7 December 2014

Snowden documents reveal NSA bid to hack the world's cellphone networks


WHAT'S THIS? 
A pedestrian uses a smartphone as he walks along Market Street on June 5, 2013 in San Francisco, California.

The NSA has worked for years to hack into cellphone networks worldwide, trying to bypass and undermine their security, according to Edward Snowden documents revealed by The Intercepton Thursday. 

The documents reveal a top secret operation codenamed AURORAGOLD. The operation's aim: collect information about cellphone carriers' internal systems to find vulnerabilities that can be exploited by the NSA to hack into cell networks. 

Thanks to AURORAGOLD, the agency had obtained technical information on about 70 percent of cellphone networks worldwide, as of May 2012, according to The Intercept

Last year, another set of Snowden documents had already revealed that the NSA was taking advantage of outdated — but still widely used — encryption technology (the A5/1 protocol, if you want to get technical) to spy on conversations and texts. 

This new trove of information reveals that the NSA is also trying to get around newer and stronger cellphone encryption technologies, such as A5/3

To do that, the NSA is spying on the internal emails of cellphone companies employees — and spying on the GSM Association, a giant London-based trade conglomerate that represents hundreds of carriers such as Verizon, AT&T and Vodafone, as well as technology firms such as Microsoft, Facebook, Nokia and Samsung. 

The Intercept also published a top-secret map that seems to suggest that 

the NSA has a considerable degree of "network coverage" in almost every country in the world the NSA has a considerable degree of "network coverage" in almost every country in the world.


Earlier this year, Snowden documents revealed that the NSA was able to spy on the entire cellphone networks of two countries: the Bahamas and Afghanistan

Last year, it was also revealed that the NSA has secretly developed various methods to circumvent Internet encryption. 

Quite apart from the ethical considerations, security experts consider these NSA efforts as dangerous — because if the NSA finds a flaw in a technology without alerting its makers to fix it, it means anyone else could exploit the flaw too.

No comments: