Incident Details

Incident: NSA and GCHQ Compromise Online Encryption, Impacting Privacy and Security

Published Date: 2013-09-06

Postmortem Analysis
Timeline	1. The software failure incident mentioned in the article happened in 2010 [Article 21638].
System	1. Encryption technologies relied upon by internet users [21638]
Responsible Organization	1. National Security Agency (NSA) and its UK counterpart GCHQ were responsible for causing the software failure incident reported in the article [21638].
Impacted Organization	1. Internet users relying on encryption technologies to protect their privacy and data [21638].
Software Causes	1. The software failure incident was caused by the deliberate insertion of secret vulnerabilities, known as backdoors or trapdoors, into commercial encryption software by the National Security Agency (NSA) and its UK counterpart GCHQ [21638]. 2. The agencies collaborated with technology companies and internet service providers to insert these vulnerabilities into encryption systems, making them exploitable by the NSA and GCHQ [21638]. 3. The NSA and GCHQ actively engaged with US and foreign IT industries to covertly influence and/or overtly leverage their commercial products' designs, including inserting vulnerabilities into commercial encryption systems [21638]. 4. The NSA and GCHQ worked on decrypting widely used online protocols such as HTTPS, voice-over-IP, and Secure Sockets Layer (SSL) used for online shopping and banking, indicating a deliberate effort to undermine online security [21638].
Non-software Causes	1. Collaboration between intelligence agencies and technology companies to insert vulnerabilities into commercial encryption software [21638]. 2. Covert measures to ensure NSA control over setting international encryption standards [21638]. 3. Use of supercomputers to break encryption with "brute force" [21638]. 4. Collaboration with internet service providers to decrypt encrypted traffic in near-real time [21638]. 5. Development of ways to decrypt encrypted traffic on major service providers like Hotmail, Google, Yahoo, and Facebook [21638].
Impacts	1. The software failure incident led to the compromise of online encryption used by hundreds of millions of people, affecting the privacy of personal data, online transactions, and emails [21638]. 2. The incident resulted in the insertion of secret vulnerabilities, known as backdoors or trapdoors, into commercial encryption software, undermining the trust and security of online communications [21638]. 3. The failure incident raised concerns among security experts that the actions of the intelligence agencies were attacking the internet itself and compromising the privacy of all users [21638]. 4. The incident highlighted the conflict between the need for backdoors for intelligence gathering and the negative impact on overall security, potentially exposing all users to heightened risks of data compromise [21638]. 5. The software failure incident prompted a public debate about government actions that weaken the tools for protecting the privacy of internet users, emphasizing the importance of maintaining strong encryption systems [21638].
Preventions	1. Stronger encryption protocols and standards that are not compromised by government agencies could have prevented the software failure incident [21638]. 2. Implementing end-to-end encryption in communication services to ensure data privacy and security [21638]. 3. Increased transparency and oversight in the collaboration between intelligence agencies and technology companies to prevent the insertion of backdoors or vulnerabilities into commercial encryption software [21638]. 4. Stricter regulations or legal frameworks to limit the ability of intelligence agencies to undermine online security in the pursuit of surveillance goals [21638].
Fixes	1. Strengthening encryption protocols and standards to make them more resilient against decryption efforts by intelligence agencies like the NSA and GCHQ [21638]. 2. Implementing end-to-end encryption in communication services to ensure that data remains secure and private even if intercepted [21638]. 3. Increasing transparency and oversight in the collaboration between technology companies and government agencies to prevent the insertion of backdoors or vulnerabilities into commercial encryption software [21638]. 4. Encouraging the development and adoption of secure communication tools that prioritize user privacy and data protection [21638].
References	1. Edward Snowden 2. National Security Agency (NSA) 3. Government Communications Headquarters (GCHQ) 4. The Guardian 5. New York Times 6. ProPublica

Software Taxonomy of Faults

Category	Option	Rationale
Recurring	unknown	The articles do not mention any specific software failure incident happening again at one organization or multiple organizations.
Phase (Design/Operation)	operation	(a) The articles do not provide information about a software failure incident related to the design phase. (b) The articles discuss a software failure incident related to the operation phase, specifically mentioning the insertion of secret vulnerabilities known as backdoors or trapdoors into commercial encryption software by intelligence agencies like the NSA and GCHQ [21638]. This failure was due to contributing factors introduced by the operation of the system, where covert partnerships with technology companies and internet service providers were used to insert these vulnerabilities into encryption software.
Boundary (Internal/External)	within_system	(a) within_system: The software failure incident reported in the articles is primarily due to contributing factors that originate from within the system. The National Security Agency (NSA) and its UK counterpart GCHQ have actively worked on breaking encryption technologies through various methods such as covert measures, collaboration with technology companies, and inserting vulnerabilities into commercial encryption software [21638]. These actions were part of a deliberate effort to undermine online security for the purpose of eavesdropping, which ultimately led to the compromise of encryption used by internet users to protect their privacy and data [21638]. The decryption programs like Bullrun and Edgehill were developed internally to defeat encryption used in specific network communication technologies [21638]. Additionally, the NSA and GCHQ engaged in influencing international standards and introducing weaknesses into security standards, further emphasizing the internal nature of the software failure incident [21638].
Nature (Human/Non-human)	non-human_actions	(a) The articles discuss a software failure incident related to non-human actions, specifically the deliberate insertion of vulnerabilities known as backdoors or trapdoors into commercial encryption software by US and British intelligence agencies [21638]. These backdoors were covertly introduced to compromise encryption technologies and allow access to encrypted data flowing through the internet, despite assurances from internet companies that the data was secure from government access. This deliberate undermining of online security by introducing vulnerabilities into encryption systems is a significant software failure incident caused by non-human actions.
Dimension (Hardware/Software)	software	(a) The articles do not mention any software failure incident occurring due to contributing factors originating in hardware. (b) The software failure incident mentioned in the articles is related to software vulnerabilities deliberately inserted into commercial encryption software by intelligence agencies like the NSA and GCHQ. These vulnerabilities, known as backdoors or trapdoors, were inserted into encryption systems to allow the agencies to decrypt data despite assurances from internet companies that the data was secure. This deliberate undermining of online security by inserting vulnerabilities into software is a significant software failure incident [21638].
Objective (Malicious/Non-malicious)	malicious, non-malicious	(a) The articles describe a malicious software failure incident where US and British intelligence agencies collaborated with technology companies to insert secret vulnerabilities known as backdoors or trapdoors into commercial encryption software. These backdoors were intended to allow the agencies to decrypt encrypted data flowing through the internet, despite assurances from internet company executives that the data was secure from government access [21638]. (b) The articles also mention non-malicious software failure incidents where encryption technologies were compromised through covert measures such as influencing international encryption standards, using supercomputers to break encryption with brute force, and collaborating with technology companies and internet service providers to insert vulnerabilities into commercial encryption software. These actions were aimed at enabling the intelligence agencies to access encrypted data for counter-terrorism and foreign intelligence gathering purposes, rather than with the intent to harm the systems themselves [21638].
Intent (Poor/Accidental Decisions)	unknown	The articles do not provide information about a software failure incident related to poor_decisions or accidental_decisions.
Capability (Incompetence/Accidental)	accidental	(a) The articles do not mention any software failure incident occurring due to development incompetence. (b) The articles discuss a software failure incident related to accidental factors. The incident involves the US and British intelligence agencies compromising encryption standards and inserting vulnerabilities into commercial encryption software through covert partnerships with technology companies and internet service providers [21638]. This compromise was not accidental but rather a deliberate effort to undermine online security for the purpose of surveillance.
Duration	permanent	The software failure incident described in the articles is more of a permanent nature. This is evident from the fact that US and British intelligence agencies have successfully compromised the guarantees of encryption technologies used by internet companies to protect user data, online transactions, and communications [21638]. The agencies have adopted various methods to break encryption, including covert partnerships with technology companies to insert vulnerabilities into commercial encryption software, ensuring NSA control over setting international encryption standards, and using supercomputers for decryption [21638]. Additionally, the NSA and GCHQ have been working on decrypting encrypted traffic from major service providers like Hotmail, Google, Yahoo, and Facebook [21638]. These actions indicate a long-term and ongoing effort to undermine encryption technologies, making the software failure incident more permanent in nature.
Behaviour	omission, value, byzantine, other	(a) crash: The articles do not mention any software failure incident related to a crash. (b) omission: The software failure incident described in the articles is related to the omission of performing its intended functions. The failure is due to the system omitting to protect the privacy of users' personal data, online transactions, and emails by compromising encryption technologies [21638]. (c) timing: The articles do not mention any software failure incident related to timing. (d) value: The software failure incident described in the articles is related to the system performing its intended functions incorrectly. This failure is due to the system collaborating with technology companies to insert secret vulnerabilities into commercial encryption software, compromising the guarantees of privacy and security for users [21638]. (e) byzantine: The software failure incident described in the articles is related to the system behaving erroneously with inconsistent responses and interactions. This is evident in the covert measures taken by intelligence agencies to undermine online security and encryption, leading to a breach of trust and privacy for internet users [21638]. (f) other: The software failure incident can be categorized as a breach of trust and privacy, where the system's behavior undermines the fundamental basis of trust online by deliberately undermining online security for the sake of eavesdropping and intelligence gathering [21638].

IoT System Layer

Layer	Option	Rationale
Perception	None	None
Communication	None	None
Application	None	None

Other Details

Category	Option	Rationale
Consequence	property, theoretical_consequence	(d) property: People's material goods, money, or data was impacted due to the software failure The software failure incident described in the articles relates to the compromise of online encryption by US and British intelligence agencies. This breach of encryption impacted the privacy of hundreds of millions of people, exposing their personal data, online transactions, and emails to potential access by criminals or governments. The agencies inserted secret vulnerabilities, known as backdoors or trapdoors, into commercial encryption software, allowing them to decrypt vast amounts of data flowing through the internet cables. This breach of encryption directly impacted the security and privacy of individuals' data and communications, representing a significant loss of control over their personal information and potentially leading to financial harm or loss of sensitive data [21638].
Domain	information	The software failure incident described in the articles is related to the industry of information (a). The failed system was intended to support the production and distribution of information, particularly in the context of online communications, online banking, and medical records. The incident involved the compromise of encryption technologies by intelligence agencies, impacting the privacy and security of online data for millions of users [21638].

Sources

Revealed: how US and UK spy agencies defeat internet privacy and security - The Guardian - Published on: 2013-09-06
Article ID: 21638

Back to List