The Intercept has reported that according to a March 2006 NSA document, the National Security Agency was able to exploit Virtual Private Networks, or VPNs, and access hundreds of secure links of high profile institutions and targets, including Al Jazeera, a number of airline reservation systems, Iraqi military and internet service organizations.
The document in question, an article for the internal NSA news site SIDtoday, is part of the materials provided by NSA whistleblower Edward Snowden.
“Although VPNs pose special challenges for SIGINT collection and processing, we’ve recently had notable success in exploiting these communications,” wrote the author of the document. SIGINT is a contraction of Signal Intelligence, which refers to the practice of intelligence-gathering by interception of signals.
The author also wrote that the NSA’s Network Analysis Center had been putting resources into “VPN SIGINT Development (SIGDev) for over three years now, and the investment is paying off!”
The document, however, does not identify which VPN technologies were successfully beaten nor any technical details about their methods. But earlier reports and leaks point to the fact that the NSA might have been able to break IPSec protocol.
The Intercept article also references a 2015 paper titled “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice” that describes an attack called Logjam and claims that nation-states would be able to compromise 66 percent of all IPSec VPNs using this type of attack and the resources that they have.
The hacked institutions included the Qatar-based news organization Al Jazeera, Russian airline Aeroflot, Iran Air, in addition to systems used by hundreds of airlines around the world.
In Iraq alone, the NSA was able to tap into the secure networks for the ministries of defense and the interior.