The NSA Disguises Itself as Google to Spy

Illustration for article titled The NSA Disguises Itself as Google to Spy

It's come to light that the NSA has impersonated Google—and possibly other big websites—in order to intercept, store, and read supposedly secure online communications.

Advertisement

Mother Jones reports that the agency managed this by using "man-in-the-middle (MITM)" attacks, which are often used by high-class hackers. PowerPoint slides made public by a Brazilian news channel also suggest the technique is used by the UK-based GCHQ. Mother Jones describes how the hack works:

According to the document, NSA employees log into an internet router—most likely one used by an internet service provider or a backbone network. (It's not clear whether this was done with the permission or knowledge of the router's owner.) Once logged in, the NSA redirects the "target traffic" to an "MITM," a site that acts as a stealthy intermediary, harvesting communications before forwarding them to their intended destination.

Advertisement

While MITM attacks are risky, because they're easy to spot if someone's watching, they manage to defeat encryption without ever cracking any code—because they trick the user into giving up account details required to gain access to data. It's not clear how widespread the use of MITM attacks was, but it's another sneaky trick to add the growing list of NSA snooping tactics. [Mother Jones]

Share This Story

Get our newsletter

DISCUSSION

Are there any legal actions after so many proved scandals? I mean, we learn about their illegal actions almost every week of the last months. What else is there except these articles? How does U.S. fight this kind of crime?