British intelligence hacked into two major undersea cables owned by Reliance Communications compromising millions of users, including those from the Indian government, reveal the latest scan of documents leaked by Edward Snowden, the US National Security Agency (NSA) contractor-turned-whistleblower. This security breach took place sometime between 2009 and 2011.
A private company, bought by telecom major Vodafone in 2012, helped the British intelligence agency General Communications Headquarters (GCHQ) in hacking the Reliance cables and 27 others that converged in the UK, reveal the documents.
These revelations were made in the last week of November by UK’s Channel 4 and German newspaper Süddeutsche Zeitung that jointly investigated the Snowden cache.
The Reliance cables carry internet and data traffic between Asia and Europe, and Europe to the American continent. Indian users compromised by this breach include those who don’t necessarily use a Reliance connection as the cables carry data from a multitude of internet service providers in multiple countries.
The website of Reliance Globacom, part of Anil Ambani’s Reliance Telecom group, describes itself as being one of the world’s “largest private undersea cable system spanning 67,000 km route.”
Renamed Global Cloud Xchange (GCX) in March, it owns two key undersea cables — FLAG, which connects Europe to Asia, and FLAG Atlantic 1 (FA1), which connects the American continent with Europe. Both cables meet at a junction in southwest UK and are connected by the local area network operated by Vodafone subsidiary Cable & Wireless.
The FLAG Europe-Asia undersea cable has landing stations in Egypt, the Arabian peninsula, India, Malaysia, Thailand, Hong Kong, mainland China, Taiwan and Japan. It was a key target, the documents show, since it carries data from countries that the US and UK are most interested in, like Middle East countries, India and also China.
The documents showed that the GCHQ had a secret financial arrangement with Cable & Wireless to use its facility in Skewjack Farm in southwest England to hack into the 29 undersea cables. This was part of a major operation codenamed “PFENNING ALPHA”, a computer exploitation network run jointly by the US’s NSA, and GCHQ. In separate documents, this operation has also been identified as the NSA’s “fourth-largest” information collection exercise from the global Internet.
In August 2013, Süddeutsche Zeitung accessed the Snowden papers to reveal the code names given by British intelligence to private telecom companies that cooperated with GCHQ for tapping internet communications. Cable & Wireless was identified by the codename ‘GERONTIC’ while British Telecom (BT) is referred to as ‘REMEDY’. Both companies were part of an elaborate spying programme code-named ‘TEMPORA’.
The documents also reveal how GCHQ used a secret software known as ‘XKeyscore’ to pull out data to analyse the data it was intercepting. The filtering of the Internet was carried out using technology developed by a Boeing subsidiary company, Narus. It would pull out packets of information that included phone numbers, emails, and IP addresses in real time.
Reliance Communications declined to reply to HT’s queries.
Ben Padovan, the official spokesperson of Vodafone in the UK, said in a statement: “Cable & Wireless was not owned, operated or controlled by Vodafone until 2012. We examined the past history of Cable & Wireless compliance prior to its acquisition by Vodafone and found no evidence that would substantiate these allegations…
The statement ends saying that Vodafone is legally bound not to disclose “any information regarding warrants received and the processes and systems in place to respond to such warrants” and the penalty for doing so is five years in prison.