Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Security Infrastructure

US Taps Communications Links to Google, Yahoo Data Centers: Report

WASHINGTON – The US National Security Agency has tapped into key communications links from Yahoo and Google data centers around the world, the Washington Post reported Wednesday.

WASHINGTON – The US National Security Agency has tapped into key communications links from Yahoo and Google data centers around the world, the Washington Post reported Wednesday.

The Post, citing documents obtained from former NSA contractor Edward Snowden and interviews with officials, said the program can collect data at will from hundreds of millions of user accounts, including from Americans.

The report said the program dubbed MUSCULAR, operated jointly with NSA’s British counterpart GCHQ, indicated that the agencies can intercept data flows from the fiber-optic cables used by the US Internet giants. The Post report suggests this is a secret program that is unlike PRISM, which relies on court orders to obtain data from technology firms.

According to a top secret document cited by the newspaper dated January 9, 2013, some 181 million records were collected in the prior 30 days, ranging from metadata on emails to content such as text, audio and video.

The document shown by the Post indicates that the NSA intercept takes place outside the United States, and that an unnamed telecommunications provider allowed the secret access.

A graphic in the document suggested that the interception at Google came at a point between the public Internet and Google “cloud” servers. The hand-drawn graphic depicted an image of the two Google servers and a smiley face with a note saying, “SSL added and removed here.” SSL refers to secure sockets layer, a cryptographic protocol.

Acting outside US territory would give the NSA more latitude than within the United States, where it would require court orders, the Post noted.

Advertisement. Scroll to continue reading.

NSA chief General Keith Alexander, asked about the allegations during a Washington conference, said he was unaware of the report but argued that the allegations appeared to be inaccurate.

“That (activity) to my knowledge, this never happened,” he said at the conference sponsored by Bloomberg Television.

“In fact there was this allegation in June that the NSA was tapping into the servers of Yahoo or Google, that is factually incorrect.”

He added that NSA gains access to data “by court order” and that it would not be “breaking into any databases.”

Google chief legal officer David Drummond said the Internet giant was not involved in any such activity.

“We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links, especially the links in the slide,” Drummond said in a statement.

“We do not provide any government, including the US government, with access to our systems. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform.”

Yahoo said in a statement to AFP that “we have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency.”

The report comes amid a storm of protest about NSA surveillance both at home and overseas of phone and Internet communications.

On Tuesday, US officials said reports that American spy agencies snooped on millions of Europeans were false.

Alexander told lawmakers that in many cases European spy agencies had turned over phone call records and shared them with US intelligence.

Written By

AFP 2023

Click to comment

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join security experts as they discuss ZTNA’s untapped potential to both reduce cyber risk and empower the business.

Register

Join Microsoft and Finite State for a webinar that will introduce a new strategy for securing the software supply chain.

Register

Expert Insights

Related Content

Security Infrastructure

Security vendor consolidation is picking up steam with good reason. Everyone wants to improve security efficiency and effectiveness while paying for less.

Management & Strategy

Hundreds of companies are showcasing their products and services this week at the 2023 edition of the RSA Conference in San Francisco.

Security Infrastructure

Instead of deploying new point products, CISOs should consider sourcing technologies from vendors that develop products designed to work together as part of a...

Security Infrastructure

Comcast jumps into the enterprise cybersecurity business, betting that its internal security tools and inventions can find traction in an expanding marketplace.

Security Infrastructure

XDR's fully loaded value to threat detection, investigation and response will only be realized when it is viewed as an architecture

Cloud Security

The term ‘zero trust’ is now used so much and so widely that it has almost lost its meaning.

Security Infrastructure

While silos pose significant dangers to an enterprise's cybersecurity posture, consolidation serves as a powerful solution to overcome these risks, offering improved visibility, efficiency,...

Funding/M&A

Identity and access governance vendor Saviynt has closed a $205 million financing round.