NSA Hacking
NSA Surveillance Tactics

What Happened?

NSA (National Security Agency) collected north of “151 million records about Americans’ phone calls“, reported Charlie Savage of The New York Times. Despite legislation titled as the USA Freedom Act of 2015, the NSA continues to conduct sweeping surveillance of millions of Americans’ phone calls.

How We Came To Know?

A recent evaluation report by NSA, titled as “Statistical Transparency Report: Regarding the use of National Security Authorities for Calendar Year 2016”, reveals that despite having only court orders of surveillance on 42 terrorism suspects, the agency collected troves of phone data of 151 million records about Americans’ phone calls.

Mobile carriers store a variety of metadata about the calls taking place on/through their network. The metadata may include information such as mobile number, the length of call, time of the call, and other key information.

After the Patriot Act was enacted, NSA and other law enforcement agencies used this act to collect a lot of phone data of millions of American citizens. Emails and texts are the two most frequently tracked sources of data tracked by NSA.

It shows NSA still collects huge amounts of data despite the huge uproar in privacy advocates, the American Senate, and the people at large after Edward Snowden revelations about NSA mass surveillance program.

Is it really big?

Some experts, such as the chief civil liberties and privacy officer at the Office of the Director of National Intelligence, Alex Joel said that the massive amount of phone records being collected may be less than the number reported by the agency.

The volume of records was apparently a product of not only the exponential math involved in gathering years of phone records from every caller a step away from each suspect but also duplication: A single phone call logged by two companies counted as two records“, wrote Charlie Savage of The New York Times.

Backdoor Search Loophole

Despite a massive reduction in the raw amount of metadata that NSA collects (after enactment of USA Freedom Act of 2015), there are still concerns about ‘backdoor search loophole” used by NSA and FBI. The backdoor search loophole is the agency’s ability to search the raw repository of emails for information about Americans.

Following are the type of cases during the investigation of which FBI can collect phone and email data:

  • Terrorism
  • Espionage
  • Banned weapons proliferation
  • Transnational drug trafficking
  • Hacking

Warrantless Surveillance Programs

Despite the USA Freedom Act of 2015, law enforcement and intelligence agencies such as NSA, CIA, and National Counterterrorism Center use warrantless surveillance programs to track Smartphone, emails and text messages of American citizens.

The agencies have also used these programs to get information about foreigners abroad as the numbers show a sharp rise in the number of requests made by the agencies. In 2016, these numbers were 106,000 — up from about 94,000 in 2015.

Beware Verizon Business Users

Another report by FP (Foreign Policy Magazine) revealed that Verizon business customers’ data was handed over to NSA.

The mobile carrier company handed over data such as all the calls made in the USA and those originating from domestic numbers but reaching internationally. It shows that sweeping powers of NSA and other intelligence agencies allow them to collect a massive amount of user metadata by exploiting loopholes in the legislations.

NSA Surveillance Methods
NSA Surveillance Methods

A detailed report by The Washington Post reveals how NSA collects mobile users’ data.

Despite that agencies claim that they do not collect data about the contents of conversations, it must be highlighted that the FISA (Foreign Intelligence Surveillance Court) orders upon which the NSA relies to collect data of users, has sweeping terminologies like “comprehensive communications routing information” and “etc.”.

These terminologies show that apart from the usual metadata, Verizon may have been asked to reveal other critical information of Verizon business customers to share with NSA.

Presidential Executive Orders As Functional Workarounds

It may be recalled that there are several executive orders invoked by the former U.S presidents that security agencies use to collect bulk data.

One such order is Executive order—number 12333 that was invoked by President Regan and is used to date by NSA and other agencies to collect data in bulk. ‘Functional workarounds’, as these executive orders are popularly called in the security establishment and media, are enough to give discretionary powers to agency operatives.

It is noticeable that text message infiltration and SMS 2FA hacking are used by both hackers and government agencies to spoof on users’ text messages and voice calls. A recent report showed that hackers were able to detect one-time short codes of banking customers using Germany-based O2-Telefonica network. Hackers were able to exploit design flaws in SS7, known as Signaling System No. 7 (SS7), a set of telephony signaling protocols developed in 1975.

How to secure my online privacy?

comScore, a mobile commerce and digital analytics company revealed that “retail digital commerce on desktop and mobile reached $84.3 billion in the third quarter of 2016“. Given the rise in the number of online transactions, the notion of government agencies and hackers breaking into your online accounts is scary. A good antivirus and other tools come in handy to protect privacy and ensure IT security. Hence, the use of VPNs and antivirus can help protect your privacy and anonymity online.

SHARE

LEAVE A REPLY

Please enter your comment!
Please enter your name here