wordpress blog stats
Connect with us

Hi, what are you looking for?

Here’s how the NSA snoops on India

India may be working with the American National Security Agency (NSA) to intercept email, chat, VPN data, VoIP and voice call records among others. This is based on documents that were newly released by Edward Snowden to Danish newspaper Dagbladet Information and The Intercept. You can download the files here. Also see these documents that were used by The Intercept editor Glenn Greenwald for writing his book on the issue.

According to these documents, India is an “Approved SIGINT partner” with the NSA. SIGINT is a common term used in intelligence circles that stands for signals Intelligence, and refers to capturing of communication between two people. Decrypting of messages, traffic analysis etc are also part of SIGINT. The agency then taps these SIGINT partnerships for creating two major programs called RAMPART-A and WINDSTOP for collecting data in transit between the source and the servers, as opposed to collecting data from each Internet company (Google, Microsoft, Yahoo) separately. Considering WINDSTOP only partners with second parties, primarily the UK, to access communications into and out of Europe and Middle East, third-party partner like India should fall under RAMPART-A.

sigint partners

Approved SIGINT partners (click to expand)

RAMPART-A provides NSA with collection against long-haul international leased communications through special access initiatives with world-wide SIGINT partnerships. RAMPART-A has access to over 3 Terabites of data per second encompassing all communication technologies such as voice, fax, telex, modem, e-mail, internet chat, VPN, VoIP and voice call records. This program has “TURMOIL” capabilities according to the documents, which means that these sensors can passively collect vast amounts of data. It may also be used for spotting common internet encryption technologies that the NSA can exploit.

Worldwide SIGINT platform

Worldwide SIGINT platform (Click to expand)

New Delhi is mentioned in another slide that lists all units that are part of SIGINT platform. The NSA has Computer Network Exploitation in 50,000 locations around the world and from the graphic above it looks like there are at least five of them in India that are part of SIGINT. It is not clear where exactly these are or which companies they are.

These documents also talks about FAIRVIEW, which has corporate relationships with ISP and telcos and collects communications data from fiber cables and various infrastructure through which data passes through. These documents don’t however mention if FAIRVIEW has relationships with Indian companies.

Data collected upstream internationally are of two kind according to these documents: DNI selectors has all information about a user’s activity online, while DNR selectors are meta data of voice calls made and messages sent through telcos.

How Indian embassy was targeted

Another document leaked by Snowden shows that Indian embassy in US was monitored. The NSA used the following methods for collecting information from the embassy and officials there:

Implants (sensors or recording devices possibly) in the Indian embassy to collect data.
Screen grabs. Method is called Vagrant
– Created images of disks. This is bizarre considering that India is a part of SIGINT.
– It also used a method termed ‘magnetic’ through which a sensor collected data from magnetic emanations. We’re not sure what this means.

This document is from 2010 and it indicates that snooping from these offices were dropped shortly afterwards.

close_access_sigads

These new documents also mention the amount spent by NSA on foreign partners to create and maintain the RAMPART-A and WINDSTOP programs. However, there is no country-wise split so it is not clear how much was spent in India or paid to Indian companies.

foreign_partner_access_budget

What about NATGRID, CMS and Netra?

Indian government has been building Central Monitoring System (CMS) for monitoring all online communication in India, Netra for keyword based tracking of online content and NATGRID for linking all available personal data of people in India. This year, India made it to the Enemies of the Internet report published by Reporters Without Borders for the first time, along with US, UK and Russia, for creating these three monitoring tools. That being the case, we don’t know if these projects are already part of RAMPART-A or if the government is considering sharing this data with the NSA in the future.

With these three projects, Indian government will be able to intercept all online communication in India, but it does not have the decryption code for deciphering these messages. It had approached the US government last year seeking help to decrypt messages sent over services such as WhatsApp and Skype. It had similarly fought long and hard to get these codes from BlackBerry as well. However, by the time the mobilephone manufacturer agreed to hand over these details, the popularity of Blackberry handsets had already declined in India.

You May Also Like

News

Between January and June 2020, Twitter received 12,700 information requests from governments and law enforcement agencies around the world, reflecting a significant increase of...

News

The Ministry of Information & Broadcasting’s upcoming National Broadcast Policy will try to make it easier for cable television (TV) operators to provide broadband...

News

Between January and June 2020, governments and law enforcement agencies in India sent 2,613 information requests to Twitter , more than thrice the amount...

News

We missed this earlier.  In a joint submission to the Labour Ministry, a group of 23 trade unions, civil society organisations and members of...

MediaNama is the premier source of information and analysis on Technology Policy in India. More about MediaNama, and contact information, here.

© 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ

Subscribe to Daily Newsletter

    © 2008-2018 Mixed Bag Media Pvt. Ltd. Developed By PixelVJ