NSA and GCHQ accused of taking part in sustained web encryption-cracking campaign

Security agencies are alleged to have unraveled encryption used to protect web users' data.

Encryption

GCHQ and the US National Security Agency (NSA) have reportedly cracked many of the encryption methods used to protect web users' personal data and online transactions.

The claim has been published in a joint article by the Guardian newspaper, the New York Times and Propublica, and is based on confidential documents leaked by notorious NSA whistleblower Edward Snowden.

The report claims the security agencies allegedly have the means to unravel the encryption used to protect emails, banking transactions and medical records.

This has reportedly been made possible through the employment of supercomputers that use brute force to crack encryption methods.

It is also claimed the agencies have colluded with tech firms and internet service providers to insert vulnerabilities into commercially available encryption software.

The Snowden documents suggest the NSA invests around $250 million a year in working with technology companies to influence their product designs, and claims the Agency considers its decryption work to be "the price of admission for the US to maintain unrestricted access to...cyberspace."

GCHQ, meanwhile, has been accused of trying to find a way into Hotmail, Google, Yahoo and Facebook's encrypted traffic.

The documents claim the NSA has been involved in a decade-long encryption-busting programme, which made a major breakthrough in 2010 that has resulted in "vast amounts of encrypted internet data" becoming exploitable.

Exact details about the discovery that made this possible was not disclosed in the documents.

The Guardian report is the latest in a long line of revelations about GCHQ and the NSA's alleged surveillance techniques, which have been trickling out since Snowden started releasing documents back in June 2013.

Featured Resources

Humility in AI: Building trustworthy and ethical AI systems

How humble AI can help safeguard your business

Download now

Future of video conferencing

Optimising video conferencing features to achieve business goals

Download now

Leadership compass: Privileged Access Management

Securing privileged accounts in a high-risk environment

Download now

Why you need to include the cloud in your disaster recovery plan

Preserving data for business success

Download now

Recommended

IBM: Hackers are targeting COVID-19 vaccine 'cold chain'
Security

IBM: Hackers are targeting COVID-19 vaccine 'cold chain'

3 Dec 2020
GitHub: Open source vulnerabilities can go undetected for four years
Security

GitHub: Open source vulnerabilities can go undetected for four years

3 Dec 2020
What is shoulder surfing?
Security

What is shoulder surfing?

2 Dec 2020
Security benefits of open virtualised RAN
Whitepaper

Security benefits of open virtualised RAN

2 Dec 2020

Most Popular

Samsung Galaxy Note might be discontinued in 2021
Mobile Phones

Samsung Galaxy Note might be discontinued in 2021

1 Dec 2020
Microsoft Teams no longer works on Internet Explorer
Microsoft Office

Microsoft Teams no longer works on Internet Explorer

30 Nov 2020
Sopra Steria cyber attack costs to hit €50 million
Security

Sopra Steria cyber attack costs to hit €50 million

26 Nov 2020