02:18 GMT30 November 2020
Listen Live
    US
    Get short URL
    by
    5114
    Subscribe

    According to disclosures by former contractor Edward Snowden, the US National Security Agency has pursued various routes to access tech equipment, sometimes via commercial deals inducing companies to insert back-door encryption, and in other cases by ‘manipulating standards’ so firms unknowingly adopt software the agency experts can break.

    The US National Security Agency is reportedly stonewalling attempts by a leading Democrat on the Senate Intelligence Committee to investigate whether it is continuing the controversial practice of installing "back doors" into commercial technology products, reports Reuters.

    The back-door encryption has been touted by the NSA as a means of scanning large amounts of traffic without the hassle of a warrant and, accordingly, making it easier to gather vital intelligence, including interception of terrorist communications.

    Critics have slammed the practice that was revealed by former NSA contractor Edward Snowden as damaging both US industry and national security. 

    Former U.S. National Security Agency contractor Edward Snowden addresses attendees through video link at the Web Summit technology conference in Lisbon, Monday, Nov. 4, 2019
    © AP Photo / Armando Franca
    Former U.S. National Security Agency contractor Edward Snowden addresses attendees through video link at the Web Summit technology conference in Lisbon, Monday, Nov. 4, 2019

    In the wake of the revelations, the agency reportedly developed new rules for its practices to dodge exposure and compromise, according to three former senior intelligence agency staff members, cited by Reuters.

    They claim that the NSA now requires potential fall-out assessment before seeking a back-door, besides ensuring that a warning is issued if the back-door is discovered by adversaries.

    However, aides to Senator Ron Wyden claim the NSA has fended off all attempts to get a gist of the new guidelines the agency is implementing.

    “Secret encryption back-doors are a threat to national security and the safety of our families – it’s only a matter of time before foreign hackers or criminals exploit them in ways that undermine American national security… The government shouldn’t have any role in planting secret back-doors in encryption technology used by Americans,” Wyden was cited as saying by the outlet.

    ‘Lessons Learnt?’

    Feeding into criticism of the NSA’s practices as ostensibly creating targets for enemies, and compromising efforts to persuade allies to reject Chinese technology that could allegedly be used for espionage, Juniper Networks Inc is cited as an example.

    The company that designs and markets IT networking products, such as routers, switches and IT security products, says in 2015 its equipment was compromised.

    Juniper is said to have claimed, in a previously unreported statement to members of Congress in July, cited by Reuters, that an unnamed national government had converted the back-door mechanism created by the NSA.
    The agency was subsequently cited as informing Wyden staffers in 2018 that there had been “lessons learnt” from the Juniper incident and others.

    ​However, according to Wyden spokesman Keith Chu cited by Reuters, the NSA “now asserts that it cannot locate this document".

    The agency, which has pledged it was seeking to rebuild trust by measures such as warning about software flaws, nevertheless refused to elaborate on its updated policies on attaining special access to commercial products.

    “At NSA, it is common practice constantly to assess processes to identify and determine best practices,” said the head of the Cybersecurity Directorate at the agency, Anne Neuberger, adding:

    “We don’t share specific processes and procedures.”
    .

    Related:

    US Federal Court Rules NSA Metadata Collection Program Illegal
    ‘The Day Has Arrived’ Snowden Hails Appeals Court Ruling Slamming NSA Metadata Harvesting as Illegal
    Tags:
    backdoor encryption access, encryption, Edward Snowden, Snowden, National Security Agency (NSA), National Security Agency, National Security Agency
    Community standardsDiscussion