NSA has Monitoring Access to All Pakistani Telcos

New revelations, in connection to whistle-blower Edward Snowden, suggest that National Security Agency has access to all Pakistani mobile phone operators that enables agency to access and monitor voice, SMS, location and data transactions of each and every Pakistani mobile phone user in Pakistan and abroad.

In lay-man’s language, each and every phone call, text messages we send or data that we consume on our phones is accessible by NSA and they can listen, record, store and use this information for the purposes they deem right.

While NSA has said that its interception efforts are targeted at terrorists, weapons proliferators, and other foreign targets and not ordinary people, but fact remains the same that they have the access to the entire communication we do on our cell phones, making us feel less secure.

The Intercept, an online publication dedicated to report on the documents provided by Edward Snowden, yesterday revealed that NSA has ability to intercept 70 percent of cellphone networks worldwide — that is 701 of an estimated 985 networks — including five operators operating in Pakistan.

Report claims that NSA manages to intercept cellular networks by exploiting security flaws in the networks and at times by planting flaws into the networks to later use them for its own benefit.

NSA is reportedly to have information-sharing agreements with United Kingdom, Canada, Australia and New Zealand; meaning that our cellular data can be accessed by people by at least five countries.

Each and every phone call, text messages we send or data that we consume on our phones is accessible by NSA and they can listen, record, store the entire communication happening in Pakistan

Report said that operation for interception of cellular networks, codenamed AURORAGOLD is active since at least 2010. Below is a July 2012 map that shows 100% of Pakistani networks are in access of NSA.

map-coverage-small

Click on image to view larger full-size map

How Networks are Intercepted

As per Intercept’s report, NSA maintains a list of some 1,200 top-tier professionals working in cellular networks worldwide plus the officials of GSMA, a body that regulates and maintains cellular standards. Email communication of these 1,200 professionals is routinely intercepted to find out encryption details of cellular networks and other deep-packet knowledge of cellular security.

Report suggests that NSA compromises cellular networks by exploiting security flaws in these networks and at times by planting flaws into the networks to later use them for its own benefit.

As per Snowden files, NSA specifically targeted the GSMA’s working groups that are responsible for identifying and implementing new technologies and policies for maintaining cellular security.

Snowden files suggest that another important element that NSA uses come through obscure but important technical documents circulated among the GSMA’s members known as “IR.21s.”. These documents are exchanged between most GSMA members (cellular operators) that allow their customers to connect to foreign networks when they are roaming.

IR.21s documents also contain security information about networks and the technology they use, thus interception of these documents allow NSA to specifically know about cellular types, their security features and further information to be used to comprise a network.

GSMA didn’t respond to the query and instead said that its lawyers are looking into findings to prepare a response.

Via The Intercept

Tech reporter with over 10 years of experience, founder of ProPakistani.PK


  • IrfanAmir

    Is this moral? ethical? legal? burn all the books on ethics!

    • ScarletCrimson

      If you still think NSA has anything to do with morals, laws or ethics. I have bad news for you.

    • Geek At Large

      Actually it’s against US constitution.

  • Ahmiq

    Start encrypting our thing :(

  • imkhalid

    bhai mere 1000s of satellites apko sirf TV dekhne aur Mausam ka haal batane ke lye nahi chori US/EU ne

  • imkhalid

    Pls indict NSA and ask to hand over the source code ;p

  • Muhammad Ashraf

    we need to do all communications on secure platforms like bbm, viber, whatsapp instead of making phone calls and send texts by using native service,

    • imkhalid

      hahaha, all of them are too spied and easily accessed by NSA,FBI,CIA and other EU spy agencies, thr is no privacy at all, clear ur mind on this

      • Completely agreed with you. There is no such thing as privacy in Telecom/Internet world.

        • Shahid Saleem

          ???

          Of course there is.

    • Shahid Saleem

      I know of only one service with good secure SMS: TextSecure on Android. They have a related application for voice called RedPhone (it has a different name on iOS).

      That’s it. There’s nothing else that’s both good, free, and open source (verifyingable).

      • Muhammad Ashraf

        thnx for sharing,

      • Taha Najam

        Telegram.

        • Shahid Saleem

          Many cryptographers have looked at Telegram’s description of the crypto and discovered possible weaknesses. Nevertheless Telegram continues to claim that it is secure.

          They have already had to change their crypto once in 2013.

          Say no to Telegram.

    • Maaz

      bhai, free kuch bhi nahi is capitalist/commercialism world may…

      http://lifehacker.com/5697167/if-youre-not-paying-for-it-youre-the-product

  • knucker

    The best safety of communication is no communication

  • Benefits of being an Ally to US!!

  • Bilal_K

    Almost impossible.

    All Pakistani telcos have “Legal Intercept (LI)” modules installed as per order from Pakistan Telecom Authority and security agencies.

    Without going in to too much detail, here’s how these LI modules work; they are large systems that PHYSICALLY tap in to Mobile Switching Systems (MSC) and/or Media Gateways. It means that all traffic is routed through these LI systems. And all of these LI systems are connected to central systems provided to ISI. I am not sure which other agency has access to these systems.

    Now since you need to have PHYSICAL access to these systems, I am guessing this “revelation” that NSA has access to all phone calls, SMS etc is not true. Accessing data/internet traffic is another thing because data has to pass through international gateways almost always. So NSA with its vast resources could tap in to those in other countries or undersea cables.

    If NSA actually has access to all our local calls / SMS etc, then it can’t be done without cooperation from Pakistani agencies. Which is not that far fetched an idea because our government actively cooperates with Americans.

    • Guest

      Agree! I think you haven’t studied the USA budget where an apart budget is selected to give black money to the country for this type of circumstance. They have an ability to buy anything what they want!

      • Bilal_K

        Its not necessarily about bribing our government. As you know, our government and US work hand in hand against terrorists. Drone strikes are an example.

    • Shahid Saleem

      I have sorry news for you: http://arstechnica.com/tech-policy/2014/05/photos-of-an-nsa-upgrade-factory-show-cisco-router-getting-implant/

      While they may need (as you say) physical access, it’s only if the hardware isn’t already “modified” to add a backdoor.

      I have heard of a story from a reliable source about laptops used at a defence company in US. One day, their IT people stopped several people from using a particular brand of laptop and confiscated them. It finally was revealed that even when the laptops were turned off, their wifi radios were switching on and their BIOS (firmware) was sending data to an IP in China.

      So it is not just a one-sided attack from NSA, other governments are getting into it as well.

  • Geek At Large

    Naam me e NS hay. Nahoosat to hogi.

  • Sumair

    I wonder how would officials of NSA react on Pakistani late night calls ;)

  • Bilal Aahil

    Nothing new to say about this. they have access to everything, what you gonna do about it?

  • FuckyouNSA

    Fuck you NSA. Hope you are reading this! Not afraid of ya. popprproproppp.

  • Kunnka

    i know this since 2010. 99% spying done by FB, Google, youtube. They have a record on every person in Pakistan who uses internet. USA is also considered an expert in Spying. Recently spying done on Political members of pakistan. Why america is pushing towards to expand the internet to the whole world for free, through the satellites ? One thing get every bit of data on every person.

    • Shahid Saleem

      FB and Google don’t need to do any spying you idiot! WE FREELY GIVE OUR DATA TO THEM!!!!

      • Kunnka

        only Desired data is given Whether it is personal or not depends on the Person, who is uploading his info to social sites

        • Shahid Saleem

          Neither Google of Facebook break into your computers to get data you haven’t given them. So where is the “spying”??? No where.

          • Kunnka

            This is unknown move whether they do break in or not because either way they don’t leave traces behind. it is true that In google Giant data warehouses Google already has file on our info like where we live and where we went ? and other interest using Our “searching interest”. and it is directly under control of CIA my friend and They spy on us. no doubt.

            • Shahid Saleem

              It is unknown whether you are intelligent or gullible to conspiracy arguments because either way there’s no evidence. But your comments strongly suggest the latter.

              If there is no proof of their hacking, then why do you believe it? In the same sense, you might as well believe that time travellers went into the past and killed Liaqat Ali Khan. The same amount of proof of time travellers is there for google’s hacking.

              • Guest

                You saw Predestination! :D

              • Kunnka

                Dude seriously How can you trust some one who keeps a record on our travelling and secretly record video and audio from our android phones?

                • Shahid Saleem

                  There is ==ZERO== evidence that Android phones have Google software to record audio and video without your permission.

                  I repeat: ZERO.

                  Secondly, people are free to install AOSP Android, which contains 0% Google services. It is 100% possible to have an Android phone that does not contain a single Google application or background service like Gmail, Youtube, Google Play Services, etc. ONE HUNDRED PERCENT POSSIBLE.

                  So you don’t know what you’re talking about, pure and simple.

                  • Kunnka

                    Dear, 95% people don’t install AOSP. So there’s a risk.
                    if people do they can avoid Zero risks.

                    • Shahid Saleem

                      Regardless of what 95% of people do, YOU HAVE NO EVIDENCE that Google either hacks your computer or does not (like you said in earlier comment). YOU HAVE NO EVIDENCE that Google records your video or audio on your phone without your permission (like you said in another comment).

                      So, at what point will you understand and realize that the more you comment like this, the more ignorant you show yourself to be? What will you do next, hide your disqus comment history to avoid shame?

                    • Kunnka
                    • Kunnka

                      AOSP Android can destroy warranty Thats why many pakistani people don’t use it and generally im talking about Pakistan not the whole world. Also share your experience Why google is safe for people. Not asking for evidence.

                    • Kunnka
                    • Shahid Saleem

                      ONCE AGAIN: without evidence that google is hacking your system, YOU CANNOT SAY THEY ARE HACKING. You have no evidence.

                      WITHOUT EVIDENCE that google is listening to your video/voice without permission, YOU CANNOT SAY THEY ARE LISTENING. You have no evidence.

                      YOU HAVE NO EVIDENCE TO BACK UP ANY OF YOUR CLAIMS.
                      NOTHING. NOT ONE WORD.

                      If you continue to believe that, then it is your choice. But please keep your uninformed unverifyiable unproovable opinions where they belong: in the garbage.

                    • Kunnka

                      You didn’t read the articals then what a shame you don’t listen to anyone. Consider yourself a Jahil and Don’t reply to me again Ever!! Have a nice day.

                    • Shahid Saleem

                      I did. They say nothing about your original claims.

                    • Kunnka

                      The only opinion you can believe is what gives you satisfaction. You neither have anything to go against my opinion expect for trash talking.

                    • Shahid Saleem

                      It’s so strange that you can find URLs for everything EXCEPT for your examples (google hacking without knowledge, google turning microphone/camera on by itself).

                      So very strange.

                      Could it because there is no evidence?

                      I believe in evidence. Bring evidence, and I will consider it. Evidence can be FACTS if they are good evidences. Until then, you have nothing BUT opinions. Opinions without FACTS behind them are useless. And who cares about your opinions or mine?

                      It is my opinion that you are useless. Disagree? Prove me wrong: show me evidence.

  • Muhammad Imran Khan

    Read the article “who should own the internet” by By JULIAN ASSANGE

  • Alii

    Pakistani authorities DO cooperate with US authorities on these aspects. We know that all the deposit and withdrawal information from our Pakistani banks gets reported to IRS (tax department of United States). Standard Chartered in Pakistan is ones such bank which has to file these reports to FinCen as a day-end procedure. In a similar fashion, all telecommunications in Pakistan get passed on to NSA, which doesn’t surprise me at all.

    • Shahid Saleem

      Big jump from banks to NSA, man. Too big to believe.

  • Nabeel

    Even if they spy on our call and SMS and data, so what ? Why should a lamer be concerned about that? I don’t think anything to worry about in it. sanu kee?

    With that I must say that I have doubt about this news and NSA spying activities. although it is not impossible, but hard enough being very near to it, due to a lot of resources (storage,energy,HR). They may be capturing the data for suspect people worldwide, but NOT everyone’s.

    • Shahid Saleem

      Do you have curtains in your house? Are you doing anything wrong in your house? If not, why do you need curtains?

      Privacy has nothing to do with what you are doing right or wrong.

    • Qasim

      Yes and why do have doors on your bathrooms if you’re doing nothing illegal inside, you idiot?

      • adnan

        :D illegal ahahahahahah kya baat kar di medal lao in ka

  • Saad Durrani

    Lenovo?

  • Khubaib Syed

    It has been revealed that NSA will not intercept letters sent through pigeon technology

  • FTS

    So even using an HTTPS connection is technically illegal in Pakistan?

    • Shahid Saleem

      Try getting a clear answer from the government on official letterhead. You won’t.

      • Qazi Fazli Azeem

        Never replied or posted a reply here before, but will do so now. I was interning in 1999 in karachi with a US based IT company, in their international internet helpdesk. We used to get letters and emails from Pakdatacom back then, and some of the more “interesting” emails and letters of laws and regulations from them concerned us confirming to them that the company was not using any VPN of any kind and that we were not allowed to “encrypt” any user internet data, and that all data had to be channeled to the SEE ME WEE 3 underwater cable internet connection (i..e one computer in karachi), for the purposes of “monitoring” and checking. This was an order from them, implying in legal language that if we did not reply and comply soon, the ISP license would be revoked.

  • Bilal_K

    @shahidsaleem:disqus

    You referred to a link to a tinfoil hat kind of website.

    The article you quoted says that shipments of networking equipment, Cisco in this case, is intercepted by NSA and “backdoors” are installed. Do you realize how incredibly stupid this claim is? There are millions of networking devices all over the world. Do you think all of them are intercepted by NSA? Besides, technology companies like Cisco, MS etc are already under scrutiny for installing backdoors by THEMSELVES to facilitate US government.

    Now about Pakistan; I stand by my point that such interception requires physical access. Its not a hollywood movie where a person sitting behind a computer clicks a button and types random code to access your telephone call in Pentagon.

    Finally, our telecom infrastructure is a mix of Chinese (Huawei and ZTE) and Western (Ericsson, NSN, Motorolla) equipment. My point being; stop believing in propaganda from all sides. Do some research before you believe in these things.

    regards

    • Shahid Saleem

      Unfortunately for you, arstechnica is SO NOT A TINFOIL SITE, and OTHER documents released by Snowdon are verifiable and contain the same info. In fact, did you fail to notice that Cisco’s non-US reported revenues are DOWN this year compared with the expected increase?

      Seriously, anyone who thinks arstechnica is a tinfoil site and unreliable and pro-conspiracy is… untrustable.

      Now if you had read it carefully and had read related analysis posted by Bruce Schneier and others, you would have noticed that it was a TARGETED operation, not wholesale monitoring. TARGETED towards a certain organization in a certain country. In fact, the NSA group responsible for this is called TAO — and do I need to tell you what the T in TAO stands for or can you figure it out yet???

      Lastly, would you kindly explain the case of the Greek prime minister phone tapping/recordings and the mysterious death of the telecom engineer in the heart of the issue a few years ago? That, also, had to do with lawful intercept being activated. How was that enabled and not noticed for so long? In the end, because the engineer was dead, NO ONE IS CERTAIN WHO WAS LISTENING TO THE PRIVATE CONVERSATIONS.

      (Note: that exchange was also western, Siemens.)

      • Bilal

        Correction: the exchanges in the Greek case were made by Ericsson

  • Eli Ehsan

    jeez! means k Time to start following PERSON OF INTEREST and SCANDAL seriously..

  • Ammar

    Bus meri ammi ko na mere messages dikha dena. Baki sab khair hai.

  • IR.21

    Come on dude, really??? … you are just building castles in thin air when your argument rests on IR.21 … for anyone who has ever really seen an IR.21, rest assure that IR.21 does NOT reveal any specifics of network’s encryption which could be of any pragmatic use for interception … IR.21 reflects only “nomenclature” info at max about encryption which is only as good as knowing, for example, if a network operates on 900 or 1800 MHz frequency …

  • SAHIL

    They are working for jews, and jews are doing this effort to make anti christ(Dajjal) hands strong. by the time he will appear in this world, he would have the access on every thing of the world which jews are performing for him to make his job easy. But he can not harm those who are performing duties as par Allah SW’ s ordered (Mujaheddin). They will be safe from this fitna.

    • Shahid Saleem

      Oh shut up. You are so mentally weak you think Jews can do everything and you can do nothing and you are powerless. Well let me tell you, YOU ARE POWERLESS. Not because of what Jews or Christians or Hindus are doing, but because YOU THINK YOU ARE POWERLESS.

      Attitude is important, and your attitude is that you have lost. So stay lost and confused, but the rest of us don’t necessarily have to feel like you.

  • Ahmed12

    God has a system of angels to keep tab on our activities and maintain discipline. How do you expect governments to nab criminals and wrong doers in this age of technology.

    • Shahid Saleem

      So what’s your point? That governments should invade everyone’s privacy simply because the technology makes the tools available? Even after all the FIA/ISI/etc. monitoring of our telephone calls and SMS, how many criminals have gone to jail?

  • Ming Shi

    Now NSA knows how much I love megan fox ;)