Slashdot Mirror

← Back to Stories (view on slashdot.org)

NSA Cracked Open Encrypted Networks of Russian Airlines, Al Jazeera, and Other 'High Potential' Targets (theintercept.com)

Posted by BeauHD on from the devil-is-in-the-details dept.

An anonymous reader quotes a report from The Intercept: The National Security Agency successfully broke the encryption on a number of "high potential" virtual private networks, including those of media organization Al Jazeera, the Iraqi military and internet service organizations, and a number of airline reservation systems, according to a March 2006 NSA document. The fact that the NSA spied on Al Jazeera's communications was reported by the German newsmagazine Der Spiegel in 2013, but that reporting did not mention that the spying was accomplished through the NSA's compromise of Al Jazeera's VPN. During the Bush administration, high-ranking U.S. officials criticized Al Jazeera, accusing the Qatar-based news organization of having an anti-American bias, including because it broadcasted taped messages from Osama bin Laden.

According to the document, contained in the cache of materials provided by NSA whistleblower Edward Snowden, the NSA also compromised VPNs used by airline reservation systems Iran Air, "Paraguayan SABRE," Russian airline Aeroflot, and "Russian Galileo." Sabre and Galileo are both privately operated, centralized computer systems that facilitate travel transactions like booking airline tickets. Collectively, they are used by hundreds of airlines around the world. In Iraq, the NSA compromised VPNs at the Ministries of Defense and the Interior; the Ministry of Defense had been established by the U.S. in 2004 after the prior iteration was dissolved. Exploitation against the ministries' VPNs appears to have occurred at roughly the same time as a broader "all-out campaign to penetrate Iraqi networks," described by an NSA staffer in 2005.

8 of 68 comments (clear)

  1. Sounds like they were doing their job by 93+Escort+Wagon · · Score: 5, Insightful

    More or less, anyway. But I don't understand how they found time for this, what with all the domestic spying they were doing...

    --
    #DeleteChrome
  2. Which VPNs? by duke_cheetah2003 · · Score: 2

    So, naturally, I want to know which VPN suites they broke into, any particulars on the settings used in such VPNs would also be great.

    I would like to improve my own VPN to be.. not what they broke into. No real point in this article if we can't learn how to better secure our own VPNs from it.

    1. Re: Which VPNs? by guruevi · · Score: 2

      Working with vendors insisting on Cisco gear: outdated protocols (MD5, RC4 and 56-bit DES is standard if you want to use the âaccelerationâ(TM) module.

      --
      Custom electronics and digital signage for your business: www.evcircuits.com
    2. Re: Which VPNs? by MightyMartian · · Score: 4, Funny

      My VPN uses ROT13, you insensitive clod!

      --
      The world's burning. Moped Jesus spotted on I50. Details at 11.
    3. Re: Which VPNs? by amorsen · · Score: 2

      I wouldn't be surprised if the NSA has a fairly generic way to take on IPSEC running aggressive mode IKEv1 with group PSK and XAUTH. Because all other options are still a pain...

      The various *SWAN implementations of IKE showed us 15(?) years ago how to do secure roadwarrior VPNs with "raw" public key authentication, no insecure CA's or anything involved. No commercial implementation exist. IKEv2 can do cert-for-the-server + PSK-for-the-client, which is half way decent without relying on a full PSK infrastructure that ~noone gets right, but commercial implementations are generally broken or practically impossible to configure to do so.

      Which leaves IKEv1 with group PSK and XAUTH as the obvious choice. Unfortunately that can be broken offline, if the attacker can watch an authentication attempt.

      --
      Finally! A year of moderation! Ready for 2019?
    4. Re:Which VPNs? by gweihir · · Score: 2

      Probably Cisco. They are thoroughly compromised, both from no skill and from no integrity.

      --
      Most ACs are not even worth the keystrokes to insult them. Be generically insulted by this and ignored otherwise.
    5. Re: Which VPNs? by rtb61 · · Score: 2

      From what I understand of the US government, would not the US government declare those acts to be acts of war and should generate the potential for a first strike nuclear retaliatory attack. Just saying, according to American exceptionlism that would be the common consensus within corporate controlled main stream media, the US congress and Senate and the White house. So what does the US feel is the appropriate response by the targeted countries, where is the press release to define that, just saying.

      --
      Chaos - everything, everywhere, everywhen
  3. Re:That's their job by CanadianMacFan · · Score: 4, Insightful

    Then don't complain when the foreign governments break into CNN, Fox, United Airlines, and other such companies because they are just doing their jobs too.