You may want to move to Iceland at this point

This is not an Orwellian act (meaning, yes, of course, it is)

The damage created to IT security is deliberate, sustained and protected even inside the agencies' compartmented planning cells by arcane contrivances of language. Breaking the safety and value of crypto systems, in sigint speak, is "enabling". Deliberately sabotaging security, in the inverted Orwellian world of the sigint agencies is said to be "improving security".

According to the leaked, detailed current US intelligence budget provided by Snowden, NSA's "Sigint Enabling Project ... actively engages the US and Foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs. These design changes make the systems in question exploitable through SIGINT collection ... with foreknowledge of the modification. To the consumer and other adversaries, however, the systems' security remains intact."

Despite apologists' denials, the language of this major US government document is unambiguous in describing broken crypto and hardware and software "backdoors" as a much-desired NSA goal.

NSA strategic partnerships

More than 80 companies supporting both missions

Tricking a company like RSA Security into promoting backdoored and sabotaged algorithms for default use in security products is "enabling". Physically sabotaging Cisco routers while they are being shipped out of the US to commercial customers - a serious crime when committed by anyone but the Federal Bureau of Investigation and the NSA - is "enabling".

Ensuring that communications security encryption chips "used in Virtual Private Networks and Web encryption devices" secretly ship with their security broken open, as specified in the current US "cryptologic capabilities plan", is "enabling". In the coming year, NSA's budget for such Sigint "enabling" is $255m.

Who plays in this corporate "enabling" game?

Since the days of Watergate in the 1970s, and the subsequent US Congressional investigations, AT&T - the world's 23rd largest company - has been identified as providing US government access to all its customers' communications passing in and out of the US. The intercepted communications passed on long ago included communications of 1960s US antiwar dissidents.

AT&T's secret role intercepting Americans' communications in a programme dubbed SHAMROCK was flushed out by Congressional enquiries in 1975, and largely stopped as illegal - for a few years. But it all began again in 1978 when a new US Foreign Intelligence Surveillance Act was passed. SHAMROCK was reborn, the Snowden archive reveals, as BLARNEY. In the bizarre and boastful world of show-off Powerpoints that NSA geeks prepare for their colleagues, BLARNEY even has its own logo.

The identity of NSA's and GCHQ's corporate industrial and international partners are amongst the Sigint agencies' most closely guarded secrets. There are strict internal prohibitions in the US and the UK against revealing the true corporate identities behind covernames like FAIRVIEW or STORMBREW, both identified as providing "upstream" (meaning fibre cable tap) access to Microsoft, Yahoo, Google, and many other companies' internet communications.

More than once, the Snowden documents have revealed that siginters' NSA braggadocio can let cover slip. Among the new Snowden documents published last month by Greenwald is a potentially devastating slide listing NSA commercial "Strategic Partnerships".

The slide displays, with corporate logos, the names of major US IT companies who are listed under NSA's vaunted "alliances with over 80 Major Global Corporations". The companies identified are said to be "supporting both missions": that is, both Sigint attacks on global communications networks, and the more acceptable public face of collaboration - cyber defence activity.

The roll call of names and logos on the slide include most of the US's IT industry giants: Microsoft, HP, Cisco, IBM, Qualcomm, Intel, Motorola, Qwest, AT&T, Verizon, Oracle and EDS.

This document and many more like it shine a spotlight on the invidious position in which major US corporations have found themselves. Their trust has been compromised, with share valuations now tumbling to follow. Cisco, despite being reported as "supporting missions" in the classified slides, was reportedly devastated when last month Greenwald published photographs taken by NSA's hacking department of "interdicted" Cisco equipment, stolen in transit and then put back in the delivery system after being tampered with to open the kit up for NSA remote control.

Cisco equipment and NSA staff

NSA working without Cisco's knowledge despite Cisco supporting NSA missions

The US corporations have also helped spy on their communications partners, both overtly and covertly, according to the documents. FAIRVIEW, a corporate partner "with access to int. cables, routers, switches", according to one recently published note "operates in the US, but has access to information that transits the nation and through its corporate relationships provides unique accesses to other telecoms and ISPs".

It is also "aggressively involved in shaping traffic to run signals of interest past our monitors". For these and other services, according to the classified US Intelligence budget leaked by Snowden to the Washington Post, FAIRVIEW will receive $95m from NSA in the current year.

Similar topics

Other stories you might like

Biting the hand that feeds IT © 1998–2021