AT&T helped NSA Spy on Domestic Citizens

The relationship between AT&T and the NSA is said to be "highly collaborative," thanks to the company's "extreme willingness to help."

Newly published document, provided by Edward Snowden in 2013, show the US cellular and telecom giant was in cahoots with the intelligence agency as far back as 1985, a relationship that later intensified following the September 11 terrorist attacks.

More than two years after the first document was published by reporters, we're now venturing into the portion of the documents disclosed by Snowden that are highly likely and previously suspected, but now finally confirmed.
NSA is codename heavy. It's for a reason: it mitigates damage in case of information leaks. It's long been suspected that US telcos, large and small, have on some level "cooperated" with the NSA, whether willingly or otherwise. There are dozens of codenames for different companies, and collections and programs under which that collected data is filtered and stored.

One of the larger programs is Fairview, which reporters are now saying it can be no other than AT&T, based on new evidence that's come to light. Former NSA whistleblower William Binney claims  that "Fairview" was AT&T, and "Stormbrew" was Verizon. Another one of these programs, "Oakstar," collects data from companies in eight countries that are not part of the Five Eyes coalition. Binney left the agency in 2001.

Some of these codenames are considered "sensitive compartmented information," meaning even some NSA officials aren't sure who's who. The NSA's partners or collaborators in the private sector is a huge state secret.
From the report, AT&T "provided technical assistance in carrying out a secret court order permitting the wiretapping of all Internet communications at the United Nations headquarters," which is a customer of AT&T.
 
It's not news that the UN, home of the world's governments, were targets for US spies. But how the spying happened is remarkable -- and also quite boring. Previous reports said NSA spies "bugged" the UN headquarters in New York, cracking encryption and coding systems and infiltrating the video-conferencing systems. Other reports also said UN secretary-general Ban Ki-moon's talking points were also grabbed from an email message through the Blarney email-grabbing program.
How was it done? By targeting the cable flowing in and out of the UN's building. It's a surprisingly easy effort with AT&T's help.

In the first few months after the NSA started collecting on AT&T's networks, the agency took in "400 billion internet metadata records," such as who people were talking to but not what was said.
The Fairview program also started sending back "more than one million emails a day to the keyword selection system" at NSA headquarters in Fort Meade, MD.

By 2011, AT&T began handing "over 1.1 billion domestic cellphone calling records," just months before the tenth anniversary of the September 11 attacks. By 2013, the program was "processing 60 million foreign-to-foreign emails a day" that were flowing over AT&T's domestic network.
"This is a partnership, not a contractual relationship," says one of the documents, referring to the AT&T-NSA relationship as one that's cooperative rather than obligatory.

Playing devil's advocate, telecoms face far greater and stricter regulation than software firms and technology companies. AT&T isn't allowed to comment. In any case, there will very likely be another side to this. We know Verizon was forced to hand over its domestic records, because a court order from the Foreign Intelligence Surveillance Court, the court that authorizes the government's spying, showed that. No released documents have shown AT&T was forced to hand over data. 
ZDNet: http://zd.net/1hajMVK

 

 

« Cyberwar Right Here, Right Now...
UN Calls On Social Media to Act Against ‘Misuse’ by Extremists »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

Fredda Stanza

Fredda Stanza

Fredda Stanza specialize in Information Security and Forensics Consulting.

Centrify

Centrify

Centrify’s Next-Gen Access is an identity & access management solution that uniquely converges Identity-as-a-Service, enterprise mobility management and privileged access management.

CyberDefcon

CyberDefcon

CyberDefcon is an independent organization dedicated to the pursuit of making the internet a safer place.

Entersekt

Entersekt

Entersekt is an innovator in push-based authentication and app security.

Cyber Security Expo

Cyber Security Expo

Cyber Security EXPO is a unique one day recruitment event for the cyber security industry.

Herbert Smith Freehills

Herbert Smith Freehills

Herbert Smith Freehills is a leading professional services including data protection and privacy.

Uppsala Security

Uppsala Security

Uppsala Security built the first crowdsourced Threat Intelligence platform known as the Sentinel Protocol, which is powered by blockchain technology.

Billington CyberSecurity

Billington CyberSecurity

Billington CyberSecurity is a leading, independent education company with an exclusive focus on cybersecurity.

Cloud Box Technologies

Cloud Box Technologies

Cloud Box Technologies is one of the premier IT Infrastructure Solution providers in the Middle East.

Sovrin Foundation

Sovrin Foundation

The Sovrin Foundation is a private-sector, international non-profit that was established to govern the world's first self-sovereign identity (SSI) network.

Sprint Networks

Sprint Networks

Sprint Networks is a trusted compliance and risk program advisor which deliver cost-effective technology to reduce enterprise-wide risk.

EYE Security

EYE Security

EYE provides enterprise-grade cyber security services and cyber insurance to SMEs in Europe, Cyber Incident Response and strategic advice in board rooms.

Infuse Technology

Infuse Technology

Infuse Technology provide the highest level of cybersecurity support, implementing practical solutions to protect against cyber-attacks, from simple phishing scams to complex data security breaches.

WhiteJar

WhiteJar

WhiteJar offers an innovative approach to modern cybersecurity needs, empowering Ethical Hackers within its unique crowd platform.

Blackpanda

Blackpanda

Blackpanda is Asia’s premier cyber security incident response group, hyper-focused on digital forensics and cyber crisis response.

Board of Cyber

Board of Cyber

Board of Cyber offers Security Rating: a fast, non-intrusive, continuous, 100% automated solution to evaluate the cyber performance of an organization.