Friday, December 05, 2014

The NSA pwns Vodafone

Overnight, The Intercept spilled the beans on AURORAGOLD, the NSA's programme to hack the world's cellphone providers. They spy on cellphone operators to gain knowledge of network architecture and vulnerabilities, and deliberately introduce vulnerabilities into new technology (something which exposes us to hacking not just by them, but by everybody else as well). The article included a classified map (from here, p. 24), which showed their degree of penetration. The interesting bit? New Zealand was on it:

nsa-nzphones

That "43%" is the level of network coverage - basically, what proportion of the total NZ cellphone market they've compromised. The data dates from 2012. So who had about 43% network coverage in 2012? Vodafone:
The Commerce Commission Telecommunications Monitoring Report 2012 showed that our market share by connections was 42% as at 30 June 2012.

And the NSA - our "allies" - pwns them. We're basically the target of a programme of cyberwarfare by the United States, our supposed "allies".

Which raises an obvious question: why isn't the GCSB protecting us from this? It is, after all, their job. They should be helping to secure Vodafone's network, not collaborating with the foreign hackers who want to exploit it.

That map also reveals an interesting fact: the NSA has compromised cellphone networks within all of its Five Eyes partners except Canada - and we are the most compromised of all. Which raises another question: if membership of Five Eyes doesn't protect us from this, why are we a member?