In March 2011, the National Security Agency
received a secret message prior to the Western intervention in Libya. An
intelligence unit in the United States military’s Africa Command required help
to hack Libya’s cell phone network to be able to monitor their text messages.
This task was easy for the NSA as they had already gotten their hands on technical
information about their carrier’s internet system by spying on the documents
sent among their company employees which were perfect to provide help to break
into the networks.
NSA giving its assistance in this matter
was not an isolated case, rather it was part of a much a larger surveillance
program. Documents which were part of the material provided to The Intercept, NSA
had spied on a number of companies and international organizations to be
able to find weaknesses in their cell phone technology which they could
exploit. It also reveals how NSA plans on introducing new flaws into
communication systems which they can tap into which is seen to be a controversial
tactic.
The covert operation is known as AURORAGOLD
and has monitored content which has been sent and received by more than 1200
email accounts as part of major cell phone network operators and has also
intercepted confidential papers which have helped NSA hack into cell phone
networks.
According to a cell phone security expert
and cryptographer, Karsten
Nohl, the broad scope of the information collected from AURORAGOLD appears
to be aimed at ensuring that NSA can access every cell phone network possible. He
also said that collecting such an inventory on world networks is likely to have
ramifications as well since it does allow the NSA to track and circumvent
upgrades in encryption technology, which is used by cell phone companies to
prevent calls and texts from being eavesdropped. The operation is one which is
carried out by special surveillance units of the NSA whose existence hasn’t
been disclosed.
The information which is collected from the
companies is passed to the signals development team of the NSA which focuses on
infiltrating communication networks. It is also shared with other agencies which
are NSA’s counterparts in countries known as the Five Eyes surveillance which include
the UK, Canada, New Zealand and Australia.
The NSA documents do not have the names of
many operations apart from those in Iran, China and Libya. However a world map
feature in 2012 suggests that the NSA has network coverage in almost every country
in every continent. One of the main targets under the AURORAGOLD program is the
GSM Association, headquartered in London which represents the interests of more
than 800 cell phone software and internet companies from almost 220 countries.
The NSA focuses on getting their hands on
important and obscure information which is circulated among the GSMA’s members
which are known as IR.21s most cell phone network operators share IR.21 documents
with each other as part of their agreement allowing customers to connect to the
foreign networks while they are abroad.
The details of the IR.21 serve as a warning
mechanism which flags any new technology, which is used by network operators.
This allows NSA to identify any security vulnerabilities in latest
communication systems which can be exploited and helps efforts made to
introduce further vulnerabilities where they may not even exist.
The IR. 21’s also contain information about
the encryption which is used by cell phone companies in order to keep their
customers communication safe and private while they are transmitted across the
networks. These details are of interest to the NSA as they can help in
listening to conversations.
Last year, the Washington Post stated that
the NSA had managed in breaking the most common encryption algorithm used which is
known as A5/1. The information which is collected under AURORAGOLD however, allows the agency to focus on circumventing stronger and newer versions of the
cell phone encryption system such as the A5/3.
Extensive attempts to attack cell phone
encryption has been replicated throughout the Five Eyes surveillance alliance
as well.
Documents by the NSA show that the focus is
placed on collecting details about all technical standards which are used by
cell phone operators and their efforts to stay ahead in technology yields
surprising results. In 2010, its operatives had found new ways to penetrate the
fourth generation of smart phone era technology for surveillance, years before
it was adopted by people all around the world.
The agency says that their targets are
terrorists, weapons proliferators and other foreign targets and not ordinary
people. However the methods used by them and their partners pose significant
risks. In April, officials from the White House confirmed that Obama had told
the NSA to disclose any vulnerabilities it may find, however qualified that with a
loophole flaws should be secretly exploited as long as there is deemed to be a
clear national security or law enforcement use.
Author:
Author:
Nicki is a tech blogger and gadget lover, she loves to write about Android and iOS security and cell phone spy apps.
COMMENTS