NSA mobile phone network hacking raises security concerns

Snowden documents reveal NSA unit dedicated to hacking mobile phone networks

The US National Security Agency (NSA) spied on the GSM Association to identify and exploit security vulnerabilities in mobile phone networks, documents leaked by whistleblower Edward Snowden reveal.

This has raised concerns about the security of the world’s mobile networks amid speculation that the NSA may have compromised the latest mobile encryption algorithms.

The NSA has collected technical information on about 70% of mobile phone networks world-wide through an operation called Auroragold, according to The Intercept.

The operation is carried out by specialist NSA surveillance units tasked with spying on private companies that run cellphone networks.

According to the leaked documents, the NSA intercepted confidential emails between hundreds of companies and organisations internationally to find security weaknesses in mobile phone technology.

A year ago the Washington Post revealed the NSA had broken the most commonly used mobile phone encryption algorithm known as A5/1.

But the information collected under Auroragold allows the NSA to look at ways of circumventing newer and stronger versions of A5 cellphone encryption, such as A5/3.

The documents also reveals how the NSA works to attack cellphone encryption technology, and plans to secretly introduce new flaws into communication systems so that they can be tapped into.

Security experts have cautioned against this tactic, saying it could be exposing millions of people to attacks by criminal hackers.

News of Auroragold has coincided with the introduction of a new US bill aimed at protecting the privacy and data security of US citizens.

The Secure Data bill, introduced by US senator Ron Wyden, specifically prohibits government mandates to build backdoors or security vulnerabilities into US software and electronics.

Wyden said recent proposals by government officials to compel companies to build backdoors in the security features of their products threaten to undermine the development and deployment of strong data security technologies.

"Strong encryption and sound computer security is the best way to keep Americans' data safe from hackers and foreign threats. It is the best way to protect our constitutional rights at a time when a person's whole life can often be found on his or her smartphone,” he said.

According to Wyden, strong computer security can rebuild consumer trust that has been shaken by years of misstatements by intelligence agencies about mass surveillance of US citizens.

"This bill sends a message to leaders of those agencies to stop recklessly pushing for new ways to vacuum up Americans' private information, and instead put that effort into rebuilding public trust,” he said.

Wyden said that, once a backdoor is built in a security system, the security of the system is inherently compromised. 

The latest Snowden documents reveal that the UK-headquartered GSM Association is among the high-profile Auroragold surveillance targets.

The mobile trade group works closely with large US firms such as Microsoft, Facebook, AT&T, and Cisco, as well as large international companies, including Sony, Nokia, Samsung, Ericsson and Vodafone.

Industry commentators say that by spying on the GSMA, the NSA has placed itself in direct conflict with the mission of the National Institute for Standards and Technology (NIST), the US government agency responsible for recommending cyber security standards in the US.

The GSMA is currently funded by NIST to develop privacy-enhancing technologies.

A surveillance review panel convened by US president Barack Obama concluded in December 2013 that the NSA should not “in any way subvert, undermine, weaken, or make vulnerable generally available commercial software” in its final report.

“Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities,” said Karsten Nohl, a mobile security expert and cryptographer.

“Once the NSA introduces a weakness, a vulnerability, it is not only the NSA that can exploit it,” he told The Intercept.

A top-secret world map featured in a June 2012 presentation on Auroragold suggests that the NSA has some degree of “network coverage” in almost all countries on every continent.

This includes the US and closely allied countries such as the UK, Germany, France, Australia and New Zealand.

The information collected from the companies is passed on to NSA “signals development” teams that focus on infiltrating communication networks.

The data is also shared with other US intelligence agencies and with the NSA’s counterparts in countries that are part of the Five Eyes alliance, namely the UK, Canada, Australia, and New Zealand.

A GSMA spokesperson said the body would not make a response until its lawyers had examined the relevant documents.

An NSA spokeswoman declined to discuss the tactics used by Auroragold or whether the operation was still being conducted.

“NSA collects only those communications that it is authorised by law to collect in response to valid foreign intelligence and counterintelligence requirements,” the spokeswoman said.

Read more on Privacy and data protection