“Map all the Internet: any device, any place and all the time”. With this slogan, the NSA presents to its analysts the Treasure Map project , an interactive map and updated almost in real time with all the devices (smartphones, tablets, computers …) that are surfing the net in each moment. The details have been published by the German newspaper Der Spiegel after having access to several documents leaked by Edward Snowden.
According to these same documents, any employee of the NSA or its four intelligence allies (England, Canada, Australia and New Zealand) can install this software on their computer and investigate, not only Internet traffic, but The devices that produce such traffic. In the filtered classified presentation you can see more details on how the system works of this treasure map.
Where do they get all this data? On the one hand, the Border Gateway Protocol , which is used to exchange routing information between autonomous systems (for example, Internet operators). On the other, performing traceroutes at a high rate, from 16 to 18 million operations of this type every day. Finally they mention other sources, like the own operating systems and the traces that these leave or the DNS servers.
In 2011, which is the date of this document, the traceroutes mentioned above were carried out in three ways : for the first, they used “more than 700 public places” to carry out this operation, achieving around 4,000 operations a day, while for the Second they relied on thirteen own servers dispersed by the world that allowed them more than 6.5 million daily traceroutes. In the third they delegated to the University of San Diego with their “Association for the analysis of the data of Internet”. In total, more than 10 million traceroutes are achieved every day through this method.
Operators, in the spotlight of the NSA
On these lines you can see a video in which a journalist teaches these documentsfor the first time to those in charge of Stellar , a small German operator that offers satellite Internet. The British NSA set out to identify several engineers of this company and “monitor” them for more complete access to the infrastructure of their network.
They give another example of how far the power of GCHQ comes: a company contracted with Stellar several servers and satellite connectivity to serve its customers in Africa and the Middle East. The agency was able to get the master password of their platform , which in addition to being able to cut the service when they wanted could access the exact geolocation of all connected users. Of course, the compromised server was behind the Stellar firewall, so they had to compromise their network to enter. Take a look of the treasure map.
In Stellar, as well as in several other German ISPs, the NSA presumes to have “Collection Access Points”. What is striking is that it is not only the big telecom companies, but also affects the smaller operators in size, such as Stellar or Netcologne (regional fiber connection provider with more than 400,000 customers). For all of them, the NSA has mapped its entire network, with its internal infrastructure. And we’re talking about giants like Deutsche Telekom, which has more than 60 million customers in Germany.
Also you can red: Windows 93 is real and amazing
Although Der Spiegel focuses logically on the case of Germany, there seem to be quite a few more operators being monitored around the world. The Intercept claims to have contacted 11 other suppliers , all of which are obtained from Treasure Map documents. Four of them replied that they had analyzed their network without encountering security problems but, despite this and according to the leaks, it seems that they are as affected by the surveillance of the NSA as the rest.