New Snowden Documents Outline Memos on Expanded Spying of Hackers

A new set of memos uncovered by Edward Snowden and shared with both the New York Times and ProPublica this week reveal how the Obama administration upped its search for hackers and expanded its warrantless surveillance program.

A new set of memos uncovered by Edward Snowden and shared with the New York Times and ProPublica this week reveal how the Obama administration narrowed its search for hackers and expanded its warrantless surveillance program.

The two memos, which date back to May and July 2012, enabled the National Security Agency to scour the Internet for suspicious activity, including any “cyber signatures” it could dig up that relate to computer intrusions and malware – all without a warrant.

The documents, authored by Justice Department lawyers, gave the NSA the ability to monitor and track patterns it discovered which ultimately led back to foreign governments. According to an article published in collaboration between the Times and ProPublica Thursday, the memos also gave the NSA the ability to request further surveillance on hackers who weren’t directly connected to outside countries.

The DOJ signed off on targeting signatures in May 2012 while approval over certain IP addresses, along with “strings of computer code, and similar non-email or phone number-based selectors,” came that July.

The approval over tracking internet addresses came on the heels of pre-existing approval by the court that allowed the NSA to monitor foreign entities.

According to a snippet of a NSA newsletter published alongside the articles yesterday, government officials claimed the certification would “fill a collection gap against cyber threats to the nation,” and referred to it as one of then-NSA Director Keith Alexander’s highest priorities.

The memos also detail how the FBI lobbied the NSA in 2011 to use its existing warrantless surveillance upstream system to target specific IP addresses. The FBI eventually got the okay to use the system, which reportedly has “collection/processing capabilities at many chokepoints operated by U.S. providers through which international communications enter and leave the United States,” in 2012. The NSA negotiated to send data to a FBI “cyber data repository” in Quantico, Va. as long as the FBI didn’t interfere with the agency’s “current and future data backhaul,”

The moves, which were considered secret until this week, are only the latest drops in the bucket when it comes to revelations around the government’s ongoing surveillance activity.

In an effort to clamp down some of the NSA’s sweeping surveillance, much of which dates back to the aftermath of the Sept. 11, 2001 attacks, the Senate passed the USA FREEDOM Act on Tuesday. The move is expected to foster better transparency between the Foreign Intelligence Surveillance Court (FISC) dealings and curtail some of the NSA’s power.

The latest NSA revelations come one day shy of two years after The Guardian posted its first stories on former NSA contractor Edward Snowden and on the same day the Obama administration announced a staggeringly large breach of federal employee data. It’s early but it appears the breach of information belonging to the Office of Personnel Management may implicate up to four million past and current government workers.

Suggested articles

Discussion

Subscribe to our newsletter, Threatpost Today!

Get the latest breaking news delivered daily to your inbox.