Germany’s BND Intelligence Agency Is Cutting Cooperation With The NSA

Entrance to the future BND Headquarters office in Pullach, Bavaria.

German intelligence has drastically reduced its cooperation with the US National Security Agency in response to a growing fall-out over their alleged joint surveillance of European officials and companies, according to media reports.

The BND, Germany’s foreign intelligence agency, ceased the online surveillance it is believed to have been carrying out on behalf of the NSA at its satellite listening station in Bad Aibling, Bavaria, at the start of the week, pending an investigation into the scandal. The end of the operation was reported by the national daily newspaper Süddeutsche Zeitung and other German media, citing sources close to a German parliamentary inquiry into the allegations.

Fax and phone intercepts were still being passed on, according to the reports.

The move was welcomed by Konstantin von Notz of the Green party ombudsman, who is in the parliamentary committee investigating the Edward Snowden revelations, of NSA spying. He said it was an acknowledgement that the operation was out of control.

“This is certainly a drastic step. It’s like pulling the emergency rip cord, because even in the year 2015 they’re still not able to control these search terms for Internet traffic,” he said, adding that Angela Merkel’s government had proven she was unable to protect German and European interests.

The decision was made after the NSA failed to provide a clear reason for each request for the surveillance of individuals or organisations. This had been demanded by the BND and Merkel’s office last month after BND’s chief, Gerhard Schindler, informed the chancellery that there was “massive doubt” about the veracity of the joint surveillance activities, which have been going on for a decade.

The government has yet to respond to the allegations. Members of her own party have joined calls for the government to release the list of 40,000 “selectors” – the IP addresses, search terms and names – used by the BND on behalf of the NSA.

Angela Merkel is under increasing pressure to reveal more about the nature of Germany’s cooperation with the NSA.

Wolfgang Bosbach, a prominent member of Merkel’s CDU and chair of the Bundestag’s home affairs select committee, said the lists were necessary in order to be able to establish whether or not the BND had acted illegally in assisting the NSA.

“It still remains to be seen whether this list can be released, as that depends on what arrangements were made with the US by the then government [of Gerhard Schröder] after the dramatic events of September 11 … I would like to know what was agreed with the Americans. It’s important in order to be able to answer the question as to whether the BND has acted within the law,” he told German broadcaster DLF.

Merkel has so far ruled out releasing the list until consultations with the US are completed. She has said she is prepared to go before the parliamentary committee and answer questions.

According to media reports citing those present at a secret session of the parliamentary committee, it is believed that on the request of Berlin for the NSA to justify each search request, the agency did provide necessary explanations for telephone numbers – believed to be in the millions – that it was wanting information on. But regarding other “selectors” such as those used to search emails, the response was sluggish, Peter Altmaier, Merkel’s chief of staff is reported to have told the committee.

It has also emerged that in his appearance before the committee, the BND boss Schindler, said that his agents had failed to record the data they had passed onto the NSA, making it nearly impossible to reconstruct what information they were provided with. He reportedly said they had no technical means of being able to retrieve the searches.

Whether the admission is just a convenient ploy to cover up any mistakes the BND might have made, as some MPs have inferred, has yet to be seen. The admission has added a further sting to the revelations, and does nothing to improve the position of the BND in the affair. The BND would appear to have at the best very careless if it indeed failed to record any details of the information transfers.

According to Schindler, no companies were on the surveillance list, rather European politicians, EU institutions and other officials.

Schindler, however, was at pains to play down the potential political damage caused. According to Spiegel Online, he told the committee the BND had only seized on communications originating in crisis areas of the world such as Africa and the Far East. He said with that in mind it was unlikely that the search of EU politicians’ emails would have been fruitful.

Schindler also said that most European authorities and almost all diplomats communicated via Virtual Private Networks (VPNs) rather than by email, which would have hindered BND attempts to intercept them.
Schindler repeated that he had first been made aware that the NSA was undertaking a massive sweep of European data by a colleague on March 13, and he had immediately informed the chancellery in Berlin.
Altmaier said the government was putting “considerable pressure” on the US to release the selectors list. A close advisor to Merkel told the committee that it expected an answer without delay.

Christine Lambrecht, parliamentary head of the opposition SPD faction, said despite calls for people to resign over the affair it was too early for conclusions to be drawn. She said it was important that the row did not overshadow the cooperation between intelligence agencies, “as it’s ever clearer that this work cannot be managed by one service alone … the question is only in what legal framework such cooperation takes place.”

Guardian: http://bit.ly/ZCp1oG

« What Do UK Consumers Think About SMEs’ Cyber Security?
Ex-CIA Chief: ‘If we don’t handle China well, it will be catastrophic’ »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

USNA Center for Cyber Security Studies

USNA Center for Cyber Security Studies

The mission of the Center for Cyber Security Studies is to enhance the education of midshipmen in all areas of cyber warfare.

National Cyber Security Centre (NKSC) - Lithuania

National Cyber Security Centre (NKSC) - Lithuania

NKSC is the main Lithuanian cyber security institution, responsible for unified management of cyber incidents, monitoring and control of the implementation of cyber security requirements.

National Cybersecurity and Communications Integration Center (NCCIC)

National Cybersecurity and Communications Integration Center (NCCIC)

NCCIC is a cyber situational awareness, incident response, and management center for the US Government, intelligence community, and law enforcement.

Dermalog Identification Systems

Dermalog Identification Systems

Dermalog Identification Systems is a pioneer in biometry and the largest German manufacturer of biometric devices and systems.

Fortanix

Fortanix

Fortanix Runtime Encryption keeps keys, data, and applications completely protected from external and internal threats.

Seavus Accelerator

Seavus Accelerator

Seavus Accelerator's goal is to create an enabling and stimulating environment for start-ups growth and provide continuous high quality acceleration and investment support.

AmWINS Group

AmWINS Group

AmWINS are a global specialty insurance distributor with expertise in property, casualty and professional lines including cyber liability.

Corsha

Corsha

Corsha is on a mission to simplify API security and allow enterprises to embrace modernization, complex deployments, and hybrid environments with confidence.

Duality Technologies

Duality Technologies

Duality Technologies combine Advanced Cryptography with Data Science to deliver High-Performance Privacy-Protecting Computing to Regulated Industries.

Secure Digital Solutions (SDS)

Secure Digital Solutions (SDS)

Secure Digital Solutions is a leading consulting firm in the business of information security providing cyber security program strategy, enterprise risk and compliance, and data privacy.

InfoSec Conferences

InfoSec Conferences

InfoSec Conferences is an online directory of infosec conferences. We list every single Information Security conference, event and seminar within every niche in Cybersecurity.

Predatech

Predatech

A cyber security consultancy offering a range of services, including CREST accredited penetration testing, vulnerability assessments and certifications incl. Cyber Essentials & Cyber Essentials Plus.

ST Engineering Antycip

ST Engineering Antycip

ST Engineering Antycip (formerly Antycip Simulation) is Europe’s leading provider of professional grade COTS simulation software, projection & display systems, and related engineering services.

Conversant Group

Conversant Group

Conversant Group is an IT infrastructure and security consulting company, providing technical, organizational, procedural, and process consulting internationally.

West Midlands Cyber Resilience Centre (WMCRC)

West Midlands Cyber Resilience Centre (WMCRC)

The East Midlands Cyber Resilience Centre supports and helps protect SMEs and supply chain businesses and third sector organisations in the region against cyber crime.

SecZone

SecZone

SecZone is a Chinese enterprise with a mission to "Make It Secure." We are dedicated to driving software security innovation globally.