Edward Snowden's whistleblowing campaign exposed the National Security Agency in 2013 for having "backdoors" into commercial technology products. The US spy agency worked with some Silicon Valley tech firms to develop covert methods of bypassing the standard authentication or encryption process of a network device so it could scan internet traffic without a warrant.
Snowden revealed the NSA's special sauce in how it conducted domestic and foreign backdoor operations to collect vital intelligence, resulted in the agency reforming its spying process, and had to formulate new rules to limit future breaches and how it conducts spy operations, three former intelligence officials told Reuters.
However, a recent inquiry into the new guidelines by Senator Ron Wyden, a top Democrat on the Senate Intelligence Committee, yielded absolutely nothing as the spy agency dodged questions.
"Secret encryption back doors are a threat to national security and the safety of our families – it's only a matter of time before foreign hackers or criminals exploit them in ways that undermine American national security," Wyden told Reuters.
"The government shouldn't have any role in planting secret back doors in encryption technology used by Americans," he continued:
The agency refused to comment on its updated policies on current backdoor processes. NSA officials did say they were in the rebuilding trust phase with the private sector.
"At NSA, it's common practice to constantly assess processes to identify and determine best practices," said Anne Neuberger, who heads NSA's year-old Cybersecurity Directorate. "We don't share specific processes and procedures."
Three former senior intelligence agency officials told Reuters that before a backdoor operation is conducted, the agency must "weigh the potential fallout and arrange for some kind of warning if the back door gets discovered and manipulated by adversaries."
Critics of the agency's spy tools say backdoors create targets for adversaries and undermine US technology trust among buyers across the world. According to Juniper, in 2015, a foreign adversary used the NSA's backdoor in its equipment. The NSA told Wyden's aides in 2018 the Juniper incident was a "lesson learned."
Reuters cites one of the clearest examples of the NSA working with private tech firms to build backdoors:
"... NSA's approach involved an encryption-system component known as Dual Elliptic Curve, or Dual EC. The intelligence agency worked with the Commerce Department to get the technology accepted as a global standard, but cryptographers later showed that the NSA could exploit Dual EC to access encrypted data."
What this all suggests is that Snowden's revelations of NSA's spy tools really didn't change the agency's practices over the last seven years. Backdoors are still being used as the surveillance state marches on.