More leaks from Edward Snowden

Telecom giants give GCHQ unlimited access to networks, develop own spyware – Snowden leaks

Major telecom companies have been assisting the UK intelligence agency GCHQ by granting access to all the traffic passing through their fiber-optic cables – and by developing Trojan software, leaked papers obtained by German media reveal.

RT ,

2 August, 2013

The classified slides obtained by German news agencies Süddeutsche Zeitung (SZ) and NDR list global telecommunication operators among the collaborators of the UK’s Government Communications Headquarters. The documents are said to have been leaked by former NSA contractor Edward Snowden.

The 2009-dated GCHQ slides reportedly provide the names of the following companies, along with their agency’s internal aliases: American provider Verizon Business (code name: “Dacron”), British majors BT (“Remedy”) and Vodafone Cable (“Gerontic”), as well as Global Crossing (“Pinnage”), Level 3 (“Little”), Viatel (“Vitreous”) and Interoute (“Streetcar”).

The listed telecom giants have allegedly been passing on details of phone calls, emails and Facebook entries to the agency in line with the GCHQ’s operation Tempora. Snowden earlier revealed that Tempora was part of the UK’s data collection programs dubbed ‘Mastering the Internet’ and ‘Global Telecoms Exploitation.’ 

The seven providers named in the reports own tens of thousands of kilometers of fiber-optic networks, including the high-capacity undersea cables, and literally form the backbone of the internet’s infrastructure. 

According to a Guardian intelligence source cited in June, all such firms had “no choice” but to engage in spying, compelled by the GCHQ warrants. Until now, the companies’ names had been strictly kept secret by the agency for fear of “high-level political fallout” and major market losses. 

But the fresh leaks also claim to be showing another side of the secret deal, with telecom majors allegedly receiving rewards for developing the spying software for GCHQ on their own. Such software could come in a form of Trojan viruses installed on targeted computers, the reports say, stating that the companies’ involvement in data collection is much larger and more complicated than previously thought.

The reports also list network attacks and deliberate disinformation as the tactics employed by the UK’s intelligence agency in their task for ‘dominating’ the internet. 

So far, all but one of the providers listed in the report failed to directly confirm or deny the claims, some saying they comply with the law of the countries they operate in. German market leader Level 3 denied providing access to its communication networks to “any foreign government,” according to SZ. But the news agency then speculated that the company could still serve as a hub for outside data transfer, as in 2011 it acquired the Global Crossing, inheriting its foreign networks – and, possibly, agreements. 

The sensitive revelations about GCHQ’s so-called ‘intercept partners’ come as a follow up of the recent Snowden leak saying that the British agency has received at least $150 million from its American counterpart NSA for the “dirty work” of massive intelligence gathering.

The fugitive whistleblower has repeatedly said that the massive surveillance was “not just a US problem,”and that the UK also “has a huge dog in this fight” – GCHQ, which makes it “worse than the US.” 

BT and Vodafone among telecoms companies passing details to GCHQ

Fears of customer backlash over breach of privacy as firms give GCHQ unlimited access to their undersea cables

The Guardian ,

2 August, 2013

Some of the world's leading telecoms firms, including BT and Vodafone, are secretly collaborating with Britain's spy agency GCHQ, and are passing on details of their customers' phone calls, email messages and Facebook entries, documents leaked by the whistleblower Edward Snowden show.

BT, Vodafone Cable, and the American firm Verizon Business – together with four other smaller providers – have given GCHQ secret unlimited access to their network of undersea cables. The cables carry much of the world's phone calls and internet traffic.

In June the Guardian revealed details of GCHQ's ambitious data-hoovering programmes, Mastering the Internet and Global Telecoms Exploitation, aimed at scooping up as much online and telephone traffic as possible. It emerged GCHQ was able to tap into fibre-optic cables and store huge volumes of data for up to 30 days. That operation, codenamed Tempora, has been running for 20 months.

On Friday Germany's Süddeutsche newspaper published the most highly sensitive aspect of this operation – the names of the commercial companies working secretly with GCHQ, and giving the agency access to their customers' private communications. The paper said it had seen a copy of an internal GCHQ powerpoint presentation from 2009 discussing Tempora.

The document identified for the first time which telecoms companies are working with GCHQ's "special source" team. It gives top secret codenames for each firm, with BT ("Remedy"), Verizon Business ("Dacron"), and Vodafone Cable ("Gerontic"). The other firms include Global Crossing ("Pinnage"), Level 3 ("Little"), Viatel ("Vitreous") and Interoute ("Streetcar"). The companies refused to comment on any specifics relating to Tempora, but several noted they were obliged to comply with UK and EU law.

The revelations are likely to dismay GCHQ and Downing Street, who are fearful that BT and the other firms will suffer a backlash from customers furious that their private data and intimate emails have been secretly passed to a government spy agency. In June a source with knowledge of intelligence said the companies had no choice but to co-operate in this operation. They are forbidden from revealing the existence of warrants compelling them to allow GCHQ access to the cables.

Together, these seven companies operate a huge share of the high-capacity undersea fibre-optic cables that make up the backbone of the internet's architecture. GCHQ's mass tapping operation has been built up over the past five years by attaching intercept probes to the transatlantic cables where they land on British shores. GCHQ's station in Bude, north Cornwall, plays a role. The cables carry data to western Europe from telephone exchanges and internet servers in north America. This allows GCHQ and NSA analysts to search vast amounts of data on the activity of millions of internet users. Metadata – the sites users visit, whom they email, and similar information – is stored for up to 30 days, while the content of communications is typically stored for three days.

GCHQ has the ability to tap cables carrying both internet data and phone calls. By last year GCHQ was handling 600m "telephone events" each day, had tapped more than 200 fibre-optic cables and was able to process data from at least 46 of them at a time.

Each of the cables carries data at a rate of 10 gigabits per second, so the tapped cables had the capacity, in theory, to deliver more than 21 petabytes a day – equivalent to sending all the information in all the books in the British Library 192 times every 24 hours.

This operation is carried out under clandestine agreements with the seven companies, described in one document as "intercept partners". The companies are paid for logistical and technical assistance.

The identity of the companies allowing GCHQ to tap their cables was regarded as extremely sensitive within the agency. Though the Tempora programme itself was classified as top secret, the identities of the cable companies was even more secret, referred to as "exceptionally controlled information", with the company names replaced with the codewords, such as "GERONTIC", "REMEDY" and "PINNAGE".

However, some documents made it clear which codenames referred to which companies. GCHQ also assigned the firms "sensitive relationship teams". One document warns that if the names emerged it could cause "high-level political fallout".

Germans have been enraged by the revelations of spying by the National Security Agency and GCHQ after it emerged that both agencies were hoovering up German data as well. On Friday the Süddeutsche said it was now clear that private telecoms firms were far more deeply complicit in US-UK spying activities than had been previously thought.

The source familiar with intelligence maintained in June that GCHQ was "not looking at every piece of straw" but was sifting a "vast haystack of data" for what he called "needles".

He added: "If you had the impression we are reading millions of emails, we are not. There is no intention in this whole programme to use it for looking at UK domestic traffic – British people talking to each other." The source said analysts used four criteria for determining what was examined: security, terror, organised crime and Britain's economic wellbeing."The vast majority of the data is discarded without being looked at … we simply don't have the resources."

Nonetheless, the agency repeatedly referred to plans to expand this collection ability still further in the future.

Once it is collected, analysts are able to search the information for emails, online chats and browsing histories using an interface called XKeyscore, uncovered in the Guardian on Wednesday. By May 2012, 300 analysts from GCHQ and 250 NSA analysts had direct access to search and sift through the data collected under the Tempora program.

Documents seen by the Guardian suggest some telecoms companies allowed GCHQ to access cables which they did not themselves own or operate, but only operated a landing station for. Such practices could raise alarm among other cable providers who do not co-operate with GCHQ programmes that their facilities are being used by the intelligence agency.

Telecoms providers can be compelled to co-operate with requests from the government, relayed through ministers, under the 1984 Telecommunications Act, but privacy advocates have raised concerns that the firms are not doing enough to challenge orders enabling large-scale surveillance, or are co-operating to a degree beyond that required by law.

"We urgently need clarity on how close the relationship is between companies assisting with intelligence gathering and government," said Eric King, head of research for Privacy International. "Were the companies strong-armed, or are they voluntary intercept partners?"

Vodafone said it complied with the laws of all the countries in which its cables operate. "Media reports on these matters have demonstrated a misunderstanding of the basic facts of European, German and UK legislation and of the legal obligations set out within every telecommunications operator's licence … Vodafone complies with the law in all of our countries of operation," said a spokesman.

"Vodafone does not disclose any customer data in any jurisdiction unless legally required to do so. Questions related to national security are a matter for governments not telecommunications operators."

A spokeswoman for Interoute said: "As with all communication providers in Europe we are required to comply with European and local laws including those on data protection and retention. From time to time we are presented with requests from authorities. When we receive such requests, they are processed by our legal and security teams and if valid, acted upon."

A spokeswoman for Verizon said: "Verizon continually takes steps to safeguard our customers' privacy. Verizon also complies with the law in every country in which we operate."

BT declined to comment.