The US National Security Agency is reportedly stonewalling attempts by a leading Democrat on the Senate Intelligence Committee to investigate whether it is continuing the controversial practice of installing "back doors" into commercial technology products, reports Reuters.
The back-door encryption has been touted by the NSA as a means of scanning large amounts of traffic without the hassle of a warrant and, accordingly, making it easier to gather vital intelligence, including interception of terrorist communications.
Critics have slammed the practice that was revealed by former NSA contractor Edward Snowden as damaging both US industry and national security.
In the wake of the revelations, the agency reportedly developed new rules for its practices to dodge exposure and compromise, according to three former senior intelligence agency staff members, cited by Reuters.
They claim that the NSA now requires potential fall-out assessment before seeking a back-door, besides ensuring that a warning is issued if the back-door is discovered by adversaries.
However, aides to Senator Ron Wyden claim the NSA has fended off all attempts to get a gist of the new guidelines the agency is implementing.
“Secret encryption back-doors are a threat to national security and the safety of our families – it’s only a matter of time before foreign hackers or criminals exploit them in ways that undermine American national security… The government shouldn’t have any role in planting secret back-doors in encryption technology used by Americans,” Wyden was cited as saying by the outlet.
Feeding into criticism of the NSA’s practices as ostensibly creating targets for enemies, and compromising efforts to persuade allies to reject Chinese technology that could allegedly be used for espionage, Juniper Networks Inc is cited as an example.
The company that designs and markets IT networking products, such as routers, switches and IT security products, says in 2015 its equipment was compromised.
Juniper is said to have claimed, in a previously unreported statement to members of Congress in July, cited by Reuters, that an unnamed national government had converted the back-door mechanism created by the NSA.
The agency was subsequently cited as informing Wyden staffers in 2018 that there had been “lessons learnt” from the Juniper incident and others.
However, according to Wyden spokesman Keith Chu cited by Reuters, the NSA “now asserts that it cannot locate this document".
The agency, which has pledged it was seeking to rebuild trust by measures such as warning about software flaws, nevertheless refused to elaborate on its updated policies on attaining special access to commercial products.
“At NSA, it is common practice constantly to assess processes to identify and determine best practices,” said the head of the Cybersecurity Directorate at the agency, Anne Neuberger, adding:
“We don’t share specific processes and procedures.”