MUSCULAR (surveillance program)

National Security Agency surveillance
Map of global NSA data collection
Programs Pre-1978 ECHELON MINARET SHAMROCK PROMIS Since 1978 Upstream collection BLARNEY FAIRVIEW Main Core ThinThread Genoa Since 2001 OAKSTAR STORMBREW Trailblazer Turbulence Genoa II Total Information Awareness President's Surveillance Program Terrorist Surveillance Program Since 2007 PRISM Dropmire Stateroom Bullrun MYSTIC MonsterMind (alleged) Databases, tools etc. PINWALE MARINA MAINWAY TRAFFICTHIEF DISHFIRE XKeyscore ICREACH BOUNDLESSINFORMANT GCHQ collaboration MUSCULAR Tempora
Legislation Safe Streets Act Privacy Act of 1974 FISA ECPA Patriot Act Homeland Security Act Protect America Act of 2007 FISA Amendments Act of 2008
Institutions FISC Senate Intelligence Committee National Security Council
Lawsuits ACLU v. NSA Hepting v. AT&T Jewel v. NSA Clapper v. Amnesty Klayman v. Obama ACLU v. Clapper Wikimedia v. NSA
Whistleblowers William Binney Thomas Drake Mark Klein Edward Snowden Thomas Tamm Russ Tice
Publication 2005 warrantless surveillance scandal 2013 mass surveillance scandal
Related Cablegate Surveillance of reporters Mail tracking UN diplomatic spying Insider Threat Program Mass surveillance in the United States Mass surveillance in the United Kingdom
Concepts SIGINT Metadata
Collaboration United States CSS CYBERCOM DOJ FBI CIA DHS IAO Five Eyes CSEC GCHQ ASD GCSB Other DGSE BND

MUSCULAR (DS-200B), located in the United Kingdom,^[1] is the name of a surveillance programme jointly operated by Britain's Government Communications Headquarters (GCHQ) and the U.S. National Security Agency (NSA) that was revealed by documents which were released by Edward Snowden and interviews with knowledgeable officials.^[2] GCHQ is the primary operator of the program.^[1] GCHQ and the National Security Agency have secretly broken into the main communications links that connect the data centers of Yahoo! and Google.^[3] Substantive information about the program was made public at the end of October 2013.

Overview

The programme is jointly run by:

– Government Communications Headquarters (GCHQ) (United Kingdom)
– U.S. National Security Agency (NSA)

MUSCULAR is one of at least four other similar programs that rely on a trusted 2nd party, programs which together are known as WINDSTOP. In a 30-day period from December 2012 to January 2013, MUSCULAR was responsible for collecting 181 million records. It was however dwarfed by another WINDSTOP program known (insofar) only by its code DS-300 and codename INCENSER, which collected over 14 billion records in the same period.^[4]

Operational details

According to the leaked document the NSA’s acquisitions directorate sends millions of records every day from internal Yahoo! and Google networks to data warehouses at the agency’s headquarters at Fort Meade, Maryland. The programme operates via an access point known as DS-200B, which is outside the United States, and it relies on an unnamed telecommunications operator to provide secret access for the NSA and the GCHQ.^[3]

According to the Washington Post, the MUSCULAR program collects more than twice as many data points (“selectors” in NSA jargon) compared to the better known PRISM.^[2] Unlike PRISM, the MUSCULAR program requires no (FISA or other type of) warrants.

Because of the huge amount of data involved, MUSCULAR has presented a special challenge to NSA's Special Source Operations. For example, when Yahoo! decided to migrate a large amount of mailboxes between its data centers, the NSA's PINWALE database (their primary analytical database for the Internet) was quickly overwhelmed with the data coming from MUSCULAR.^[5]

Closely related programmes are called INCENSER and TURMOIL. TURMOIL, belonging to the NSA, is a system for processing the data collected from MUSCULAR.^[1]

According to a post-it style note from the presentation, the exploitation relied on the fact that (at the time at least) data was transmitted unencrypted inside Google's private cloud, with "Google Front End Servers" stripping and respectively adding back SSL from/to external connections. According to the Washington Post: "Two engineers with close ties to Google exploded in profanity when they saw the drawing." After the information about MUSCULAR was published by the press, Google announced that it was working on deploying encrypted communication between its datacenters.^[2]

Reactions and countermeasures

In early November 2013, Google announced that it was encrypting traffic between its data centers.^[6] In mid-November, Yahoo! announced similar plans.^[7]

In December 2013, Microsoft announced similar plans and used the expression "advanced persistent threat" in their press release (signed-off by their top legal representative), which the press immediately interpreted as comparison of the NSA with the Chinese government-sponsored hackers.^[8]^[9]

Gallery

Slide from NSA SSO presentation detailing the MUSCULAR capabilities
Internal NSA SSO update on the MUSCULAR operation, mentioning problem with Yahoo mailbox transfers, which required a throttling of data capture

References

1 2 3 Gellman, Barton; Soltani, Ashkan; Peterson, Andrea (November 4, 2013). "How we know the NSA had access to internal Google and Yahoo cloud data". The Washington Post. Retrieved November 5, 2013.
1 2 3 Gellman, Barton; Soltani, Ashkan (October 30, 2013). "NSA infiltrates links to Yahoo, Google data centers worldwide, Snowden documents say". The Washington Post. Retrieved October 31, 2013.
1 2 Gellman, Barton; DeLong, Matt. "How the NSA's MUSCULAR program collects too much data from Yahoo and Google". The Washington Post. Retrieved 28 December 2013.
↑ Gellman, Barton; DeLong, Matt (2013-10-30). "One month, hundreds of millions of records collected". The Washington Post. Retrieved 2014-01-27.
↑ Gallagher, Sean (October 31, 2013). "How the NSA's MUSCULAR tapped Google's and Yahoo's private networks". Ars Technica. Retrieved November 1, 2013.
↑ Gallagher, Sean (2013-11-06). "Googlers say "F*** you" to NSA, company encrypts internal network". Ars Technica. Retrieved 2014-01-15.
↑ Brandom, Russell (2013-11-18). "Yahoo plans to encrypt all internal data by early 2014 to keep the NSA out". The Verge. Retrieved 2014-01-27.
↑ Danny Yadron (2013-12-05). "Microsoft Compares NSA to 'Advanced Persistent Threat' - Digits - WSJ". Blogs.wsj.com. Retrieved 2014-01-15.
↑ Tom Warren (2013-12-05). "Microsoft labels US government a 'persistent threat' in plan to cut off NSA spying". The Verge. Retrieved 2014-01-15.

External links

Savage, Charlie; Miller, Claire; Perlroth, Nicole (October 30, 2013). "N.S.A. Said to Tap Google and Yahoo Abroad". The New York Times. Retrieved November 1, 2013.
Rushe, Dominic; Ackerman, Spencer; Ball, James (October 30, 2013). "Reports that NSA taps into Google and Yahoo data hubs infuriate tech giants". The Guardian. Retrieved November 2, 2013.
Gellman, Barton; Soltani, Ashkan; Lindeman, Todd (October 30, 2013). "How the NSA is infiltrating private networks". The Washington Post. Retrieved November 1, 2013.
Miller, Claire (October 31, 2013). "Angry Over U.S. Surveillance, Tech Giants Bolster Defenses". The New York Times. Retrieved November 1, 2013.
Schneier, Bruce (October 31, 2013). "NSA Eavesdropping on Google and Yahoo Networks". Schneier on Security. Retrieved November 1, 2013.
Perlroth, Nicole; Markoff, John (November 25, 2013). "N.S.A. May Have Penetrated Internet Cable Links". The New York Times. Retrieved November 26, 2013.
Gellman, Barton; DeLong, Matt. "What Yahoo and Google did not think the NSA could see". The Washington Post. Retrieved March 14, 2014.

National Security Agency

Locations	Alaskan Mission Operations Center Colorado Cryptologic Center Consolidated Intelligence Center CSSG Dorsey Road European Cryptologic Center European Technical Center Fort Meade Friendship Annex Georgia Cryptologic Center Hawaii Cryptologic Center Interagency Training Center Kent Island Misawa Security Operations Center Multiprogram Research Facility Pine Gap RAF Menwith Hill Roaring Creek Room 641A Salt Creek Sugar Grove Texas Cryptologic Center Utah Data Center

Leaders	Ralph Canine John A. Samford Laurence Hugh Frost Gordon Blake Marshall Carter Noel Gayler Samuel C. Phillips Lew Allen Bobby Ray Inman Lincoln D. Faurer William Eldridge Odom Bill Studeman John Michael McConnell Kenneth Minihan Michael Hayden Keith B. Alexander Michael S. Rogers

Divisions	Central Security Service Information Warfare Support Center Remote Operations Center Special Collection Service Special Source Operations Tailored Access Operations NSA/CSS Threat Operations Center National Security Operations Center

Technology	ANT catalog FROSTBURG HARVEST Secure Terminal Equipment (STE) STU-I STU-II STU-III WARRIOR PRIDE

Controversy	2013 mass surveillance disclosures Church Committee Edward Snowden LOVEINT James Bamford NSA warrantless surveillance controversy Pike Committee Russ Tice Thomas Andrews Drake Thomas Tamm

Programs	Boundless Informant Dropmire ECHELON Fairview Insider Threat Program MUSCULAR MYSTIC PRISM Real Time Regional Gateway Stellar Wind TRAILBLAZER Turbulence Upstream XKeyscore

Databases	DISHFIRE Interquake Main Core MAINWAY MARINA Nymrod PINWALE

Other	Dundee Society Institute for Defense Analyses National Cryptologic Museum National Cryptologic School National Vigilance Park NSA Hall of Honor VENONA Zendian Problem

This article is issued from Wikipedia - version of the 10/12/2016. The text is available under the Creative Commons Attribution/Share Alike but additional terms may apply for the media files.