How did the US and UK intelligence agencies listen

Documents provided by ex-NSA officer Edward Snowden are still being studied. They are carefully analyzed by information security experts from different countries and, of course, by the special services. So far, the study of these documents provides interesting information and topics. For example, a number of documents describe how the agency listened for negotiations of passengers on planes of several airlines for many years. And this is not only about passengers of regular flights, no. The focus was on politicians, smugglers, US enemies, businessmen and all the rest.

It all started in 2010. Then the NSA distributed a document with the stamp "top secret" for internal use by staff. The document said that the number of people who use mobile phones during the flight is constantly increasing. According to the agency, in 2008, 50 thousand people made voice calls, and in 2009 this figure increased to 100 thousand. The agency’s leadership pointed to the possibility of intercepting calls from “air” subscribers in order to obtain important information.


')
In 2012, it also became known that the British counterpart of the NSA, the Government Communications Headquarters (GCHQ), announced the launch of the “Southwinds” project. Employees of this body began to intercept calls on board commercial flights, collecting information about each of the calls. The document, which was distributed under secrecy among the employees of this organization, said that the agency can track calls only where there is satellite coverage of the British telecommunications provider Inmarsat . Namely, in Europe, the Middle East and Africa.


Infographics from Inmarsat.com

According to “state cyber spies”, all data is collected in real time, the aircraft can be monitored continuously, with a frequency of every two minutes. To track phone calls it is necessary that the aircraft flew above three kilometers. The secret stations of the “organs” in this case are able to intercept the signal when transmitting it via satellite. The mere inclusion in the air of a certain phone already allowed to know its location. Accordingly, the team of agents could, if necessary, arrest the terrorist, on whose smartphone compromising data were found, upon his arrival at the airport. The call can be tied to a specific flight, during the call, the agency staff could easily identify the subscriber.

It is also reported that with the help of special methods, representatives of the UK special services could affect the phone of a certain person in such a way that at the right moment the device could disconnect or lose the connection. And then the subscriber had to re-enter any information, for example, access codes. They immediately became known to the security services.

According to Le Monde , the observation of the aircraft and their passengers was carried out by a number of special services from 2005 to 2013. Air France attracted special attention of the NSA staff and the British for a number of reasons, the main one being the ramification of the company's flights (more on this below).

In 2005, in July, the NSA developed a 13-page document that described the main stages of the procedure for tracking phones on Air France airplanes. The document provided interesting information. In particular, it was reported that some passengers of Air France and Air Mexico Airlines have probably been targets of terrorists since 2003. As it turned out, the NSA did not have a single problem during the tracking of equipment on board Air France and Air Mexico. The working papers indicated, in particular, that it was easy to track any aircraft over the territory of the United States and intercept almost any data. In 2005, the government approved a draft on collecting this kind of information.

NSA officials pointed out that Air France is a threat to the United States because of the attractiveness of the company's flight routes for terrorists. In 2005, information on wiretapping in the air was sent to the NSA to more than 20 recipients. These include the CIA, the North American Air Defense Command, and the Department of Homeland Security with the National Intelligence Bureau, and the Air Force with the Agency for Military Intelligence.

The airline first made a telephone call in the air on December 17, 2007. After that, an Air France spokesman told the following at Le Monde: “We started early and after that we began to conduct regular tests. Now, like many other companies, we plan to add Wi-Fi modules on board. ”

In 2012, in its presentation, GCHQ reported that 27 companies allowed their subscribers to speak on a mobile phone, others are already very close to this. Indeed, in 2012, their passengers were allowed to call or exchange messages in the air (having provided the appropriate technical capability) such companies as British Airways (allowed to exchange data and SMS), Hong Kong Airways, Aeroflot, Etihad, Emirates, Singapore Airways, Turkish Airlines, Cathay Pacific, and Lufthansa.

After it turned out that the NSA was listening to the conversations of Air France clients, the company's spokesman said earlier that its employees were not aware that it was possible to listen to the phones during the flight, and the company had no idea that the monitoring was carried out for a long time .


How does listening to the phones of passengers of airplanes

Both security services, both the NSA and the GCHQ, at one time demonstrated to their own employees the possibility of intercepting telephone conversations, describing the numerous facts of such interception. In particular, the NSA representatives for the first time took advantage of the interception of telephone conversations of the UAE company on March 23, 2012. Then the NSA decided to listen to two Blackberry vehicles on board the aircraft. In addition to telephone conversations, the users' e-mails were intercepted.

You could get a lot of things: voice call data, regular data from the network, SMS, e-mail, Webchat chat content, content of social networking conversations, Skype, flight map, currency converter data, media files, BitTorrent connection information, VoIP application data . Even at that time, it was a surprise for GCHQ employees that they were not alone in monitoring the “air talks”. Thus, the agency’s employees were able to obtain interesting information that Aeroflot installed special systems. They allegedly allow the specific connection of GSM phones during calls or data transfer sessions. The NSA experts decided that this was done to intercept the information of the airline’s customers by the Russian special services.

Currently, about 100 companies are allowed to talk on the phone in the air. “Customers now consider this a completely normal service, even a necessity,” says an Air France spokesman. Most regulators have approved the use of GSM phones on board aircraft. In 2016, 2017 and 2018, it is likely that calls from aboard the plane home will become commonplace for passengers of all airlines. In addition, Wi-Fi wireless communication will be actively used.

"Air subscribers" will be hundreds of thousands of people - just as many have predicted in the NSA. So there comes the golden era of the special services, who will be able to eavesdrop on the conversations of thousands and thousands of people of interest without any interference. Government secret services are developing more and more espionage methods of eavesdropping and spying on customers of airlines. And to prevent this is very difficult, if not impossible.

Despite the fact that the principles of the work of the NSA became known several years ago, new data on this topic is emerging now. For example, at the end of the summer, an information security team published a note that a vulnerability in Cisco's PIX line of firewalls allowed the NSA to remotely receive encrypted keys in clear text for ten years. The results of the work carried out by researchers are of great importance, since the PIX-systems, presented by Cisco in 2002, were supported until 2009. A large number of organizations used these systems even after this date, since the company decided to provide limited support for the PIX firewall lineup for four years, up to 2013. Many companies, organizations and individuals work with PIX firewalls even now.

And the former US intelligence officer, William Binnie, states that the intelligence officers are unable to cope with all the information they receive during cyber espionage. The same Snowden said that the surveillance programs of the US special services did not prevent a single terrorist act, they did not even help in their investigation. According to Binnie, this happens because huge data sets are very difficult to analyze and study. A simple query to the NSA employee's own databases returns a huge amount of data. But a person simply cannot use them properly, since he is not able to analyze all this information.

Previously, agencies collected data on calls — who was calling someone, what was the duration of the negotiations, etc. Now the special services are interested in the contents of calls and user correspondence. As a result, the amount of information collected is growing, which leads to a constant increase in the budgets of observation programs - after all, you need to somehow store all this data.

Despite the problems and outrage of the public, special services consider themselves entitled to listen to the telephone conversations of any person. For example, this is what the representative of GCHQ responded to in response to a request from Arstechnica journalists: “This is a long-term strategy that we have no right to comment for security reasons. Moreover, all GCHQ work is carried out in full compliance with the law, which allows us to view our work as legal and necessary, which is controlled by government officials and the leadership of special services, as well as the parliamentary committee on intelligence and security. All our operational processes strictly comply with these rules. In addition, our work is not contrary to the European Convention on Human Rights. ” Without a doubt, GCHQ, the NSA and other agencies will continue to engage in cyber espionage, even in the air, even on land or water.