South Africa is among the countries which hosts servers for a United States National Security Agency (NSA) project called “PackagedGoods”, according to new documents released from Edward Snowden’s archive.
This is not the first time Treasure Map has been mentioned as part of the Snowden leaks, as the New York Times reported about the project’s existence during November 2013.
However, these new documents reveal that not only had the NSA infiltrated network operators based in Germany, but it also has data gathering tools for Treasure Map running in a South African data centre.
According to the NSA presentation about Treasure Map which The Intercept published, the system focuses on using network and geographic data to identify and locate Internet-connected devices and their users.
Packaged Goods is a data gathering arm of Treasure Map, gathering and providing data about networks around the world for the system.
The Intercept quoted the chief engineer of satellite communications company Stellar PCS as saying that intelligence services could use this data to shut down the Internet in entire countries in Africa that use their satellite connections.
Stellar PCS was among the organisations whose network was listed as being wholly infiltrated by the NSA’s data interception programmes.
An “unwitting” South African data centre
While none of South Africa’s networks are shown as compromised in this recently released Treasure Map presentation, it does say that we are playing host to a Packaged Goods server (PG-Server) in an “unwitting data centre”.
This is stated under a bullet point tagged as U//FOUO, which stands for unclassified but for official use only, meaning that the information is confidential and may not be made available to the general public.
There are 12 other PG-Servers in data centres around the world, each of which can gather data about a whole country and network (specifically an autonomous system, or AS).
Later in the presentation, on an unclassified slide showing a graph of Autonomous Systems generated by Treasure Map, the Internet Solutions (IS) network and its peering relationship with the Pakistan Telecommunications Company Limited is shown.
On a subsequent slide classified as “secret”, which shows Pakistan Telecom’s AS but not that of IS, Internet Solutions’ peering partner is shown to contain SIGINT collection access points within its network.
SIGINT refers to the NSA’s signals intelligence data gathering programme.
Internet Solutions was asked about its mention in the newly released NSA document, but the company was not immediately able to respond to requests for comment.