Search This Blog


Thursday, October 31, 2013

National Security Agency broke into Yahoo, Google, Facebook, MS Hotmail

NSA broke into Yahoo, Google data centers: Report

 The National Security Agency and its British counterpart have apparently tapped the fiber-optic cables connecting Google's and Yahoo's overseas servers and are copying vast amounts of email and other information, according to accounts of documents leaked by former agency contractor Edward J. Snowden . 

In partnership with the British agency known as Government Communications Headquarters, or GCHQ, the NSA has apparently taken advantage of the vast amounts of data stored in and traveling among global data centers, which run all modern online computing, according to a report Wednesday by The Washington Post . NSA collection activities abroad face fewer legal restrictions and less oversight than its actions in the United States. 

Google and Yahoo said Wednesday that they were unaware of government accessing of their data links. Sarah Meron, a Yahoo spokeswoman , said that the company had not cooperated with any government agency for such interception, and David Drummond, Google's chief legal officer, expressed outrage. 

"We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links," Drummond said in a statement. "We do not provide any government, including the U.S. government, with access to our systems. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks , and it underscores the need for urgent reform.

In a statement, the NSA did not directly address the claim that it had penetrated the companies' overseas data links. But it emphasized that it was focused on "foreign" intelligence collection - not domestic - and pushed back against the notion that it was collecting abroad to "get around" legal limits imposed by domestic surveillance laws. It also said it was "not true" that it collects "vast quantities" of Americans' data using that method. 

Companies like Google that operate Internet services - including email, online document and photo storage and search queries - send huge amounts of data through fiber-optic lines between their data centers around the world. Those data centers are kept highly secure using heat-sensitive cameras and biometric authentication, and companies believed the data flowing among centers was secure.

But Google said last month that it began the process of encrypting this internal traffic before reports of NSA spying leaked during the summer and accelerated the effort since then. Google security executives were suspicious that outside parties, like governments, could tap into the cables but did not have hard evidence that the spying was occurring, according to three people briefed on Google's security efforts who spoke on condition of anonymity. 

The NSA could physically install a device that clips on the cable and listens to electric signals or insert a splitter in the cable through which data would travel, said Nicholas McKeown, an expert in computer networking and a professor at Stanford. Or, he said, someone with remote login access to the cable's switch or router could also redirect data flowing through the cables. 

Level 3 is a company that provides these cables for Google, according to a person briefed on Google's infrastructure who was not authorized to speak publicly. 

In a statement, Level 3 said: "We comply with the laws in each country where we operate. In general, governments that seek assistance in law enforcement or security investigations prohibit disclosure of the assistance provided.

In July, the company denied a German television report that it had cooperated with US intelligence agencies to spy on German citizens using its network. 

The New York Times reported in September that for at least three years, GCHQhad been working to gain access to traffic in and out of data centers operated by Google, Yahoo, Facebook and Microsoft's Hotmail. The program, described as having been developed in close collaboration with the NSA, was said to have achieved "new access opportunities" into Google's systems by 2012, according to GCHQ documents provided by Snowden. But it was not clear what that meant. 

Under a system code-named MUSCULAR, GCHQ was storing data taken in from the interception in a rolling three- to five-day "buffer," during which the two agencies decoded it and filtered out information they wanted to keep.

No comments:

Post a Comment

wibiya widget

Disqus for Surut Shah

Web Analytics