BREAKING: Washington Post reports NSA has infiltrated Google and Yahoo data centers worldwide

Headshot image of Robert Laurie
Published by: Robert Laurie on Wednesday October 30th, 2013

More bad news for the NSA, 4th Amendment wonks, and privacy rights advocates

According to a new report in the Washington Post, the NSA scandal is about to get much, much, worse. Newly revealed documents leaked by Edward Snowden indicate that the National Security Agency, in conjunction with its British counterpart the GCHQ, have secretly tapped into the communication links that connect the Yahoo and Google data centers across four continents.

Essentially, by intercepting traffic moving through those links, the two agencies gave themselves the ability to access all information - at will - flowing into and out of hundreds of millions of user accounts all over the world.  Of course when government is able to do something, it almost invariably does it. So, the NSA was eager to exploit its new toy.

From the Washington Post:

According to a top secret accounting dated Jan. 9, 2013, NSA’s acquisitions directorate sends millions of records every day from Yahoo and Google internal networks to data warehouses at the agency’s Fort Meade headquarters. In the preceding 30 days, the report said, field collectors had processed and sent back 181,280,466 new records — ranging from “metadata,” which would indicate who sent or received e-mails and when, to content such as text, audio and video.

Unlike the NSA's telephone metadata collection scheme, it appears this goes further than knowing "who's talking to whom" as it involves actual collection, scanning, and cataloging of message content.

The NSA’s principal tool to exploit the data links is a project called MUSCULAR operated jointly with the agency’s British counterpart, GCHQ. From undisclosed interception points, the NSA and GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants.

The infiltration is especially striking because the NSA, under a separate program known as PRISM, has front-door access to Google and Yahoo user accounts through a court-approved process.

Within the United States, splicing into these fiber optic cables would clearly be illegal. However the NSA has much more lattitude overseas.  So, for the moment it appears that all the collection points are in other countries. The problem is that, in order to protect themselves against data loss, companies like Google and Yahoo often transfer entire databases from one continent to another.  The redundancy is designed so that if there was a catastrophic loss at one data center, there would be a backup at another.

As a result, while the NSA may not be able to grab information on US soil, there's nothing to say they aren't grabbing it when it's transmitted to another, foreign, data center location.

The operation to infiltrate data links exploits a fundamental weakness in systems architecture. To guard against data loss and system slowdowns, Google and Yahoo maintain fortress-like data centers across four continents and connect them with thousands of miles of fiber-optic cable. These globe-spanning networks, representing billions of dollars of investment, are known as “clouds” because data moves seamlessly around them.

In order for the data centers to operate effectively, they synchronize high volumes of information about account holders. Yahoo’s internal network, for example, sometimes transmits entire e-mail archives — years of messages and attachments — from one data center to another.

Tapping the Google and Yahoo clouds allows the NSA to intercept communications in real time and to take “a retrospective look at target activity,” according to one internal NSA document.

If you're wondering why these companies aren't encrypting their data, well, they are - to an extent. Once the data is transmitted from data center to data center it's relatively exposed - something both Google and Yahoo are scurrying to change. For now, though, that's exactly where they're weakest, and it's where the NSA has chosen to strike.

For the MUSCULAR project, the GCHQ directs all intake into a “buffer” that can hold three to five days of traffic before recycling storage space. From the buffer, custom-built NSA tools unpack and decode the special data formats that the two companies use inside their clouds. Then the data is sent through a series of filters to “select” information the NSA wants and “defeat” what it does not.

So far, the NSA is refusing to comment on the new allegations.  Google and Yahoo have both expressed "concern" while trumpeting the encryption that they've allegedly worked so hard to put in place.

That’s all well and good, but apparently it’s not enough. For the moment it’s looking like the NSA wiretapping scandal goes much further than has been previously reported.

We're sure President Obama has been completely unaware and is only now learning of this "by wathcing the news reports, just like all of you."

Be sure to "like" Robert Laurie over on Facebook and follow him on Twitter. You'll be glad you did.