The Nation Security Agency has an unfair advantage when it comes to spying: It already has access to our private emails and Web browsing history. An operation codenamed AURORAGOLD gave them a chance to put that access to the scary test.
While you'd think that the NSA would focus on — you know — national security, AURORAGOLD was actually an attempt to find the same security vulnerabilities that hackers exploit.
According to The Intercept, program tracked the private email addresses of over 1,200 power players in the cell network industry. Sounds like a pretty small haystack, but the needle the NSA wanted to find is massive.
AURORAGOLD tracked major cell networks to find vulnerabilities that could help the NSA spy on even more phones.
When I heard major players in telecommunications, I didn't consider how the NSA would cast its net. Instead of trying to hunt through telecom giants employee emails, the NSA targeted the GSM Association.
The GSM Association won't build or connect your cell phone, but the trade group works closely with the companies who do. By snooping on the GSM Association's emails, the NSA might have been able to steal information from Microsoft, Facebook, AT&T and Cisco.
The report doesn't stop there. Cell phone security expert Karsten Nohl told The Intercept that the AURORAGOLD documents indicate that the NSA is targeting every major cell carrier.
With exploiting vulnerability in cell phones as a goal, I'm worried about AURORAGOLD. I'm not the only one either, Nohl explains why the NSA's wide net is so scary:
“Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities, because once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it.”
We already know that NSA analysts passed naked photos of U.S. citizens back and forth. Now they're hunting for the next vulnerability that could let them hack your phone. Or — more likely — could teach cybercriminals how to hack your phone instead.