Skip to main content

NSA has cracked encryption protecting your bank account, Gmail, and smartphone

nsa has cracked the encryption protecting your bank account gmail and more gchq crack
Image used with permission by copyright holder

Encryption techniques used by online banks, email providers, and many other sensitive Internet services to keep your personal data private and secure are no match for the National Security Agency and British surveillance authorities, according to new reports from The New York Times, ProPublica, and The Guardian. The revelations are the latest to come from a trove of documents supplied by fugitive whistleblower Edward Snowden.

Documents labeled “top secret” show that HTTPS and Secure Sockets Layer (SSL), encryption technologies used across the Web to keep transactions protected from snoops of all kinds, have been cracked by government-owned supercomputers. Through their decryption program, codenamed “Bullrun,” NSA and U.K. counterpart GCHQ have also compromised virtual private networks (VPNs) and encryption used to protect 4G wireless signals.

Recommended Videos

The spy agencies have also reportedly coerced or, in some cases, collaborated with corporations to obtain backdoor access to users’ communications, files, and other data. According to reports, the files obtained by Snowden did not name specific companies that teamed with NSA and GCHQ. An earlier report from The Guardian shows, however, that Microsoft granted NSA analysts pre-encryption access to users’ Skype calls, Outlook emails, and SkyDrive cloud storage.

“For the past decade, NSA has led an aggressive, multipronged effort to break widely used Internet encryption technologies,” read a 2010 NSA memo to GCHQ. “Cryptanalytic capabilities are now coming online. Vast amounts of encrypted Internet data which have up till now been discarded are now exploitable.”

The fact that the NSA has these capabilities may seem like a given – but it’s far from it: Modern cryptology is highly secure, and many doubted the spy agency had reached this level of penetration. Even the spies themselves were surprised by the NSA’s cryptanalysis capabilities. In another memo reported by the news agencies, GCHQ analysts who did not have prior knowledge of the decryption capabilities of the NSA “were gobsmacked” to learn about them.

While the NSA claims that its decryption capabilities are a crucial tool in its fight against global terrorism, critics argue that the agency’s efforts have made the U.S. less secure in the name of national security.

“The risk is that when you build a back door into systems, you’re not the only one to exploit it,” Matthew D. Green, a cryptography expert at Johns Hopkins University, told ProPublica. “Those back doors could work against U.S. communications, too.”

U.S. government authorities reportedly asked the news agencies to not report on Bullrun because doing so could cause enemies of the state to change their communication tactics, weakening U.S. security. The Times said it decided to publish its story “because of the value of a public debate about government actions that weaken the most powerful tools for protecting the privacy of Americans and others.”

ProPublica said in an open letter that it believes publication of the story is “in the public interest” for two reasons. First, unlike code cracking efforts during World War II, the NSA’s activities involve “eavesdropping on civilians,” not just military personnel. Second, ProPublica believes the surveillance severely impedes Americans’ civil liberties.

“Suppose for a moment that the U.S. government had secretly developed and deployed an ability to read individuals’ minds,” writes ProPublica. “Such a capability would present the greatest possible invasion of personal privacy. And just as surely, it would be an enormously valuable weapon in the fight against terrorism.

“Continuing with this analogy, some might say that because of its value as an intelligence tool, the existence of the mind-reading program should never be revealed. We do not agree.”

Indeed, given the NSA’s likely predictive analytics capabilities, the mind-reading analogy may be more real than many of us care to imagine.

(Image courtesy Sergey Nivens/Shutterstock)

Andrew Couts
Former Digital Trends Contributor
Features Editor for Digital Trends, Andrew Couts covers a wide swath of consumer technology topics, with particular focus on…
PayPal vs. Venmo vs. Cash App vs. Apple Cash: which app should you use?
PayPal, Venmo, Cash App, and Apple Wallet apps on an iPhone.

We’re getting closer every day to an entirely cashless society. While some folks may still carry around a few bucks for emergencies, electronic payments are accepted nearly everywhere, and as mobile wallets expand, even traditional credit and debit cards are starting to fall by the wayside.

That means many of us are past the days of tossing a few bills onto the table to pay our share of a restaurant tab or slipping our pal a couple of bucks to help them out. Now, even those things are more easily doable from our smartphones than our physical wallets.

Read more
How to change margins in Google Docs
Laptop Working from Home

When you create a document in Google Docs, you may need to adjust the space between the edge of the page and the content --- the margins. For instance, many professors have requirements for the margin sizes you must use for college papers.

You can easily change the left, right, top, and bottom margins in Google Docs and have a few different ways to do it.

Read more
What is Microsoft Teams? How to use the collaboration app
A close-up of someone using Microsoft Teams on a laptop for a videoconference.

Online team collaboration is the new norm as companies spread their workforce across the globe. Gone are the days of primarily relying on group emails, as teams can now work together in real time using an instant chat-style interface, no matter where they are.

Using Microsoft Teams affords video conferencing, real-time discussions, document sharing and editing, and more for companies and corporations. It's one of many collaboration tools designed to bring company workers together in an online space. It’s not designed for communicating with family and friends, but for colleagues and clients.

Read more