Special Coverage Series

Network Computing

Special Coverage Series


NSA Secretly Tapped Google, Yahoo Data Centers, Report Says

Agency refutes allegations, while Google is outraged over the reported interception of data from its networks.

The Washington Post reported Wednesday that a review of documents leaked by Edward Snowden, together with interviews with “knowledgeable officials,” has revealed that the National Security Agency managed to secretly break into private clouds at Google and Yahoo, tapping into the links that connect the companies’ data centers around the world.

In doing so, the NSA was able collect data from millions of Internet users--many of them Americans--at its whim, according to the report. To that end, the Post reported that a top-secret accounting dated Jan. 9, 2013, indicated that in the previous 30 days, NSA field collectors had processed and sent back more than 181 million new records, including text, audio, video and metadata showing who sent or received emails.

More Insights

Webcasts

More >>

White Papers

More >>

Reports

More >>

The NSA categorically denied the article's suggestions that the agency has exploited loopholes in Executive Order 12333, which was signed by President Reagan in 1981 and essentially guides what U.S. intelligence agencies can and cannot do.

“The assertion that we collect vast quantities of U.S. persons’ data from this type of collection is also not true,” the NSA said in a prepared statement responding to the Post report. “NSA applies Attorney General-approved processes to protect the privacy of U.S. persons--minimizing the likelihood of their information in our targeting, collection, processing, exploitation, retention, and dissemination.”

Both Google and Yahoo made it clear that the NSA’s actions, regardless of the specifics, have occurred without the companies’ blessings.

“We have strict controls in place to protect the security of our data centers,” a Yahoo spokeswoman said in a prepared statement. “We have not given access to our data centers to the NSA or to any other government agency.”

[Revelations about NSA data surveillance has shattered whatever trust customers had in the security of WAN connections from service providers. Read why you need to encrypt and consider less-expensive Internet connections in "WAN Encryption Tops The Agenda After NSA Revelations."]

Google issued a tersely worded statement from David Drummond, the company’s chief legal officer. And it’s no wonder, as the Snowden documents included a hand-drawn NSA slide depicting the apparent cracking of a secure link between the public Internet and Google’s internal cloud, which would have allowed access to the company’s data center links.

“We have long been concerned about the possibility of this kind of snooping, which is why we have continued to extend encryption across more and more Google services and links, especially the links in the slide,” said Drummond. “We do not provide any government, including the U.S. government, with access to our systems. We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform.”

As for that reform, Larry Ponemon, founder of privacy and security research think tank The Ponemon Institute, says Google and others shouldn’t hold their breath.

“The right thing to do is to explain in clear and concise language how government access to our personal information can be managed ethically,” Ponemon said via email. “This means greater transparency and honesty about how our personal information is or will be used. I’m not optimistic that such disclosures will happen soon.”

In the meantime, Ponemon said, consumers simply cannot count on the Googles and Yahoos of the world to adequately protect their information--not because they’re not trying, but rather because it’s too tall an order.

“It may be foolish to trust in the privacy commitments of Internet and social media websites,” he said. “It is nearly impossible to protect personal information in this connected world.” What’s more, he said, any efforts to protect consumer data from the prying eyes of federal agencies like the NSA are likely to prove futile.

“This is a David and Goliath story,” said Ponemon, “where Goliath wins.”



Related Reading



Network Computing encourages readers to engage in spirited, healthy debate, including taking us to task. However, Network Computing moderates all comments posted to our site, and reserves the right to modify or remove any content that it determines to be derogatory, offensive, inflammatory, vulgar, irrelevant/off-topic, racist or obvious marketing/SPAM. Network Computing further reserves the right to disable the profile of any commenter participating in said activities.

 
Disqus Tips To upload an avatar photo, first complete your Disqus profile. | Please read our commenting policy.
 

Editor's Choice

Research: 2014 State of Server Technology

Research: 2014 State of Server Technology

Buying power and influence are rapidly shifting to service providers. Where does that leave enterprise IT? Not at the cutting edge, thatís for sure: Only 19% are increasing both the number and capability of servers, budgets are level or down for 60% and just 12% are using new micro technology.
Get full survey results now! »

Vendor Turf Wars

Vendor Turf Wars

The enterprise tech market used to be an orderly place, where vendors had clearly defined markets. No more. Driven both by increasing complexity and Wall Street demands for growth, big vendors are duking it out for primacy -- and refusing to work together for IT's benefit. Must we now pick a side, or is neutrality an option?
Get the Digital Issue »

WEBCAST: Software Defined Networking (SDN) First Steps

WEBCAST: Software Defined Networking (SDN) First Steps


Software defined networking encompasses several emerging technologies that bring programmable interfaces to data center networks and promise to make networks more observable and automated, as well as better suited to the specific needs of large virtualized data centers. Attend this webcast to learn the overall concept of SDN and its benefits, describe the different conceptual approaches to SDN, and examine the various technologies, both proprietary and open source, that are emerging.
Register Today »

Related Content

From Our Sponsor

How Data Center Infrastructure Management Software Improves Planning and Cuts Operational Cost

How Data Center Infrastructure Management Software Improves Planning and Cuts Operational Cost

Business executives are challenging their IT staffs to convert data centers from cost centers into producers of business value. Data centers can make a significant impact to the bottom line by enabling the business to respond more quickly to market demands. This paper demonstrates, through a series of examples, how data center infrastructure management software tools can simplify operational processes, cut costs, and speed up information delivery.

Impact of Hot and Cold Aisle Containment on Data Center Temperature and Efficiency

Impact of Hot and Cold Aisle Containment on Data Center Temperature and Efficiency

Both hot-air and cold-air containment can improve the predictability and efficiency of traditional data center cooling systems. While both approaches minimize the mixing of hot and cold air, there are practical differences in implementation and operation that have significant consequences on work environment conditions, PUE, and economizer mode hours. The choice of hot-aisle containment over cold-aisle containment can save 43% in annual cooling system energy cost, corresponding to a 15% reduction in annualized PUE. This paper examines both methodologies and highlights the reasons why hot-aisle containment emerges as the preferred best practice for new data centers.

Monitoring Physical Threats in the Data Center

Monitoring Physical Threats in the Data Center

Traditional methodologies for monitoring the data center environment are no longer sufficient. With technologies such as blade servers driving up cooling demands and regulations such as Sarbanes-Oxley driving up data security requirements, the physical environment in the data center must be watched more closely. While well understood protocols exist for monitoring physical devices such as UPS systems, computer room air conditioners, and fire suppression systems, there is a class of distributed monitoring points that is often ignored. This paper describes this class of threats, suggests approaches to deploying monitoring devices, and provides best practices in leveraging the collected data to reduce downtime.

Cooling Strategies for Ultra-High Density Racks and Blade Servers

Cooling Strategies for Ultra-High Density Racks and Blade Servers

Rack power of 10 kW per rack or more can result from the deployment of high density information technology equipment such as blade servers. This creates difficult cooling challenges in a data center environment where the industry average rack power consumption is under 2 kW. Five strategies for deploying ultra-high power racks are described, covering practical solutions for both new and existing data centers.

Power and Cooling Capacity Management for Data Centers

Power and Cooling Capacity Management for Data Centers

High density IT equipment stresses the power density capability of modern data centers. Installation and unmanaged proliferation of this equipment can lead to unexpected problems with power and cooling infrastructure including overheating, overloads, and loss of redundancy. The ability to measure and predict power and cooling capability at the rack enclosure level is required to ensure predictable performance and optimize use of the physical infrastructure resource. This paper describes the principles for achieving power and cooling capacity management.