Exposed: NSA program for hacking any cellphone network, no matter where it is

The Intercept

The National Security Agency has spied on hundreds of companies and groups around the world, including in countries allied with the US government, as part of an effort designed to allow agents to hack into any cellphone network, no matter where it's located, according to a report published Thursday.

Armed with technical details of a specific provider's current or planned networks, agents secretly attempt to identify or introduce flaws that will make it possible for communications to be covertly tapped, according to anarticle published by The Intercept. Security experts warned that programs that introduce security flaws or suppress fixes for existing vulnerabilities could cause widespread harm, since the bugs can also be exploited by criminal hackers or governments of nations around the world.

"Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities," Karsten Nohl, a cryptographer and smartphone security expert, told The Intercept. "Because once NSA introduces a weakness, a vulnerability, it's not only the NSA that can exploit it."

The program reported Thursday, codenamed AURORAGOLD, has monitored messages sent and received by more than 1,200 email accounts associated with large cellphone operators around the world. One surveillance target is the GSM Association (GSMA), a UK-based group that works with Microsoft, Facebook, AT&T, Cisco Systems, and many other companies to ensure their hardware and software related to cellular technology is compatible. At the same time the NSA has been monitoring the group, other arms of the US government has funded GSMA programs designed to boost privacy on mobile networks. According to The Intercept:

The NSA focuses on intercepting obscure but important technical documents circulated among the GSMAs members known as IR.21s.

Most cellphone network operators share IR.21 documents among each other as part of agreements that allow their customers to connect to foreign networks when they are roaming overseas on a vacation or a business trip. An IR.21, according to the NSA documents, contains information necessary for targeting and exploitation.

The details in the IR.21s serve as a warning mechanism that flag new technology used by network operators, the NSAs documents state. This allows the agency to identify security vulnerabilities in the latest communication systems that can be exploited, and helps efforts to introduce new vulnerabilities where they do not yet exist.

The IR.21s also contain details about the encryption used by cellphone companies to protect the privacy of their customers communications as they are transmitted across networks. These details are highly sought after by the NSA, as they can aid its efforts to crack the encryption and eavesdrop on conversations.

Last year, The Washington Post reported that the NSA had already managed to break the most commonly used cellphone encryption algorithm in the world, known as A5/1. But the information collected under AURORAGOLD allows the agency to focus on circumventing newer and stronger versions of A5 cellphone encryption, such as A5/3.

Continue reading here:
Exposed: NSA program for hacking any cellphone network, no matter where it is