By Chris Dougherty | VirtualThreat
NSA Hacks Google. How could it affect you? Emails? Online searches? Think bigger…
Recently it was leaked that the National Security Agency tapped into primary overseas communication links that connect Yahoo and Google data centers around the world. According to former NSA contractor Edward Snowden, the agency has access to raw data from hundreds of millions of internet users, and many of them are Americans.
This is not the first disclosure from Snowden about NSA operations. Snowden is currently living in Russia after being granted temporary asylum following his release of other top secret NSA documents, including those about another agency surveillance program called PRISM. As expected, the U.S. Government would like to have a word with Mr. Snowden about the theft and unauthorized disclosure of that top-secret information.
According to a Washington Post article, a top-secret accounting dated January 9th 2013 provides evidence that the NSA‘s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to government data warehouses in Fort Meade, MD. In the 30 days prior to the report being released, the report states NSA analysts had processed more than 180 million records. By tapping those pipelines, the agency has access to not only the metadata, which includes information telling who sent what message and when, but analysts also have access to all of the raw data including text, audio and video.
The following slide was taken from a National Security Agency presentation on “Google Cloud Exploitation”. It shows that while most traffic passing from internet users to Google is encrypted, the traffic passing back and forth on the networks connecting Google data centers is in an unencrypted, or “clear text” format.
The primary tool that the NSA uses to infiltrate the data links is called MUSCULAR. The program is operated jointly between the National Security Agency (NSA) and the British Government Communications Headquarters (GCHQ). MUSCULAR allows the agencies to copy raw data flows across fiber-optic lines that carry information between the Google data centers.
It is important to note that this program is different than the previously disclose PRISM program which gathers user information from court orders. Instead, the MUSCULAR program targets tech companies and collects user data without their knowledge.
Google’s Chief Legal Officer, David Drummond, said the following in response to the news that the National Security Agency had secretly broken into the main links connecting Google’s data centers:
“We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links, especially the links in the slide. We do not provide any government, including the U.S. government, with access to our systems. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform.”
However, in the past we have heard stories about Google cooperating with the NSA in joint operations. Last summer VirtualThreat.com posted a story about the Department of Justice asking for a court order to keep the Google and NSA partnership a secret. However, in this case it seems the search giant had no prior knowledge of the NSA’s activity.