The Intercept has discovered an ambitious NSA operation called AURORAGOLD — which aims to tap every mobile phone network in the world. The finding, discovered amongst an archive of material supplied by Edward Snowden, reveals that the NSA intercepted thousands of emails sent between companies in a bid to identify security weaknesses in mobile phone technology.
Further documents reveal that the NSA has been working with that information to covertly introduce new flaws into communication systems, precisely so that they can be tapped in the future. The obvious concern there is that purposefully introducing backdoors not only allows the NSA to snoop on whoever it chooses, but also makes those same people vulnerable to attacks by criminal hackers too. Karsten Nohl, a security researcher, hammers that point home to The Intercept:
“Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities, because once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it.”
The GSM Association — based in the UK but working with the likes of Microsoft, Facebook, AT&T and Cisco — is named in the report as one of the more high-profile victims of the email surveillance. But the result of the work are wide-reaching, and one map, shown below, reveals to what degree the NSA has its tentacles in the mobile networks of international territories. Clearly, it has reach in virtually every country in the world, including the United Kingdom, Australia, New Zealand, Germany and France — who would presumably count themselves as allies.
All told, the report makes for grim — if increasingly predictable — reading, describing new insights into what increasingly feels to be the pervasive surveillance norm. Go read it in full. [The Intercept]