Skip to main content

The year the NSA hacked the world: A 2013 PRISM timeline (Part III)

Make sure you're up to date: check back over Part I and Part II of our NSA saga timeline.

October was only half done, and everyone thought that the worst of the NSA revelations must have been and gone. But no one could expect what happened next. Nearly five months after the first leaks released by Edward Snowden, the disclosures were continuing to make the headlines and cause ructions in the diplomatic community. But everything that had come before was nothing compared to what was on the cards for the final months of 2013.

20 October

This is when the NSA spying allegations began to turn into a diplomatic disaster. It emerged midway through October that the latest victim of the US National Security Agency (NSA) and its widespread spying operations was the President and government of the United States' southern neighbour, Mexico.

Targets included the private email accounts of former President Felipe Calderon, and that of the current sitting President Enrique Peña Nieto. A document, dated May 2010, and marked "top secret" boasted that "TAO [tailored access operations] successfully exploited a key mail server in the Mexican Presidencia domain within the Mexican Presidential network to gain first-ever access to President Felipe Calderon's public email account."

21 October

Across the Atlantic, PRISM was still causing reverberations in one of the US' oldest allies. A report in Le Monde revealed that the NSA had spied on 70.3 million phone calls in France in just 30 days at the end of last year. The capture of information was a part of the NSA's global intelligence-gathering operation "boundless informant" and was apparently triggered by certain keywords included in the plaintext of the messages.

France's foreign minister, Laurent Fabius, has summoned the US ambassador to discuss the allegations "immediately," and Prime Minister Jean-Marc Ayrault said he was "deeply shocked" by the revelations.

23 October

Things then went from bad to worse. Germany's foreign minister, Guido Westerwelle, called the US ambassador to a personal meeting to discuss allegations that US secret services bugged Chancellor Angela Merkel's mobile phone. The German Chancellor said that any monitoring of her communications by the agency would be "a serious breach of trust."

24 October

Just as the American government was scrambling to patch up that diplomatic wound, another one opened up just the day after. It turned out that the NSA had been monitoring the phone conversations of 35 heads of state, according to yet another leaked memo. The conversations were allegedly intercepted after another US government department handed the leaders' mobile and home phone numbers to the NSA. The memo was a general call to members of other departments to share their 'rolodexes', or address books, with the agency.

27 October

A new report in German daily Der Spiegel showed that the NSA has surveillance teams stationed at 80 US embassies around the world, including 19 in Europe. According to the report, the spies pose as diplomats. The article also detailed sophisticated Internet and telephone monitoring equipment concealed at the embassies. Another significant blow to American diplomatic trust.

This led the German government to begin mulling the possibility of creating a "walled-off" Internet that would protect its citizens from US spying.

30 October

Once you've angered the head of state of just about every major ally, what could you do to worsen your standing in the public eye? Oh right – get on the wrong side of the Silicon Valley tech giants.

Major new documents published by the Washington Post revealed that the NSA hacked into the connections between data centres owned by Google and Yahoo.

"From undisclosed interception points, the NSA and GCHQ are copying entire data flows across fiber-optic cables that carry information between the data centers of the Silicon Valley giants," according to the Post.

David Drummond, Google's chief legal officer, said in a statement: "We are outraged at the lengths to which the government seems to have gone to intercept data from our private fiber networks, and it underscores the need for urgent reform."

So that's everyone right? Is nothing sacred? It turns out not – as rumours began to circulate that the NSA had even hacked computer networks belonging to the Vatican.

31 October

Then, as if things couldn't get any worse, details emerged of how US officials were advised to use the September 11 attacks on New York as a soundbite when defending the almost unlimited spying powers of the three-letter agencies.

Not a popular move, I can assure you.

This was compounded with the revelation that Australia had been used as a "listening post" for the NSA, news that caused a massive backlash among Indonesian hackers, who attacked Australian websites for weeks afterwards.

1 November

In a coup for Edward Snowden on his quest to vindicate his actions, the mega-whistleblower met with Hans-Christian Stroebele, a German MP from the Green Party (Die Grünen), in Moscow. This came as Germany announced that it would be prepared to speak to Snowden directly to gather evidence about American spying programmes against German citizens and politicians.

"If the message is that Mr Snowden wants to give us information then we'll gladly accept that," German Interior Minister Hans-Peter Friedrich said on Friday.

Snowden handed a letter to Stroebele upon their meeting, the former NSA contractor set out his position in no uncertain terms.

2 November

Soon after, it emerged that a large spying operation on the 2007 UN Climate Change Conference in Bali was carried out jointly by the NSA and Australia's Defence Signals Directorate (DSD). Because, you know – there's no greater threat to national security than a conference full of climate change delegates.

The agencies were reportedly trying to gain information on Indonesian officials' communications infrastructure "should collection be required in the event of an emergency," as one leaked document put it.

This went badly for Australia, as anti-government hackers brought down the websites of Australian business and police departments.

4 November

US politicians on both sides of the aisle - including White House advisors and the chairs of both the Senate and House intelligence committees - reject the idea of granting Snowden clemency.

17 November

Der Spiegel revealed the existence of a GCHQ program called "Royal Concierge" designed to monitor the booking systems of 350 high-end hotels from around the world.

Whenever one of the systems sends a booking confirmation to a diplomatic email address, Royal Concierge notifies agency analysts who then mark the hotel for possible further surveillance: either with electronic bugs or human spies.

18 November

Security technologist and author Bruce Schneier claimed that the NSA may have "broken" the Internet.

Schneier, the author of "Applied Cryptography", and "Secrets and Lies: Digital Security in a Networked World", made his comments during a presentation at the US Capitol building.

Schneier claimed that in its rush to "weaponise" the Internet, the NSA had riddled the global network with security backdoors and exploits that will before long be easily tappable by the world's criminals.

22 November

Apparently, almost unlimited power wasn't enough for the NSA. They wanted the real deal, the whole hog, the big tamale. According to a major article in the New York Times the plans to "influence the global commercial encryption market" through partnerships with tech firms and its own spies within private tech companies. Its end goal, according to the document, is accessing data from "anyone, anytime, anywhere" it needs.

Is anyone surprised?

25 November

Dutch newspaper NRC Handelsblad started reporting that the NSA had infected more than 50,000 computer networks with malware in a process known as "Computer Network Exploitation."

The process itself was nothing new. These "implants," as they're known in NSA terms, are deployed by a department within the agency known as TAO, or "Tailored Access Operations." Software engineers within TAO allegedly break into various routers, switches, and firewalls – to name a few devices – in an effort to compromise networks and, thus, gain access to the data being transmitted by the devices connecting to them.

As of 2008, TAO was allegedly able to deploy approximately 21,252 of these implants.

26 November

The latest report revealed a plan by the National Security Agency to collected information on six people's online activities, particularly their visits to pornographic websites, to discredit them within their community.

This is an example of "how 'personal vulnerabilities' can be learned through electronic surveillance, and then exploited to undermine a target's credibility, reputation, and authority," activist Glenn Greenwald wrote in the Huffington Post at the time.

In the document dated October 2012, the NSA identified six Muslim men who were "prominent, globally resonating foreign radicalizers." The document claimed the NSA had collected information about these individuals, which if exposed, "would likely call into question a radicalizer's devotion to the jihadist cause, leading to the degradation or loss of his authority."

5 December

It was on 5 December that the true scope of the NSA's spying was laid bare to the world. It turns out the agency gathered as many as five billion phone records a day from around the world.

The data gathered is apparently used to track the whereabouts of hundreds of millions of individual phone users and map their relationships with other individuals.

Of all the NSA surveillance programmes that have been revealed since the first initial cache of documents was released by Snowden in June, this was potentially the largest in terms of scale and scope.

6 December

US president Barack Obama defended the NSA following the latest spying revelations, but says he intends to propose some reforms that can "give people more confidence".

Responding to a report in the Washington Post that the NSA is gathering five billion mobile phone records each day - potentially the largest surveillance programme of its kind in terms of both size and scale – Obama claimed the agency did well to not engage in domestic surveillance.

9 December

In December, the big tech companies finally started to stand up to government surveillance, as eight of the world's tech giants joined forces to demand wide-spread reforms to US government surveillance.

In the most significant response yet to the spying revelations, Apple, Facebook, Google, Microsoft, Twitter, LinkedIn, AOL and Yahoo have today published an open letter to Washington. In it they refer to the "urgent need" for the president and members of Congress to enact reforms to government surveillance practices worldwide.

"We understand that governments have a duty to protect their citizens," the letter reads, "(But) the balance in many countries has tipped too far in favour of the state and away from the rights of the individual — rights that are enshrined in our Constitution. This undermines the freedoms we all cherish. It's time for a change.

11 December

Next time a website asks you if you want to install cookies, you might want to think again. NSA presentation slides released by the Washington Post in December gave fresh insights into the way intelligence agencies carry out online surveillance, revealing how they use third-party software to bolster their hacking capabilities.

Using a Google-specific tracking cookie known as "PREFID", the NSA and GCHQ are able to identify a web user's browser and single out their communications for the purpose of sending malware to hack the user's computer.

13 December

Draft proposals from a National Security Agency (NSA) review panel reportedly called for significant limitations to the way the agency collects and holds information, according to people close to the matter.

Citing sources familiar with the recommendations, the Wall Street Journal reported proposals for a "sweeping overhaul" of the NSA, resulting in a change in the agency's leadership from military to civilian and an end to bulk phone record collection.

While it's by no means certain that the recommendations will be taken on board, this is about as happy an ending as we could hope for to the year the NSA hacked the world.

And who knows?

18 December

But what about Edward Snowden, the man who risked his life, and abandoned his home and family to reveal the Prism programme to the world? He's still living in Russia, watching the last day of his year-long asylum draw closer. But if recent developments are anything to go by, his hand is looking a little stronger these days.

Snowden wrote an open letter to the people of Brazil, in which he said:

"I don't want to live in a world where everything that I say, everything I do, everyone I talk to, every expression of creativity or love or friendship is recorded. That's not something I'm willing to support, it's not something I'm willing to build, and it's not something I'm willing to live under."

"Until a country grants permanent political asylum, the US government will continue to interfere with my ability to speak," Snowden wrote. "The tide has turned, and we can finally see a future where we can enjoy security without sacrificing our privacy."

"The culture of indiscriminate worldwide surveillance, exposed to public debates and real investigations on every continent, is collapsing," he added.

Let's hope we see that day before too long.