Google ‘outraged’ at NSA interception claims

Tech companies Google and Yahoo reacted angrily to a report on yesterday that the National Security Agency has secretly intercepted the main communication links that carry their users' data around the world.

The NSA and its British counterpart have apparently tapped the fiber-optic cables connecting Google's and Yahoo's overseas servers and are copying vast amounts of email and other information, according to accounts of documents leaked by former agency contractor Edward Snowden.

The story is likely to put further strain on the already difficult relations between the tech firms and Washington. The internet giants are furious about the damage done to their reputation in the wake of Snowden’s revelations.

In a statement, Google's chief legal officer, David Drummond, said the company was "outraged" by the latest revelations.

“We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links, especially the links in the slide,” he said.

“We do not provide any government, including the US government, with access to our systems. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform.”

Yahoo said: “We have strict controls in place to protect the security of our data centres, and we have not given access to our data centres to the NSA or to any other government agency.”

In partnership with the British agency known as Government Communications Headquarters, or GCHQ, the NSA has apparently taken advantage of the vast amounts of data stored in and travelling among global data centres, which run all modern online computing, according to a report yesterday by The Washington Post.

NSA collection activities abroad face fewer legal restrictions and less oversight than its actions in the United States.

In a statement, the NSA did not directly address the claim that it had penetrated the companies’ overseas data links. But it emphasised that it was focused on “foreign” intelligence collection - not domestic - and pushed back against the notion that it was collecting abroad to “get around” legal limits imposed by domestic surveillance laws. It also said it was “not true” that it collects “vast quantities” of Americans’ data using that method.

Companies like Google that operate internet services - including email, online document and photo storage and search queries - send huge amounts of data through fiber-optic lines between their data centres around the world.

Those data centres are kept highly secure using heat-sensitive cameras and biometric authentication, and companies believed the data flowing among centres was secure.

But Google said last month that it began the process of encrypting this internal traffic before reports of NSA spying leaked during the summer and accelerated the effort since then.

Google security executives were suspicious that outside parties, like governments, could tap into the cables but did not have hard evidence that the spying was occurring, according to three people briefed on Google’s security efforts who spoke on condition of anonymity.

The NSA could physically install a device that clips on the cable and listens to electric signals or insert a splitter in the cable through which data would travel, said Nicholas McKeown, an expert in computer networking and a professor at Stanford. Or, he said, someone with remote login access to the cable’s switch or router could also redirect data flowing through the cables. Level 3 is a company that provides these cables for Google, according to a person briefed on Google’s infrastructure who was not authorized to speak publicly.

In a statement, Level 3 said: “We comply with the laws in each country where we operate. In general, governments that seek assistance in law enforcement or security investigations prohibit disclosure of the assistance provided.

” In July, the company denied a German television report that it had cooperated with US intelligence agencies to spy on German citizens using its network.

The New York Times reported in September that for at least three years, GCHQ had been working to gain access to traffic in and out of data centres operated by Google, Yahoo, Facebook and Microsoft’s Hotmail. The program, described as having been developed in close collaboration with the NSA, was said to have achieved “new access opportunities” into Google’s systems by 2012, according to GCHQ documents provided by Snowden. But it was not clear what that meant.

The Post said that under a system code-named MUSCULAR, GCHQ was storing data taken in from the interception in a rolling three- to five-day “buffer,” during which the two agencies decoded it and filtered out information they wanted to keep.

It also reported that the NSA was using about 100,000 “selectors” as its search term filters - more than twice as many, it said, as the agency has been using from its Prism program inside the United States.

In that programme, the agency collects emails, search queries and other online activity of foreigners abroad from Google, Yahoo, and other companies through a court-approved process authorized by the FISA Amendments Act of 2008.

GCHQ documents obtained from Snowden by The Guardian newspaper and shared with The Times reveal an intense focus over several years by British spies on the development of MUSCULAR and a closely related project code-named INCENSER.

The documents suggest that both programmes are to a large extent driven by NSA intelligence needs and are highly prized by the Americans. In November 2010, the British wrote that “MUSCULAR/INCENSER has significantly enhanced the amount of benefit that the NSA derive from our special source accesses.”

Those projects in some cases provide data that are unavailable from any other source, one document said, “highlighting the unique contribution we are now making to NSA, providing insights into some of their highest priority targets.”

In its article, the Post described a January document as saying that the NSA’s headquarters in Fort Meade was taking in more than 180 million records a month from the project. It also reported that briefing documents said collection from Yahoo and

Google had produced important intelligence leads against hostile foreign governments. The Post published an NSA slide labelled “Current efforts - Google” with a hand-drawn sketch showing that traffic flowed between Google’s data centres in “clear text,” because encryption was added only at the front-end server that interfaced with users’ computers and mobile devices. This notation included a smiley face.

The Post also published speaker notes from a presentation about MUSCULAR. It included a reference to a February proposal to stop collecting Yahoo email account archives flowing through what it describes as a “lucrative” access point on what is apparently a fiber-optic cable linking Yahoo’s overseas servers and its servers on US soil.

As the Post published its story, the director of the NSA, Gen. Keith B. Alexander, was being interviewed at a cybersecurity conference. He flatly denied a slightly garbled account of the Post story as “factually inaccurate,” but it was not clear that he understood the Post was reporting infiltration of data links between overseas servers.

“There’s no evidence that they are actually breaking into servers,” said Alex Stamos, a security consultant at Artemis Internet, a security firm based in San Francisco. “But they are right outside Google and Yahoo’s data centres taking data that those companies believed was protected.”

Google will have its first turn before a legislative panel to confront surveillance questions next month. Senators Al Franken and Dean Heller, who are backing a bill to compel the government to provide more transparency about bulk surveillance, announced Wednesday that the Internet giant will send a representative to a Senate hearing they will hold on November 13th.

New York Times/Guardian