Skip to main content

NSA has cracked encryption protecting your bank account, Gmail, and smartphone

nsa has cracked the encryption protecting your bank account gmail and more gchq crack
Image used with permission by copyright holder

Encryption techniques used by online banks, email providers, and many other sensitive Internet services to keep your personal data private and secure are no match for the National Security Agency and British surveillance authorities, according to new reports from The New York Times, ProPublica, and The Guardian. The revelations are the latest to come from a trove of documents supplied by fugitive whistleblower Edward Snowden.

Documents labeled “top secret” show that HTTPS and Secure Sockets Layer (SSL), encryption technologies used across the Web to keep transactions protected from snoops of all kinds, have been cracked by government-owned supercomputers. Through their decryption program, codenamed “Bullrun,” NSA and U.K. counterpart GCHQ have also compromised virtual private networks (VPNs) and encryption used to protect 4G wireless signals.

The spy agencies have also reportedly coerced or, in some cases, collaborated with corporations to obtain backdoor access to users’ communications, files, and other data. According to reports, the files obtained by Snowden did not name specific companies that teamed with NSA and GCHQ. An earlier report from The Guardian shows, however, that Microsoft granted NSA analysts pre-encryption access to users’ Skype calls, Outlook emails, and SkyDrive cloud storage.

“For the past decade, NSA has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” read a 2010 NSA memo to GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”

The fact that the NSA has these capabilities may seem like a given – but it’s far from it: Modern cryptology is highly secure, and many doubted the spy agency had reached this level of penetration. Even the spies themselves were surprised by the NSA’s cryptanalysis capabilities. In another memo reported by the news agencies, GCHQ analysts who did not have prior knowledge of the decryption capabilities of the NSA “were gobsmacked” to learn about them.

While the NSA claims that its decryption capabilities are a crucial tool in its fight against global terrorism, critics argue that the agency’s efforts have made the U.S. less secure in the name of national security.

“The risk is that when you build a back door into systems, you’re not the only one to exploit it,” Matthew D. Green, a cryptography expert at Johns Hopkins University, told ProPublica. “Those back doors could work against U.S. communications, too.”

U.S. government authorities reportedly asked the news agencies to not report on Bullrun because doing so could cause enemies of the state to change their communication tactics, weakening U.S. security. The Times said it decided to publish its story “because of the value of a public debate about government actions that weaken the most powerful tools for protecting the privacy of Americans and others.”

ProPublica said in an open letter that it believes publication of the story is “in the public interest” for two reasons. First, unlike code cracking efforts during World War II, the NSA’s activities involve “eavesdropping on civilians,” not just military personnel. Second, ProPublica believes the surveillance severely impedes Americans’ civil liberties.

“Suppose for a moment that the U.S. government had secretly developed and deployed an ability to read individuals’ minds,” writes ProPublica. “Such a capability would present the greatest possible invasion of personal privacy. And just as surely, it would be an enormously valuable weapon in the fight against terrorism.

“Continuing with this analogy, some might say that because of its value as an intelligence tool, the existence of the mind-reading program should never be revealed. We do not agree.”

Indeed, given the NSA’s likely predictive analytics capabilities, the mind-reading analogy may be more real than many of us care to imagine.

(Image courtesy Sergey Nivens/Shutterstock)

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
How to download a video from Facebook
An elderly person holding a phone.

Facebook is a great place for sharing photos, videos, and other media with friends and family. But what if you’d like to download a video to store offline? This means you’d be able to watch the clip on your PC or mobile device, without needing to be connected to the internet. Fortunately, there’s a way to download Facebook videos to your everyday gadgets, although it’s not as straightforward a process as it could be.

Read more
How to delete your Gmail account (and what you need to know)
The top corner of Gmail on a laptop screen.

Is it time to part ways with your Gmail account? Whether you’re moving onto greener email pastures, or you want to start fresh with a new Gmail address, deleting your old Gmail account is something anyone can do. Of course, we’re not just going to bid you farewell without a guide all our own. If you need to delete your Gmail account, we hope these step-by-step instructions will make the process even easier.

Read more
How to change margins in Google Docs
Laptop Working from Home

You may find that Google Docs has a UI that is almost too clean. It can be difficult to find basic things you're used to, such as margin settings. Don't worry, though, you can change margins in Google Docs just like with any other word processor through a couple of different means.

Read more