentials, network probing, and data exfiltration.
Many other attacks have followed the same pattern. The same technique was used to break into security company RSA, the French and Canadian Finance Ministries, and many oil and gas companies this year. It was also used in the Operation Aurora attacks against Google and other companies discovered in late 2009.
With respect to digital sabotage, recall that the US has shown its ability to use cyberweapons like Stuxnet to wreak real-world havoc on physical infrastructure—in this case, causing Iran’s centrifuges to spin out of control—the first such known example of this type of weapon.
In the end, at least the Five Eyes governments, and probably others too, are increasing their ability to “capture the entire haystack,” which puts all of us at risk.
“They seem to be going more toward wholesale access, and those are fundamentally going to have implications for innocent people,” Joseph Lorenzo Hall, senior staff technologist at the Center for Democracy and Technology, told Ars.
reader comments
70