Snowden files: How NSA tapped 71% of the world’s phone networks with auroragold

An ambitious NSA operation dubbed Auroragold aims to tap every cellphone network in the world, according to The Intercept.

The mobile tapping system, detailed in documents leaked by Edward Snowden, successfully cracked a total of 701 out of an estimated 985 cellular networks around the world, details of which can be found in a NSA presentation.

The documents reveal how the NSA’s aims were achieved via snooping on key telecoms workers’ private communications in order to acquire technical information as well as encryption keys which, together, opened up access to mobile calls.

In total, the NSA infiltrated somewhere between 363 and 1,354 staff computers between November 2011 and April 2012.

The documents supplied by Snowden mention certain operators within lands where the Internet is highly regulated, but, beyond that, nothing is known about the identities of the targeted companies.

The NSA presentation does however include a map (page 24/26) which reveals how the agency had gained network access to more than 70% of the global network. According to the legend, the agency has achieved good coverage in much of Africa, Asia and Europe, including Russia.

The NSA operations collected information from “IR.21” documents used by GSM Association members to identify security weaknesses as well as provide details about the encryption methods employed by mobile operators. With this information to hand, the agency was able to circumvent encrypted communications and snoop on international conversations, the documents show.

The GSM Association – a UK-based trade group – became a top target for the NSA due to its associations with influential tech firms including Facebook, Microsoft, Sony and Samsung.

The fact that a trade organisation which represents several hundred firms across 220 countries was targeted is especially interesting considering how, just 3 months ago, another US agency - the National Institute for Standards and Technology (NIST) - gave it $800,000 of funding to tackle “security and privacy” issues surrounding mobile devices.

Commenting on the details revealed by The Intercept, GSMA spokeswoman Claire Cranton said the group’s lawyers were examining the documents and that “if there is something there that is illegal then they will take it up with the police”.

Since Snowden’s first leaks in June 2013 it has become clear that the NSA’s covert snooping on web-based and more traditional forms of communications is widespread.

Previous documents leaked by the whistleblower have shown the agency’s interest in hacking into the networks of foreign firms as well as previous efforts at subversion from within, such as with RSA which was reportedly paid $10m to make a less than entirely secure form of cryptography  (the Dual EC DRBG algorithm) its de facto standard. Since Snowden first leaked the claims about RSA it has denied the allegations and ceased using Dual EC DRBG in its products.

In response to the Auroragold claims the NSA released a statement in which it said “NSA collects only those communications that it is authorized by law to collect in response to valid foreign intelligence and counterintelligence requirements - regardless of the technical means used by foreign targets, or the means by which those targets attempt to hide their communication”. The statement went on to claim that the agency continues to see terrorists and other criminals employing standard technology for communication and thus it was imperative that it continue to identify and report on the same.