Phnom Penh acted as a U.S. National Security Agency (NSA) regional collection point for the interception of data obtained by malicious software placed on more than 50,000 computer networks worldwide by the U.S. spy agency, according to a new document released by NSA whistleblower Edward Snowden.
Released on Saturday and first reported by the Netherlands-based NRC Handelsblad newspaper, the NSA document dated 2012 and labeled “top secret” shows a worldwide Signals Intelligence (SIGINT) network, which refers to the interception of data from people or electronics, of more than 80 Special Collection Services points around the world.
The special collection points harvested data from some 50,000 Computer Network Exploitation (CNE) attacks by malicious computer software, or malware, which is purposely disseminated to infect target computers.
Along with the 50,000 malware attacks, the Special Collection Services points also harvested data from 20 “major accesses” from fiber-optic cables; and more than 50 regional facilities to intercept foreign satellite communications.
Phnom Penh is listed on the NSA document as being among 84 SCS points, some whose names have been redacted, and shown on a global map as a red dot to indicate importance as a data collection location. Bangkok and Rangoon are also listed. The three cities appear also to be part of an earlier reported joint CIA-NSA wiretapping program.
The NSA document, which was made available to the “Five Eyes,” or the U.S., Australian, Canadian, U.K. and New Zealand governments, also displays the 50,000 worldwide points for CNE attacks by malware planted by the NSA and shows their locations as yellow dots on the map.
According to the NSA’s website, Computer Network Exploitation refers to “enabling actions and intelligence collection via computer networks that exploit data gathered from target or enemy information systems or networks” by installed malware.
The NRC Handelsblad newspaper says a special NSA department called Tailored Access Operations carries out the CNE attacks.
The NSA does not list Phnom Penh as a point of CNE attack, only as a data collection point. The document also does not say where in Phnom Penh the NSA’s collection point is located or what data, if any, was intercepted.
Sean McIntosh, a spokesman for the U.S. Embassy in Phnom Penh, did not respond to a request for comment.
According to the NRC Handelsblad newspaper, the top-secret document is only one slide of a larger NSA management presentation from 2012 that shows how the spy agency gathers data worldwide.
The document also shows that the nearest satellite intercept facility to Cambodia appears to be in Thailand and the closest fiber-optic cable access point appears to be in Indonesia.
According to the NSA operation’s map, Phnom Penh’s Special Collection Services point appears to connect to a satellite intercept facility in the Philippines.
The leaked document is the second in the past week to show Cambodia as a possible target for espionage.
A top-secret 2009 document by the Australian Defense Signals Directorate released earlier this week to The Guardian newspaper by Mr. Snowden lists Cambodian mobile operator MobiTel as a possible network to intercept mobile phone calls.
The document, which revealed Australia’s efforts to spy on Indonesian President Susilo Bambang Yudhoyono, his wife and other government officials, has damaged relations between Canberra and Jakarta.
