While the Globo TV network didn’t put accent on this particular element during its reports on Sunday regarding the NSA spying on Petrobras, the state-owned oil company, it seems the intelligence agency has been impersonating Google.
On the slides we all got a glimpse at during the report, there was also data indicating the NSA was impersonating Google to intercept, store and read secure online communications, suggests Mother Jones
, a nonprofit news organization specialized in investigative, political and social justice reporting.
According to reports, the NSA used the “man-in-the-middle” (MITM) attack, something often used by hackers.
The slides displayed by the Brazilian news channel suggest the same was done not only by the NSA, but by GCHQ as well.
It seems that the NSA employees log into an Internet route and then redirect the “target traffic” to an “MITM.” “This is a site that acts as a stealthy intermediary, harvesting communications before forwarding them to their intended destination,” the report reads.
The importance of such a tool is that it allows the agency to defeat encryption without even going to all the trouble this would otherwise entail.
This type of attacks can trick the user into thinking the page is completely safe to visit and hackers can get access to user IDs and passwords, without the added difficulty of cracking the data.
"As for recent reports that the US government has found ways to circumvent our security systems, we have no evidence of any such thing ever occurring. We provide our user data to governments only in accordance with the law. We provide our user data to governments only in accordance with the law," said Jay Nancarrow, Google’s spokesperson, in reply to an inquiry from news site Mother Jones.