NSA Reportedly Exploited Heartbleed For Spying—But Strongly Denies the Allegation
Because the agency hasn't already reportedly done enough.
When it bleeds, it pours.
The National Security Agency reportedly knew of and exploited the massive Internet bug revealed to the public this week and known now as "Heartbleed" in order to gather intelligence information on targets.
This new revelation packs an extra twist that other recent NSA leaks have lacked: Regardless of its purpose for intelligence gathering, the NSA may have known for years about a historic security flaw that may have affected up to two-thirds of the Internet. Instead of trying to repair that flaw--which has potentially impacted countless people--the NSA reportedly manipulated it in secret.
"Putting the Heartbleed bug in its arsenal, the NSA was able to obtain passwords and other basic data that are the building blocks of the sophisticated hacking operations at the core of its mission, but at a cost," Bloomberg first reported Friday, citing two people "familiar" with the matter. "Millions of ordinary users were left vulnerable to attack from other nations' intelligence arms and criminal hackers."
In a statement late Friday afternoon, the NSA denied the Bloomberg report. "NSA was not aware of the recently identified vulnerability in OpenSSL, the so-called Heartbleed vulnerability, until it was made public in a private-sector cybersecurity report," said agency spokeswoman Vanee Vines. "Reports that say otherwise are wrong."
In a follow-up statement, NSC Spokesperson Caitlin Hayden said that the Obama administration "takes seriously its responsibility to help maintain an open, interoperable, secure and reliable Internet. If the Federal government, including the intelligence community, had discovered this vulnerability prior to last week, it would have been disclosed to the community responsible for OpenSSL."
Unlike previous statements about alleged NSA activities, the statements made by the NSA and White House today are definitive, with little room for differing interpretations.
The Heartbleed bug was revealed publicly for the first time earlier this week, and has been described by numerous cybersecurity experts as one of the worst security glitches the web has ever encountered. Heartbleed is caused by a minor two-year-old flaw in software coding of a program known as OpenSSL that is meant to provide extra protection to websites.
Considerable attention has been paid to Heartbleed's potential use by criminal hackers to collect war chests filled with online passwords, personal information and banking data, but it remains unclear whether any such bad actors knew of or exploited it prior to its disclosure. A fix was rolled out five days ago, but concerns persist that much of the Internet's security has been compromised.
Some Internet freedom and privacy groups began speculating that intelligence agencies may have exploited Heartbleed for surveillance purposes shortly after news of the bug broke earlier this week. The Electronic Frontier Foundation suggested earlier exploitations of the bug detected in November of last year "makes a little more sense for intelligence agencies than for commercial or lifestyle malware."
Earlier Friday, the Department of Homeland Security issued guidance on Heartbleed, saying that "everyone has a role to play to ensuring [sic] our nation's cybersecurity."
This post was updated Friday afternoon after the NSA statement was released.
- Just the Facts: What We Know About the NSA Spying on Americans - December 28th, 2022
- Big Brother Has Hacked the Constitution - Tenth Amendment Center - September 13th, 2022
- Julian Assange is my husband his extradition is an abomination - The Independent - June 29th, 2022
- NSA Surveillance: Why NSA Spying On Us - RedefinePrivacy - April 28th, 2022
- Edward Snowden - Wikipedia - April 13th, 2022
- EU/US Say They've Agreed To A New Privacy Shield That Doesn't Seem To Deal With Any Of The Problems Of The Old One - Techdirt - April 1st, 2022
- Global surveillance disclosures (2013present) - Wikipedia - January 15th, 2022
- Four refugees who sheltered Snowden find sanctuary in Canada - FRANCE 24 - October 5th, 2021
- Section 215 Expired: Year in Review 2020 - EFF - December 31st, 2020
- America's Nihilism blues | The Retriever - The Retriever - November 18th, 2020
- The socialist perspective in the 2020 US elections - World Socialist Web Site - WSWS - November 7th, 2020
- Big Brother is spying on you - Hillsboro Times Gazette - October 28th, 2020
- From Scandals To War, Here Are The 15 Best Documentaries Of All Time According To Rotten Tomatoes - ScoopWhoop - September 29th, 2020
- Guest view: Should Trump pardon Edward Snowden? - The-review - August 30th, 2020
- Screen Talk 300: Revisiting the Biggest Stories of the Last Six Years - IndieWire - August 30th, 2020
- Trump Wants to Build a Wall Around the Internet, How Worried Should The U.S. Be? - Gizmodo Australia - August 21st, 2020
- A list of known NSA spying techniques - Tumbex - July 27th, 2020
- How does NSA spying effect you? (Infographic) - ProPrivacy.com - July 22nd, 2020
- NSA Spying Federal Jack - July 22nd, 2020
- NSA Spokesman Accidentally Admits that the Government Is ... - July 22nd, 2020
- Liz Cheney the latest target of Trump loyalists which is enough to label her voice of reason on the left - RT - July 21st, 2020
- EU Court Again Rules That NSA Spying Makes U.S. Companies ... - July 18th, 2020
- Op-ed: Congress must act now to rein in the NSA's ... - July 18th, 2020
- Join EFF's 30th Anniversary Livestream and Party Like It's 1990! - EFF - July 9th, 2020
- 8 Ways The NSA is Spying on You Right Now - July 9th, 2020
- The Lizard People Invented Bitcoin: Why Crypto is a Hotbed for Conspiracy Theories - Cointelegraph - June 3rd, 2020
- Made-up murder claims, threats to kill Twitter, rants about NSA spying anything but mention 100,000 US virus deaths, right, Mr President? - The... - May 29th, 2020
- Author David Rohde on what the deep state is and why Trump is obsessed with it - Vox.com - May 13th, 2020
- Yes, Section 215 Expired. Now What? - EFF - April 17th, 2020
- More Than Half of Adults Say Their Video Calls Are Secure, Despite Hacking Concerns - Morning Consult - April 12th, 2020
- Edward Snowden warns COVID-19 could give governments invasive new data collection powers that will last long a - Business Insider India - March 30th, 2020
- ASSANGE EXTRADITION: An Extension of the US War on Terror - Consortium News - March 27th, 2020
- Assange's Extradition: An Escalation of the US War on Terror - Common Dreams - March 27th, 2020
- Presidential Candidates Should Declare Their Stance on "Costly Failure of the NSA's Unconstitutional Mass Surveillance Program," Says... - February 27th, 2020
- LTE: The Deep State is alive in well - GoErie.com - February 27th, 2020
- Pilger, Burchett and Assange: Three Extraordinary Australian Journalists That Spoke Truth to Power - Mintpress News - February 12th, 2020
- Edward Snowden warns that Assange and Greenwald prosecutions mark new stage in assault on press freedom - World Socialist Web Site - January 31st, 2020
- 8 Ways the NSA Is Spying on You Right Now | ExpressVPN - January 19th, 2020
- Trump administration to illegally divert an additional $7.2 billion to border wall construction - World Socialist Web Site - January 19th, 2020
- So, who has been wiretapping the prime minister? - Free Malaysia Today - January 9th, 2020
- Tucker Carlson Patrick McGeehan and Rising Deep Red State Revulsion Against the Neocons - Morgan County USA - January 8th, 2020
- 11 Tech Trends We Need to Dump in 2020 - PCMag AU - December 26th, 2019
- If Devin Nunes wants to call the FBI 'dirty cops', he better be ready to propose a solution - The Independent - December 19th, 2019
- The Simpsons even predicted the Anthony Joshua v Andy Ruiz Jr rematch - GIVEMESPORT - December 9th, 2019
- Nov. 21 Letters to the Editor | Opinion - Lewiston Morning Tribune - November 21st, 2019
- 5 Myths About the National Security Agency - ClearanceJobs - November 5th, 2019
- Democrats Make a Huge Mistake If They Just Focus Impeachment on the Ukraine Scandal - CounterPunch - November 5th, 2019
- Democrats make a huge mistake if they just focus impeachment on the Ukraine scandal - NationofChange - November 2nd, 2019
- Democrats are Making a Huge Mistake on Impeachment if They Focus on the Ukraine Scandal - ThisCantBeHappening! - October 31st, 2019
- NSA Spying on Americans Is Illegal | American Civil ... - October 7th, 2019
- Opinion: Why NSA spying puts the U.S. in danger ... - May 31st, 2019
- NSA spying? Everyone does it. - CSMonitor.com - May 26th, 2019
- NSA spying fiasco sending customers overseas | Computerworld - May 23rd, 2019
- NSA Spying Violated The Constitution - Business Insider - May 13th, 2019
- Judge Dodges Legality of NSA Mass Spying, Citing Secrecy ... - May 3rd, 2019
- Judge who ruled against NSA spying passes on Corsi case ... - April 5th, 2019
- Hearing Friday in Jewel NSA Spying Lawsuit: EFF Asks Court ... - March 28th, 2019
- Video: New NSA Spying Revelations Spark Call for More ... - March 19th, 2019
- NSA spying scandal: what we have learned | US news | The ... - March 8th, 2019
- Clapper claims he didnt lie about NSA spying on ... - March 7th, 2019
- NSA spying program ended six months ago, maybe permanently ... - March 7th, 2019
- Clapper: I Didnt Lie to Congress About NSA Spying I ... - March 7th, 2019
- Congress Reauthorizes NSA Spying on Americans American ... - March 5th, 2019
- European officials lash out at new NSA spying report - CBS ... - March 1st, 2019
- Huawei: U.S. Is Afraid We Will Stop NSA Spying -- It Has ... - February 28th, 2019
- Obama Justifies NSA Spying: Paul Revere Did It First - February 28th, 2019
- Mass government surveillance pros and cons: NSA spying ... - February 22nd, 2019
- Judge: NSA spying almost Orwellian, likely unconstitutional - February 12th, 2019
- The NSAs Hidden Spy Hubs in Eight U.S. Cities - August 5th, 2018
- The Trump Administration Is Hiding a Crucial Report on NSA ... - July 16th, 2018
- Obama knew of NSA spying on Merkel and approved it, report ... - July 16th, 2018
- AT&T collaborates on NSA spying through a web of secretive ... - June 28th, 2018
- Potential NSA spying hub revealed in D.C. AT&T building ... - June 28th, 2018
- RNC condemns NSA spying in huge turnaround | MSNBC - April 2nd, 2018
- Stop the Expansion of NSA Spying - eff.org - February 25th, 2018
- Congress demanded NSA spying reform. Instead, they let you ... - January 21st, 2018
- National Security Agency - Wikipedia - January 17th, 2018
- Dont Reauthorize NSA Spying in a Must-Pass Funding Bill ... - December 21st, 2017
- FACT CHECK: Did Clapper Get 'Caught Lying To Congress'? - The Daily Caller - August 24th, 2017
- The struggalo is real as radical ICP fans mobilize online - A.V. Club - August 18th, 2017