Five years on from the revelations that the U.S. National Security Agency (NSA) collects personal data on every American—and many more people worldwide—the storm has passed.
But, the NSA continues to monitor every American and the citizens of many allied countries, with the backing of the U.S. government and large portions of Congress. And it’s not only the NSA—its counterparts at the CIA are also spying on and hacking targets of interest.
It is important to learn about the methods the NSA uses to spy on citizens. Once you understand how your liberties are violated, you can start defending your data and reclaim your privacy.
Let’s take a look at eight methods the NSA is using to spy on you right now, according to documents leaked by Edward Snowden and further investigation by the press.
In 2017, the NSA acquired data from over 534 million phone calls and text messages. Unbelievably, this tally is over triple the amount collected in 2015, when the USA Freedom Act supposedly limited NSA access to data from communication companies.
Facebook, Google, Apple, and six other leading online services have all gone on record as having given their customers’ data to the NSA, as legally required by the “PRISM” program. Data shared includes emails, messages, and documents.
The NSA’s hacking unit, Tailored Access Operations, has developed a whole range of hacking exploits. These enable the NSA to break into consumer electronics devices and IT systems as it sees fit. When the NSA finds a security hole in a popular consumer device, it does not, as previously intended, fix the security hole, but instead exploits it. That leaves all our devices vulnerable to hackers.
The NSA has also made the job of hacking security devices easier for itself, by coercing many manufacturers into building vulnerabilities into products such as networking switches, firewalls, and encryption protocols. These vulnerabilities are known to the NSA, which can exploit them at any time. The NSA also intercepts shipments of computers and phones and plants backdoors in them.
When you move around your town, cell phone towers can calculate your exact position. Though the NSA says it no longer collects this bulk data itself, cell phone providers are still required to do so, and they in turn must surrender those records to the NSA when ordered by a court. You don’t even have to be the subject of an inquiry yourself. The data of millions can be handed over, without notice, because you had even the most tangential connection to a person under surveillance.
The internet connects different continents via undersea fiber optic cables that carry truly massive amounts of data. In some places, the NSA has deals with local intelligence agencies to tap into these cables; in others, it does so on its own. The NSA even uses submarines to attach snooping bugs to wires deep beneath in the ocean.
In Brazil, Germany and other countries, the NSA has broken into the internal networks of major telecommunications providers, intercepting the data they gather and weakening the security of their systems. It collects every email and phone call it can.
The NSA has access, through agreements and hacking, to major credit card networks, payment gateways, and wire transfer facilities. This allows it to follow every cent of your money, where it comes from, and what you are spending it on.
While the NSA’s reach extends across the globe, there is still a lot you can do to safeguard your internet privacy. Check out this list of top privacy tips and always be conscious of what you’re sharing, with whom you’re sharing, and how you share it.Source https://www.expressvpn.com/blog/8-ways-the-nsa-spies-on-you/
Do you consider yourself an Internet privacy guru? How far do you go to ensure you remain anonymous online? ExpressVPN has gathered a list of ten tips every privacy-minded netizen should know (and follow) by heart. Check yourself against this list and see where you stand!
Logging out of your social media and online bank accounts after using them is like locking your front door when you leave home. It’s quick, simple, and prevents unwanted intruders from gaining access to your personal data.
Some people believe merely closing the window where you are logged in is enough to prevent others from accessing your account. The truth is, you may still be signed in to your account on that device, leaving you vulnerable to tracking. The only way to be sure is to log yourself out when you are done using an online service – especially if you are using a public machine/network.
Come to think about it, it’s best that you don’t log in to your social media or online bank accounts at all when you’re out in public. Many of these networks routinely gather and send your data to third parties, and rogue networks can snoop your traffic and passwords or inject malware and ads onto your device.
The best way to protect yourself against such risks is to avoid accessing your social media or online bank via a public connection or someone else’s device. But if you have to (or really really want to), you should…
Connecting your device to a VPN redirects all of your device traffic through a secure and encrypted tunnel. This means Internet service providers or sketchy parties trying to peek into your device traffic will only see a bunch of meaningless garbage.
In addition, using a VPN allows you to access content that is blocked in certain countries and can even help you save money while shopping. When you’re connected to a VPN, third parties will only see the IP address of the network you are connected to, instead of your real IP address. All said, using a VPN should be standard procedure for all forms of Internet usage, public or not.
It’s common practice for companies to ask for your email address or personal details in order to “unlock” certain content or to enter a contest. On the surface, submitting a simple email address may not seem like a big deal. The truth is, marketers are collecting your information for direct marketing purposes. Worse still, they are often selling it to other companies for revenue.
When faced with these situations in the future, remember to ask yourself: How useful is this content that I’m exchanging my email for? How likely am I to win this prize? Chances are, you almost certainly won’t win anything, but the marketer will definitely have gained a new lead for future monetization. If need be, create some pseudonymous email addresses. They can be a gateway to a lot of fun.
Let’s face it: we all love to share our current location online. Taking a vacation and checking in at that dream luxury resort? Time for a Facebook check-in (complete with cheeky status update). Enjoying a delicious buffet with your significant other? Why not share a few mouth-watering snaps (along with the restaurant’s location) on Instagram?
Understandably, it’s fun to check in and record where you’ve been. However, this makes it very easy for third parties to track your exact location, and can potentially lead to actual physical harm. For a chilling example, look no further than Pokémon Go, where unsuspecting players have been lured and mugged by armed robbers pretending to offer rare Pokémon.
Even if you don’t exchange your email for online content/prizes, you’ll still receive the occasional fishy email or spam. The first (and only) thing you should do is to delete those emails. By opening the email, or clicking any links inside it, you are likely inviting malicious attacks on your device and personal privacy.
Furthermore, never reply to suspicious emails. You might be tempted to reply and ask to be removed from the mailing list, but not only will that not work, you will also have confirmed to spammers that your email address is indeed active – likely inviting more useless (or harmful) messages in the future. As for your email provider, replying to spam indicates that you actually find these emails useful, making it more likely that they will no longer be labeled as spam moving forward. In short, ignore and delete any emails in your spam folder, and click “report” for any spam emails that have not been identified as such by your email provider.
By now, anyone still using “QWERTY” or “123456” as their account passwords should probably have their Internet access revoked – for their own protection. In a time when cyber thieves are getting smarter and employing more devious methods, the least you can do is to get a strong password.
For starters, do not include any personal details in your password but do use a mixture of numbers and letters as well as special characters. If you’re looking to go all the way, consider using two-factor authentication, password managers, and Diceware.
To defend yourself against cookies, you can get browser add-ons such as uBlock Origin or Privacy Badger. You might even want to use a private web browser.
Speaking of private web browsers, you should use tools that allow you to use the web anonymously. For a browser that is great for privacy, try Tor (and learn more about it here). If you’re looking for tracking-free web search, use DuckDuckGo (also available as a handy app). On a related note, beware of shortened links, and don’t open them unless you’re using a private browser such as Tor.
Oh, and of course, remember to use a VPN.
Finally, remember that you are the one who controls what information you share online. If you don’t share it, they can’t get a hold of it. In keeping with this idea: