The ongoing NSA surveillance saga, which began with leaked documents acquired by Edward Snowden, has taken a bizarre and embarrassing twist. Allegedly, the NSA has more than once pretended to be Google in order to pull off surveillance on Internet users.
The source of the information is based on a document obtained by Snowden. The allegation is simple: The surveillance operatives used a man-in-the-middle attack to intercept web communications by persons of interest, posing as Google to cover their tracks. A man-in-the-middle hack is powerful, but relatively straightforward, since it involves using a faked security certificate that’s signed for the company you’re trying to impersonate. A user’s web browser would see the certificate, check that it’s properly encrypted and in date, and then assume it’s communicating with the named company–in this case, Google. Hackers typically use techniques like this to sniff on users entering banking data and passwords, but it’s unknown what the NSA was looking for. The NSA hack was unlikely to have been spotted by the targets, however, because it then legitimately forwarded the user’s data directly to the real Google service.
The NSA has allegedly been spying on Brazil’s political elite, leading to an international scandal that has forced President Obama to step in to defuse the situation with the affected heads of state, including Brazil’s and Mexico’s. Obama has also promised to reform the NSA surveillance programs.