It is a well-known and published fact that the American National Security Agency (NSA) is paranoid about business and government secrets leaving via the back door. As far back as 2010, American officials have considered Huawei, the Chinese telecommunications giant a security threat, blocking it from business deals in the USA for fear that the company would create “back doors” in its equipment that could allow the Chinese military or Beijing-backed hackers to steal corporate and government information.
But recently it was leaked that the NSA pried its way into the servers in Huawei’s sealed headquarters in Shenzhen, China’s industrial heartland. According to documents provided to the NSA by former contractor Edward Snowden, the NSA obtained information about the workings of giant routers and monitored communication of the company’s top executives.
One of the goals of the operation was to find any links between Huawei and the People’s Liberation Army. Plans have now gone further. According to a recent article in the New York Times, the NSA wants to exploit Huawei’s technology so that that when the company sells equipment to other countries, the NSA could roam through its computer and telephone networks to conduct surveillance and, if ordered by the US President, offensive cyber operations. A NSA document says “We want to make sure that we know how to exploit these products to gain access to networks of interest around the world.”
Jacob Appelbaum, an independent computer security researcher, hacker and core member of the Tor project, said at the recent ITWeb Security Summit 2014 that the NSA aims to have total surveillance of everything it wants, and there is no boundary or limit to what it wants to do. (Tor is free sofware for enabling online anonymity and resisting censorship by directing internet traffic through a free, worldwide, volunteer network consisting of more than 5000 relays to conceal a user’s location or usage from anyone conducting network surveillance or traffic analysis.)
A NSA program allows its analysts to search through vast databases containing emails, and the browsing histories of millions of people. Called XKeyscore, other systems used by the NSA, called Turmoil and Turbine, carry out deep packet inspection and deep packet injection. Turmoil is a passive, deep-packet inspection system that feeds data into another system called Turbine, which releases a number of off-the-shelf or zero-day exploits that are injected into a data stream to compromise a vulnerable machine.
Turmoil and Turbine feed the XKeyscore surveillance database, which is controlled by the NSA. These systems are kitted out with packaged exploits that take advantage of the ability of the agency to be a “man in the middle” at internet bottlenecks. Another instance of this is the practice of buying vulnerabilities and exploits under non-disclosure agreements that make sure the vulnerabilities will be kept from the specific vendor, and therefore are never patched.
But where does South Africa stand? We have a myriad submarine cables coming into the country carrying data; some of which terminates in South Africa, other data may be of interest to agencies in other countries and traded or exchanged. Does South Africa have regulations that give the government access to the cables that land on our shores? If the NSA in the US and those in many other countries are collaborating in sharing this back door data, why should South Africa be any different? The man in the street may argue that it does not affect him because he does nothing that could be of any interest, but this may not apply to enterprises operating in a competitive environment.
The debate has only started but Applebaum says we do have the power to change things, largely through encryption, open source, legal reform and anonymity. We should be watching our back door!