This site uses cookies. By continuing to browse this site you are agreeing to our use of cookies. Find out more.X

Up to 33 governments 'help NSA intercept data'

Share this article:

The latest leaks from whistle-blower Edward Snowden reveal that the US National Security Agency (NSA) has intercepted huge volumes of private emails, phone calls and internet messages by tapping fibre-optic cables in as many as 33 countries around the globe.

The NSA headquarters in Fort Meade, Maryland
The NSA headquarters in Fort Meade, Maryland

While the NSA's close ties with the ‘Five Eyes' countries – the UK, Canada, New Zealand and Australia – has been well-documented in earlier Snowden disclosures, these latest classified files detail how the agency has expanded its reach by utilising the fibre-optic cables stationed in various other countries, all under the ‘RAMPART-A' programme.

As jointly reported by The Intercept and Danish newspaper Dagbladet Information, documents on the programme reveal how the NSA installed surveillance equipment on the countries' fibre-optic cables to monitor and intercept data on US or foreign citizens.

[There is apparently an understanding that the NSA wouldn't snoop on local citizens, and that the local country wouldn't check on data relating to US citizens – although an NSA document says that there are “exceptions” to this rule.]

The NSA would use these pipes to monitor and intercept terabytes of data, including phone calls, faxes, emails, internet messages, data from VPNs, as well as calls made over VoIP software like Skype.

NSA documents detail that, under RAMPART-A, foreign partners “provide access to cables and host US equipment” – a process which supposedly allows the agency to tap “congestion points around the world”.

The names of the countries involved with RAMPART-A – and the precise geographic locations of these surveillance sites –remains one of the NSA's closely guarded secrets, although Denmark and Germany are said to be just two of as many as 33 countries involved, as they are part of the only NSA cable-access initiative that depends on the cooperation of third-parties.

Recent reports from Denmark's Dagbladet Information and German newspaper der Spiegel indicate the closeness between the Danish and German governments and the NSA.

As The Intercept reports, a memo dating back to 2012 indicates on-going communications between then-NSA director General Alexander and his Danish counterpart on a special “cable access program”, while a memo from last year – published in Der Spiegel on Wednesday – describes an NSA-operated cable access point in Germany.

There could be as many as 33 countries involved with this programme, including 15 from Europe, according to The Intercept editor Glenn Greenwald, whose recent ‘No Place to Hide' autobiography inferred that these third-party countries had “top-secret spying agreements” with the NSA.

Cryptography expert Bruce Schneier, now CTO of Co3 Systems, told the Danish source that the NSA would look to those countries where data is available, but which doesn't flow through the US.

“If you look at a map of the internet, there are surprisingly few trunks. Most data flows through a surprisingly small number of choke points. If you get access to them, you get access to everything,” said Schneier, who was shown the leaked documents.

“The goal must be to cover the most of the world with as few access points as possible. A lot of internet traffic flows through the US but a bunch doesn't. So you're going to look in places in the world where the data is, if not in the US.”

Caspar Bowden, an independent privacy researcher and former chief privacy adviser at Microsoft,  told SCMagazineUK.com that the wide-spread surveillance shouldn't come as a surprise.

“British MPs took a wrong turn when they asked the question could GCHQ illegally spy on the UK via the NSA. The question is whether the NSA can spy on everyone's data, by means of a skein of duplicitous bilateral treaties and arrangements,” he said via email.

"These sorts of agreements have become the peer-to-peer file-sharing of the deep state. The only downside of more 'sharing' is public resistance".

Share this article:

SC webcasts on demand

This is how to secure data in the cloud


Exclusive video webcast & Q&A sponsored by Vormetric


As enterprises look to take advantage of the cloud, they need to understand the importance of safeguarding their confidential and sensitive data in cloud environments. With the appropriate security safeguards, such as fine-grained access policies, a move to the cloud is as, or more, secure than an on-premise data storage.


View the webcast here to find out more

More in News

Hundreds of companies face 2,000 cyber-attacks in EU exercise

Hundreds of companies face 2,000 cyber-attacks in EU ...

The European Network and Information Security Agency (ENISA) conducted a 24-hour cyber-exercise in which more than 200 organisations from 25 EU member states faced virtual cyber-attacks from white hat hackers ...

Cyber security still a learning curve for most companies

Cyber security still a learning curve for most ...

Poor network visibility, outdated security tools, a skills shortage and a lack of control in the cloud are just some of the reasons companies are struggling with cyber-security, say two ...

WorldPay hacker sentenced to 11 years for role in £6 million scheme

WorldPay hacker sentenced to 11 years for role ...

An Estonian man, who helped hack payment processor RBS WorldPay in 2008, has now been sentenced to 11 years in prison for his involvement in the £5.9 (US$ 9.4 million) ...