This weekend, a new set of NSA documents were released by Glenn Greenwald’s new online publication platform The Intercept, detailing a secret set of programs that involve everything from agents being hired to work at foreign telecoms, to cozy relationships between the agency and phone manufacturers that allow them to break the encryption of any device as they see fit.
The six programs mentioned in the document are gathered under the codename “Sentry Eagle”, and cover some of the most classified and clandestine operations throughout the entire NSA network.
“The description of Sentry Raven, which focuses on encryption, provides additional confirmation that American companies have helped the NSA by secretly weakening encryption products to make them vulnerable to the agency. The briefing sheet states the NSA “works with specific U.S. commercial entities…to modify U.S manufactured encryption systems to make them exploitable for SIGINT.””
By sending out their own agents to work at major technology firms in their encryption departments, the NSA has been able to successfully infiltrate the very top of the security food chain, removing the need to break in through the backdoor by simply paying off the guard who holds the key.
The reason this information was considered the “most classified program” on the agency’s roster is no mystery, as the implications are absolutely massive in the context of modern day spycraft.
By creating and maintaining a network of sleepers to dig their claws into firms like Google, Yahoo, and Microsoft (none of which were explicitly confirmed by the article’s author Laura Poitras, but are implied given the spread of influence that’s suggested by the leaked documents), the NSA has been able to effectively remove the requirement to learn how to break encryption standards, and instead simply add holes and passageways that can be transmitted back to home base for personal use whenever they see fit.
“The briefing document states that among Sentry Eagle’s most closely guarded components are ‘facts related to NSA personnel (under cover), operational meetings, specific operations, specific technology, specific locations and covert communications related to SIGINT enabling with specific commercial entities (A/B/C),” the article states, adding that “A/B/C” is a placeholder typically used to refer to American companies.
The documents reveal that the NSA had been working intimately with many of the top phone manufacturers both domestically and abroad, in order to install backdoors in their devices that the NSA could call upon whenever they needed to get into a device without the owner’s knowledge.
The primary targets of the campaign were located in countries like Germany, South Korea, and Russia, all of whom have bustling information security communities, as well as access to many of the most critical fiber optic lines that run through each of their respective regions.
Poitras also proposes the idea that the NSA could have been sharing closely guarded trade secrets within the telecommunications industry with American counterparts like AT&T and Verizon, essentially using their surveillance arm as an economic tool that could be used to one-up the overseas competition.
All in all this is one of the largest leaks to date, and show that the NSA is willing to go to any length and pay any amount of money to be sure they have a foothold in every last connected system that goes online around the globe.