What's new

Here’s how the NSA snoops on India

Rahul9090

FULL MEMBER
Joined
Feb 21, 2014
Messages
966
Reaction score
-1
Country
India
Location
India
India may be working with the American National Security Agency (NSA) to intercept email, chap, VPN data, VoIP and voice call records among others. This is based on documents that were newly released by Edward Snowden to Danish newspaper Dagbladet Information and The Intercept. You can download the fileshere. Also seethese documentsthat were used by The Intercept editor Glenn Greenwald for writing his book on the issue.

According to these documents, India is an “ApprovedSIGINTpartner” with the NSA. SIGINT is a common term used in intelligence circles that stands for Singals Intelligence, and refers to capturing of communication between two people. Decrypting of messages, traffic analysis etc are also part of SIGINT. The agency then taps these SIGINT partnerships for creating two major programs called RAMPART-A and WINDSTOP for collecting data in transit between the source and the servers, as opposed to collecting data from each Internet company (Google, Microsoft, Yahoo) separately. Considering WINDSTOP only partners with second parties, primarily the UK, to access communications into and out of Europe and Middle East, third-party partner like India should fall under RAMPART-A.


sigint-partners.png

RAMPART-A provides NSA with collection against long-haul international leased communications through special access initiatives with world-wide SIGINT partnerships. RAMPART-A has access to over 3 Terabites of data per second encompassing all communication technologies such as voice, fax, telex, modem, e-mail, internet chat, VPN, VoIP and voice call records. This program has “TURMOIL” capabilities according to the documents, which means that these sensors can passively collect vast amounts of data. It may also be used for spotting common internet encryption technologies that the NSA can exploit.

sigint1.png


New Delhi is mentioned in another slide that lists all units that are part of SIGINT platform. TheNSA has Computer Network Exploitation in 50,000 locations around the world and from the graphic above it looks like there are five of them in India.The slide also has five Computer Network Operators (CNE) in India that are part of SIGNIT. It is not clear where exactly these are or which companies they are.

These documents also talks about FAIRVIEW, which has corporate relatioships with ISP and telcos and collects communications data from fiber cables and various infrastructure through which data passes through. These documents don’t however mention if FAIRVIEW has relationships with Indian companies.

Data collected upstream internationally are of two kind according to these documents: DNI selectors has all information about a user’s activity online, while DNR selectors are meta data of voice calls made and messages sent through telcos.

How Indian embassy was targeted

Another document leaked by Snowden shows that Indian embassy in US was monitored. The NSA used the following methods for collecting information from the embassy and officials there:

-Implants(sensors or recording devices possibly) in the Indian embassy to collect data.
-Screen grabs. Method is called Vagrant
- Createdimages of disks.This is bizarre considering that India is a part of SIGINT.
- It also used a method termed ‘magnetic’ through which a sensor collecteddata from magnetic emanations. We’re not sure what this means.

This document is from 2010 and it indicates that snooping from these offices were dropped shortly afterwards.

close_access_sigads.jpg


These new documents also mention the amount spent by NSA on foreign partners to create and maintain the RAMPART-A and WINDSTOP programs. However, there is no country-wise split so it is not clear how much was spent in India or paid to Indian companies.

foreign_partner_access_budget.png


What about NATGRID, CMS and Netra?

Indian government has been buildingCentral Monitoring System(CMS) for monitoring all online communication in India,Netrafor keyword based tracking of online content andNATGRIDfor linking all available personal data of people in India. This year, India made it to the Enemies of the Internet report published by Reporters Without Borders for the first time, along with US, UK and Russia, for creating these three monitoring tools. That being the case, we don’t know if these projects are already part of RAMPART-A or if the government is considering sharing this data with the NSA in the future.

With these three projects, Indian government will be able to intercept all online communication in India, but it does not have the decryption code for deciphering these messages. It hadapproached the US governmentlast year seeking help to decrypt messages sent over services such as WhatsApp and Skype. It had similarlyfought long and hardto get these codes from BlackBerry as well. However, by the time the mobilephone manufacturer agreed tohand over these details, the popularity of Blackberry handsets had already declined in India.


Here’s how the NSA snoops on India - MediaNama
 
I always figured it was assumed that almost any form of signals communication would be intercepted by the NSA, particularly foreign.

It seems what is really happening here, is that those countries are giving NSA better access, in return for the information on their citizens being given to them.
 

Latest posts

Pakistan Affairs Latest Posts

Back
Top Bottom