Services & Software

Fiber-optic cables could be the key to NSA snooping

The NSA may have employed an old-school spy technique -- updated for the Internet age -- to gain access to data from tech giants like Google and Yahoo, reports The New York Times.

Detail of an internal "NSA presentation slide" published by The Washington Post. The sketch shows where the public Internet meets the private cloud maintained by Google, and points out that the data within the cloud is unencrypted (though Google is now working to encrypt such information).
The Washington Post
In October, a report surfaced that the US National Security Agency secretly accessed data from tech giants like Google and Yahoo, by way of intercepting the unencrypted traffic flowing between each company's data centers. Specifically, it's believed the NSA tapped into the fiber-optic cables that connect those data centers. The New York Times reported Tuesday that these cables, which aren't owned by the Internet companies, are easy targets for interception. The largest such fiber-optic cable provider -- an under the radar Denver-based firm called Level 3 -- may have had something to do with the government's infiltration tactics. "Fingers have been pointed" at Level 3, reported the Times, citing three unnamed sources.

Level 3, which provides both Google and Yahoo with cables, was specifically mentioned in the Times report. Other companies that own fiber-optic cables include Verizon Communications, the BT Group, and the Vodafone Group.

To be sure, it's not yet known if Level 3 was a willing participant. When asked if the company gave US or foreign government agencies access to Google and Yahoo's data, Level 3 gave the Times an indirect response: "It is our policy and our practice to comply with laws in every country where we operate, and to provide government agencies access to customer data only when we are compelled to do so by the laws in the country where the data is located."

Level 3 did not immediately respond to a separate request for comment from CNET. We will update this story when we hear back.

Tapping fiber-optic cables is just a modern spin on an old spy game. As early as the days of the telegraph, spies have set up shop near communications companies. Since then, the government has tapped other kinds of traffic, from long-distance phone to satellite.

News broke of the NSA and British counterpart GCHQ's efforts at intercepting data center traffic when The Washington Post reported details of a project called MUSCULAR. Both Google and Yahoo have taken steps to encrypt the information that moves between its data farms. The Post's was only the latest in over half a year of surveillance revelations, since former NSA contractor Edward Snowden first leaked details of the government agency's activity.

In the wake of those revelations, tech companies have been quick to maintain their innocence in the situation. Last week, in a blog post announcing Yahoo's attempt to catch up on encryption, Yahoo CEO Marissa Mayer said, "I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever."