Sign up for our newsletter - Navigating the horizon of business technology​
Technology / Cybersecurity

Latest Snowden leaks: US and UK intelligence ‘crack encryption’

It has been reported that US and UK intelligence have managed to crack technology that is used to encrypt services such as online banking, email, and medical records.

Methods of online encryption are relied upon by hundreds of millions of users to protect their privacy and private data, but top-secret documents revealed by former NSA contractor Edward Snowden show how intelligence services in both Britain and America can now access this data.

US and British intelligence agencies have successfully cracked much of the online encryption relied upon by hundreds of millions of people to protect the privacy of their personal data, online transactions and emails, according to top-secret documents revealed by former contractor Edward Snowden.

The files show that the National Security Agency and its UK counterpart GCHQ have utterly compromised the guarantees that internet companies have given consumers to reassure them that their communications, online banking and medical records would be indecipherable to criminals or governments.

White papers from our partners

The agencies have adopted an armory of different methods that allow them access to what they see as the biggest threat to their snooping abilities – "the use of ubiquitous encryption across the internet".

The encryption techniques targeted by the intelligence agencies are used by popular internet services such as Google, Facebook and Yahoo.

The NSA is said to spend $250m (£160m) a year on the top secret program.

It is codenamed Bullrun, an American civil war battle, according to the documents published by the Guardian in conjunction with the New York Times and ProPublica.

The British counterpart program is called Edgehill, after the first major engagement of the English civil war, say the documents.
The report goes on to say the agencies are currently investigating the encryption used in 4G smartphones, email, and online shopping.

It is also reported that the NSA also collaborated with unnamed technology companies to build back doors into their software – something that would give the government access to information before it is encrypted and sent over the internet.

The US reportedly began investing billions of dollars in the program in 2000 after its initial efforts to install a "back door" in all encryption systems were thwarted.

During the next decade, it is said the NSA employed code-breaking computers and began collaborating with technology companies at home and abroad to build entry points into their products. The documents provided to the Guardian newspaper by Mr Snowden do not specify which companies participated.

The NSA also hacked into computers to capture messages prior to encryption, and used broad influence to introduce weaknesses into encryption standards followed by software developers the world over, the New York Times reports.

When British analysts were first told of the extent of the program they were "gobsmacked", according to one memo among more than 50,000 documents shared by the Guardian.

NSA officials continue to defend the agency’s actions, claiming it will put the US at considerable risk if messages from terrorists and spies cannot be deciphered.

But some experts argue that such efforts could actually undermine national security, noting that any back doors inserted into encryption programs can be exploited by those outside the government.

It is the latest in a series of intelligence leaks by Mr Snowden, a former NSA contractor, who began providing caches of sensitive government documents to media outlets in June.

Snowden, whom the US wants to extradite, has been granted temporary asylum in Russia.
This article is from the CBROnline archive: some formatting and images may not be present.