Go to the Globe and Mail homepage

Jump to main navigationJump to main content

Brazilian news program Fantastico reported September 2, 2013 that documents obtained from former NSA contractor Edward Snowden prove that the U.S. National Security Agency spied on the communications of the presidents of Brazil and Mexico. (AP)
Brazilian news program Fantastico reported September 2, 2013 that documents obtained from former NSA contractor Edward Snowden prove that the U.S. National Security Agency spied on the communications of the presidents of Brazil and Mexico. (AP)

Charges that Canada spied on Brazil unveil CSEC's inner workings Add to ...

Leaked documents showing that Canada’s electronic intelligence-gathering agency targeted the Brazilian government threaten to disrupt relations between the countries – and thrust the secretive CSEC into the public spotlight.

On Sunday night, Brazil’s flagship Fantastico investigative program on the Globo television network revealed leaked documents suggesting that Communications Security Establishment Canada (CSEC) has spied on computers and smartphones affiliated with Brazil’s mining and energy ministry in a bid to gain economic intelligence.

More Related to this Story

The report, attributed to documents first obtained by the former U.S. government contractor Edward Snowden, includes frames of a CSEC-earmarked presentation that was apparently shared with the United States and other allies in June, 2012.

“Brazilian Ministry of Mines and Energy (MME),” a title page of the leaked case study reads. “New target to develop.”

The presentation then rhetorically asks “How can I use the information available in SIGINT [signals-intelligence] data sources to learn about the target?” before delving into specific hacking techniques.

The documents were part of a collaboration with Globo by Glenn Greenwald. The Rio de Janeiro-based journalist and confidante of Mr. Snowden has spent the past four months steadily disclosing a treasure trove of leaked materials recording the electronic eavesdropping practices of the United States and its allies.

Washington has been reeling from the disclosures. In Brazil, they have caused the most serious rift between the two nations in years – after the first revelations about NSA espionage were made last month, Brazilian president Dilma Rousseff canceled an official state visit to Washington; it was to be the first in 18 years and was intended to showcase the growing economic and political ties between the two countries.  Instead Ms. Rousseff went to the UN General Assembly where she complained of “totally unacceptable” U.S. spying in her country. She gained a considerable bump in personal approval ratings after lashing out at the U.S. over the NSA activity, which has elicited a reaction of deep offense from many Brazilians.

The impact for Canada of these revelations could be equally grave: they come at a time when Brazil has become a top destination for Canadian exports, when a stream of delegations from the oil and gas industries are making pilgrimages to Rio de Janeiro to try to get a piece of the booming offshore oil industry, and when the Canadian government is eager to burnish ties with Brasilia. Foreign Affairs Minister John Baird visited Brazil in August, and spoke repeatedly about the country as a critical partner for Canadian business.

American lawmakers have introduced several bills that aim to rein in the U.S. National Security Agency's  domestic surveillance programs.

Throughout all this, Canada’s electronic eavesdropping agency has kept a relatively low profile, never before emerging as the central figure in any Snowden-leaked spying program. Although it has existed since the Second World War, CSEC has rarely discussed any of its operations in public.

CSEC has a $350-million budget and 2,000 employees. By law, it has three mandates – to safeguard Canadian government communications and computers from foreign hackers, to help other federal security agencies where legally possible, and to gather “foreign intelligence.”

The federal government is building a new $1-billion headquarters for CSEC on the outskirts of Ottawa.

Given wide latitude by its political and bureaucratic masters to collect what “foreign intelligence” it can, CSEC is exceedingly discreet. The spy agency’s leaders rarely make any public remarks. When they do, they tend only to speak vaguely of the agency’s role in fighting terrorism.

But economic espionage appears to be a business line for CSEC. Former Carleton University Professor Martin Rudner has pointed out that the spy agency started recruiting economists and business analysts in the mid-1990s.

“CSE[C] operations in economic intelligence have gone rather beyond the strictly defensive to also help promote Canadian economic competitiveness,” Mr. Rudner wrote in an essay published in 2000. He added that the spy agency is rumoured to have given the Canadian government a leg up during NAFTA negotiations with Mexico, and also eavesdropped on the 1997 APEC summit.

Mr. Rudner added that Ottawa officials don’t necessarily share with Canadian businesses what CSEC surveillance turns up. Instead, he writes, they “sometimes provide advice and counsel by way of helping to promote Canadian trade, without necessarily revealing their sources in economic intelligence.”

While CSEC’s role in conducting economic espionage has been alluded to before, how it does this job has not. The significance of the documents obtained by Globo in Brazil is that they speak to how “metadata” analysis by CSEC can be used to exploit a rival country’s computer systems.

The CSEC-labeled slides about the “Olympia” program describe the “Brazilian Ministry of Mines and Energy” as a “new target to develop” despite “limited access/target knowledge.”

The presentation goes on to map out how an individual’s smartphone – “target’s handset” – can be discerned by analysis, including by cross-referencing the smartphone’s Sim card with the network telephone number assigned to it and also to the handset’s unique number (IMEI).

The “top secret” presentation also refers to attacks on email servers.

“I have identified MX [email] servers which have been targeted to passive collection by the Intel analysts,” one slide says, without explaining who the speaker is.

The slide suggests the presenter hoped to reach out to American superhackers – the NSA’s “Tailored Access Operations” group – for a more specialized operation: “I am working with TAO to further examine the possibility for a Man on the Side operation.”

A “Man on the Side” operation is a form of interception. According to a recent Guardian column, the NSA has installed secret servers on the Internet that can be used “impersonate a visited Web site” that a target plans to visit. The rerouting of the target’s traffic opens his or her computer or mobile device to invasion by the impersonating website.

The “Top Secret” presentation obtained by Globo is an exceedingly rare disclosure. In Ottawa, CSEC’s employees are sworn to secrecy and visitors to its complex have to check their smartphones, iPads, laptops and memory sticks at the door.

The CSEC-labeled presentation appears to have been shared with the NSA, the agency Mr. Snowden once worked for. He had retained access to the NSA’s data repositories as a security-cleared private contractor, prior to copying reams of material early this year and then flying with it to Hong Kong this summer.

Mr. Snowden leaked the materials to Mr. Greenwald in Hong Kong, prior to flying to Russia to seek asylum. The U.S. government wants to try him on espionage charges.

The leaked “CSEC – Advanced Network Tradecraft” presentation about the Olympia spying program kicks off with an allusion to Greek mythology.

It alludes to how Zeus and his sibling deities waged a 10-year battle to overthrow an older order of gods, known as the Titans. “And they said to the Titans ‘Watch Out OLYMPIAns in the house!” reads a slide in the presentation.

 

In the know

Most popular videos »

Highlights

More from The Globe and Mail

Most popular