Revelations of the National Security Agency (NSA)'s spying activities continue, with the latest from Edward Snowden involving how much information the agency has obtained from wireless carriers around the world.
Through the operation, called Auroragold, the NSA has been monitoring 70 percent of all mobile carriers through an undisclosed unit called Wireless Portfolio Management Office, according to Tech Times. More than 1,200 email addresses of significant wireless carrier employees have been hacked to obtain technical data to be used to find vulnerabilities in networks that can be exploited for surveillance.
The NSA was also revealed to be using technical documents called IR.21s, which are sent among network operators to allow call roaming for customers traveling overseas, in order to put new security flaws in communication systems. As a result, the agency will receive information about new technologies carriers are using, which they can then study to find security flaws to take advantage of. The organization is also said to hand this and other collected information to other intelligence agencies in the U.S. as well as NSA counterparts in allied countries.
Targets of this operation include Verizon, AT&T, Vodafone and other members of the GSM Association, Tech Times reported. Microsoft, Facebook, Samsung, Cisco, Ericsson, Nokia and other international organizations have also fell victim to this program.
Getting involved in ethical issues of hacking into private companies and spying on their customers is only one issue security experts find with Aurorragold. Mikko Hypponen, a security researcher at F-Secure, says government agencies won't be the only ones who could take advantage of these security holes, as criminals and terrorists could as well.
"If there are vulnerabilities on those systems known to the NSA that are not being patched on purpose, it's quite likely they are being misused by completely other kinds of attackers," Hypponen said. "When they start to introduce new vulnerabilities, it affects everybody who uses that technology; it makes all of us less secure."
Vanee' Vines, spokesperson for the NSA, argued that the agency works within the law and only spies on terrorists, weapons distributors and "valid foreign targets," not "ordinary people." While declining to comment on Auroragold, Vines said the NSA aims at ensuring the Internet is "open, interoperable and secure."
"NSA deeply values these principles and takes great care to honor them in the performance of its lawful foreign intelligence mission," she said.