Leaked documents showing that Canada’s electronic intelligence-gathering agency targeted the Brazilian government threaten to disrupt relations between the countries – and thrust the secretive CSEC into the public spotlight.
On Sunday night, Brazil’s flagship Fantastico investigative program on the Globo television network revealed leaked documents suggesting that Communications Security Establishment Canada (CSEC) has spied on computers and smartphones affiliated with Brazil’s mining and energy ministry in a bid to gain economic intelligence.
The report, attributed to documents first obtained by the former U.S. government contractor Edward Snowden, includes frames of a CSEC-earmarked presentation that was apparently shared with the United States and other allies in June, 2012.
“Brazilian Ministry of Mines and Energy (MME),” a title page of the leaked case study reads. “New target to develop.”
The presentation then rhetorically asks “How can I use the information available in SIGINT [signals-intelligence] data sources to learn about the target?” before delving into specific hacking techniques.
The documents were part of a collaboration with Globo by Glenn Greenwald. The Rio de Janeiro-based journalist and confidante of Mr. Snowden has spent the past four months steadily disclosing a treasure trove of leaked materials recording the electronic eavesdropping practices of the United States and its allies.
Washington has been reeling from the disclosures. In Brazil, they have caused the most serious rift between the two nations in years – after the first revelations about NSA espionage were made last month, Brazilian president Dilma Rousseff canceled an official state visit to Washington; it was to be the first in 18 years and was intended to showcase the growing economic and political ties between the two countries. Instead Ms. Rousseff went to the UN General Assembly where she complained of “totally unacceptable” U.S. spying in her country. She gained a considerable bump in personal approval ratings after lashing out at the U.S. over the NSA activity, which has elicited a reaction of deep offense from many Brazilians.
Five highlights from the Canada-Brazil spying revelations Add to
The Globe and Mail
Published Monday, Oct. 07 2013, 11:02 AM EDT
Canada’s signals-intelligence agency has been spying on Brazil’s Mines and Energy Ministry, according to documents the former U.S. government contractor Edward Snowden leaked to Brazil’s Globo television network.
Globo obtained a copy of a slide presentation made by someone at the Communications Security Establishment Canada (CSEC). The document was shown at a June 2012 gathering of members of the “Five Eyes,” the signals-intelligence alliance of Canada, the United States, Britain, Australia and New Zealand.
Here are some highlights that can be gleaned from the slides:
1. Using a program called Olympia, CSEC took aim at Brazil’s Ministry of Mines and Energy, describing it as a “new target to develop” despite “limited access/target knowledge.”
2. One of the slide shows that CSEC focused on ministry portable devices and was able to identify their carriers (such as Brasil Telecom S.A. or Global Village Telecom), the kind of hardware being used (for example a Nokia 3120 or an Android-based Motorola MRUQ7) and metadata about where calls were placed, in countries such as Peru, Venezuela, Poland, Singapore, Great Britain.
Another slide in the presentation explains how analysts cross-referenced a handset’s SIM card with the network telephone number assigned to it and the handset’s unique number (IMEI).
3. CSEC metadata collection included calls made from the Ministry of Mines and Energy to the Brazilian embassy in Peru and the head office of OLADE, the Latin American Energy Organization, in Quito, Ecuador.
One slide titled showed how the Canadians connected an IP addresses assigned to the ministry to e-mail communications with Canada, Eritrea, Saudi Arabia, Thailand, Afghanistan, Jordan and South Africa.
4. Another phone monitored by CSEC belonged to Paulo Cordeiro de Andrade Pinto, a career diplomat who was ambassador to Canada from 2008 to 2011, and is now Brazil’s Under Secretary for Middle East and Africa.
5. CSEC’s next step was going to be the collection of e-mails and cooperation with a hacking specialists working for a secret unit of the U.S. National Security Agency.
“I have identified MX [email] servers which have been targeted to passive collection by the Intel analysts,” says a slide titled “Moving Forward.”
The slide mentions TAO (Tailored Access Operations), an NSA unit specializes in installing spyware and tracking devices and has been reported to have played a role in the hunt for Osama Bin Laden.
“I am working with TAO to further examine the possibility for a Man on the Side operation,” the CSEC slide says, alluding to a form of online eavesdropping.
The impact for Canada of these revelations could be equally grave: they come at a time when Brazil has become a top destination for Canadian exports, when a stream of delegations from the oil and gas industries are making pilgrimages to Rio de Janeiro to try to get a piece of the booming offshore oil industry, and when the Canadian government is eager to burnish ties with Brasilia. Foreign Affairs Minister John Baird visited Brazil in August, and spoke repeatedly about the country as a critical partner for Canadian business.
American lawmakers have introduced several bills that aim to rein in the U.S. National Security Agency’s domestic surveillance programs.
Throughout all this, Canada’s electronic eavesdropping agency has kept a relatively low profile, never before emerging as the central figure in any Snowden-leaked spying program. Although it has existed since the Second World War, CSEC has rarely discussed any of its operations in public.
CSEC has a $350-million budget and 2,000 employees. By law, it has three mandates – to safeguard Canadian government communications and computers from foreign hackers, to help other federal security agencies where legally possible, and to gather “foreign intelligence.”
The federal government is building a new $1-billion headquarters for CSEC on the outskirts of Ottawa.
Given wide latitude by its political and bureaucratic masters to collect what “foreign intelligence” it can, CSEC is exceedingly discreet. The spy agency’s leaders rarely make any public remarks. When they do, they tend only to speak vaguely of the agency’s role in fighting terrorism.
But economic espionage appears to be a business line for CSEC. Former Carleton University Professor Martin Rudner has pointed out that the spy agency started recruiting economists and business analysts in the mid-1990s.
“CSE[C] operations in economic intelligence have gone rather beyond the strictly defensive to also help promote Canadian economic competitiveness,” Mr. Rudner wrote in an essay published in 2000. He added that the spy agency is rumoured to have given the Canadian government a leg up during NAFTA negotiations with Mexico, and also eavesdropped on the 1997 APEC summit.
Mr. Rudner added that Ottawa officials don’t necessarily share with Canadian businesses what CSEC surveillance turns up. Instead, he writes, they “sometimes provide advice and counsel by way of helping to promote Canadian trade, without necessarily revealing their sources in economic intelligence.”
While CSEC’s role in conducting economic espionage has been alluded to before, how it does this job has not. The significance of the documents obtained by Globo in Brazil is that they speak to how “metadata” analysis by CSEC can be used to exploit a rival country’s computer systems.
The CSEC-labeled slides about the “Olympia” program describe the “Brazilian Ministry of Mines and Energy” as a “new target to develop” despite “limited access/target knowledge.”
The presentation goes on to map out how an individual’s smartphone – “target’s handset” – can be discerned by analysis, including by cross-referencing the smartphone’s Sim card with the network telephone number assigned to it and also to the handset’s unique number (IMEI).
The “top secret” presentation also refers to attacks on email servers.
“I have identified MX [email] servers which have been targeted to passive collection by the Intel analysts,” one slide says, without explaining who the speaker is.
The slide suggests the presenter hoped to reach out to American superhackers – the NSA’s “Tailored Access Operations” group – for a more specialized operation: “I am working with TAO to further examine the possibility for a Man on the Side operation.”
A “Man on the Side” operation is a form of interception. According to a recent Guardian column, the NSA has installed secret servers on the Internet that can be used “impersonate a visited Web site” that a target plans to visit. The rerouting of the target’s traffic opens his or her computer or mobile device to invasion by the impersonating website.
The “Top Secret” presentation obtained by Globo is an exceedingly rare disclosure. In Ottawa, CSEC’s employees are sworn to secrecy and visitors to its complex have to check their smartphones, iPads, laptops and memory sticks at the door.
The CSEC-labeled presentation appears to have been shared with the NSA, the agency Mr. Snowden once worked for. He had retained access to the NSA’s data repositories as a security-cleared private contractor, prior to copying reams of material early this year and then flying with it to Hong Kong this summer.
Mr. Snowden leaked the materials to Mr. Greenwald in Hong Kong, prior to flying to Russia to seek asylum. The U.S. government wants to try him on espionage charges.
The leaked “CSEC – Advanced Network Tradecraft” presentation about the Olympia spying program kicks off with an allusion to Greek mythology.
It alludes to how Zeus and his sibling deities waged a 10-year battle to overthrow an older order of gods, known as the Titans. “And they said to the Titans ‘Watch Out OLYMPIAns in the house!” reads a slide in the presentation.
COLIN FREEZE AND STEPHANIE NOLEN
TORONTO AND RIO DE JANEIRO — The Globe and Mail
Published Monday, Oct. 07 2013, 7:14 AM EDT
© Copyright 2013 The Globe and Mail Inc.