The NSA easily breaks the privacy technology popularized by encryption services throughout the world, meaning the intelligence agency can subvert such security tactics and sift through the billions of private texts and calls that are transmitted each day.
Observers have long known that military and law enforcement officials are capable of hacking into a suspect’s mobile phone, yet a report from the Washington Post based on documents provided by whistleblower Edward Snowden indicate that the NSA’s power may in fact be more expansive because of the global signals intelligence, or SIGINTs, techniques it employs.
Current US law makes it illegal for the NSA to monitor phone conversations between American citizens without a court order, yet these documents reveal that the agency is capable of overriding encryption and listening in on international citizens. The Post warned that the intelligence agencies of other nations likely have the same technology, and may even listen in on American phone calls.
This method of surveillance has made headlines recently because of the reported NSA tap on world leaders, including German Chancellor Angela Merkel.
Security experts have admonished telecommunications companies for years for failing to upgrade past the most popular system, known as A5/1. These Snowden documents indicate that the NSA “can process encrypted A5/1,” including at times when intelligence analysts are not in possession of the encryption keys, which would typically be necessary to decipher a message.
The current surveillance techniques rely on a flaw commonly found in second-generation (2G) devices, which frequently rely on encryption developed in the 1980s. More modern networks like 3G and 4G, found throughout the US and other wealthy nations, are more difficult to decode. Yet the Post noted that more than 80 percent of cell phones used in the world use outdated and vulnerable technology.
David Wagner, a computer scientist at the University of California Berkley, said that type of encryption “was designed 30 years ago, and you wouldn’t expect a 30-year-old car to have the latest safety mechanisms.”
Experts suggest that while it takes longer for analysts to decode and examine messages sent on higher systems, it is indeed possible. Often, when a surveillance target has a service with a newer network, hackers are able to trick that phone into operating on a lower, more susceptible frequency.
Whether the result would be worth the effort for the NSA is another matter. Karsten Nohl, chief scientist at Security Research Labs in Berlin, told the Post that the NSA might be able to break even the newest form of encryption, but the amount of work necessary to do so makes wide scale cell phone surveillance implausible.
“At that point, you can still listen to any [individual person’s] phone call, but not everybody’s,” she said.