Microsoft is scrambling to encrypt its data centers' interlinks – after a fresh Snowden leak suggested the NSA and GCHQ tapped into the cables and intercepted sensitive network traffic.
Documents obtained by the Washington Post from the whistleblower show that Microsoft's Hotmail, Windows Live Messenger services and Passport communications were scanned by software called Monkey Puzzle, which was developed at the British snooping nerve-center GCHQ.
Reaching into the private unencrypted interlinks allows both intelligence agencies to effectively spy on Microsoft customers, and copy their messages and address books, it is claimed.
"These allegations are very disturbing. If they are true these actions amount to hacking and seizure of private data and in our view are a breach of the protection guaranteed by the Fourth Amendment to the Constitution." Brad Smith, Microsoft's general counsel, said in an email to The Register.
Smith, given his role as a legal eagle, also pointed out that the documents don't constitute proof per se that the NSA is tapping into its traffic surreptitiously. But he said the company's engineering teams will be beefing up security, "including strengthening security against snooping by governments."
Sources familiar with the matter say Microsoft will get to work on shielding its network traffic in the coming days, and senior executives are meeting to discuss the issue and plan a response. The Windows giant is already smarting from the commercial and reputation hit it has taken from the PRISM scandal and the latest situation just adds salt to the wound.
One email in Edward Snowden's leaked dossier, dated November 2009, comes from a developer at GCHQ. It explains how the Monkey Puzzle software can scoop data from Google, Yahoo! and Microsoft Passport, saying "the NSA can send us whatever realms they like right now."
Snowden also revealed PowerPoint decks rated top secret showing that "metadata-rich" address books were downloaded and stored on multiple databases. One showed the interception of a message on the now-defunct Windows Live Messenger system.
The news comes a month after another leak from the globetrotting whistleblower showing that the NSA was doing the same thing with Google and Yahoo!'s interlinks. One Google engineer was moved to obscenity when shown the tapping plans, dubbed Project MUSCULAR by the NSA, and El Reg wonders if Redmond CEO Ballmer is turning the air blue this morning.
Following the October leak, Yahoo! announced it will begin encrypting its interlinks between data centers, and Google has been doing so for some time. But Microsoft said it was holding off on such a move as little as two weeks ago.
Based on the documents released so far, tapping data-center interlinks appears to occur mostly overseas – where the NSA can operate solely on presidential say-so alone rather than having to get permission from the courts. The spooks are also reportedly going through third-party companies to slurp the data.
"NSA's focus is on targeting the communications of valid foreign intelligence targets, not on collecting and exploiting a class of communications or services that would sweep up communications that are not of bona fide foreign intelligence interest to the US government," the agency told WaPo in a statement. ®