Microsoft has labelled the US government an “advanced persistent threat” in efforts to close the door to National Intelligence Agency (NSA) spying. The category is usually reserved for foreign state-sponsored cyber terrorists.
Brad Smith, Microsoft’s general counsel, told reporters that the tech giant is just as concerned as its customers when it comes to government surveillance of the Internet, and will do all it can to secure its systems.
Microsoft claimed it would address its users’ concern with improved end-to-end encryption, legal protections, and transparency surrounding its source code to allow users to identify security loopholes themselves.
Details of the NSA’s MUSCULAR programme – in which it spied on the data centres of Silicon Valley tech companies – emerged towards the end of October as part of the treasure trove of documents released by whistleblower Edward Snowden.
“From undisclosed interception points, the NSA and [the UK’s] GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants,” according to the Washington Post.
At the time, Google spokespeople described the company’s “outrage” at the spying allegations, and Microsoft will be worrying that evidence of similar compromise will severely harm its customer confidence.
As part of the incoming measures against NSA snooping, Microsoft says it will encrypt data moving between its servers and customers by default. The encryption will be fully in place by the end of 2014.
The measures will also have a legal dimension. Smith says Microsoft is “committed to notifying business and government customers if we receive legal orders related to their data,” and when prevented from doing so by gag orders, will vociferously challenge them in court.
Transparency is a key part of Microsoft’s new strategy. The giant has opened a new futuristic CSI-style Cybercrime Center at its Redmond headquarters which will allow third-party researchers access to the company’s resources in order to fight malware, botnets and cyber-criminals. This is coupled with the opening of two so-called “transparency centers,” in which foreign governments can inspect the security credentials of Microsoft’s source code and confirm that no backdoors exist in the systems.
“We all want to live in a world that is safe and secure, but we also want to live in a country that is protected by the Constitution,” explains Smith.
“We want to ensure that important questions about government access are decided by courts rather than dictated by technological might.”Leave a comment on this article