The NSA’s Hidden Spy Hubs in Eight U.S. Cities

THE SECRETS ARE hidden behind fortified walls in cities across the United States, inside towering, windowless skyscrapers and fortress-like concrete structures that were built to withstand earthquakes and even nuclear attack. Thousands of people pass by the buildings each day and rarely give them a second glance, because their function is not publicly known. They are an integral part of one of the world’s largest telecommunications networks – and they are also linked to a controversial National Security Agency surveillance program.

Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington, D.C. In each of these cities, The Intercept has identified an AT&T facility containing networking equipment that transports large quantities of internet traffic across the United States and the world. A body of evidence – including classified NSA documents, public records, and interviews with several former AT&T employees – indicates that the buildings are central to an NSA spying initiative that has for years monitored billions of emails, phone calls, and online chats passing across U.S. territory.

The NSA considers AT&T to be one of its most trusted partners and has lauded the company’s “extreme willingness to help.” It is a collaboration that dates back decades. Little known, however, is that its scope is not restricted to AT&T’s customers. According to the NSA’s documents, it values AT&T not only because it “has access to information that transits the nation,” but also because it maintains unique relationships with other phone and internet providers. The NSA exploits these relationships for surveillance purposes, commandeering AT&T’s massive infrastructure and using it as a platform to covertly tap into communications processed by other companies.

Much has previously been reported about the NSA’s surveillance programs. But few details have been disclosed about the physical infrastructure that enables the spying. Last year, The Intercept highlighted a likely NSA facility in New York City’s Lower Manhattan. Now, we are revealing for the first time a series of other buildings across the U.S. that appear to serve a similar function, as critical parts of one of the world’s most powerful electronic eavesdropping systems, hidden in plain sight.“It’s eye-opening and ominous the extent to which this is happening right here on American soil,” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice. “It puts a face on surveillance that we could never think of before in terms of actual buildings and actual facilities in our own cities, in our own backyards.”There are hundreds of AT&T-owned properties scattered across the U.S. The eight identified by The Intercept serve a specific function, processing AT&T customers’ data and also carrying large quantities of data from other internet providers. They are known as “backbone” and “peering” facilities.While network operators would usually prefer to send data through their own networks, often a more direct and cost-efficient path is provided by other providers’ infrastructure. If one network in a specific area of the country is overloaded with data traffic, another operator with capacity to spare can sell or exchange bandwidth, reducing the strain on the congested region. This exchange of traffic is called “peering” and is an essential feature of the internet.Because of AT&T’s position as one of the U.S.’s leading telecommunications companies, it has a large network that is frequently used by other providers to transport their customers’ data. Companies that “peer” with AT&T include the American telecommunications giants Sprint, Cogent Communications, and Level 3, as well as foreign companies such as Sweden’s Telia, India’s Tata Communications, Italy’s Telecom Italia, and Germany’s Deutsche Telekom.AT&T currently boasts 19,500 “points of presence” in 149 countries where internet traffic is exchanged. But only eight of the company’s facilities in the U.S. offer direct access to its “common backbone” – key data routes that carry vast amounts of emails, internet chats, social media updates, and internet browsing sessions. These eight locations are among the most important in AT&T’s global network. They are also highly valued by the NSA, documents indicate.The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years. It is an efficient point to conduct internet surveillance, Klein said, “because the peering links, by the nature of the connections, are liable to carry everybody’s traffic at one point or another during the day, or the week, or the year.”Christopher Augustine, a spokesperson for the NSA, said in a statement that the agency could “neither confirm nor deny its role in alleged classified intelligence activities.” Augustine declined to answer questions about the AT&T facilities, but said that the NSA “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect U.S. persons’ privacy and civil liberties.”Jim Greer, an AT&T spokesperson, said that AT&T was “required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests, and other legal requirements.” He added that the company provides “voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”Dave Schaeffer, CEO of Cogent Communications, told The Intercept that he had no knowledge of the surveillance at the eight AT&T buildings, but said he believed “the core premise that the NSA or some other agency would like to look at traffic … at an AT&T facility.” He said he suspected that the surveillance is likely carried out on “a limited basis,” due to technical and cost constraints. If the NSA were trying to “ubiquitously monitor” data passing across AT&T’s networks, Schaeffer added, he would be “extremely concerned.”Sprint, Telia, Tata Communications, Telecom Italia, and Deutsche Telekom did not respond to requests for comment. CenturyLink, which owns Level 3, said it would not discuss “matters of national security.”

Much has previously been reported about the NSA’s surveillance programs. But few details have been disclosed about the physical infrastructure that enables the spying. Last year, The Intercept highlighted a likely NSA facility in New York City’s Lower Manhattan. Now, we are revealing for the first time a series of other buildings across the U.S. that appear to serve a similar function, as critical parts of one of the world’s most powerful electronic eavesdropping systems, hidden in plain sight.“It’s eye-opening and ominous the extent to which this is happening right here on American soil,” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice. “It puts a face on surveillance that we could never think of before in terms of actual buildings and actual facilities in our own cities, in our own backyards.”There are hundreds of AT&T-owned properties scattered across the U.S. The eight identified by The Intercept serve a specific function, processing AT&T customers’ data and also carrying large quantities of data from other internet providers. They are known as “backbone” and “peering” facilities.While network operators would usually prefer to send data through their own networks, often a more direct and cost-efficient path is provided by other providers’ infrastructure. If one network in a specific area of the country is overloaded with data traffic, another operator with capacity to spare can sell or exchange bandwidth, reducing the strain on the congested region. This exchange of traffic is called “peering” and is an essential feature of the internet.Because of AT&T’s position as one of the U.S.’s leading telecommunications companies, it has a large network that is frequently used by other providers to transport their customers’ data. Companies that “peer” with AT&T include the American telecommunications giants Sprint, Cogent Communications, and Level 3, as well as foreign companies such as Sweden’s Telia, India’s Tata Communications, Italy’s Telecom Italia, and Germany’s Deutsche Telekom.AT&T currently boasts 19,500 “points of presence” in 149 countries where internet traffic is exchanged. But only eight of the company’s facilities in the U.S. offer direct access to its “common backbone” – key data routes that carry vast amounts of emails, internet chats, social media updates, and internet browsing sessions. These eight locations are among the most important in AT&T’s global network. They are also highly valued by the NSA, documents indicate.The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years. It is an efficient point to conduct internet surveillance, Klein said, “because the peering links, by the nature of the connections, are liable to carry everybody’s traffic at one point or another during the day, or the week, or the year.”Christopher Augustine, a spokesperson for the NSA, said in a statement that the agency could “neither confirm nor deny its role in alleged classified intelligence activities.” Augustine declined to answer questions about the AT&T facilities, but said that the NSA “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect U.S. persons’ privacy and civil liberties.”Jim Greer, an AT&T spokesperson, said that AT&T was “required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests, and other legal requirements.” He added that the company provides “voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”Dave Schaeffer, CEO of Cogent Communications, told The Intercept that he had no knowledge of the surveillance at the eight AT&T buildings, but said he believed “the core premise that the NSA or some other agency would like to look at traffic … at an AT&T facility.” He said he suspected that the surveillance is likely carried out on “a limited basis,” due to technical and cost constraints. If the NSA were trying to “ubiquitously monitor” data passing across AT&T’s networks, Schaeffer added, he would be “extremely concerned.”Sprint, Telia, Tata Communications, Telecom Italia, and Deutsche Telekom did not respond to requests for comment. CenturyLink, which owns Level 3, said it would not discuss “matters of national security.”

Much has previously been reported about the NSA’s surveillance programs. But few details have been disclosed about the physical infrastructure that enables the spying. Last year, The Intercept highlighted a likely NSA facility in New York City’s Lower Manhattan. Now, we are revealing for the first time a series of other buildings across the U.S. that appear to serve a similar function, as critical parts of one of the world’s most powerful electronic eavesdropping systems, hidden in plain sight.“It’s eye-opening and ominous the extent to which this is happening right here on American soil,” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice. “It puts a face on surveillance that we could never think of before in terms of actual buildings and actual facilities in our own cities, in our own backyards.”There are hundreds of AT&T-owned properties scattered across the U.S. The eight identified by The Intercept serve a specific function, processing AT&T customers’ data and also carrying large quantities of data from other internet providers. They are known as “backbone” and “peering” facilities.While network operators would usually prefer to send data through their own networks, often a more direct and cost-efficient path is provided by other providers’ infrastructure. If one network in a specific area of the country is overloaded with data traffic, another operator with capacity to spare can sell or exchange bandwidth, reducing the strain on the congested region. This exchange of traffic is called “peering” and is an essential feature of the internet.Because of AT&T’s position as one of the U.S.’s leading telecommunications companies, it has a large network that is frequently used by other providers to transport their customers’ data. Companies that “peer” with AT&T include the American telecommunications giants Sprint, Cogent Communications, and Level 3, as well as foreign companies such as Sweden’s Telia, India’s Tata Communications, Italy’s Telecom Italia, and Germany’s Deutsche Telekom.AT&T currently boasts 19,500 “points of presence” in 149 countries where internet traffic is exchanged. But only eight of the company’s facilities in the U.S. offer direct access to its “common backbone” – key data routes that carry vast amounts of emails, internet chats, social media updates, and internet browsing sessions. These eight locations are among the most important in AT&T’s global network. They are also highly valued by the NSA, documents indicate.The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years. It is an efficient point to conduct internet surveillance, Klein said, “because the peering links, by the nature of the connections, are liable to carry everybody’s traffic at one point or another during the day, or the week, or the year.”Christopher Augustine, a spokesperson for the NSA, said in a statement that the agency could “neither confirm nor deny its role in alleged classified intelligence activities.” Augustine declined to answer questions about the AT&T facilities, but said that the NSA “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect U.S. persons’ privacy and civil liberties.”Jim Greer, an AT&T spokesperson, said that AT&T was “required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests, and other legal requirements.” He added that the company provides “voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”Dave Schaeffer, CEO of Cogent Communications, told The Intercept that he had no knowledge of the surveillance at the eight AT&T buildings, but said he believed “the core premise that the NSA or some other agency would like to look at traffic … at an AT&T facility.” He said he suspected that the surveillance is likely carried out on “a limited basis,” due to technical and cost constraints. If the NSA were trying to “ubiquitously monitor” data passing across AT&T’s networks, Schaeffer added, he would be “extremely concerned.”Sprint, Telia, Tata Communications, Telecom Italia, and Deutsche Telekom did not respond to requests for comment. CenturyLink, which owns Level 3, said it would not discuss “matters of national security.”

Much has previously been reported about the NSA’s surveillance programs. But few details have been disclosed about the physical infrastructure that enables the spying. Last year, The Intercept highlighted a likely NSA facility in New York City’s Lower Manhattan. Now, we are revealing for the first time a series of other buildings across the U.S. that appear to serve a similar function, as critical parts of one of the world’s most powerful electronic eavesdropping systems, hidden in plain sight.“It’s eye-opening and ominous the extent to which this is happening right here on American soil,” said Elizabeth Goitein, co-director of the Liberty and National Security Program at the Brennan Center for Justice. “It puts a face on surveillance that we could never think of before in terms of actual buildings and actual facilities in our own cities, in our own backyards.”There are hundreds of AT&T-owned properties scattered across the U.S. The eight identified by The Intercept serve a specific function, processing AT&T customers’ data and also carrying large quantities of data from other internet providers. They are known as “backbone” and “peering” facilities.While network operators would usually prefer to send data through their own networks, often a more direct and cost-efficient path is provided by other providers’ infrastructure. If one network in a specific area of the country is overloaded with data traffic, another operator with capacity to spare can sell or exchange bandwidth, reducing the strain on the congested region. This exchange of traffic is called “peering” and is an essential feature of the internet.Because of AT&T’s position as one of the U.S.’s leading telecommunications companies, it has a large network that is frequently used by other providers to transport their customers’ data. Companies that “peer” with AT&T include the American telecommunications giants Sprint, Cogent Communications, and Level 3, as well as foreign companies such as Sweden’s Telia, India’s Tata Communications, Italy’s Telecom Italia, and Germany’s Deutsche Telekom.AT&T currently boasts 19,500 “points of presence” in 149 countries where internet traffic is exchanged. But only eight of the company’s facilities in the U.S. offer direct access to its “common backbone” – key data routes that carry vast amounts of emails, internet chats, social media updates, and internet browsing sessions. These eight locations are among the most important in AT&T’s global network. They are also highly valued by the NSA, documents indicate.The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years. It is an efficient point to conduct internet surveillance, Klein said, “because the peering links, by the nature of the connections, are liable to carry everybody’s traffic at one point or another during the day, or the week, or the year.”Christopher Augustine, a spokesperson for the NSA, said in a statement that the agency could “neither confirm nor deny its role in alleged classified intelligence activities.” Augustine declined to answer questions about the AT&T facilities, but said that the NSA “conducts its foreign signals intelligence mission under the legal authorities established by Congress and is bound by both policy and law to protect U.S. persons’ privacy and civil liberties.”Jim Greer, an AT&T spokesperson, said that AT&T was “required by law to provide information to government and law enforcement entities by complying with court orders, subpoenas, lawful discovery requests, and other legal requirements.” He added that the company provides “voluntary assistance to law enforcement when a person’s life is in danger and in other immediate, emergency situations. In all cases, we ensure that requests for assistance are valid and that we act in compliance with the law.”Dave Schaeffer, CEO of Cogent Communications, told The Intercept that he had no knowledge of the surveillance at the eight AT&T buildings, but said he believed “the core premise that the NSA or some other agency would like to look at traffic … at an AT&T facility.” He said he suspected that the surveillance is likely carried out on “a limited basis,” due to technical and cost constraints. If the NSA were trying to “ubiquitously monitor” data passing across AT&T’s networks, Schaeffer added, he would be “extremely concerned.”Sprint, Telia, Tata Communications, Telecom Italia, and Deutsche Telekom did not respond to requests for comment. CenturyLink, which owns Level 3, said it would not discuss “matters of national security.”

https://theintercept.com/2018/06/25/att-internet-nsa-spy-hubs/

Advertisements

Leave a Reply

Please log in using one of these methods to post your comment:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: