The National Security Agency (NSA) has successfully cracked many of the tools that people use to protect the privacy of their online communications, according to documents leaked by Edward Snowden.
For years, the agency has waged a secret campaign to undermine security measures and privacy tools to ensure that it has expansive access to communications for its intelligence operations, The New York Times, The Guardian and ProPublica reported on Thursday.
The campaign includes supercomputers, sophisticated hackers, collaboration from technology companies and a covert project to build vulnerabilities into security tools, according to the news organizations.
Online security measures have become widespread in recent years to protect banking records, private communications and other sensitive information. Many Internet users recognize the tiny padlock symbol in their web browser as an indication that their connection is secure.
But the NSA worried that the security steps threatened to undermine its ability to spy on potential terrorists.
In one document, the NSA bragged that due to its decade-long "aggressive, multi-pronged effort to break widely used Internet encryption technologies" it can exploit "vast amounts of encrypted Internet data which have up till now been discarded."
The news organizations reported that the NSA spends more than $250 million per year on a project to "covertly influence" technology companies into building vulnerabilities into their security products that the NSA can later exploit.
Classified NSA memos indicate that the agency inserted a fatal vulnerability into a 2006 security standard that was adopted by an international standards setting body.
But undermining security tools can empower illegal hackers looking to steal sensitive information — not just NSA spies.
The documents show that the NSA has been working closely with intelligence agencies from other countries, especially the GCHQ, its British counterpart.
A GCHQ team has been working on ways to access encrypted traffic on Hotmail, Google, Yahoo and Facebook, according to the documents.
Many Internet companies have insisted that they only provide access to their users' information in response to valid legal requests.
The news of the NSA's efforts to subvert privacy tools came on the same day that a poll showed widespread concern about Internet privacy. The Pew Research Center found that 86 percent of Internet users have taken steps to hide their online activity.
But the poll found that 59 percent of Internet users believe it is impossible to be completely anonymous online.
Intelligence officials asked the news organizations not to publish the reports, warning it could help terrorists hide their communications. The organizations said they withheld some details, but chose to publish the information because of the value to the public debate over government actions that weaken Internet security.