Snowden leak: NSA uses warrantless web surveillance to watch cyberattacks

4 Jun, 2015 19:11 / Updated 10 years ago

Classified documents from the trove of former intelligence contractor Edward Snowden now reveal that the United States National Security Agency secretly had its powers expanded under Pres. Obama to go after hackers.

A report published on Thursday this week by journalists with the New York Times and ProPublica shows that sensitive NSA documents disclosed by Snowden detail how the Department of Justice agreed in 2012 to give the spy agency new authorities with regards to monitoring cyberattacks unfolding on US-linked networks.

That year, the joint report reveals, two previously secret memos authored by the DoJ lawyers gave NSA analysts the go ahead “to begin hunting on internet cables, without a warrant and on American soil, for data linked to computer intrusions originating abroad,” according to the journalists.

Although the Justice Dept. ultimately agreed only to let the NSA monitor attacks believed to be stemming from foreign government involvement, the documents show that the agency wanted to have the power to target hackers even in instances where a link couldn’t be established.

“It should come as no surprise that the US government gathers intelligence on foreign powers that attempt to penetrate US networks and steal the private information of US citizens and companies,” Brian Hale, the spokesman for the Office of the Director of National Intelligence, told the reporters, adding that “targeting overseas individuals engaging in hostile cyber activities on behalf of a foreign power is a lawful foreign intelligence purpose.”

It’s not just the Patriot Act. The NSA has another secret legal interpretation of surveillance law. http://t.co/iPOdzQGUql#SnowdenDocs

— Julia Angwin (@JuliaAngwin) June 4, 2015


Two years ago this week, the first news articles to make use of pilfered NSA documents from the Snowden trove surfaced in the press, paving the way for a discussion on the US intelligence community’s use of previously unpublicized surveillance tools and tactics. Yet while the first spy program exposed through those leaks – the bulk collection of millions of phone records on a regular basis by the NSA – was reined in to a degree as recently as this week, other endeavors revealed through the Snowden leak concerning the agency’s operations remain well in effect.

US law authorizing the NSA’s activities prohibits the agency from targeting American citizens. As with past programs unveiled through the Snowden disclosures, though, critics say the broad powers provided to the government nevertheless raise questions about whether or not the privacy of innocent Americans is being compromised.

According to this week’s report, the Justice Dept. gave the NSA approval in 2012 to query unique “cybersignatures” and internet addresses linked to attacks against American computer networks. The Snowden documents show that the DoJ interpreted a previous secret surveillance court ruling involving the monitoring of foreign governments to justify the decision, yet ensured restrictions were in place to rule out the collection of US-specific information.

“That rule, the NSA soon complained, left a ‘huge collection gap against cyber threats to the nation’ because it is often hard to know exactly who is behind an intrusion,” the journalists wrote. “So the NSA, in 2012, began pressing to go back to the surveillance court and seek permission to use the program explicitly for cybersecurity purposes. That way, it could monitor international communications for any ‘malicious cyber activity,’ even if it did not yet know who was behind the attack.”

The FBI has access to the NSA's wiretaps of the fiber optic cables that make up the Internet backbone pic.twitter.com/EnsFt2t2BM

— Trevor Timm (@trevortimm) June 4, 2015


At the same time, their report continues, the FBI began to benefit from an arrangement that allowed them to use the NSA’s system to monitor traffic going through internet “chokepoints operated by US providers through which international communications enter and leave the United States.”

Jonathan Mayer, a cybersecurity scholar at Stanford Law School, told the Times and ProPublica reporters that the revelations put the activities of NSA, an organization tasked with international intelligence gathering, “smack into law enforcement land.”

“That’s a major policy decision about how to structure cybersecurity in the US and not a conversation that has been had in public,” he said.

In the aftermath of one of the biggest single acts of intelligence gathering reform in modern American history, Rep. Zoe Lofgren (D-California), a critic of the NSA’s surveillance operations, told the Guardian that the revelations suggest further changes are still needed, and needed urgently.

Contrary to those who hailed the USA Freedom Act, the NSA reform bill passed earlier this week, Lofgren said the Times and ProPublica report exemplifies the fact that passage “did not end bulk collection of communications and data.”

“To add insult to injury, under this program victims of cybercrime are doubly harmed when their government collects and searches their private stolen communications and data,” she said.