New documents shared by Edward Snowden reveal that the National Security Agency (NSA), US was spying on emails of mobile phone company employees under an operation dubbed AURORAGOLD.
According to a report on the The Intercept, which is based on the documents shared by Snowden, the NSA was spying on 1,200 email accounts associated with employees of mobile operators in a bid to intercept confidential information – information that could help it introduce weakness in global communication systems.
The report goes onto claim that the NSA even spied on GSM Association – the London-based trade body that is not only responsible for setting standards for mobile networks and communication across the globe, but also represents interests of 800 major mobile, software and internet companies from more than 200 countries.
Snowden’s documents state that the NSA spied on GSMA meetings including those ones where new technology and policies were discussed.
The documents studied by The Intercept doesn’t identify all the companies targeted under the operation, but it is said that the NSA managed to collect technical data pertaining to about 700 mobile networks globally out of 1,000 mobile networks worldwide. The documents also reveal that NSA had managed to garner some level of ‘network coverage’ in many countries including France and Germany.
The report also went onto claim that the information collected by NSA was shared with other security agencies across the globe including Australia, Canada, New Zealand and the UK.
The Intercept consulted with Karsten Nohl, a leading cellphone security expert and cryptographer, and according to him the scope of the operation was to ensure that “virtually every cellphone network in the world is NSA accessible.”
As expected when approached, NSA spokeswoman Vanee’ Vines denied discussing the details of AURORAGOLD, but said that the agency “works to identify and report on the communications of valid foreign targets” in a bid to anticipate threats to the US and its allies.
“NSA collects only those communications that it is authorized by law to collect in response to valid foreign intelligence and counterintelligence requirements—regardless of the technical means used by foreign targets, or the means by which those targets attempt to hide their communications”, she further added.
