Network operators in South Africa have chosen to remain silent after it was recently revealed that the US National Security Agency (NSA) may be intercepting communications at the cable-level.
This follows the recent release of “Sniffmap” from Priority One Security (P1sec), which indicated that 60% – 153 of the 255 telecommunications routes in South Africa may be intercepted by the NSA.
SMW4 was previously a Seacom partner cable, but Seacom stopped using SMW4’s services, except as a restoration capacity provider during an outage in March 2013.
Neotel and Seacom are not necessarily the only operators relevant to questions about NSA spying on traffic to or from South Africa, however.
Considering that Sniffmap suggests that 60% of the routes in South Africa may be intercepted, any number of telecommunications providers could be affected.
The questions put to the companies were as follows:
- Do you have reason to believe that any of the traffic you carry from South Africa is being intercepted by the NSA?
- How do you feel about the reports that the NSA is intercepting traffic at a cable level?
Of the companies asked about Sniffmap and the recent reports that the NSA was snooping on undersea cables, only Internet Solutions and Seacom acknowledged receipt of our queries.
Only Seacom indicated that it had considered the questions and has no comment on either of them.
While Sniffmap does give an indication of the possible extent of spying on Internet traffic from South Africa, it is worth noting the methodology and places of known bias that were highlighted by P1sec.
According to P1sec, its methodology was as follows:
- Choose a random list of target IP addresses;
- For each country, get all known traceroute gateways;
- For each traceroute gateway, test each target IP address (within a pool of 255 random IPs with each of the 255 class A networks);
- If this route goes through one NSA-controlled country, mark the route as “bad”, otherwise the route is marked as good.
P1sec noted that its method does not estimate the quantity of traffic intercepted, but rather the percentage of routes potentially intercepted.
Among the other points of bias P1sec highlighted was that they use a geographic IP lookup table to determine the location of routers, which is not 100% accurate.
Results are also dependent on the variety of traceroute sources, P1sec said.
P1sec also warned that not only the “Five Eyes” allies are intercepting Internet traffic, which it said means that the real interception statistics may be much higher.