US Government Spying Extends Far Beyond PRISM

Just when we thought these spying shenanigans couldn’t get any worse, well… They just did. A report by Michael Riley in Bloomberg today suggests that the nine technology firms supplying the NSA’s PRISM program with data are in fact just the tip of the iceberg, with the stunning revelation that thousands of technology, manufacturing and finance companies regularly hand over data to US authorities. Even worse, they do so willingly, in return for numerous benefits that includes access to classified intelligence.

According to Riley hundreds of leading Internet and telecommunications firms have agreements with agencies like the CIA, FBI and NSA to provide additional data beyond their own customer’s communications, including equipment specifications and details of software bugs well before they become public. This data isn’t just used to boost national security, but in some cases will also be used in offensive operations against perceived enemies of the state.

Microsoft Assisting American Cyber-Offensive?

 

Riley cites two unnamed sources who claim that Microsoft regularly provides US intelligence with information about bugs in its software, well before it makes these vulnerabilities known to the public. That might seem fairly innocuous in itself – after all, the government should be able to protect its own computers as soon as possible, but according to Riley officials do far more than that.

His sources claim that US operatives often take advantage of these ‘early alerts’ to infiltrate the computers of foreign governments that use Microsoft software, while for its part, Redmond never asks any questions about how the government uses such tip offs.

McAfee’s Data

 

Microsoft isn’t the only American company willing to assist government spy chiefs. The security firm McAfee is also though to regularly supply data to US intelligence, although its chief technology officer Michael Fey insisted when questioned that the firm does not “share any type of personal information” about its customers.

Instead, what McAfee provides is “security technology, education and threat intelligence,” which includes data on cyber-attack patterns, emerging threats, and the analysis of software, system vulnerabilities and hacker activity. In return for its cooperation, McAfee executives are said to be “showered with attention and information” from the agencies they assist, which includes classified information on things that could threaten their bottom line.

Government Monitoring of Infrastructure

 

Another big aspect of the government’s data gathering operation covers the system architecture of hundreds of American telecommunications, internet and power companies. Such companies hand over detailed schematics of their system architecture to intelligence agencies, so that the government can analyze them for possible vulnerabilities and weaknesses.

Given the critical nature of the country’s infrastructure, this practice can be justified, but even then there could be unintended invasions of privacy, warns Riley. He points to the example of an NSA program known as Einstein 3, which was developed to protect US government computers against hackers. As part of its monitoring routines, Einstein 3 closely analyzes billions of emails sent to and from government computers in order to check for malware or other spy tools that could be used to infiltrate their systems.

In the above examples, all of the companies involved are said to hand over their data willingly, with no requests being made from the government. Furthermore, much of the data is located in offshore servers anyway, which means that no legal oversight is required for these companies to do so. Nevertheless, companies that cooperate with US intelligence keep whatever arrangements they have with the government under extremely tight wraps, and in many cases only a handful of executives will be aware that these relationships exist.

About Mike Wheatley

Mike Wheatley is a senior staff writer at SiliconANGLE. He loves to write about Big Data and the Internet of Things, and explore how these technologies are evolving within the enterprise and helping businesses to become more agile. Before joining SiliconANGLE, Mike was an editor at Argophilia Travel News, an occassional contributer to The Epoch Times, and has also dabbled in SEO and social media marketing. He usually bases himself in Bangkok, Thailand, though he can often be found roaming through the jungles or chilling on a beach. Got a news story or tip? Email Mike@SiliconANGLE.com.