AT&T helped NSA Spy on Domestic Citizens

Uploaded on 2015-09-30 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

The relationship between AT&T and the NSA is said to be "highly collaborative," thanks to the company's "extreme willingness to help."

Newly published document, provided by Edward Snowden in 2013, show the US cellular and telecom giant was in cahoots with the intelligence agency as far back as 1985, a relationship that later intensified following the September 11 terrorist attacks.

More than two years after the first document was published by reporters, we're now venturing into the portion of the documents disclosed by Snowden that are highly likely and previously suspected, but now finally confirmed.
NSA is codename heavy. It's for a reason: it mitigates damage in case of information leaks. It's long been suspected that US telcos, large and small, have on some level "cooperated" with the NSA, whether willingly or otherwise. There are dozens of codenames for different companies, and collections and programs under which that collected data is filtered and stored.

One of the larger programs is Fairview, which reporters are now saying it can be no other than AT&T, based on new evidence that's come to light. Former NSA whistleblower William Binney claims  that "Fairview" was AT&T, and "Stormbrew" was Verizon. Another one of these programs, "Oakstar," collects data from companies in eight countries that are not part of the Five Eyes coalition. Binney left the agency in 2001.

Some of these codenames are considered "sensitive compartmented information," meaning even some NSA officials aren't sure who's who. The NSA's partners or collaborators in the private sector is a huge state secret.
From the report, AT&T "provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters," which is a customer of AT&T.
 
It's not news that the UN, home of the world's governments, were targets for US spies. But how the spying happened is remarkable -- and also quite boring. Previous reports said NSA spies "bugged" the UN headquarters in New York, cracking encryption and coding systems and infiltrating the video-conferencing systems. Other reports also said UN secretary-general Ban Ki-moon's talking points were also grabbed from an email message through the Blarney email-grabbing program.
How was it done? By targeting the cable flowing in and out of the UN's building. It's a surprisingly easy effort with AT&T's help.

In the first few months after the NSA started collecting on AT&T's networks, the agency took in "400 billion internet metadata records," such as who people were talking to but not what was said.
The Fairview program also started sending back "more than one million emails a day to the keyword selection system" at NSA headquarters in Fort Meade, MD.

By 2011, AT&T began handing "over 1.1 billion domestic cellphone calling records," just months before the tenth anniversary of the September 11 attacks. By 2013, the program was "processing 60 million foreign-to-foreign emails a day" that were flowing over AT&T's domestic network.
"This is a partnership, not a contractual relationship," says one of the documents, referring to the AT&T-NSA relationship as one that's cooperative rather than obligatory.

Playing devil's advocate, telecoms face far greater and stricter regulation than software firms and technology companies. AT&T isn't allowed to comment. In any case, there will very likely be another side to this. We know Verizon was forced to hand over its domestic records, because a court order from the Foreign Intelligence Surveillance Court, the court that authorizes the government's spying, showed that. No released documents have shown AT&T was forced to hand over data. 
ZDNet: http://zd.net/1hajMVK

 

 

« Cyberwar Right Here, Right Now...
UN Calls On Social Media to Act Against ‘Misuse’ by Extremists »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Beyond Security

Beyond Security

Beyond Security is a leader in automated vulnerability assessment and compliance solutions - enabling customers to accurately assess and manage security weaknesses in their networks and applications.

Commissum

Commissum

Commissum specialise in information assurance and security testing services.

Payload Security

Payload Security

Payload Security's VxStream Sandbox is a fully automated malware analysis system.

TrustArc

TrustArc

TrustArc provide privacy compliance and risk management with integrated technology, consulting and TRUSTe certification solutions – addressing all phases of privacy program management.

Surevine

Surevine

Surevine builds secure, scalable collaboration solutions for the most security conscious organisations, enabling collaboration on their most sensitive information.

Uniwan

Uniwan

Uniwan is an IT services company specializing in networking and security.

Vdoo

Vdoo

Vdoo provides an end-to-end product security platform for automating all software security tasks throughout the entire product lifecycle.

Jamf

Jamf

Jamf is the only Apple Enterprise Management solution of scale that remotely connects, manages and protects Apple users, devices and services.

Red Goat Cyber Security

Red Goat Cyber Security

Red Goat Cyber Security have created excellent, informative and interactive Social Engineering Awareness training which is suitable for all levels of staff.

Vancord

Vancord

Vancord is an information and security technology company that works in collaboration with clients to support their infrastructure and data security needs for today and tomorrow.

endpointX

endpointX

endpointX is a preventative cyber security company. We help companies minimize their risk of breach by improving cyber hygiene.

HashiCorp

HashiCorp

At HashiCorp, we believe infrastructure enables innovation, and we are helping organizations to operate that infrastructure in the cloud.

CyberSecAsia

CyberSecAsia

CyberSecAsia series conference is the one and only decision-makers gathering for CISO and info security experts in Asia.

Sonar

Sonar

AI generated or written by humans, Sonar’s Clean Code Solutions cover your code quality needs, improving code reliability, maintainability, and security.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.

Aikido Security

Aikido Security

Aikido is the no-nonsense security platform for developers. Secure your code, cloud, and runtime in one central system. Find and fix vulnerabilities automatically.