The Creepy, Long-Standing Practice of Undersea Cable Tapping
The newest NSA leaks reveal that governments are probing "the Internet's
backbone." How does that work?
Olga Khazan Jul 16 2013, 1:55 PM ET
In the early 1970's, the U.S. government learned that an undersea cable ran
parallel to the Kuril Islands off the eastern coast of Russia, providing a
vital communications link between two major Soviet naval bases. The problem?
The Soviet Navy had completely blocked foreign ships from entering the
Not to be deterred, the National Security Agency launched Operation Ivy
Bells, deploying fast-attack submarines and combat divers to drop waterproof
recording pods on the lines. Every few weeks, the divers would return to
gather the tapes and deliver them to the NSA, which would then binge-listen
to their juicy disclosures.
The project ended in 1981, when NSA employee Ronald Pelton sold information
about the program to the KGB for $35,000. He's still serving his life prison
The operation might have ended, but for the NSA, this underwater strategy
clearly stuck around.
In addition to gaining access to web companies' servers and asking for phone
metadata, we've now learned that both the U.S. and the U.K. spy agencies are
tapping directly into the Internet's backbone -- the undersea fiber optic
cables that shuttle online communications between countries and servers. For
some privacy activists, this process is even more worrisome than monitoring
call metadata because it allows governments to make copies of everything
that transverses these cables, if they wanted to.
The British surveillance programs have fittingly sinister titles: "Mastering
the Internet" and "Global Telecoms Exploitation," according to The Guardian.
A subsidiary program for these operations -- Tempora -- sucks up around 21
million gigabytes per day and stores the data for a month. The data is
shared with NSA, and there are reportedly 550 NSA and GCHQ analysts poring
over the information they've gathered from at least 200 fiber optic cables
The scale of the resulting data harvest is tremendous. From The Guardian:
This includes recordings of phone calls, the content of email messages,
entries on Facebook and the history of any internet user's access to
websites -- all of which is deemed legal, even though the warrant system was
supposed to limit interception to a specified range of targets.
In an interview with online security analyst Jacob Appelbaum, NSA leaker
Edward Snowden called the British spy agency GCHQ "worse than" the NSA,
saying it represents the first "full take" system, in which surveillance
networks catch all Internet traffic regardless of its content. Appelbaum
asked Snowden if "anyone could escape" Tempora:
"Well, if you had the choice, you should never send information over British
lines or British servers," Snowden said. "Even the Queen's selfies with her
lifeguards would be recorded, if they existed."
The U.S.'s own cable-tapping program, known by the names OAKSTAR, STORMBREW,
BLARNEY and FAIRVIEW, as revealed in an NSA PowerPoint slide, apparently
functions similarly to Tempora, accessing "communications on fiber cables
and infrastructure as data flows past," according to The Washington Post.
The slide indicates that Prism and these so-called "upstream" programs work
together somehow, with an arrow saying "You Should Use Both" pointing to the
So how does one tap into an underwater cable?
The process is extremely secretive, but it seems similar to tapping an
old-fashioned, pre-digital telephone line -- the eavesdropper gathers up all
the data that flows past, then deciphers it later.
Screen Shot 2013-07-16 at 11.17.56 AM.png
A map of undersea cables. (TeleGeography)
More than 550,000 miles of flexible undersea cables about the size of garden
watering hoses carry all the world's emails, searches, and tweets. Together,
they shoot the equivalent of several hundred Libraries of Congress worth of
information back and forth every day.
In 2005, the Associated Press reported that a submarine called the USS Jimmy
Carter had been repurposed to carry crews of technicians to the bottom of
the sea so they could tap fiber optic lines. The easiest place to get into
the cables is at the regeneration points -- spots where their signals are
amplified and pushed forward on their long, circuitous journeys. "At these
spots, the fiber optics can be more easily tapped, because they are no
longer bundled together, rather laid out individually," Deutsche Welle
But such aquatic endeavors may no longer even be necessary. The cables make
landfall at coastal stations in various countries, where their data is sent
on to domestic networks, and it's easier to tap them on land than
underwater. Britain is, geographically, in an ideal position to access to
cables as they emerge from the Atlantic, so the cooperation between the NSA
and GCHQ has been key. Beyond that partnership, there are the other members
of the "Five Eyes" -- the Australians, the New Zealanders, and the Canadians
-- that also collaborate with the U.S., Snowden said.
The tapping process apparently involves using so-called "intercept probes."
According to two analysts I spoke to, the intelligence agencies likely gain
access to the landing stations, usually with the permission of the host
countries or operating companies, and use these small devices to capture the
light being sent across the cable. The probe bounces the light through a
prism, makes a copy of it, and turns it into binary data without disrupting
the flow of the original Internet traffic.
"We believe our 3D MEMS technology -- as used by governments and various
agencies -- is involved in the collection of intelligence from ... undersea
fibers," said a director of business development at Glimmerglass, a
government contractor that appeared, at least according to a 2010 Aviation
Week article, to conduct similar types of interceptions, though it's unclear
whether they took part in the British Tempora or the U.S. upstream programs.
In a PowerPoint presentation, Glimmerglass once boasted that it provided
"optical cyber solutions" to the intelligence community, offering the
ability to monitor everything from Gmail to Facebook. "We are deployed in
several countries that are using it for lawful interception. They've passed
laws, publicly known, that they will monitor all international traffic for
interdiction of any kind of terrorist activity."
Screen Shot 2013-07-10 at 6.54.48 PM.png
Slide from a Glimmerglass presentation
The British publication PC Pro presented another theory: that slightly
bending the cables could allow a receiver to capture their contents.
One method is to bend the cable and extract enough light to sniff out
the data. "You can get these little cylindrical devices off eBay for about
$1,000. You run the cable around the cylinder, causing a slight bend in
cable. It will emit a certain amount of light, one or two decibels. That
goes into the receiver and all that data is stolen in one or two decibels of
light. Without interrupting transfer flow, you can read everything going on
on an optical network," said Everett.
The loss is so small, said Everett, that anyone who notices it might
attribute it to a loose connection somewhere along the line. "They wouldn't
even register someone's tapping into their network," he added.
Once it's gathered, the data gets sifted. Most of it is discarded, but the
filters pull out material that touches on one of the 40,000 search terms
chosen by the NSA and GCHQ -- that's the content the two agencies inspect
The British anti-surveillance group Privacy International has filed a
lawsuit against the U.K. government, arguing that such practices amount to
"blanked surveillance" and saying that British courts do "not provide
sufficiently specific or clear authorization for such wide-ranging and
universal interception of communications." Their argument is that the
existing surveillance laws are from the phone-tapping days and can't be
applied to modern, large-scale electronic data collection.
"If their motivation is to catch terrorists, then are there less intrusive
methods than spying on everyone whose traffic happens to transverse the
U.K.?" said Eric King, head of research at Privacy International.
Meanwhile, the British agency, the GCHQ, has defending their practices by
saying that they are merely looking for a few suspicious "needles" in a
giant haystack of data, and that the techniques have allowed them to uncover
If groups like Privacy International are successful, it may put an end to
the capture of domestic Internet data within the U.K., but as NSA expert
Matthew Aid recently told me, since 80 percent of the fiber optic data flows
through the U.S., it wouldn't stop the massive surveillance operations here
or in other countries -- even if the person on the sending end was British.
It's also worth noting that this type of tapping has been going on for years
-- it's just that we're now newly getting worked up about it. In 2007, the
New York Times thus described President Bush's expansion of electronic
surveillance: "the new law allows the government to eavesdrop on those
conversations without warrants -- latching on to those giant switches -- as
long as the target of the government's surveillance is 'reasonably believed'
to be overseas."
Want to avoid being a "target" of this "switch-latching"? A site called
"Prism-break" recently released a smorgasbord of encrypted browsing, chat,
and email services that supposedly allow the user to evade government
The only platform for which there is no encrypted alternative is Apple's
iOS, a proprietary software, for which the site had this warning:
"You should not entrust neither your communications nor your data to a
closed source device."
(F)AIR USE NOTICE: All original content and/or articles and graphics in this
message are copyrighted, unless specifically noted otherwise. All rights to
these copyrighted items are reserved. Articles and graphics have been placed
within for educational and discussion purposes only, in compliance with
"Fair Use" criteria established in Section 107 of the Copyright Act of 1976.
The principle of "Fair Use" was established as law by Section 107 of The
Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain
permission or pay royalties for the use of previously copyrighted materials
if the purposes of display include "criticism, comment, news reporting,
teaching, scholarship, and research." Section 107 establishes four criteria
for determining whether the use of a work in any particular case qualifies
as a "fair use". A work used does not necessarily have to satisfy all four
criteria to qualify as an instance of "fair use". Rather, "fair use" is
determined by the overall extent to which the cited work does or does not
substantially satisfy the criteria in their totality. If you wish to use
copyrighted material for purposes of your own that go beyond 'fair use,' you
must obtain permission from the copyright owner. For more information go to:
THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS
PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.