8 AT&T Peering Sites Identified as NSA Spying Hubs

A fascinating article by Ryan Gallagher and Henrik Moltke for The Intercept lists the locations of 8 AT&T buildings said to be “central” to the monitoring of “billions of emails, phone calls, and online chats passing across U.S. territory.” As might be guessed from network topography alone, the National Security Agency (NSA) has focused their surveillance efforts by accessing traffic passing through 8 AT&T peering centers in the mainland USA. These peering centers are located in Atlanta, Chicago, Dallas, Los Angeles, New York City, San Francisco, Seattle, and Washington DC; the telco refers to these facilities as Service Node Routing Complexes (SNRCs). Each SNRC is a node of the backbone network set up to manage peering of traffic with other tier one telcos. Though it is no secret that AT&T owns these buildings, and AT&T’s cooperation with the NSA was first revealed by Ed Snowden’s leaks, The Intercept has since corroborated the use of the SNRCs for NSA spying by speaking to several former AT&T employees.

The article explains that it is efficient for the NSA to obtain traffic from the AT&T SNRCs because of how much the network is carrying for other telcos.

The data exchange between AT&T and other networks initially takes place outside AT&T’s control, sources said, at third-party data centers that are owned and operated by companies such as California’s Equinix. But the data is then routed – in whole or in part – through the eight AT&T buildings, where the NSA taps into it. By monitoring what it calls the “peering circuits” at the eight sites, the spy agency can collect “not only AT&T’s data, they get all the data that’s interchanged between AT&T’s network and other companies,” according to Mark Klein, a former AT&T technician who worked with the company for 22 years. It is an efficient point to conduct internet surveillance, Klein said, “because the peering links, by the nature of the connections, are liable to carry everybody’s traffic at one point or another during the day, or the week, or the year.”

The history of electronic surveillance in the USA was tarnished when ‘warrantless wiretapping’ of US citizens was first reported by the New York Times in 2005. Though it is illegal for US spy agencies to intercept communications between US citizens without a court order, President George W. Bush ordered the NSA to spy on international communications involving US citizens. Whilst this is a serious matter for Americans, it is unfortunate that journalists usually write for national audiences, because the ramifications of the NSA’s spying infrastructure is much greater for anyone who is not a US citizen. Whilst the government, spying agency, telco and peering node may all be located in the USA, much of the world’s communications traffic passes through the US even though it originates and terminates in other countries. US citizens have legal protections not granted to anyone else, begging a question about the extent to which governments of other countries, or businesses which compete with US enterprises, rely on an international communications infrastructure where Americans can legally spy upon them. As The Intercept explains:

The NSA calls this predicament “home field advantage” – a kind of geographic good fortune. “A target’s phone call, email, or chat will take the cheapest path, not the physically most direct path,” one agency document explains. “Your target’s communications could easily be flowing into and through the U.S.”

The downside to US surveillance of international comms should be even more apparent now that the current US President is threatening trade wars with other countries, including some that are accused of stealing American intellectual property. At the same time, many governments continue to bully telecoms and tech companies into designing communications protocols so that spy agencies can bypass any encryption. The watering down of encryption is ostensibly motivated by the fight against terrorism, but it also undermines another form of protection for legitimate businesses.

You can read the full article from The Intercept, including detailed descriptions of the 8 AT&T SNRCs, by looking here.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Director of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.