NSA, GCHQ can crack most online encryption: Snowden leaks


British and American intelligence agencies are said to have broken most internet encryption, documents revealed by Edward Snowden show.


Saeed Khan

American and British intelligence agencies have cracked most online encryption techniques that internet companies use to protect their users' data, according to leaked documents.

Online encryption systems that shield the personal details of hundreds of millions people have been compromised, show the latest documents shared with the Guardian by former US National Security Agency contractor Edward Snowden.

The leaks indicate that the NSA and its UK equivalent, GCHQ, can access medical information, bank details and other sensitive data despite assurances of privacy by technology companies and internet service providers.

As internet encryption began to become standard use around the year 2000, the documents say, the NSA poured billions of dollars into developing techniques to hack online security protocols. 

Not only that, the intelligence agency works with internet companies and service providers to "covertly influence" their product designs and insert deliberate vulnerabilities — so-called "back doors" — into their encryption software, the Guardian said.

More from GlobalPost: Report: NSA 'spied' on emails of Brazil and Mexico presidents

While the documents do not show which companies agreed to allow their systems to be hacked, they show that GCHQ has been working on accessing data encrypted by four of the world's biggest internet companies — Google, Facebook, Hotmail and Yahoo.  

"For the past decade, NSA has led an aggressive, multipronged effort to break widely used internet encryption technologies," said a 2010 memo briefing the NSA's GCHQ counterparts, cited by the New York Times. "Vast amounts of encrypted internet data which have up till now been discarded are now exploitable."

The program is still very much active, the latest NSA budget details make clear.

The NSA has been cracking enemy codes since 1952, but with the rise of the internet and personal electronic communications, now ordinary Americans and other civilians have become part of its vast surveillance effort.

The NSA describes its decryption programs as the "price of admission for the US to maintain unrestricted access to and use of cyberspace," according to the Guardian.

The NSA reportedly spends $250 million a year on the program, codenamed "Bullrun." The British version is known as "Edgehill," both names referring to civil war battles.