NSA databases clogged with spam. Also: why Yahoo address books are so often hacked.

The NSA has been harvesting address books from Americans’ e-mail. This is done semi-legally. That is, the NSA intercepts e-mail at points where it transits international boundaries, as in Google using a foreign server to handle e-mail. This brings in lots of American communications. The NSA also makes presumptions about the “foreignness” of e-mail that they know are, or are likely to be wrong. For example, an American writing to his home office from Europe would automatically be labeled as foreign correspondence, even though the recipient and the sender are American.

Barton Gellman and Ashkan Soltani:

Spam has proven to be a significant problem for NSA — clogging databases with data that holds no foreign intelligence value. The majority of all e-mails, one NSA document says, “are SPAM from ‘fake’ addresses and never ‘delivered’ to targets.”

In fall 2011, according to an NSA presentation, the Yahoo account of an Iranian target was “hacked by an unknown actor,” who used it to send spam. The Iranian had “a number of Yahoo groups in his/her contact list, some with many hundreds or thousands of members.”

The cascading effects of repeated spam messages, compounded by the automatic addition of the Iranian’s contacts to other people’s address books, led to a massive spike in the volume of traffic collected by the Australian intelligence service on the NSA’s behalf.

After nine days of data-bombing, the Iranian’s contact book and contact books for several people within it were “emergency detasked.”

In this report, we learn that “Yahoo, unlike other service providers, has left connections to its users unencrypted by default.” This explains why spammers target Yahoo so often for address books.