One of the prime targets of American spies in Brazil is far away from the center of power – out at sea, deep beneath the waves. Brazilian oil. The internal computer network of Petrobras, the Brazilian oil giant partly owned by the state, has been under surveillance by the NSA, the National Security Agency of the United States.
The spying is confirmed by top secret documents leaked by Edward Snowden, and obtained exclusively by Fantastico.
These new disclosures contradict statements by the NSA denying espionage for economic purposes.
A top secret presentation dated May 2012 is used by the NSA to train new agents step-by-step how to access and spy upon private computer networks – the internal networks of companies, governments, financial institutions – networks designed precisely to protect information.
The name of Petrobras – Brazil’s largest company – appears right at the beginning, under the title: “MANY TARGETS USE PRIVATE NETWORKS.”
Besides Petrobras, e-mail and internet services provider Google’s infrastructure is also listed as a target. The company, often named as collaborating with the NSA, is shown here as a victim.
Other targets include French diplomats – with access to the private network of the Ministry of Foreign Affairs of France – and the SWIFT network, the cooperative that unites over ten thousand banks in 212 countries and provides communications that enable international financial transactions. All transfers of money between banks across national borders goes through SWIFT.
The name of Petrobras appears on several slides, as the training goes deeper in explaining how date from the target companies is monitored.
Individual folders are created for each target – and contain all the intercepted communications and IP addresses – the identification of each computer on the network – which should be immune to these attacks.
The NSA presentation contains documents prepared by the GCHQ – the British Spy agency, from a country that appears as an ally of the United States in spying. The British agency shows how two spy programs operate. “Flying Pig” and “Hush Puppy” also monitor private networks which carry supposedly secure information. These networks are known as TLS/SSL.
The presentation explains how data is intercepted, through an attack known as “Man in the Middle”. In this case, data is rerouted to the NSA central, and then relayed to its destination, without either end noticing.
A few pages ahead, the document lists the results obtained. “Results – what do we find?” “Foreign government networks”, “airlines”, “energy companies” – like Petrobras – and “financial organisations.”
TLS/SSL networks are also the security system used in financial transactions, such as when someone accesses their bank account through an ATM. The connection between a remote terminal and the bank’s central goes through a sort of secure tunnel through the internet. No one is supposed to see what travels through it.
Later, the NSA presentation shows in detail how the data of a chosen target is rerouted through spy filters beginning at the very source, until they reach the NSA’s supercomputers.
In this document the NSA names Latin America as a key target of the “SILVERZEPHYR” program, which collects the contents of voice recordings, faxes, as well as metadata, which is the overall information being transmitted in the network.
Lastly, another document obtained by Fantastico shows who are the spies’ clients – who gets the information obtained: American diplomats, the intelligence agencies, and the White House. It proves that spying doesn’t have as its sole purpose the fight against terrorism. On this list of objectives are also diplomatic, political and economic information.