Report Accuses BT of Supplying Backdoors for GCHQ and NSA

A paper released earlier this month by a group of security researchers has outlined the technical details behind a potential Computer Network Exploitation (CNE) program likely used by the U.K. Government Communications Headquarters (GCHQ) and their American counterpart, the NSA.

By Steve Ragan
Mon, December 16, 2013

CSO — A paper released earlier this month by a group of security researchers has outlined the technical details behind a potential Computer Network Exploitation (CNE) program likely used by the U.K. Government Communications Headquarters (GCHQ) and their American counterpart, the NSA.

[Spy agencies in the U.S. and U.K. bypass widely used encryption protocols]

Moreover, the researcher's say that one of the largest telecom providers in the world, BT Group (formerly British Telecom), ships hardware to the home and office with firmware that enables this secretive surveillance on a massive scale.

In a paper titled The Internet Dark Age the researchers say that BT is shipping hardware with backdoors that allow secret government access in order to make network compromise easier. "BT are directly responsible for covertly embedding secret spy equipment in millions of homes and businesses within the U.K.," the paper states.

The authors of the paper, (who stated that while they wish to remain anonymous, are ready to appear in a court of law and present their findings) claim to have discovered a key piece to the global surveillance puzzle, addressing several questions that have gone unanswered since documents leaked by former NSA analyst Edward Snowden started appearing this summer. The researchers said that they made their discovery in June, but held the report for an additional six months in order to do additional research and study.

The most critical question in the wake of the Snowden leaks centers on the technical details of how the NSA and GCHQ perform CNE operations on residential and Small Office and Home Office (SOHO) networks, as well as global enterprise.

Weeks prior to the release of The Internet Dark Age it emerged that the NSA and the GCHQ had infected more than 50,000 networks globally as part of their CNE efforts. But the reports on such actions never explained how this was accomplished. Prior reports on the existence of agency hackers and network penetration specialists also left the details of their actions to speculation. The public knows they exist, but not how they operate.

The information in the anonymously published paper doesn't come from access to classified information. Instead, the details come from forensic analysis of private SOHO networks located in the U.K., which the researchers say was conducted "legally, and on private property using privately owned equipment."

[NSA revelations bolstering demands for congressional action]

While the focus centers mainly on the U.K. and the GCHQ, the paper's authors believe that the activity itself isn't limited to the U.K. at all. Given the information that has been leaked publically about government CNE operations, and partnerships between the NSA and GCHQ, there is little reason to doubt that the knowledge of paper's outlined exploitation techniques isn't shared between the two agencies.

Continue Reading

Originally published on www.csoonline.com. Click here to read the original story.
Our Commenting Policies