The National Security Agency (NSA) has hacked cell phone networks worldwide for many years, according to a report in the Intercept based on documents provided by Edward Snowden. Ryan Gallagher’s article analyzed the contents of at least nine NSA documents that show how the NSA has spied on hundreds of companies, as well as other countries that are close to the US. As Gallagher reported, through a secret program codenamed AURORAGOLD, the NSA sought security weaknesses in cell phone technology to exploit for surveillance. Furthermore, Gallagher wrote, the documents also revealed NSA plans “to secretly introduce new flaws into communication systems,” which would make those systems easier for the NSA to access—a “controversial tactic,” Gallagher wrote, because doing so could expose “the general population to criminal hackers.”
AUROAGOLD monitored the contents of messages sent and received by over 1,200 e-mail accounts associated with major cell phone service providers. In some cases, this allowed the NSA to intercept “confidential company planning papers” that would help it “hack into phone networks,” Gallagher wrote.
“Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities,” according to Karsten Nohl, a leading cell phone security expert and cryptographer. “Once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it.”
The existence of the NSA surveillance units that conducted AURORAGOLD has not been publicly disclosed. But the NSA documents revealed that as of May 2012, the agency had technical information on “about 70 percent of cellphone networks worldwide—701 of an estimated 985—and was maintaining a list of 1,201 email ‘selectors’ used to intercept internal company details from employees.” (Selector is an NSA term for a unique identifier, such as an e-mail address or a telephone number.) AURORAGOLD appears to have been active since 2010, according to the documents.
As Gallagher summarized, “The operation appears aimed at ensuring virtually every cellphone network in the world is NSA accessible.”
The corporate media did not cover AURORAGOLD when the Intercept broke the story in December 2014. News archive searches indicate no coverage, for example, in the New York Times, the Washington Post, the Los Angeles Times, or on any of the major television and cable news stations. Among independent media, Der Spiegel (December 4, 2014), TechTimes (December 9, 2014), and the Christian Science Monitor (December 24, 2014) ran stories on it, while Democracy Now! featured AURORAGOLD among its December 5, 2014, headlines.
Ryan Gallagher, “Operation Auroragold: How the NSA Hacks Cellphone Networks Worldwide,” Intercept, December 4, 2014, https://firstlook.org/theintercept/2014/12/04/nsa-auroragold-hack-cellphones/.
Student Researcher: Michael Brannon (Sonoma State University)
Faculty Evaluator: Peter Phillips (Sonoma State University)