Google’s Cozy Relationship With the NSA May Have Left It Vulnerable

https://www.theblot.com/googles-cozy-relationship-nsa-may-left-vulnerable-7719232

Two prominent executives at Google traded warm, friendly e-mails with the nation’s top intelligence official one year before journalists began reporting on clandestine surveillance operations against the California-based tech company and others that encroached on the privacy of millions around the world.

The e-mails, obtained by reporter Jason Leopold under a Freedom of Information Act request and published on Tuesday by Al Jazeera America, show a once-comfortable relationship between the National Security Agency and executives at Google months before Edward Snowden became a household name.

One e-mail shows Google co-founder Sergey Brin and executive chairman Eric Schmidt, along with more than a dozen unidentified executives from various American technology companies, were invited to a classified threat assessment meeting in Northern California at the beginning of 2012.

The meeting stemmed from a partnership between Silicon Valley executives and Washington officials known as the “Enduring Security Framework” or ESF. According to a 2012 report by NPR’s Morning Edition, representatives from tech companies are given a one-day top-secret security clearance in order to meet with top defense officials for a series of classified meetings on known and emerging cyber-security threats.

The ESF briefings take place several times a year, and the e-mails released by Leopold show then-NSA spy boss Gen. Keith Alexander reaching out to Brin and Schmidt for an upcoming mobility security briefing scheduled for August 2012.

Brin responded by providing Alexander with an e-mail account that presumably provided the spy boss with direct access to the Google executive, writing that his public Google account is one he didn’t “really check” that often.

Schmidt, who enthusiastically wrote that it was “great to see” Alexander at the last meeting, turned down the opportunity to attend the August briefing because of a scheduling conflict. “Would love to see you another time,” Schmidt wrote.

Schmidt has since come out as critical against the NSA for its reported interception of Internet traffic between Google’s data centers, calling the report based on disclosures by Snowden “outrageous…if that’s true.”

“The steps that the organization was willing to do without good judgment to pursue its mission and potentially violate people’s privacy, it’s not OK,” Schmidt told the Wall Street Journal last November. “The Snowden revelations have assisted us in understanding that it’s perfectly possible that there are more revelations to come.”

Among other things, the documents released by Snowden revealed that NSA agents had successfully implanted bugs in a computer’s BIOS, the software that wakes up the internal hardware of a machine when it is turned on, allowing agents to commandeer a computer for both monitoring and sabotage.

One act of sabotage is called “bricking,” turning a functioning computer into a paperweight. An official with the NSA told CBS News last December that the agency had successfully thwarted a “bricking” attempt by Chinese hackers who exploited a vulnerability in the computer’s BIOS software.

NSA cyber-defense chief Debora Plunkett told CBS that the agency cooperated with hardware manufacturers to patch the BIOS vulnerability; according to NPR, this likely took place at one of the ESF briefings in the spring of 2010.

“We can turn your computer into a brick,” an unidentified U.S. official told a participant at the briefing, according to NPR.

Now some are wondering if Silicon Valley’s voluntary cooperation with government officials left them vulnerable to the BIOS exploit and others detailed in the Snowden revelations.

“(The NSA) has no business helping Google secure its facilities from the Chinese and at the same time hacking in through the back doors and tapping the fiber connections between Google base centers,” the Electronic Frontier Foundation’s Nate Cardozo told Leopold for the Al Jazeera report. “The fact that it’s the same agency doing both of those things is in obvious contradiction and ridiculous.”

A Google representative wouldn’t discuss Brin or Schmidt’s relationship with Alexander and other NSA officials but acknowledged to Al Jazeera that both had attended the secret briefings because doing so seemed to be in the interest of the company’s security.

“We work really hard to protect our users from cyberattacks, and we always talk to experts — including in the U.S. government — so we stay ahead of the game,” the representative said. “It’s why (they) attended this NSA conference.”

Matthew Keys is a contributing journalist for TheBlot Magazine. 

Add a Comment

Your email address will not be published.

Show Buttons
Hide Buttons