The National Security Agency has found a way to circumvent the encryption process between Yahoo/Google’s public Internet and cloud encryption through a program codenamed MUSCULAR, reports Barton Gelmann of the Washington Post.
Presumably, that would be awesome for the NSA, but multiple analysts have complained about being awash in too much information.
According to the Post’s NSA slides, “Numerous S2 [intelligence] analysts have complained of its [MUSCULAR] existence, and the relatively small intelligence value it contains does not justify the sheer volume of collection at MUSCULAR (1/4 of the total data collect).”
The slide goes on, “Numerous offices have complained about this collection diluting their workflow.”
The complaints jibe with what NSA whistleblower William Binney said about NSA Chief Keith Alexander’s claim that you need the “haystack” in order to find the needle.
“They’re making themselves dysfunctional by collecting all of this data,” Binney told the Daily Caller.
Notably other recent reporting, also from Gellmann, outlined how “troves” of information were yielded through more targetted NSA hacker exploits. Indeed, a massive part of the NSA’s Counter-Terrorism Mission Aligned Cell, or CT-MAC, is a group of hackers who target the “hard to find” high valued terrorism targets (See Also: Needles).
The records indicate that the agency depends heavily on highly targeted network penetrations to gather information that wouldn’t otherwise be trapped in surveillance nets that it has set at key Internet gateways.
In broad terms, the NSA relies on increasingly sophisticated versions of online attacks that are well-known among security experts.
In ignoring the white noise — i.e. the “surveillance net” epitomized by MUSCULAR — these NSA hackers have been incredibly successful.
An operation against a suspected facilitator for al-Qaeda’s branch in Yemen led to a trove of files that could be used to “help NSA map out the movement of terrorists and aspiring extremists between Yemen, Syria, Turkey, Egypt, Libya and Iran,” according to the documents …
A single penetration yielded 90 encrypted al-Qaeda documents, 16 encryption keys, 30 unencrypted messages as well as “thousands” of chat logs, according to an inventory described in one of the Snowden documents.
The operations are so easy, in some cases, that the NSA is able to start downloading data in less time than it takes the targeted machine to boot up. Last year, a user account on a social media Web site provided an instant portal to an al-Qaeda operative’s hard drive. “Within minutes, we successfully exploited the target,” the document said.
So maybe it’s time for Congress to ask Alexander a serious question: is the haystack really necessary to find the needle?
Business Insider Emails & Alerts
Site highlights each day to your inbox.