Leaked Snowden documents published by Laura Poitras and Peter Maass in The Intercept describe the NSA's SENTRY EAGLE program describe six programs aimed at weakening the capacity of people all over the world to communicate in private.
Part of the SENTRY EAGLE effort involves infiltrating "commercial entities" with undercover agents — though it's not clear whether these are US or foreign companies. If the NSA has put secret operatives into foreign companies — for example, cloud companies in the EU — this could change the calculus of non-US businesses that have moved their data-centers and operations away from American-based firms whom they fear to be secretly in cahoots with the NSA, a fear that was magnified by the revelation that RSA had secretly taken $10M from the NSA to fatally weaken its products.
But the briefing document suggests another category of employees—ones who are secretly working for the NSA without anyone else being aware. This kind of double game, in which the NSA works with and against its corporate partners, already characterizes some of the agency's work, in which information or concessions that it desires are surreptitiously acquired if corporations will not voluntarily comply. The reference to "under cover" agents jumped out at two security experts who reviewed the NSA documents for The Intercept.
"That one bullet point, it's really strange," said Matthew Green, a cryptographer at Johns Hopkins University. "I don't know how to interpret it." He added that the cryptography community in America would be surprised and upset if it were the case that "people are inside [an American] company covertly communicating with NSA and they are not known to the company or to their fellow employees."
The ACLU's Soghoian said technology executives are already deeply concerned about the prospect of clandestine agents on the payroll to gain access to highly sensitive data, including encryption keys, that could make the NSA's work "a lot easier."
"As more and more communications become encrypted, the attraction for intelligence agencies of stealing an encryption key becomes irresistible," he said. "It's such a juicy target."
Core Secrets: NSA Saboteurs in China and Germany [Peter Maass and Laura Poitras/The Intercept]