IU expert: NSA infiltration of Google and Yahoo networks threatens U.S. tech leadership

Oct. 30, 2013


BLOOMINGTON, Ind. -- Revelations that the National Security Agency has secretly broken into Google and Yahoo data centers outside the U.S. worsen the crisis the U.S. government faces over its cyber-espionage activities and undermine confidence in Google and Yahoo as global communication businesses, an Indiana University cybersecurity expert says.

Through documents disclosed by former NSA contractor Edward Snowden, The Washington Post reported today that an NSA project, code-named MUSCULAR, has access to parts of Google and Yahoo networks established in foreign countries, acquires tens of millions of records created on such networks, and transmits this data to NSA headquarters at Fort Meade, Md. According to David P. Fidler, a professor at the IU Maurer School of Law, this news pours more fuel on the raging national and international controversies about U.S. cybersurveillance and spying.

“The U.S. government is still reeling from earlier Snowden disclosures about cybersurveillance within the U.S. and more recent allegations it spied on nationals and leaders of our closest allies and other friendly countries,” Fidler said. “Now comes news the NSA hacked into networks operated by leading U.S. tech companies without, apparently, their knowledge in order to collect massive amounts of data generated by Google and Yahoo users all over the world.”

This disclosure reinforces growing national and international perceptions that the NSA operates without limits or effective oversight and that the U.S. government measures the appropriateness of its cyberspying by what it can do rather than what it should do, Fidler said.

If true, Fidler said, this program’s existence will, once again, anger foreign governments and nationals because it underscores the scale and intrusiveness of U.S. cyber-espionage activities outside the U.S. Disclosure of MUSCULAR also harms U.S. efforts to advance its “Internet freedom” agenda and provides foreign governments with opportunities to attack the U.S. in different diplomatic contexts, Fidler said.

“In addition, because data generated by Americans in the U.S. cycles through these global networks, this program invites scrutiny about the U.S. government’s respect for the privacy of digital communications of Americans,” Fidler said.

In addition to diplomatic damage and reinforced concerns about the privacy of Americans, the companies hacked by the NSA -- Google and Yahoo -- could suffer significant blowback in foreign markets. Earlier disclosures by Snowden, Fidler said, raised concerns that NSA activities undermined the leadership, reputations and global markets of U.S. technology companies. News that the NSA directly accesses Google and Yahoo servers overseas might cause foreign users to stop using technology services provided by American companies.

“The U.S. technology community is already very angry concerning the harm leaks about U.S. cybersurveillance and spying operations have done to the image, leadership and future global competitiveness of U.S. technology companies, and disclosure of MUSCULAR will deepen the rift between Silicon Valley and Washington, D.C.,” Fidler said.

Fidler is the James Louis Calamaras Professor at the Indiana University Maurer School of Law and is a Senior Fellow at the Indiana University Center for Applied Cybersecurity Research. He can be reached at 812-855-6403 or dfidler@indiana.edu.