Report: NSA Has Broken Most Internet Encryption Technologies

By Rob Wright
September 06, 2013 3:16 PM ET

The latest revelation from leaked National Security Agency documents shows the U.S. government has cracked the vast majority of Internet encryption measures.

According to a report Thursday from The Guardian, documents obtained by former NSA contractor Edward Snowden reveal both the NSA and its U.K. counterpart the GCHQ have comprised virtually all security measures used by Internet companies to protect communications, financial and health data.

The report also states that the NSA has spent roughly $250 million to "covertly influence" product designs of private security technology vendors, which includes such tactics as inserting secret vulnerabilities and backdoor access points into commercial security software.

Thursday's report is the latest in a string of revelations about the NSA's domestic surveillance program through leaked documents provided to the press by Snowden. Previous reports include revelations about the U.S. government's ability to obtain telephone records without a warrant as well as Prism, a secret program that gives the NSA direct access to internal systems of Internet companies like Microsoft, Google, Facebook and Apple.

Bryan Myers, director of business development at Skyline Technology Solutions in Glen Burnie, Md., said he isn't worried about the government gaining access to customer data -- but he is concerned about the implications of the NSA's ability to crack encryption technology.

"The security risk is huge," Myers said. "You have to mitigate risk because if the NSA can do this, then who else can do it?"

Peter Brannigan, president of Ardmore Consulting in Wyckoff, N.J., said he isn't shocked by the latest revelation. "I assumed the government was already doing this," he said. "Quite honestly, it doesn't surprise me at all, and I'm actually surprised other people are surprised. There's just no privacy on the Web anymore."

Brannigan said his clients haven't expressed concern over the NSA's domestic surveillance capabilities and Prism. Furthermore, he said the news hasn't changed his approach when it comes to security.

"Right now I tell clients they're much more at risk of an internal breach than an external attack," Brannigan said. "The savvy customers know it's all about minimizing your risk and that someone can always gain access to your network. If anyone ever tells you that they can make you 100 percent secure, well, then they're lying."

PUBLISHED SEPT. 6, 2013

To continue reading this article, please download the free CRN Tech News app for your iPad or Windows 8 device.

Related: Videos | Slide Shows | Comments

SHARE THIS ARTICLE

More Security

Comments by Vanilla

Recent Articles

	McAfee Partner Summit: 10 Ways McAfee Executives Engaged Channel Partners Partners were given an overview of McAfee's product road map, a review of challenges and achievements over the last year, and the goals expected of partners over the next year, at the 2013 McAfee SecurityAlliance Partner Summit.
	Desk Stop: Top 5 Cloud Services Employees Can't Access Risky business? Maybe, maybe not. Here are the top five services that companies are preventing their employees from accessing, according to a Skyhigh Networks study.
	Top 5 Zero-Day Threats Of 2013 Attackers targeted previously unknown flaws in Internet Explorer, Adobe Flash and Reader, and Java, but security experts say businesses and solution providers should put zero-day threats into perspective.
	More Slide Shows