NSA Spying on Austrian Firms and People 'Takes on a Whole New Dimension' (Der Standard, Austria)
"The NSA has an unusual interest in the Austrian customers of Internet Service Provider UPC. This is clear based on documents from the Snowden archive. ... As early as July 1999, USP offered broadband service in Austria and may have become a focus of the NSA because of the many international organizations in Vienna. It's entirely possible that institutions or their employees relied on the ISP. ... By diverting their e-mails the NSA could have spied on these targeted institutions or their people. With the NSA's listing of USP, it soon becomes apparent that tens of thousands of innocent Austrians have fallen into the net of NSA mass surveillance."
Newly-released Snowden
documents explicitly mention as a target for data collection the domain chello.at which belongs to Austrian
Internet Service Provider UPC. The targeting was
conducted by tapping fiber optic cables.
The U.S. intelligence agency NSA has an unusual interest in
the Austrian customers of Internet
Service Provider UPC. So much is clear based on
documents from the Snowden archive which provide information on the mass
collection of Internet data.
"The domain chello.at [belonging to UPC] is
mentioned in a top secret NSA document from April 2013 that comes from the
Snowden archive," Le Monde
journalist Martin Untersinger confirmed to Der Standard. "In the document, the
NSA lists several domains of interest to them."
'Passive' collection
According to Untersinger, it is
unclear specifically what data is being collected. "We only know that the
collection is conducted passively by the NSA surveillance machine, for example,
by funneling the data though a collection point."
Chello.at, along with 32 other
domains and IP addresses, are named in the blacked-out section of a document
published by Le Monde. The Paris
newspaper has reported on the spying against clients of French companies
Alcatel-Lucent and Wanadoo which are named in the
same document.
Top-secret Upstream
program
The monitoring of these 35 targets occurred under a series
of espionage programs labeled Upstream. With the
help of private telecom firms, the NSA vacuums up Internet communications
transmitted through fiber optic cables. Upstream programs are closely tied to
another called
PRISM - which was unveiled and made headlines just as the Snowden affair
began. With PRISM, the NSA claims to have direct access to the servers of the
largest Internet providers in the world including Google, Facebook and Apple,
which the companies have denied. With Upstream programs, in contrast to PRISM,
the NSA is working in cooperation with global Internet providers and aims to
target data not available through PRISM. Both programs are allegedly authorized
under U.S. law.
Tapping fiber optic
cables
The collection of
data occurs at multiple nodes. The
majority of records are collected in the United States, but there are also
eight nodes outside of U.S. territory using an Upstream
subroutine called Oakstar. U.S.
corporations AT&T and Verizon were identified in recent months as partners.
NSA
examines several data streams with reference to predefined selectors (among
them chello.at), skim the affected Internet traffic
then guide it through the NSA data center.
There, the data is further analyzed with the help of
hundreds of thousands of filters. These include key words in the areas of
terrorism and organized crime, with new revelations also pointing to economic
espionage. The Snowden documents give no indication that UPC,
which currently provides services to 464,000 Austrian Internet customers, is
cooperating with the U.S. intelligence agencies. In response to inquiries by Der Standard, UPC
issued the following statement:
"This document is unfortunately unavailable to us and
we are therefore unable to understand what exactly was described. However we
are, as we have done in the past, taking all necessary steps to secure our
network."
The U.S. as Internet
traffic hub
With Upstream, the NSA relies on the fact that the United
States serves as a hub for global Internet traffic. Up to 80 percent of all
records transmitted through multiple countries are said to be routed through
the U.S. In addition, e-mail providers often use external partners to screen
user messages for SPAM or malware. These third-party companies often sit in the
U.S., which makes an even larger number of e-mails extractable in North
America. In addition, NSA partner GCHQ of Britain
vacuums up data in Europe.
This is Edward Snowden's TV interview with German public
television,
which
German officials are not allowed to watch. Snowden discusses
how intelligence officials
are intent on killing him, how allied intelligence
services
cooperate to circumvent laws that limit their capacity to spy
on their own citizens,
and asserts that NSA steals trade secrets when
it is considered in the
'national interest' as opposed to the 'national
security
interest.' Inexplicably unavailable in the United States or on You
While Otmar Lendl of the Computer
Emergency Response Team (CERT.at) says there is no
total protection against espionage, users can still defend themselves.
He suggests users and providers complicate the NSA's
passive collection by activating encryption at the transport layer (STARTTLS).
This can be implemented with very little effort: The NSA should be handed no
gifts. However, according to Lendl, "The networks themselves are
potentially infiltrated - I would never post anything on Facebook that I
couldn’t also tape to my front door. However, the NSA is not our only concern:
all it takes is a malware infected e-mail or carelessness on the part of a
Facebook friend and all of my private communications are public."
Chello.at One of a Wide Range of Targets
Why the domain chello.at was included
on the list of NSA surveillance targets is unclear.The brand name was changed to UPC in 2009, but the 2013 NSA document refers only to chello.at. In addition to the Austrian Internet provider,
the document discloses a number of other targets. For example, two members of
the Philippine government, the largest Saudi Internet Service Provider, a
Pakistani cyber security firm as well as a resort hotel in Honduras where the
United Fruit Company often receives South American government delegations. With
this variety of examples from the spy programs under Upstream, the NSA-author
of the slide presentation will have wanted to demonstrate the widest possible
range of targets.
As early as July 1999, chello.at
offered broadband Internet in Austria. The ISP may have become a focus of the
NSA because of the multitude of international organizations in Vienna. It is
entirely possible that these embassies and institutions, or their employees,
relied on the Internet service of chello.at. By
diverting their emails the NSA could have spied on these targeted institutions
or people. That the Atomic Energy Agency is a focus of the NSA is shown by
another Snowden document. Der Standard has also revealed that the malware "Regin" which is attributed to the
NSA, has been detected on the network of the International Atomic Energy Agency.
Austrians in the
Cross-Hairs
Often, all the intelligence services need to acquire all
Internet traffic are a few rich targets that use the same ISP. This information
has been obtained through the German Bundestag's NSA Committee of Inquiry. With
the listing of chello.at, it soon becomes apparent
that tens of thousands of innocent Austrians have fallen into the net of NSA
mass surveillance. Up to now, the only case revealed by the Snowden documents
was an employee of an Austrian university who drew attention to himself due to
his involvement with the Tor data anonymization service. With the
inclusion of chello.at as a surveillance target, the
scope of surveillance by the NSA in Austria takes on a whole new dimension.
Data Retention Task
Force: 'Full Investigation is Required'
That is why the Data Retention Task Force (ArbeitskreisVorrat)
stresses that the Justice, Interior and Defense Ministries "have a duty to
fully investigate and show responsibility." The state must safeguard the
basic rights of its citizens and not sacrifice fundamental rights in the fight
against terrorism. According to the Data Retention Task Force, it must be
investigated whether "Austrian authorities benefited from the data
collected by foreign intelligence agencies."
For some time now, the Data Retention Task Force has been
surprised "that Austrian politics has turned a completely blind eye when
it comes to intelligence service monitoring."
