The NSA has been spying on the data center communications of Google and Yahoo, as documents leaked by Edward Snowden have revealed. But details on how and what exactly the NSA is grabbing were light.
Now, the Washington Post has a follow-up, revealing how it was sure that the NSA had been tapping into inter-data center communications and not getting its data via any other means.
The NSA doesn't have direct access to the data centers, i.e. the servers and the databases. At the same time, it can legally access user data via the PRISM program. The agency is also prohibited from spying on Americans on American soil.
That leaves it with few options, but the NSA has managed to overcome that. Google, Yahoo, and the other big companies build private fiber optics links between their data centers. Through those links, which only they use, data is sent unencrypted, on the assumption that no one else but them has access to it.
When a direct link isn't possible, companies rent out private sections of the public connections. Through those connections, the data is encrypted.
Yet the leaked documents clearly show intercepted communications that use a protocol only used by Google on its own private fiber optic connections. These communications would never break out onto the open web, making it very clear that the NSA is getting them from these private connections.
Another document showed the same thing for the Yahoo networks. The NSA intercepted file formats only used internally by Yahoo.
The secret documents don't reveal where exactly the NSA intercepts the data. But the MUSCULAR program, under which this data is gathered, is run in cooperation with the British GCHQ. Google and, now, most likely all other big companies are hurrying to implement encryption between data centers even on private lines. Encryption adds some overhead and slows down the network, which is why it was not used previously.