November 11, 2013
The National Security Agency has managed to infiltrate the Organization of the Petroleum Exporting Countries (OPEC), according to documents from former NSA contractor and whistleblower Edward Snowden.
The German newspaper Der Spiegel reported the documents show that the NSA and GCHQ infiltrated OPEC’s computers and analysts "discovered an internal study in the OPEC Research Division."
"It stated that OPEC officials were trying to cast the blame for high oil prices on speculators," Der Spiegel further reported. "A look at files in the OPEC legal department revealed how the organization was preparing itself for an antitrust suit in the United States. And a review of the section reserved for the OPEC secretary general documented that the Saudis were using underhanded tactics, even within the organization."
NSA analysts apparently determined that Riyadh had worked to "keep an increase in oil production" secret.
A list of individuals targeted for surveillance included "Saudi Arabia’s OPEC governor." The Foreign Intelligence Surveillance Court approved the targeting.
When Saudi Arabia’s OPEC governor traveled to the United States, surveillance of the governor was suspended. NSA surveillance, including hacking into his communications, resumed when he returned to Riyadh.
The name of the governor does not appear in Der Spiegel’s report. Either Majid al-Moneef, who was in the position from 2003 to 2012, and/or Yasser Mufti, who currently holds the position, were targeted.
A 2010 report led analysts to conclude the Saudis had "released incorrect oil production figures." Such strategic intelligence—as it is called—was given to the CIA, State Department and Department of Energy.
In the same year, according to one document, GCHQ broke into the computers of "nine OPEC employees by using the 'Quantum Insert’ method." They were able to access OPEC’s computer system and obtain "administrator privileges for the OPEC network and gain access to two secret servers containing 'many documents of interest.’"
The "Quantum Insert" method is how GCHQ gained access to the company networks of Belgacom, a partly government-owned telecommunications company in Belgium. It involved using "fake copies of LinkedIn profiles as one of their tools," according to a separate report from Der Spiegel.
The Belgacom employees probably thought nothing was amiss when they pulled up their profiles on LinkedIn, the professional networking site. The pages looked the way they always did, and they didn’t take any longer than usual to load.
The victims didn’t notice that what they were looking at wasn’t the original site but a fake profile with one invisible added feature: a small piece of malware that turned their computers into tools for Britain’s GCHQ intelligence service.
Analysts at GCHQ researched employees in "network maintenance and security" and looked at whether the targets used LinkedIn. They also were able to target employees who used Slashdot.org, a tech news website and community.
Der Spiegel described, "The computers of these 'candidates’ were then infected with computer malware that had been placed using infiltration technology." This was a "signature project" of a GCHQ hacking unit called My Network Operations Center or MyNOC.
This unit has worked to turn mobile phones into monitoring tools, which can be "activated at any time." They also have targeted "international mobile billing clearinghouses," which process "international payment transactions among wireless companies."
Companies targeted include Comfone and Mach, both based in Switzerland.
Finally, secret documents explained that Quantum is an "extremely sophisticated exploitation tool developed by the NSA and comes in various versions."
LinkedIn says it has not detected any "spoofing activity that is being reported." It stated that it has not cooperated with any government agency and has no knowledge "with regard to these actions."
Dice Holdings, which owns Slashdot, put out the following statement:
We were alerted to these reported government agency actions by a submission on Slashdot made by the community Sunday evening linking to news stories. To be clear, we have not been asked to cooperate with any government agency related to this matter and have not provided access to Slashdot systems or user information. We know of no unauthorized Slashdot code manipulation, or attempts to effect any. We do not approve of this reported activity and if true, it’s unfortunate that we are yet another in a long line of internet businesses to suffer this type of intrusion.
Previously, it has been disclosed that the NSA targeted the Brazilian oil company, Petrobras. This news led Brazil president Dilma Rousseff to suggest that if what was alleged in the documents was proven to be true it would be "industrial espionage."
There is no national security justification for spying on OPEC or Belgacom. The information is "strategic intelligence" that officials in government need to maintain America’s dominance in the world.
The motivation for spying on Saudi Arabia’s OPEC governor is purely economical. But should NSA analysts be conducting this sort of activity?
Perhaps, it helps maintain America’s status as a superpower. That does not excuse the conduct or make it off-limits to debate.
Much of this is offensive activity that, if waged by individuals donning Guy Fawkes masks or from mystery buildings in China, would be soundly condemned by government officials.
Furthermore, one wonders how the FISC decided to spy on Saudi Arabia’s OPEC governor and what pretext the NSA used to gain authorization. The authorization would likely demonstrate the broad power granted by the court to the NSA to collect "foreign intelligence" for "national security" purposes.