Unencrypted data traveling along the internet’s fiber-optic backbone could be a weak spot that government agencies have tapped to gain information running between data centers, according to reporting from the New York Times.
Anonymous sources told the Times that unencrypted data packets passing through the fiber linkages between private data centers could be intercepted by government spies without data center operators knowing.
Specifically, Level 3 Communications, the largest backbone provider of its kind, could be among the National Security Agency’s sources for information from Google and Yahoo in its PRISM surveillance project. PRISM has been the NSA’s venue for gathering online communications records by legally compelling US tech companies to turn over data matching court-approved search terms.
In a blog post announcing Yahoo’s effort to add encryption to all its services, Yahoo CEO Marissa Mayer wrote, “I want to reiterate what we have said in the past: Yahoo has never given access to our data centers to the NSA or to any other government agency. Ever.”
With the cooperation of backbone providers, however, government agencies may not access to data centers when they can access the data passing in and out of them.
According to top-secret information obtained by the Washington Post, the NSA siphons off millions of records daily from internal Yahoo and Google networks. This is allegedly part of the NSA’s MUSCULAR project in partnership with British counterpart the Government Communications Headquarters.
In September, Google announced plans to encrypt the links between its data centers. “It’s an arms race,” Google Security Engineering VP Eric Grosse told the Washington Post. “We see these government agencies as among the most skilled players in this game.”