Update, 5 p.m.: Gen. Keith Alexander, the director of the NSA, denied the Post’s report at a cybersecurity conference on Wednesday. Though Politico reports that Alexander was unaware with the specifics of MUSCULAR and the Post’s report, he claimed that the NSA does not have free access to private companies’ servers.
"These are specific requirements that come from a court order, this is not NSA breaking into any databases," Alexander said. "It would be illegal for us to do that."
4 p.m.: Newly leaked top-secret documents reveal that the National Security Agency has broken into private data centers and collected millions of data records, many from Americans.
According to a top-secret document leaked by Edward Snowden to the Washington Post, an NSA program has managed to collect millions of files from Google and Yahoo’s private data centers. The document, dated Jan. 9, 2013, claims that NSA agents had collected and processed more than 181 million new records just over the preceding 30 days. The collected information ranges from metadata, which details who sent emails to whom, to pieces of actual content like text, audio or video files.
The project, called MUSCULAR and operated in tandem with the British intelligence agency GCHQ, operates by obtaining access to Google’s front-end servers, where the tech company’s Google Cloud data interacts with the public Internet. Under MUSCULAR, the NSA and GCHQ are able to copy huge amounts of information straight from fiber-optic cables connected to Yahoo Inc. (NASDAQ:YHOO) and Google Inc. (NASDAQ:GOOG) data centers.
Representatives from the White House and the Office of the Director of National Intelligence, which the NSA operates under, did not respond to the Post’s inquiries on why the NSA was collecting information from Google’s private servers, especially considering that a separate, previously revealed program named PRISM already has access to private user accounts on Google and Yahoo.
A representative from Google told the Post that the tech company is “troubled by allegations of the government intercepting traffic between our data centers, and we are not aware of this activity.”
“We have long been concerned about the possibility of this kind of snooping, which is why we continue to extend encryption across more and more Google services and links,” the Google spokesman continued.
In September, Google announced that it would work to completely encrypt all of its data on private servers as a response to the revelation of the NSA’s PRISM program. Now that MUSCULAR has been revealed as well, it seems likely that Google will increasingly step up its efforts towards total encryption.
Representatives from Yahoo were similarly taken aback by the revelation that the NSA had obtained access to its data centers.
“We have strict controls in place to protect the security of our data centers, and we have not given access to our data centers to the NSA or to any other government agency,” a Yahoo representative told the Post.