Snowden: NSA [Accidentally] Took Down Syria's Internet, Is Working on an Autonomous Cyberwar Program
NSA whistleblower Edward Snowden discussed more details about the National Security Agency's past and plans with Wired, revealing that the United States was (inadvertently) behind a famous take-down of Syria's Internet and is planning on creating a fully-autonomous program for cyberdefense. Snowden promised that more revelations are still yet to be unearthed from his document trove, which could include a "smoking gun."
In a long, exclusive interview with Wired's own NSA tracker James Bamford, who began sounding the alarm about the NSA's activities more than a year before the first Snowden revelation came to light, Edward Snowden discussed a couple of new NSA revelations: one story about the unintended consequences of NSA activity that actually happened, and one possible NSA program that could bring about serious unintended consequences of its own.
(Inadvertent) Syrian Internet Takedown?
The interview conversationally covered some of Snowden's experiences and aspirations, and one of the stories that comes up from his time at Booz Allen, the Hawaii-based NSA contractor that Snowden worked for in 2013, was something a colleague from the NSA's hacking division TAO told Snowden one day.
He said the NSA hacking division had attempted in 2012 to install an exploit in one of the core routers in one of Syria's major Internet service providers, remotely. It would have given the NSA access to a lot of the Internet traffic in the country, which at the time was in the midst of a messy civil war.
In the process, something went wrong and the NSA hackers -- much like an inexperienced tinkerer trying to install custom core software on his smartphone -- inadvertently "bricked" that core router. Like a bricked smartphone, the Syrian router was rendered completely inoperable and large swathes of Syria's Internet went dead.
The NSA hackers began to panic about their software being discovered on the bricked piece of equipment, but it turned out Syria was more in a rush to restore the Internet than to find the cause of the blackout, and the NSA got out of the situation cleanly.
Of course, until Snowden recalled that incident in Wired this week.
It should be noted, Snowden offered no more than the second-hand anecdote as evidence, and Syria's Internet went down several times over the past few years, so the "revelation" is hardly on par with previous evidence-backed NSA details offered by Snowden.
MonsterMind - A Cyber Defense Goliath?
The other NSA revelation Snowden discussed was an autonomous cyber defense program that could turn into a cyberwar monster, appropriately called MonsterMind.
The program was reportedly "the last straw" for Snowden when he discovered it, and it has to do with the enormous NSA data storage facility in Bluffdale, Utah -- one potentially large and powerful enough to store a "yottabyte" of data, equivalent to one trillion terabytes, or the approximate size of the entire Internet -- which Wired's Snowden interviewer James Bamford uncovered 14 months before Snowden came forward as a whistleblower.
On top of the massive surveillance effort, MonsterMind is a program that would use the NSA's large data reach to look for cyber traffic patterns that could indicate a cyber attack. When it detects an attack, it could automatically block it from entering the country. Wired backed this particular revelation up by speaking to another cryptographer and fleshing out the potential known groundwork and consequences of the brand-new revelation.
The defensive, attack-identifying aspect of MonsterMind isn't particularly groundbreaking or new, according to the report. One aspect of MonsterMind that Snowden talked about is, though. According to the whistleblower, the NSA would add a new capability for MonsterMind -- one that would allow the program to detect and kill the attack, and then fire back automatically at the point of origin without any human involvement.
There are several problems with this idea, the first being that in order for the system to work, the NSA would have to get access to almost all private communications coming in from overseas to the United States.
"The argument is that the only way we can identify these malicious traffic flows and respond to them is if we're analyzing all traffic flows," said Snowden to Bamford. "And if we're analyzing all traffic flows, that means we have to be intercepting all traffic flows. That means violating the Fourth Amendment, seizing private communications without a warrant, without probable cause or even a suspicion of wrongdoing. For everyone, all the time."
...Or a Potential Cyber Doomsday Machine?
The second problem is of course the possible unintended consequences of giving an autonomous counter-attack system that amount of power. As Engadget aptly put it "The NSA's building Skynet to fight wars online." For those of you with more comprehensive cinematic knowledge, Bamford describes it as "Strangelovian," after the idea of a run-away conflagration caused by a "doomsday machine" that was set up in the film to be automatic and out of human control.
Both movie metaphors point to the possibility of unintended consequences stemming from MonsterMind's reported reach and capabilities. "These attacks can be spoofed," noted Snowden. "You could have someone sitting in China, for example, making it appear that one of these attacks is originating in Russia. And then we end up shooting back at a Russian hospital. What happens next?" At the very least, an active cyberwar between powerful countries -- and hopefully nothing more.
Again, Snowden didn't offer much detail on the kinds of cyber attacks MonsterMind might be capable of. Snowden, after all, hasn't been in the agency for over a year and so any future developments to -- or for that matter, scrapping of -- the MonsterMind program remain a mystery. And since the NSA didn't comment to Wired on any of the details discussed by Snowden, it's hard to tell which details are speculative, unrepresentative of the current reality in NSA, or absolutely spot on.
On top of that, remember that neither Bamford nor Snowden himself have access to the trove of files he spirited away from the NSA and gave to reporters like Glenn Greenwald and Laura Poitras, making it hard to take the Wired exclusive as more than a first step towards more concrete public exposure of programs like MonsterMind. (Greenwald: Your move. Start hunting through those documents again.)
But Snowden thinks there's probably more material in the secret documents that hasn't been parsed out or released yet -- secrets that could include "a smoking gun" that could be very politically damaging to the agency. Said Snowden to Wired:
"The fact that the government's investigation failed -- that they don't know what was taken and that they keep throwing out these ridiculous huge numbers -- implies to me that somewhere in their damage assessment they must have seen something that was like, 'Holy shit.' And they think it's still out there."
For an incredibly interesting read -- and a lot more details beyond these top two takeaways -- you should definitely check out Wired's entire story here.
For more stories like this, follow us on Twitter!
Subscribe to Latin Post!
Sign up for our free newsletter for the Latest coverage!