mitm in telecoms networks i told you so ... sort of
Then last night I read the article “NSA trying to map Rogers, RBC communications traffic, leak shows“ in The Globe and Mail. It describes a leaked NSA document entitled “Private Networks: Analysis, Contextualization and Setting the Vision”, the article goes on to say “A comparison of this document with previous Snowden leaks suggests it may be a preliminary step in broad efforts to identify, study and, if deemed necessary, “exploit” organizations’ internal communication networks.”. Of course there are no details as to if this ever came to pass and if it did to what degree any penetration took place, however I believe that this does indeed demonstrate that my fears were not completely unfounded.
If anybody were to penetrate the networks of any ISPs running tools such as this, these injection/interception platforms provide an easy mechanism to attack the customer base en mass. To provide an indication of scale Perftech, the manufacturer of the platform used by my ISP, published in January that their overall subscriber reach is currently 19.5 million, and that’s just one manufacturer.
There are many platforms that “legitimately” Man in The Middle our communications, however, unless properly managed and secured they can become a very useful tool in an adversaries arsenal.
Corporations which are targetted by nation state intelligence agencies are unlikely to successfully defend themselves. Making announcements via these interception platforms as opposed to using something more (less?) transparent and obvious to the user removes the opportunity for the user to make informed security decisions.