• Buro Jansen & Janssen is een onderzoeksburo dat politie, justitie, inlichtingendiensten, de overheid in Nederland en Europa kritisch volgt. Een grond-rechten kollektief dat al 30 jaar publiceert over uitbreiding van repressieve wetgeving, publiek-private samenwerking, bevoegdheden, overheids-optreden en andere staatsaangelegenheden.
    Buro Jansen & Janssen Postbus 10591, 1001EN Amsterdam, 020-6123202, 06-34339533, signal +31684065516, info@burojansen.nl (pgp)
    Steun Buro Jansen & Janssen. Word donateur, NL43 ASNB 0856 9868 52 of NL56 INGB 0000 6039 04 ten name van Stichting Res Publica, Postbus 11556, 1001 GN Amsterdam.

  • Categorieën

  • NSA program part of a larger effort to target Internet

    PRISM appears to be a response to overseas data centers and Internet services’ increasing encryption of email.

    WASHINGTON — Operating under secret court orders, the National Security Agency has access to a large segment of U.S. and global Internet traffic, allowing the giant spy agency to intercept specific information for counter-terrorism and foreign intelligence purposes, according to current and former intelligence officials.

    News leaks this week revealed a highly classified NSA program code-named PRISM that allows it to mine data from domestic Internet and social media companies under certain circumstances. But PRISM is part of a much larger evolving effort by the intelligence agency to scoop up as much Internet traffic as possible, the officials said.

    Most Internet data moves through fiber-optic cables in the United States, and the NSA physically intercepts much of it through equipment installed at telecommunications facilities, or from undersea cables.

    But two trends have forced the NSA to adapt in recent years. Google and other major U.S.-based Internet providers have built computer server farms and data centers abroad. In addition, an increasing amount of digital traffic, including Google’s Gmail service, is encrypted to ensure privacy and to thwart cyber-theft.

    The 6-year-old PRISM program appears to be a response to those developments. The agency can access emails, video and other data directly from the companies, U.S. officials said. It’s far simpler than tapping computer lines overseas or trying to decrypt emails.

    It’s “the easy way,” a former senior NSA official said. “It’s also the complete way. You don’t have to worry about missing anything.”

    U.S. officials denied Friday that the NSA had direct access to Internet company servers or their data streams, challenging published reports on the PRISM program. The officials said the NSA needs a surveillance court order to obtain bulk data, and must notify the companies.

    The NSA was chartered to collect foreign intelligence. But as a general matter, surveillance on the Internet makes it difficult to cull Americans from the data stream and only focus on foreigners.

    “You can set up a wiretap between Minsk and Pinsk and get Americans,” said Stewart Baker, a former NSA general counsel who was not briefed on the PRISM program.

    The NSA reportedly seeks to “minimize,” or disregard, data on U.S. citizens that it is not authorized to collect. However, the agency has wide leeway under laws passed since Sept. 11, 2001, to target individual Americans if it can convince the Foreign Intelligence Surveillance Court that there is probable cause to believe the individual has terrorist links.

    Under the court orders, Internet companies turn over data that meet so-called validated selectors chosen by the intelligence community. Those could be phone numbers, email addresses or other data that suggest a terrorist tie-in or foreign espionage.

    A similar legal structure is used for the giant archive of telephone company records that the NSA has assembled since at least 2007. The trove includes toll records for every local call in the United States, as well as those to or from overseas numbers. But officials said a separate court order is required to utilize the vast database in any given investigation.

    If the validated selectors show, for example, that an American is in contact with militants in Pakistan, the NSA could then use a warrant to obtain the American’s emails and other digital communications as well as permission to eavesdrop on phone calls.

    “If it hits on that person’s communication, and I have been in communication with that person, then it’s likely that my phone number or email address will be pulled out,” the former official said. At some point, the FBI would go back to the surveillance court and seek a more specific warrant.

    On Friday, two Democrats who serve on the Senate intelligence committee, Mark Udall of Colorado and Ron Wyden of Oregon, disputed claims by Obama administration officials that collecting Americans’ phone records had helped thwart terrorist attacks.

    “After years of review, we believe statements that this very broad Patriot Act collection has been a critical tool in protecting the nation do not appear to hold up under close scrutiny,” they said in a joint statement.

    ken.dilanian@latimes.com

    Times staff writer Chris O’Brien in San Francisco contributed to this report.

    June 07, 2013|By Ken Dilanian, Washington Bureau

    Find this story at 7 June 2013

    Copyright 2013 Los Angeles Times

    NSA spying could mean US tech companies lose international business

    It is not just personal information that is being swept into the National Security Agency’s (NSA) massive databases. It is corporate data as well

    It is not just personal information that is being swept into the National Security Agency’s (NSA) massive databases. It is corporate data as well. And that could cause some serious international blowback for the US, both politically and economically.

    According to a number of security experts, the U.S. surveillance state –exposed more officially than ever before by former NSA consultant Edward Snowden — will likely undercut the U.S.’s role and influence in Internet governance.

    Ron Deibert, a professor of political science at the University of Toronto, wrote last week on the CNN website that, “there are unintended consequences of the NSA scandal that will undermine U.S. foreign policy interests – in particular, the ‘Internet Freedom’ agenda espoused by the US State Department and its allies.

    “The revelations that have emerged will undoubtedly trigger a reaction abroad as policymakers and ordinary users realize the huge disadvantages of their dependence on US-controlled networks in social media, cloud computing, and telecommunications, and of the formidable resources that are deployed by US national security agencies to mine and monitor those networks,” Deibert wrote.

    Bruce Schneier, CTO at BT and author/security guru, agreed. He linked to Deibert’s article on his own blog, adding, “Now, when countries like Russia and Iran say the U.S. is simply too untrustworthy to manage the Internet, no one will be able to argue.”

    “We can’t fight for Internet freedom around the world, then turn around and destroy it back home.”

    The revelations also pose an economic problem for US cloud providers on the international market. Richard Stiennon, chief research analyst at IT-Harvest, wrote in Forbes that this kind of, “vast foreign and domestic spying & threatens the global competitiveness of US tech companies.”

    Stiennon wrote that since 2006, when making presentations outside the US, he has always been asked if the U.S. is reading foreigners’ email.

    “Answers that allude to ‘protections from abuse’ and ‘oversight’ now seem specious,” he wrote. “From this week forward a universal suspicion has transformed into acknowledged fact. Yes, US government agencies are reading email, tracking phone calls, and monitoring all communications.”

    It would seem that any savvy cloud customers in other parts of the world would have already been aware for years of the NSA’s data collection. Former longtime NSA employee William Binney has been talking about it for more than a decade, the agency’s capabilities have been widely reported in the mainstream and technology press and even members of Congress have hinted at it at least since 2009.

    But Brian Honan, of BH consulting and also a board member of the UK & Ireland chapter of the Cloud Security Alliance, said that, “reassurances from both the providers and US government officials may have allayed to some extent some of those concerns. However the recent revelations about the alleged extent of the surveillance have undermined completely those reassurances.”

    The “denials” coming from cloud providers are not much reassurance either. Kerri Catalozzi, speaking for Amazon, said by email that the company “is not participating in PRISM (an NSA program that reportedly has agreements to collect data from nine Internet companies).”

    That is likely true: Amazon was not among the companies listed in a leaked PowerPoint presentation. But nonparticipation in PRISM offers no guarantee that data isn’t being collected.

    The response was similar from Salesforce.com – spokesman Chi Hea Cho emailed a statement that, “nothing is more important to salesforce.com than the privacy and security of our customers’ data. We are not involved in the PRISM program, and we do not provide any governments with direct access to Salesforce servers.”

    But “direct access” does not mean no access. As a number of analysts have pointed out, the data could come indirectly to the government, through a third party.

    Honan said European companies using services from US Internet companies must now be concerned about whether they are in breach of EU Data Protection laws. Those laws require companies to, “ensure only authorized personnel have access to any personal information of individuals. The fact that US government agencies may be accessing this data could result in many European organizations being unable to satisfy their data protection obligations,” he said.

    While US cloud providers are not saying if they are having trouble either gaining or holding international customers, Honan said he has talked with cloud providers based in the EU, “and they have told me they have seen an increase in sales inquiries.”

    Stiennon wrote that there has been a level of distrust for a while.

    “Email archiving services such as ProofPoint could not sell to even Canadian customers without building local infrastructure. Even establishing separate data centers in Canada and Europe is not enough to assure customers that their data would forever stay out of the grasp of US intelligence services.”

    The recent revelations, he said, will only make things more difficult.

    In an interview, Stiennon said the only way for U.S. cloud providers to bridge the current trust gap is to, “adjust their delivery model to a zero-trust mode. In this model the provider encrypts everything and does not even have the keys. Those are left to the customer to store and manage.”

    And that, he noted, will only work for, “pure cloud providers. Google and Facebook have models that need access to that data to tailor ad delivery.”

    Politically, he said, it will be a very tough sell.

    “It would take a rollback of the surveillance state to deflect this avalanche. Once trust is betrayed, it takes a complete reversal of course to get it back. The US would have to become the privacy state, and demonstrate the absence of surveillance.”

    Honan said he knows US Internet companies have to comply with legal requests for information from the government. But, he said they could reassure their international clients by, “being more transparent regarding the requests they get from the government agencies. As an industry these companies should also consider lobbying the government on how to balance the need of their clients with the security demands of the government.”

    By Taylor Armerding, Framingham | Thursday, 20 June, 2013

    Find this story at 20 June 2013
    © Fairfax Media Business Group Fairfax New Zealand Limited, 2013 Privacy Policy

    The Secret War INFILTRATION. SABOTAGE. MAYHEM. FOR YEARS, FOUR-STAR GENERAL KEITH ALEXANDER HAS BEEN BUILDING A SECRET ARMY CAPABLE OF LAUNCHING DEVASTATING CYBERATTACKS. NOW IT’S READY TO UNLEASH HELL.

    Inside Fort Meade, Maryland, a top-secret city bustles. Tens of thousands of people move through more than 50 buildings—the city has its own post office, fire department, and police force. But as if designed by Kafka, it sits among a forest of trees, surrounded by electrified fences and heavily armed guards, protected by antitank barriers, monitored by sensitive motion detectors, and watched by rotating cameras. To block any telltale electromagnetic signals from escaping, the inner walls of the buildings are wrapped in protective copper shielding and the one-way windows are embedded with a fine copper mesh.

    This is the undisputed domain of General Keith Alexander, a man few even in Washington would likely recognize. Never before has anyone in America’s intelligence sphere come close to his degree of power, the number of people under his command, the expanse of his rule, the length of his reign, or the depth of his secrecy. A four-star Army general, his authority extends across three domains: He is director of the world’s largest intelligence service, the National Security Agency; chief of the Central Security Service; and commander of the US Cyber Command. As such, he has his own secret military, presiding over the Navy’s 10th Fleet, the 24th Air Force, and the Second Army.

    Alexander runs the nation’s cyberwar efforts, an empire he has built over the past eight years by insisting that the US’s inherent vulnerability to digital attacks requires him to amass more and more authority over the data zipping around the globe. In his telling, the threat is so mind-bogglingly huge that the nation has little option but to eventually put the entire civilian Internet under his protection, requiring tweets and emails to pass through his filters, and putting the kill switch under the government’s forefinger. “What we see is an increasing level of activity on the networks,” he said at a recent security conference in Canada. “I am concerned that this is going to break a threshold where the private sector can no longer handle it and the government is going to have to step in.”

    In its tightly controlled public relations, the NSA has focused attention on the threat of cyberattack against the US—the vulnerability of critical infrastructure like power plants and water systems, the susceptibility of the military’s command and control structure, the dependence of the economy on the Internet’s smooth functioning. Defense against these threats was the paramount mission trumpeted by NSA brass at congressional hearings and hashed over at security conferences.

    But there is a flip side to this equation that is rarely mentioned: The military has for years been developing offensive capabilities, giving it the power not just to defend the US but to assail its foes. Using so-called cyber-kinetic attacks, Alexander and his forces now have the capability to physically destroy an adversary’s equipment and infrastructure, and potentially even to kill. Alexander—who declined to be interviewed for this article—has concluded that such cyberweapons are as crucial to 21st-century warfare as nuclear arms were in the 20th.

    And he and his cyberwarriors have already launched their first attack. The cyberweapon that came to be known as Stuxnet was created and built by the NSA in partnership with the CIA and Israeli intelligence in the mid-2000s. The first known piece of malware designed to destroy physical equipment, Stuxnet was aimed at Iran’s nuclear facility in Natanz. By surreptitiously taking control of an industrial control link known as a Scada (Supervisory Control and Data Acquisition) system, the sophisticated worm was able to damage about a thousand centrifuges used to enrich nuclear material.

    The success of this sabotage came to light only in June 2010, when the malware spread to outside computers. It was spotted by independent security researchers, who identified telltale signs that the worm was the work of thousands of hours of professional development. Despite headlines around the globe, officials in Washington have never openly acknowledged that the US was behind the attack. It wasn’t until 2012 that anonymous sources within the Obama administration took credit for it in interviews with The New York Times.

    But Stuxnet is only the beginning. Alexander’s agency has recruited thousands of computer experts, hackers, and engineering PhDs to expand US offensive capabilities in the digital realm. The Pentagon has requested $4.7 billion for “cyberspace operations,” even as the budget of the CIA and other intelligence agencies could fall by $4.4 billion. It is pouring millions into cyberdefense contractors. And more attacks may be planned.

    “We jokingly referred to him as Emperor Alexander, because whatever Keith wants, Keith gets.”

    Inside the government, the general is regarded with a mixture of respect and fear, not unlike J. Edgar Hoover, another security figure whose tenure spanned multiple presidencies. “We jokingly referred to him as Emperor Alexander—with good cause, because whatever Keith wants, Keith gets,” says one former senior CIA official who agreed to speak on condition of anonymity. “We would sit back literally in awe of what he was able to get from Congress, from the White House, and at the expense of everybody else.”

    Now 61, Alexander has said he plans to retire in 2014; when he does step down he will leave behind an enduring legacy—a position of far-reaching authority and potentially Strangelovian powers at a time when the distinction between cyberwarfare and conventional warfare is beginning to blur. A recent Pentagon report made that point in dramatic terms. It recommended possible deterrents to a cyberattack on the US. Among the options: launching nuclear weapons.

    Illustrations by Mark Weaver, John Hyde/Getty Images, Getty Images, Evgeniyozhulay/Getty Images

    H
    e may be a four-star Army general, but Alexander more closely resembles a head librarian than George Patton. His face is anemic, his lips a neutral horizontal line. Bald halfway back, he has hair the color of strong tea that turns gray on the sides, where it is cut close to the skin, more schoolboy than boot camp. For a time he wore large rimless glasses that seemed to swallow his eyes. Some combat types had a derisive nickname for him: Alexander the Geek.

    Born in 1951, the third of five children, Alexander was raised in the small upstate New York hamlet of Onondaga Hill, a suburb of Syracuse. He tossed papers for the Syracuse Post-Standard and ran track at Westhill High School while his father, a former Marine private, was involved in local Republican politics. It was 1970, Richard Nixon was president, and most of the country had by then begun to see the war in Vietnam as a disaster. But Alexander had been accepted at West Point, joining a class that included two other future four-star generals, David Petraeus and Martin Dempsey. Alexander would never get the chance to serve in Vietnam. Just as he stepped off the bus at West Point, the ground war finally began winding down.

    In April 1974, just before graduation, he married his high school classmate Deborah Lynn Douglas, who grew up two doors away in Onondaga Hill. The fighting in Vietnam was over, but the Cold War was still bubbling, and Alexander focused his career on the solitary, rarefied world of signals intelligence, bouncing from secret NSA base to secret NSA base, mostly in the US and Germany. He proved a competent administrator, carrying out assignments and adapting to the rapidly changing high tech environment. Along the way he picked up masters degrees in electronic warfare, physics, national security strategy, and business administration. As a result, he quickly rose up the military intelligence ranks, where expertise in advanced technology was at a premium.

    In 2001, Alexander was a one-star general in charge of the Army Intelligence and Security Command, the military’s worldwide network of 10,700 spies and eavesdroppers. In March of that year he told his hometown Syracuse newspaper that his job was to discover threats to the country. “We have to stay out in front of our adversary,” Alexander said. “It’s a chess game, and you don’t want to lose this one.” But just six months later, Alexander and the rest of the American intelligence community suffered a devastating defeat when they were surprised by the attacks on 9/11. Following the assault, he ordered his Army intercept operators to begin illegally monitoring the phone calls and email of American citizens who had nothing to do with terrorism, including intimate calls between journalists and their spouses. Congress later gave retroactive immunity to the telecoms that assisted the government.

    In 2003, Alexander, a favorite of defense secretary Donald Rumsfeld, was named the Army’s deputy chief of staff for intelligence, the service’s most senior intelligence position. Among the units under his command were the military intelligence teams involved in the human rights abuses at Baghdad’s Abu Ghraib prison. Two years later, Rumsfeld appointed Alexander—now a three-star general—director of the NSA, where he oversaw the illegal, warrantless wiretapping program while deceiving members of the House Intelligence Committee. In a publicly released letter to Alexander shortly after The New York Times exposed the program, US representative Rush Holt, a member of the committee, angrily took him to task for not being forthcoming about the wiretapping: “Your responses make a mockery of congressional oversight.”

    Alexander also proved to be militant about secrecy. In 2005 a senior agency employee named Thomas Drake allegedly gave information to The Baltimore Sun showing that a publicly discussed program known as Trailblazer was millions of dollars over budget, behind schedule, possibly illegal, and a serious threat to privacy. In response, federal prosecutors charged Drake with 10 felony counts, including retaining classified documents and making false statements. He faced up to 35 years in prison—despite the fact that all of the information Drake was alleged to have leaked was not only unclassified and already in the public domain but in fact had been placed there by NSA and Pentagon officials themselves. (As a longtime chronicler of the NSA, I served as a consultant for Drake’s defense team. The investigation went on for four years, after which Drake received no jail time or fine. The judge, Richard D. Bennett, excoriated the prosecutor and NSA officials for dragging their feet. “I find that unconscionable. Unconscionable,” he said during a hearing in 2011. “That’s four years of hell that a citizen goes through. It was not proper. It doesn’t pass the smell test.”)

    But while the powers that be were pressing for Drake’s imprisonment, a much more serious challenge was emerging. Stuxnet, the cyberweapon used to attack the Iranian facility in Natanz, was supposed to be untraceable, leaving no return address should the Iranians discover it. Citing anonymous Obama administration officials, The New York Times reported that the malware began replicating itself and migrating to computers in other countries. Cybersecurity detectives were thus able to detect and analyze it. By the summer of 2010 some were pointing fingers at the US.

    Natanz is a small, dusty town in central Iran known for its plump pears and the burial vault of the 13th-century Sufi sheikh Abd al-Samad. The Natanz nuclear enrichment plant is a vault of a different kind. Tucked in the shadows of the Karkas Mountains, most of it lies deep underground and surrounded by concrete walls 8 feet thick, with another layer of concrete for added security. Its bulbous concrete roof rests beneath more than 70 feet of packed earth. Contained within the bombproof structure are halls the size of soccer pitches, designed to hold thousands of tall, narrow centrifuges. The machines are linked in long cascades that look like tacky decorations from a ’70s discotheque.

    To work properly, the centrifuges need strong, lightweight, well-balanced rotors and high-speed bearings. Spin these rotors too slowly and the critical U-235 molecules inside fail to separate; spin them too quickly and the machines self-destruct and may even explode. The operation is so delicate that the computers controlling the rotors’ movement are isolated from the Internet by a so-called air gap that prevents exposure to viruses and other malware.

    In 2006, the Department of Defense gave the go-ahead to the NSA to begin work on targeting these centrifuges, according to The New York Times. One of the first steps was to build a map of the Iranian nuclear facility’s computer networks. A group of hackers known as Tailored Access Operations—a highly secret organization within the NSA—took up the challenge.

    They set about remotely penetrating communications systems and networks, stealing passwords and data by the terabyte. Teams of “vulnerability analysts” searched hundreds of computers and servers for security holes, according to a former senior CIA official involved in the Stuxnet program. Armed with that intelligence, so-called network exploitation specialists then developed software implants known as beacons, which worked like surveillance drones, mapping out a blueprint of the network and then secretly communicating the data back to the NSA. (Flame, the complex piece of surveillance malware discovered by Russian cybersecurity experts last year, was likely one such beacon.) The surveillance drones worked brilliantly. The NSA was able to extract data about the Iranian networks, listen to and record conversations through computer microphones, even reach into the mobile phones of anyone within Bluetooth range of a compromised machine.

    The next step was to create a digital warhead, a task that fell to the CIA Clandestine Service’s Counter-Proliferation Division. According to the senior CIA official, much of this work was outsourced to national labs, notably Sandia in Albuquerque, New Mexico. So by the mid-2000s, the government had developed all the fundamental technology it needed for an attack. But there was still a major problem: The secretive agencies had to find a way to access Iran’s most sensitive and secure computers, the ones protected by the air gap. For that, Alexander and his fellow spies would need outside help.

    This is where things get murky. One possible bread crumb trail leads to an Iranian electronics and computer wholesaler named Ali Ashtari, who later confessed that he was recruited as a spy by the Mossad, Israel’s intelligence service. (Israel denied the claim.) Ashtari’s principal customers were the procurement officers for some of Iran’s most sensitive organizations, including the intelligence service and the nuclear enrichment plants. If new computers were needed or routers or switches had to be replaced, Ashtari was the man to see, according to reports from semi-official Iranian news agencies and an account of Ashtari’s trial published by the nonprofit Iran Human Rights Voice.
    General Alexander’s Empire
    The four-star general presides over a trifecta of intelligence agencies headquartered in Fort Meade, Maryland. Here’s a guide to the alphabet soup of agency and subagency acronyms. —Cameron Bird
    Photo: Ann Heisenfelt/Corbis, Illustrations: Jeremy Loyd

    NSA

    (National Security Agency)

    The nation’s largest employer of mathematicians. The Department of Defense created this agency in 1952 to intercept, collect, and decrypt foreign communications. In the past decade, the NSA poured hundreds of millions of dollars into offensive cyberwar R&D.

    CSS

    (Central Security Service)

    Originally envisioned as a fourth branch of the armed services, this organization is now described as a “combat support agency.” It coordinates with the Army, Navy, Coast Guard, Marines, and Air Force to eavesdrop on foreign signals—like tapping into undersea cable or wireless communications.

    USCYBERCOM

    (US Cyber Command)

    Established by the Department of Defense in 2009 to deter cyberattacks—”proactively.” In March, Alexander gave a hint of the command’s mandate to the House Armed Services Committee: “I would like to be clear that this team, this defend-the-nation team, is not a defensive team.”
    CAE

    (Centers for Academic Excellence)

    Launched in 1998, this NSA initiative seeks to increase the number of college students competent in “information assurance.” Last year the agency accredited four universities to lead the way in training the next generation of cyber operators in “collection, exploitation, and response.”
    SCS

    (Special Collection Service)

    A unit whose existence has never been officially acknowledged by the defense establishment. But according to the accounts of an anonymous CIA official, members of the ultra-top-secret group are involved in covert eavesdropping from US embassies around the world.
    JFCC-NW

    (Joint Functional Component Command for Network Warfare)

    Created in 2005 as part of US Strategic Command, which controls the nation’s nuclear arsenal, it played a lead role in promoting the idea of thwarting Iran’s own nuclear ambitions with a cyberattack. Folded into Cybercom in 2010.

    He not only had access to some of Iran’s most sensitive locations, his company had become an electronics purchasing agent for the intelligence, defense, and nuclear development departments. This would have given Mossad enormous opportunities to place worms, back doors, and other malware into the equipment in a wide variety of facilities. Although the Iranians have never explicitly acknowledged it, it stands to reason that this could have been one of the ways Stuxnet got across the air gap.

    But by then, Iran had established a new counterintelligence agency dedicated to discovering nuclear spies. Ashtari was likely on their radar because of the increased frequency of his visits to various sensitive locations. He may have let down his guard. “The majority of people we lose as sources—who get wrapped up or executed or imprisoned—are usually those willing to accept more risk than they should,” says the senior CIA official involved with Stuxnet. In 2006, according to Iran Human Rights Voice, Ashtari was quietly arrested at a travel agency after returning from another trip out of the country.

    The malware targeting Iran replicated and spread to computers in other countries.

    In June 2008 he was brought to trial in Branch 15 of the Revolutionary Court, where he confessed, pleaded guilty to the charges, expressed remorse for his actions, and was sentenced to death. On the morning of November 17, in the courtyard of Tehran’s Evin Prison, a noose was placed around Ashtari’s neck, and a crane hauled his struggling body high into the air.

    Ashtari may well have been one of the human assets that allowed Stuxnet to cross the air gap. But he was not Israel’s only alleged spy in Iran, and others may also have helped enable malware transfer. “Normally,” says the anonymous CIA official, “what we do is look for multiple bridges, in case a guy gets wrapped up.” Less then two weeks after Ashtari’s execution, the Iranian government arrested three more men, charging them with spying for Israel. And on December 13, 2008, Ali-Akbar Siadat, another importer of electronic goods, was arrested as a spy for the Mossad, according to Iran’s official Islamic Republic News Agency. Unlike Ashtari, who said he had operated alone, Siadat was accused of heading a nationwide spy network employing numerous Iranian agents. But despite their energetic counterintelligence work, the Iranians would not realize for another year and a half that a cyberweapon was targeting their nuclear centrifuges. Once they did, it was only a matter of time until they responded.

    Sure enough, in August 2012 a devastating virus was unleashed on Saudi Aramco, the giant Saudi state-owned energy company. The malware infected 30,000 computers, erasing three-quarters of the company’s stored data, destroying everything from documents to email to spreadsheets and leaving in their place an image of a burning American flag, according to The New York Times. Just days later, another large cyberattack hit RasGas, the giant Qatari natural gas company. Then a series of denial-of-service attacks took America’s largest financial institutions offline. Experts blamed all of this activity on Iran, which had created its own cyber command in the wake of the US-led attacks. James Clapper, US director of national intelligence, for the first time declared cyberthreats the greatest danger facing the nation, bumping terrorism down to second place. In May, the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team issued a vague warning that US energy and infrastructure companies should be on the alert for cyberattacks. It was widely reported that this warning came in response to Iranian cyberprobes of industrial control systems. An Iranian diplomat denied any involvement.

    The cat-and-mouse game could escalate. “It’s a trajectory,” says James Lewis, a cyber­security expert at the Center for Strategic and International Studies. “The general consensus is that a cyber response alone is pretty worthless. And nobody wants a real war.” Under international law, Iran may have the right to self-defense when hit with destructive cyberattacks. William Lynn, deputy secretary of defense, laid claim to the prerogative of self-defense when he outlined the Pentagon’s cyber operations strategy. “The United States reserves the right,” he said, “under the laws of armed conflict, to respond to serious cyberattacks with a proportional and justified military response at the time and place of our choosing.” Leon Panetta, the former CIA chief who had helped launch the Stuxnet offensive, would later point to Iran’s retaliation as a troubling harbinger. “The collective result of these kinds of attacks could be a cyber Pearl Harbor,” he warned in October 2012, toward the end of his tenure as defense secretary, “an attack that would cause physical destruction and the loss of life.” If Stuxnet was the proof of concept, it also proved that one successful cyberattack begets another. For Alexander, this offered the perfect justification for expanding his empire.

    Illustrations by Mark Weaver, SSPL/Getty Images, Getty Images, Daniele Carotenuto/Getty Images

    I
    n May 2010, a little more than a year after President Obama took office and only weeks before Stuxnet became public, a new organization to exercise American rule over the increasingly militarized Internet became operational: the US Cyber Command. Keith Alexander, newly promoted to four-star general, was put in charge of it. The forces under his command were now truly formidable—his untold thousands of NSA spies, as well as 14,000 incoming Cyber Command personnel, including Navy, Army, and Air Force troops. Helping Alexander organize and dominate this new arena would be his fellow plebes from West Point’s class of 1974: David Petraeus, the CIA director; and Martin Dempsey, chair of the Joint Chiefs of Staff.

    Indeed, dominance has long been their watchword. Alexander’s Navy calls itself the Information Dominance Corps. In 2007, the then secretary of the Air Force pledged to “dominate cyberspace” just as “today, we dominate air and space.” And Alexander’s Army warned, “It is in cyberspace that we must use our strategic vision to dominate the information environment.” The Army is reportedly treating digital weapons as another form of offensive capability, providing frontline troops with the option of requesting “cyber fire support” from Cyber Command in the same way they request air and artillery support.

    All these capabilities require a giant expansion of secret facilities. Thousands of hard-hatted construction workers will soon begin erecting cranes, driving backhoes, and emptying cement trucks as they expand the boundaries of NSA’s secret city eastward, increasing its already enormous size by a third. “You could tell that some of the seniors at NSA were truly concerned that cyber was going to engulf them,” says a former senior Cyber Command official, “and I think rightfully so.”

    In May, work began on a $3.2 billion facility housed at Fort Meade in Maryland. Known as Site M, the 227-acre complex includes its own 150-megawatt power substation, 14 administrative buildings, 10 parking garages, and chiller and boiler plants. The server building will have 90,000 square feet of raised floor—handy for supercomputers—yet hold only 50 people. Meanwhile, the 531,000-square-foot operations center will house more than 1,300 people. In all, the buildings will have a footprint of 1.8 million square feet. Even more ambitious plans, known as Phase II and III, are on the drawing board. Stretching over the next 16 years, they would quadruple the footprint to 5.8 million square feet, enough for nearly 60 buildings and 40 parking garages, costing $5.2 billion and accommodating 11,000 more cyberwarriors.

    alexander’s forces are formidable—thousands of NSA spies, plus 14,000 cyber troops.

    In short, despite the sequestration, layoffs, and furloughs in the federal government, it’s a boom time for Alexander. In April, as part of its 2014 budget request, the Pentagon asked Congress for $4.7 billion for increased “cyberspace operations,” nearly $1 billion more than the 2013 allocation. At the same time, budgets for the CIA and other intelligence agencies were cut by almost the same amount, $4.4 billion. A portion of the money going to Alexander will be used to create 13 cyberattack teams.

    What’s good for Alexander is good for the fortunes of the cyber-industrial complex, a burgeoning sector made up of many of the same defense contractors who grew rich supplying the wars in Iraq and Afghanistan. With those conflicts now mostly in the rearview mirror, they are looking to Alexander as a kind of savior. After all, the US spends about $30 billion annually on cybersecurity goods and services.

    In the past few years, the contractors have embarked on their own cyber building binge parallel to the construction boom at Fort Meade: General Dynamics opened a 28,000-square-foot facility near the NSA; SAIC cut the ribbon on its new seven-story Cyber Innovation Center; the giant CSC unveiled its Virtual Cyber Security Center. And at consulting firm Booz Allen Hamilton, where former NSA director Mike McConnell was hired to lead the cyber effort, the company announced a “cyber-solutions network” that linked together nine cyber-focused facilities. Not to be outdone, Boeing built a new Cyber Engagement Center. Leaving nothing to chance, it also hired retired Army major general Barbara Fast, an old friend of Alexander’s, to run the operation. (She has since moved on.)

    Defense contractors have been eager to prove that they understand Alexander’s worldview. “Our Raytheon cyberwarriors play offense and defense,” says one help-wanted site. Consulting and engineering firms such as Invertix and Parsons are among dozens posting online want ads for “computer network exploitation specialists.” And many other companies, some unidentified, are seeking computer and network attackers. “Firm is seeking computer network attack specialists for long-term government contract in King George County, VA,” one recent ad read. Another, from Sunera, a Tampa, Florida, company, said it was hunting for “attack and penetration consultants.”

    One of the most secretive of these contractors is Endgame Systems, a startup backed by VCs including Kleiner Perkins Caufield & Byers, Bessemer Venture Partners, and Paladin Capital Group. Established in Atlanta in 2008, Endgame is transparently antitransparent. “We’ve been very careful not to have a public face on our company,” former vice president John M. Farrell wrote to a business associate in an email that appeared in a WikiLeaks dump. “We don’t ever want to see our name in a press release,” added founder Christopher Rouland. True to form, the company declined Wired’s interview requests.

    Perhaps for good reason: According to news reports, Endgame is developing ways to break into Internet-connected devices through chinks in their antivirus armor. Like safecrackers listening to the click of tumblers through a stethoscope, the “vulnerability researchers” use an extensive array of digital tools to search for hidden weaknesses in commonly used programs and systems, such as Windows and Internet Explorer. And since no one else has ever discovered these unseen cracks, the manufacturers have never developed patches for them.

    Endgame hunts for hidden security weaknesses that are ripe for exploitation.

    Thus, in the parlance of the trade, these vulnerabilities are known as “zero-day exploits,” because it has been zero days since they have been uncovered and fixed. They are the Achilles’ heel of the security business, says a former senior intelligence official involved with cyberwarfare. Those seeking to break into networks and computers are willing to pay millions of dollars to obtain them.

    According to Defense News’ C4ISR Journal and Bloomberg Businessweek, Endgame also offers its intelligence clients—agencies like Cyber Command, the NSA, the CIA, and British intelligence—a unique map showing them exactly where their targets are located. Dubbed Bonesaw, the map displays the geolocation and digital address of basically every device connected to the Internet around the world, providing what’s called network situational awareness. The client locates a region on the password-protected web-based map, then picks a country and city— say, Beijing, China. Next the client types in the name of the target organization, such as the Ministry of Public Security’s No. 3 Research Institute, which is responsible for computer security—or simply enters its address, 6 Zhengyi Road. The map will then display what software is running on the computers inside the facility, what types of malware some may contain, and a menu of custom-designed exploits that can be used to secretly gain entry. It can also pinpoint those devices infected with malware, such as the Conficker worm, as well as networks turned into botnets and zombies— the equivalent of a back door left open.

    Bonesaw also contains targeting data on US allies, and it is soon to be upgraded with a new version codenamed Velocity, according to C4ISR Journal. It will allow Endgame’s clients to observe in real time as hardware and software connected to the Internet around the world is added, removed, or changed. But such access doesn’t come cheap. One leaked report indicated that annual subscriptions could run as high as $2.5 million for 25 zero-day exploits.

    The buying and using of such a subscription by nation-states could be seen as an act of war. “If you are engaged in reconnaissance on an adversary’s systems, you are laying the electronic battlefield and preparing to use it,” wrote Mike Jacobs, a former NSA director for information assurance, in a McAfee report on cyberwarfare. “In my opinion, these activities constitute acts of war, or at least a prelude to future acts of war.” The question is, who else is on the secretive company’s client list? Because there is as of yet no oversight or regulation of the cyberweapons trade, companies in the cyber-industrial complex are free to sell to whomever they wish. “It should be illegal,” says the former senior intelligence official involved in cyberwarfare. “I knew about Endgame when I was in intelligence. The intelligence community didn’t like it, but they’re the largest consumer of that business.”

    Thus, in their willingness to pay top dollar for more and better zero-day exploits, the spy agencies are helping drive a lucrative, dangerous, and unregulated cyber arms race, one that has developed its own gray and black markets. The companies trading in this arena can sell their wares to the highest bidder—be they frontmen for criminal hacking groups or terrorist organizations or countries that bankroll terrorists, such as Iran. Ironically, having helped create the market in zero-day exploits and then having launched the world into the era of cyberwar, Alexander now says the possibility of zero-day exploits falling into the wrong hands is his “greatest worry.”

    He has reason to be concerned. In May, Alexander discovered that four months earlier someone, or some group or nation, had secretly hacked into a restricted US government database known as the National Inventory of Dams. Maintained by the Army Corps of Engineers, it lists the vulnerabilities for the nation’s dams, including an estimate of the number of people who might be killed should one of them fail. Meanwhile, the 2013 “Report Card for America’s Infrastructure” gave the US a D on its maintenance of dams. There are 13,991 dams in the US that are classified as high-hazard, the report said. A high-hazard dam is defined as one whose failure would cause loss of life. “That’s our concern about what’s coming in cyberspace—a destructive element. It is a question of time,” Alexander said in a talk to a group involved in information operations and cyberwarfare, noting that estimates put the time frame of an attack within two to five years. He made his comments in September 2011.

    By James Bamford06.12.139:00 PM

    Illustrations by Mark Weaver, Mike Theiler/Corbis, Enzo Signorelli/Getty Images, Nick Servian/Alamy

    Find this story at 12 June 2013

    Wired.com © 2013 Condé Nast.

    Inside the NSA’s Ultra-Secret China Hacking Group Deep within the National Security Agency, an elite, rarely discussed team of hackers and spies is targeting America’s enemies abroad.

    This weekend, U.S. President Barack Obama sat down for a series of meetings with China’s newly appointed leader, Xi Jinping. We know that the two leaders spoke at length about the topic du jour — cyber-espionage — a subject that has long frustrated officials in Washington and is now front and center with the revelations of sweeping U.S. data mining. The media has focused at length on China’s aggressive attempts to electronically steal U.S. military and commercial secrets, but Xi pushed back at the “shirt-sleeves” summit, noting that China, too, was the recipient of cyber-espionage. But what Obama probably neglected to mention is that he has his own hacker army, and it has burrowed its way deep, deep into China’s networks.

    When the agenda for the meeting at the Sunnylands estate outside Palm Springs, California, was agreed to several months ago, both parties agreed that it would be a nice opportunity for President Xi, who assumed his post in March, to discuss a wide range of security and economic issues of concern to both countries. According to diplomatic sources, the issue of cybersecurity was not one of the key topics to be discussed at the summit. Sino-American economic relations, climate change, and the growing threat posed by North Korea were supposed to dominate the discussions.

    Then, two weeks ago, White House officials leaked to the press that Obama intended to raise privately with Xi the highly contentious issue of China’s widespread use of computer hacking to steal U.S. government, military, and commercial secrets. According to a Chinese diplomat in Washington who spoke in confidence, Beijing was furious about the sudden elevation of cybersecurity and Chinese espionage on the meeting’s agenda. According to a diplomatic source in Washington, the Chinese government was even angrier that the White House leaked the new agenda item to the press before Washington bothered to tell Beijing about it.

    So the Chinese began to hit back. Senior Chinese officials have publicly accused the U.S. government of hypocrisy and have alleged that Washington is also actively engaged in cyber-espionage. When the latest allegation of Chinese cyber-espionage was leveled in late May in a front-page Washington Post article, which alleged that hackers employed by the Chinese military had stolen the blueprints of over three dozen American weapons systems, the Chinese government’s top Internet official, Huang Chengqing, shot back that Beijing possessed “mountains of data” showing that the United States has engaged in widespread hacking designed to steal Chinese government secrets. This weekend’s revelations about the National Security Agency’s PRISM and Verizon metadata collection from a 29-year-old former CIA undercover operative named Edward J. Snowden, who is now living in Hong Kong, only add fuel to Beijing’s position.

    But Washington never publicly responded to Huang’s allegation, and nobody in the U.S. media seems to have bothered to ask the White House if there is a modicum of truth to the Chinese charges.

    It turns out that the Chinese government’s allegations are essentially correct. According to a number of confidential sources, a highly secretive unit of the National Security Agency (NSA), the U.S. government’s huge electronic eavesdropping organization, called the Office of Tailored Access Operations, or TAO, has successfully penetrated Chinese computer and telecommunications systems for almost 15 years, generating some of the best and most reliable intelligence information about what is going on inside the People’s Republic of China.

    Hidden away inside the massive NSA headquarters complex at Fort Meade, Maryland, in a large suite of offices segregated from the rest of the agency, TAO is a mystery to many NSA employees. Relatively few NSA officials have complete access to information about TAO because of the extraordinary sensitivity of its operations, and it requires a special security clearance to gain access to the unit’s work spaces inside the NSA operations complex. The door leading to its ultramodern operations center is protected by armed guards, an imposing steel door that can only be entered by entering the correct six-digit code into a keypad, and a retinal scanner to ensure that only those individuals specially cleared for access get through the door.

    According to former NSA officials interviewed for this article, TAO’s mission is simple. It collects intelligence information on foreign targets by surreptitiously hacking into their computers and telecommunications systems, cracking passwords, compromising the computer security systems protecting the targeted computer, stealing the data stored on computer hard drives, and then copying all the messages and data traffic passing within the targeted email and text-messaging systems. The technical term of art used by NSA to describe these operations is computer network exploitation (CNE).

    TAO is also responsible for developing the information that would allow the United States to destroy or damage foreign computer and telecommunications systems with a cyberattack if so directed by the president. The organization responsible for conducting such a cyberattack is U.S. Cyber Command (Cybercom), whose headquarters is located at Fort Meade and whose chief is the director of the NSA, Gen. Keith Alexander.

    Commanded since April of this year by Robert Joyce, who formerly was the deputy director of the NSA’s Information Assurance Directorate (responsible for protecting the U.S. government’s communications and computer systems), TAO, sources say, is now the largest and arguably the most important component of the NSA’s huge Signal Intelligence (SIGINT) Directorate, consisting of over 1,000 military and civilian computer hackers, intelligence analysts, targeting specialists, computer hardware and software designers, and electrical engineers.

    The sanctum sanctorum of TAO is its ultramodern operations center at Fort Meade called the Remote Operations Center (ROC), which is where the unit’s 600 or so military and civilian computer hackers (they themselves CNE operators) work in rotating shifts 24 hours a day, seven days a week.

    These operators spend their days (or nights) searching the ether for computers systems and supporting telecommunications networks being utilized by, for example, foreign terrorists to pass messages to their members or sympathizers. Once these computers have been identified and located, the computer hackers working in the ROC break into the targeted computer systems electronically using special software designed by TAO’s own corps of software designers and engineers specifically for this purpose, download the contents of the computers’ hard drives, and place software implants or other devices called “buggies” inside the computers’ operating systems, which allows TAO intercept operators at Fort Meade to continuously monitor the email and/or text-messaging traffic coming in and out of the computers or hand-held devices.

    TAO’s work would not be possible without the team of gifted computer scientists and software engineers belonging to the Data Network Technologies Branch, who develop the sophisticated computer software that allows the unit’s operators to perform their intelligence collection mission. A separate unit within TAO called the Telecommunications Network Technologies Branch (TNT) develops the techniques that allow TAO’s hackers to covertly gain access to targeted computer systems and telecommunications networks without being detected. Meanwhile, TAO’s Mission Infrastructure Technologies Branch develops and builds the sensitive computer and telecommunications monitoring hardware and support infrastructure that keeps the effort up and running.

    TAO even has its own small clandestine intelligence-gathering unit called the Access Technologies Operations Branch, which includes personnel seconded by the CIA and the FBI, who perform what are described as “off-net operations,” which is a polite way of saying that they arrange for CIA agents to surreptitiously plant eavesdropping devices on computers and/or telecommunications systems overseas so that TAO’s hackers can remotely access them from Fort Meade.

    It is important to note that TAO is not supposed to work against domestic targets in the United States or its possessions. This is the responsibility of the FBI, which is the sole U.S. intelligence agency chartered for domestic telecommunications surveillance. But in light of information about wider NSA snooping, one has to prudently be concerned about whether TAO is able to perform its mission of collecting foreign intelligence without accessing communications originating in or transiting through the United States.

    Since its creation in 1997, TAO has garnered a reputation for producing some of the best intelligence available to the U.S. intelligence community not only about China, but also on foreign terrorist groups, espionage activities being conducted against the United States by foreign governments, ballistic missile and weapons of mass destruction developments around the globe, and the latest political, military, and economic developments around the globe.

    According to a former NSA official, by 2007 TAO’s 600 intercept operators were secretly tapping into thousands of foreign computer systems and accessing password-protected computer hard drives and emails of targets around the world. As detailed in my 2009 history of NSA, The Secret Sentry, this highly classified intercept program, known at the time as Stumpcursor, proved to be critically important during the U.S. Army’s 2007 “surge” in Iraq, where it was credited with single-handedly identifying and locating over 100 Iraqi and al Qaeda insurgent cells in and around Baghdad. That same year, sources report that TAO was given an award for producing particularly important intelligence information about whether Iran was trying to build an atomic bomb.

    By the time Obama became president of the United States in January 2009, TAO had become something akin to the wunderkind of the U.S. intelligence community. “It’s become an industry unto itself,” a former NSA official said of TAO at the time. “They go places and get things that nobody else in the IC [intelligence community] can.”

    Given the nature and extraordinary political sensitivity of its work, it will come as no surprise that TAO has always been, and remains, extraordinarily publicity shy. Everything about TAO is classified top secret codeword, even within the hypersecretive NSA. Its name has appeared in print only a few times over the past decade, and the handful of reporters who have dared inquire about it have been politely but very firmly warned by senior U.S. intelligence officials not to describe its work for fear that it might compromise its ongoing efforts. According to a senior U.S. defense official who is familiar with TAO’s work, “The agency believes that the less people know about them [TAO] the better.”

    The word among NSA officials is that if you want to get promoted or recognized, get a transfer to TAO as soon as you can. The current head of the NSA’s SIGINT Directorate, Teresa Shea, 54, got her current job in large part because of the work she did as chief of TAO in the years after the 9/11 terrorist attacks, when the unit earned plaudits for its ability to collect extremely hard-to-come-by information during the latter part of George W. Bush’s administration. We do not know what the information was, but sources suggest that it must have been pretty important to propel Shea to her position today. But according to a recently retired NSA official, TAO “is the place to be right now.”

    There’s no question that TAO has continued to grow in size and importance since Obama took office in 2009, which is indicative of its outsized role. In recent years, TAO’s collection operations have expanded from Fort Meade to some of the agency’s most important listening posts in the United States. There are now mini-TAO units operating at the huge NSA SIGINT intercept and processing centers at NSA Hawaii at Wahiawa on the island of Oahu; NSA Georgia at Fort Gordon, Georgia; and NSA Texas at the Medina Annex outside San Antonio, Texas; and within the huge NSA listening post at Buckley Air Force Base outside Denver.

    The problem is that TAO has become so large and produces so much valuable intelligence information that it has become virtually impossible to hide it anymore. The Chinese government is certainly aware of TAO’s activities. The “mountains of data” statement by China’s top Internet official, Huang Chengqing, is clearly an implied threat by Beijing to release this data. Thus it is unlikely that President Obama pressed President Xi too hard at the Sunnydale summit on the question of China’s cyber-espionage activities. As any high-stakes poker player knows, you can only press your luck so far when the guy on the other side of the table knows what cards you have in your hand.
    Save big when you subscribe to FP.

    THOMAS SAMSON/AFP/Getty Images

    Matthew M. Aid is the author of Intel Wars: The Secret History of the Fight Against Terror and The Secret Sentry: The Untold History of the National Security Agency, and is co-editor with Cees Wiebes of Secrets of Signals Intelligence During the Cold War and Beyond.

    Foreign Policy Magazine

    Thursday, June 20, 2013

    BY MATTHEW M. AID | JUNE 10, 2013

    Find this story at 10 June 2013

    ©2013 The Foreign Policy Group, LLC.

    China has ‘mountains of data’ about U.S. cyber attacks: official

    (Reuters) – China’s top Internet security official says he has “mountains of data” pointing to extensive U.S. hacking aimed at China, but it would be irresponsible to blame Washington for such attacks, and called for greater cooperation to fight hacking.

    Cyber security is a major concern for the U.S. government and is expected to be at the top of the agenda when President Barack Obama meets with Chinese President Xi Jinping in California on Thursday and Friday.

    Obama will tell Xi that Washington considers Beijing responsible for any cyber attacks launched from Chinese soil and must take action to curb high-tech spying, White House officials said on Tuesday.

    China’s Internet security chief complained that Washington used the news media to raise cyber security concerns which would be better settled through communication, not confrontation.

    “We have mountains of data, if we wanted to accuse the U.S., but it’s not helpful in solving the problem,” said Huang Chengqing, director of the National Computer Network Emergency Response Technical Team/Coordination Center of China, known as CNCERT.

    “They advocated cases that they never let us know about,” Huang said in comments on Tuesday and carried by the government-run China Daily newspaper on Wednesday.

    “Some cases can be addressed if they had talked to us, why not let us know? It is not a constructive train of thought to solve problems.”

    CNCERT has instead co-operated with the United States, receiving 32 Internet security cases from the United States in the first four months of 2013, and handling most promptly, except for a few that lacked sufficient proof, Huang said.

    Designs for more than two dozen major U.S. weapons systems have been compromised by Chinese hackers, the Washington Post reported late last month.

    The compromised designs included combat aircraft and ships, as well as missile defense systems vital for Europe, Asia and the Gulf, the newspaper said, citing a report prepared for the U.S. Defense Department by the Defense Science Board.

    Huang did not deny the report, but suggested that if the U.S. government wants to keep weapons programs secure, it should not allow them to be accessed online.

    “Even following the general principle of secret-keeping, it should not have been linked to the Internet,” Huang said.

    Cyber attacks from the United States have been as serious as the accusations from Washington, Huang said

    CNCERT, which issues a weekly report on cyber attacks against China, says that 4,062 U.S.-based computer servers hijacked 2.91 million mainframe computers in China.

    (Reporting by Terril Yue Jones; Editing by Michael Perry)

    BEIJING | Wed Jun 5, 2013 12:24am EDT

    Find this story at 5 June 2013

    © Thomson Reuters

    NSA hacks China, leaker Snowden claims

    Hong Kong (CNN) — U.S. intelligence agents have been hacking computer networks around the world for years, apparently targeting fat data pipes that push immense amounts of data around the Internet, NSA leaker Edward Snowden told the South China Morning Post on Wednesday.

    Among some 61,000 reported targets of the National Security Agency, Snowden said, are hundreds of computers in China — which U.S. officials have increasingly criticized as the source of thousands of attacks on U.S. military and commercial networks. China has denied such attacks.

    The Morning Post said it had seen documents provided by Snowden but was unable to verify their authenticity. The English-language news agency, which operates in Hong Kong, also said it was unable to independently verify allegations of U.S. hacking of networks in Hong Kong and mainland China since 2009.
    Snowden told the paper that some of the targets included the Chinese University of Hong Kong, public officials and students. The documents also “point to hacking activity by the NSA against mainland targets,” the newspaper reported.

    The claims came just days after U.S. President Barack Obama pressed Chinese President Xi Jinping to address cyberattacks emanating from China that Obama described as “direct theft of United States property.”

    Snowden’s allegations appear to give weight to claims by some Chinese government officials that the country has been a victim of similar hacking efforts coming from the United States.

    His claims came as Gen. Keith Alexander, the National Security Agency chief, testified at a U.S. Senate hearing that the country’s cyberinfrastructure, including telephones and computer networks, is somewhat vulnerable to attack.

    On a scale of one to 10, “our critical infrastructure’s preparedness to withstand a destructive cyberattack is about a three, based on my experience,” he said.

    In the Morning Post interview — published one week after the British newspaper The Guardian revealed the first leaks attributed to Snowden — he claimed the agency he once worked for as a contractor typically targets high-bandwidth data lines that connect Internet nodes located around the world.

    “We hack network backbones — like huge Internet routers, basically — that give us access to the communications of hundreds of thousands of computers without having to hack every single one,” the newspaper quoted him as saying.

    A “backbone” is part of the inner workings of a computer network that links different parts of that network. It is used to deliver data from one part of the network to another and, as such, could expose data from multiple computers if hacked.

    ‘Trying to bully’

    Snowden, 29, worked for the Booz Allen Hamilton computer consulting firm until Monday, when he was fired after documents he provided to journalists revealed the existence of secret programs to collect records of domestic telephone calls in the United States and the Internet activity of overseas residents.

    While he has not been charged, the FBI is conducting an investigation into the leaks, and he has told The Guardian that he expects the United States will try to prosecute him.
    Snowden told the Morning Post that he felt U.S. officials were pressuring his family and also accused them of “trying to bully” Hong Kong into extraditing him to prevent the release of more damaging information.

    He vowed to resist extradition efforts if it comes to that, saying he “would rather stay and fight the United States government in the courts, because I have faith in Hong Kong’s rule of law.”

    “My intention is to ask the courts and people of Hong Kong to decide my fate,” the South China Morning Post quoted Snowden as saying. “I have been given no reason to doubt your system.”

    But Hong Kong lawmaker Regina Ip, a former secretary of security for the territory, said Tuesday that while any extradition process could take months, Snowden isn’t necessarily beyond the reach of the United States.

    “If he thought there was a legal vacuum in Hong Kong which renders him safe from U.S. jurisdiction, that is unlikely to be the case,” she said.

    The newspaper said Snowden has been hiding in undisclosed locations inside the semi-autonomous Chinese territory since checking out of his hotel room Monday — a day after he revealed his identity in an interview with The Guardian.

    Snowden told the Morning Post he is not trying to evade U.S. authorities.

    “People who think I made a mistake in picking Hong Kong as a location misunderstand my intentions,” the newspaper quoted him as saying. “I am not here to hide from justice; I am here to reveal criminality.”

    The NSA and the National Intelligence director did not immediately respond to a CNN request for comment.

    Asked during a media briefing on Wednesday for comment on Snowden’s latest claims, U.S. State Department spokeswoman Jennifer Psaki declined. She said she had not seen the latest Morning Post report.

    On the defensive

    The revelations have renewed debate over surveillance in the United States and overseas in the name of fighting terrorism, with supporters saying the programs revealed by Snowden are legal and have helped stop terror plots. Civil liberties advocates, however, call the measures dangerous and unacceptable intrusions.

    Such criticisms have put Obama and his allies on the issue — both Democrats and Republicans — on the defensive against mounting criticisms from a similarly bipartisan group of critics demanding changes to rein in the programs.

    There also is a sharp division among Americans over the issue.

    A Gallup poll released Wednesday found that 44% of Americans believe Snowden did the right thing by releasing details about the classified surveillance programs, while 42% said it was wrong and 14% said they were unsure.

    The poll for that question had a 6% margin of error.

    It also found that more Americans disapprove than approve of the government’s surveillance programs, 53% to 37%. Ten percent had no opinion.

    The poll for that question had a 4% margin of error.

    Those differences were on display Wednesday when Alexander, the director of the National Security Agency, testified at a hearing into cybersecurity technology and civil liberties.

    Officials have been unable to explain controversial data mining programs because they have been classified, Alexander testified.

    But Alexander rejected the Snowden’s claim that the NSA could tap into any American’s phone or computer.

    “I know of no way to do that,” Alexander said.

    But he testified that phone records obtained by the government helped prevent “dozens” of terrorist events.

    He would not discuss disrupted plots broadly, saying they were classified. But he did say federal data mining appeared to play a role in helping to disrupt a plot in recent years to attack the New York subway system.

    Alexander said information developed overseas was passed along to the FBI, which he said was able to identify eventual suspect Najibullah Zazi in Colorado and ultimately uncover a plot. Zazi pleaded guilty to terror-related charges in 2010.

    While not on the roster for Wednesday’s hearing, another administration official in the spotlight is Director of National Intelligence James Clapper, whom Democratic Sen. Ron Wyden has singled out for how he answered questions about the telephone surveillance program in March.

    In March, Wyden asked Clapper whether the NSA collects “any type of data at all on millions or hundreds of millions of Americans?”

    “No sir,” Clapper said.

    On Saturday, Clapper told NBC News that he answered in the “most truthful or least most untruthful manner” possible.

    Clapper told NBC that he had interpreted “collection” to mean actually examining the materials gathered by the NSA.

    He previously told the National Journal he had meant that “the NSA does not voyeuristically pore through U.S. citizens’ e-mails,” but he did not mention e-mails at the hearing.

    NSA leaker’s girlfriend says she’s ‘lost at sea’

    EU questions

    Fallout over revelations about the NSA’s intelligence-gathering has reached the European Union’s governing body, where Vice President Viviane Reding raised concerns that the United States may have targeted some of its citizens.

    Reding said she plans to raise the issue during a meeting Friday with U.S. Attorney General Eric Holder.

    “The respect for fundamental rights and the rule of law are the foundations of the EU-U.S. relationship. This common understanding has been, and must remain, the basis of cooperation between us in the area of Justice,” Reding, the EU commissioner for justice, said Wednesday.

    “Trust that the rule of law will be respected is also essential to the stability and growth of the digital economy, including transatlantic business. This is of paramount importance for individuals and companies alike.”

    CNN’s Jethro Mullen reported and wrote from Hong Kong, and Chelsea J. Carter reported and wrote from Atlanta. CNN’s Paul Steinhauser, Tom Cohen, Michael Pearson, Doug Gross, Shirley Henry, Brian Walker and Pamela Boykoff contributed to this report.

    By Jethro Mullen and Chelsea J. Carter, CNN
    June 13, 2013 — Updated 0932 GMT (1732 HKT)

    Find this story at 13 June 2013

    © 2013 Cable News Network

    NSA surveillance played little role in foiling terror plots, experts say

    Obama administration says NSA data helped make arrests in two important cases – but critics say that simply isn’t true

    A new NSA data farm is set to open in the fall in Bluffdale, Utah. A former CIA agent said: ‘[Data-mining] played no role in the Headley case.’ Photograph: George Frey/Getty Images

    Lawyers and intelligence experts with direct knowledge of two intercepted terrorist plots that the Obama administration says confirm the value of the NSA’s vast data-mining activities have questioned whether the surveillance sweeps played a significant role, if any, in foiling the attacks.

    The defence of the controversial data collection operations, highlighted in a series of Guardian disclosures over the past week, has been led by Dianne Feinstein, chairwoman of the Senate intelligence committee, and her equivalent in the House, Mike Rogers. The two politicians have attempted to justify the NSA’s use of vast data sweeps such as Prism and Boundless Informant by pointing to the arrests and convictions of would-be New York subway bomber Najibullah Zazi in 2009 and David Headley, who is serving a 35-year prison sentence for his role in the 2008 Mumbai attacks.

    Rogers told ABC’s This Week that the NSA’s bulk monitoring of phone calls and internet contacts was central to intercepting the plotters. “I can tell you, in the Zazi case in New York, it’s exactly the programme that was used,” he said.

    A similar point was made in anonymous briefings by administration officials to the New York Times and Reuters.

    But court documents lodged in the US and UK, as well as interviews with involved parties, suggest that data-mining through Prism and other NSA programmes played a relatively minor role in the interception of the two plots. Conventional surveillance techniques, in both cases including old-fashioned tip-offs from intelligence services in Britain, appear to have initiated the investigations.

    In the case of Zazi, an Afghan American who planned to attack the New York subway, the breakthrough appears to have come from Operation Pathway, a British investigation into a suspected terrorism cell in the north-west of England in 2009. That investigation discovered that one of the members of the cell had been in contact with an al-Qaida associate in Pakistan via the email address sana_pakhtana@yahoo.com.

    British newspaper reports at the time of Zazi’s arrest said that UK intelligence passed on the email address to the US. The same email address, as Buzzfeed has pointed out, was cited in Zazi’s 2011 trial as a crucial piece of evidence. Zazi, the court heard, wrote to sana_pakhtana@yahoo.com asking in coded language for the precise quantities to use to make up a bomb.

    Eric Jurgenson, an FBI agent involved in investigating Zazi once the link to the Pakistani email address was made, told the court: “My office was in receipt – I was notified, I should say. My office was in receipt of several email messages, email communications. Those email communications, several of them resolved to an individual living in Colorado.”

    Michael Dowling, a Denver-based attorney who acted as Zazi’s defence counsel, said the full picture remained unclear as Zazi pleaded guilty before all details of the investigation were made public. But the lawyer said he was sceptical that mass data sweeps could explain what led law enforcement to Zazi.

    “The government says that it does not monitor content of these communications in its data collection. So I find it hard to believe that this would have uncovered Zazi’s contacts with a known terrorist in Pakistan,” Dowling said.

    Further scepticism has been expressed by David Davis, a former British foreign office minister who described the citing of the Zazi case as an example of the merits of data-mining as “misleading” and “an illusion”. Davis pointed out that Operation Pathway was prematurely aborted in April 2009 after Bob Quick, then the UK’s most senior counter-terrorism police officer, was pictured walking into Downing Street with top secret documents containing details of the operation in full view of cameras.

    The collapse of the operation, and arrests of suspects that hurriedly followed, came five months before Zazi was arrested in September 2009. “That was the operation that led to the initial data links to Zazi – they put the clues in the database which gave them the connections,” Davis said.

    Davis said that the discovery of the sana_pakhtana@yahoo.com email – and in turn the link to Zazi – had been made by traditional investigative work in the UK. He said the clue-driven nature of the inquiry was significant, as it was propelled by detectives operating on the basis of court-issued warrants.

    “You can’t make this grand sweeping [data collection] stuff subject to warrants. What judge would give you a warrant if you say you want to comb through vast quantities of data?”

    Legal documents lodged with a federal court in New York’s eastern district shortly after Zazi’s arrest show that US counter-intelligence officials had been keeping watch over him under targeted surveillance with the warranted approval of the special intelligence court. During the course of the prosecution, the US served notice that it would be offering evidence “obtained and derived from electronic surveillance and physical search conducted pursuant to the Foreign Intelligence Surveillance Act of 1978 (Fisa).”

    Feinstein and Rogers have also pointed to the case of David Headley, who in January was sentenced to 35 years in jail for having made multiple scouting missions to Mumbai ahead of the 2008 terrorist attacks that killed 168 people. Yet the evidence in his case also points towards a British tip-off as the inspiration behind the US interception of him.

    In July 2009, British intelligence began tracking Headley, a Pakistani American from Chicago, who was then plotting to attack Danish newspaper Jyllands-Posten in retaliation for its publication of cartoons of the prophet Mohammed. Information was passed to the FBI and he was thereafter, until his arrest that October, kept under targeted US surveillance.

    An intelligence expert and former CIA operative, who asked to remain anonymous because he had been directly involved in the Headley case, was derisive about the claim that data-mining sweeps by the NSA were key to the investigation. “That’s nonsense. It played no role at all in the Headley case. That’s not the way it happened at all,” he said.

    The intelligence expert said that it was a far more ordinary lead that ensnared Headley. British investigators spotted him when he contacted an informant.

    The Headley case is a peculiar choice for the administration to highlight as an example of the virtues of data-mining. The fact that the Mumbai attacks occurred, with such devastating effect, in itself suggests that the NSA’s secret programmes were limited in their value as he was captured only after the event.

    Headley was also subject to a plethora of more conventionally obtained intelligence that questions the central role claimed for the NSA’s data sweeps behind his arrest. In a long profile of Headley, the investigative website ProPublica pointed out that he had been an informant working for the Drug Enforcement Administration perhaps as recently as 2005. There are suggestions that he might have then worked in some capacity for the FBI or CIA.

    Headley was also, ProPublica found, the subject of several inquiries by agents of the FBI-led Joint Terrorism Task Force. A year before the Mumbai attacks his then wife, Faiza Outalha, reported on him to the US embassy Islamabad, saying he was on a secret mission in India and was a “drug dealer, terrorist and spy”.

    Ed Pilkington in New York and Nicholas Watt in London
    guardian.co.uk, Wednesday 12 June 2013 15.51 BST

    Find this story at 12 June 2013

    © 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    What spying apologists don’t tell you about “thwarted plots” Defenders of the government’s spying programs claim they’re stopping massive attacks. Here’s the real story

    Listen to defenders of the U.S. government’s recently revealed data collection practices, and you’re likely to hear claims about terrorist plots these sweeping activities have purportedly stopped.

    Senate Intelligence Committee Chairwoman Dianne Feinstein, D-Calif., explained on ABC’s “This Week” Sunday that in one of the signature uses of the dragnet collection of every American’s phone records, the NSA managed to track one of our own informants, David Headley, as he helped Islamic terrorists plan attacks. She did not mention that it did nothing to prevent the 2008 terrorist attack in Mumbai, which killed 166 — and in which Headley had a role in planning.

    Director of National Intelligence James Clapper called the effort to track Headley – which did manage to thwart Headley’s 2009 plans to attack a Danish newspaper – a success, in an interview with Andrea Mitchell. Such is the value of these programs, it appears, that top proponents of the program celebrate the tracking of a DEA informant gone bad as their main talking point.

    “U.S. officials say Headley simply slipped through the cracks,” ProPublica reported earlier this year in a blockbuster story on Headley. ProPublica describes competing claims about when the Drug Enforcement Agency, which first recruited Headley in 1997, stopped using him as an informant; DEA insists he was deactivated in 2002, while other sources say he remained a U.S. informant through 2005. What’s clear is that Headley spent the subsequent years leading up to the 2008 Mumbai attack traveling form Pakistan to India, casing out the terror plot.

    Multiple warnings to the Indian government — perhaps based on the intelligence now being touted — failed to prevent the attack. “U.S. officials learned enough about his activities to become concerned, monitor him intermittently and pick up fragments of intelligence that contributed to the warnings to India,” reported ProPublica. At the time of the attack, Headley had returned safely to Lahore, Pakistan, and he even traveled between there, Chicago and Europe thereafter, planning another plot. In October 2009, the FBI arrested Headley in Chicago as he traveled to Pakistan to hand off intelligence for an attack on Denmark.

    Before we start celebrating our finding an informant-turned-terrorist we lost as one of the successes that makes massive spying worthwhile, shouldn’t we first get an explanation for how our intelligence agencies lost track of Headley in the first place?

    The flood of missed warnings about Headley’s increasing ties with Islamic terrorists did lead to an investigation led by DNI Clapper’s office in 2010, but the results of it have not been made public. Yet the embarrassment of having a former American informant play a key role in one of the biggest attacks since 9/11 doesn’t seem to have prevented Clapper and Feinstein from boasting of NSA’s success in his case.

    Headley’s attacks are not the only ones cited by Feinstein and Clapper. Feinstein also cited the case of Najibullah Zazi, an Afghan immigrant to the U.S. who plotted to blow up the New York subway in 2009. FBI’s success in thwarting Zazi’s attack is probably the most serious publicly known example of a thwarted attack. To the extent the NSA’s programs played a key role, then, it is a significant success.

    But even there, the claims appear fuzzy or overblown. Feinstein, for example, describes the success this way (emphasis added): “[Zazi] made the decision that he was going to blow up a New York subway, who went to a beauty wholesale supply place, bought enough hydrogen peroxide to make bombs, was surveilled by the FBI for six months, traveled to go to New York, to meet with a number of other people who were going to carry out this attack with him, and were arrested by the FBI, who has pled guilty and in federal prison.”

    It’s an interesting use of the word “surveilled,” because according to sworn court testimony the lead that identified Zazi was an email account identified in a British terrorism case, which the NSA tracked. That account, not Zazi, was surveilled. Days, not months, before Zazi’s planned attack, he sent an email to the account asking for help making explosives, which led the FBI to uncover his plot.

    PRISM — the direct access to Internet companies’ data, which Clapper’s office describes as a “computer system used to facilitate the government’s statutorily authorized collection of foreign intelligence information from electronic communication service providers” — appears to have been the means by which FBI conducted this surveillance. A New York Times source explains PRISM was the only means to access the email: “It was through an e-mail correspondence that we had access to only through Prism.” But tracking the email account would have been legal under the FISA laws in place prior to 9/11. As such, PRISM seems to have made it easier to capture Zazi, but may not have been pivotal.

    The claim PRISM helped to nab Zazi is new since these revelations. But Feinstein has long insisted that Section 215 — the dragnet collection program — had a role, too (she made that claim, in part, to support the reauthorization of the language used to conduct the dragnet collection in 2009).

    That makes the Zazi case troubling too, because there is a good deal of circumstantial evidence that the government used Section 215 to identify people in Aurora, Colo., who had, like Zazi, purchased hydrogen peroxide and acetone, which (in addition to being common household chemicals) are precursors for the explosives Zazi used. The government described three people associated with Zazi in an affidavit justifying his detention, implying they were accomplices. Yet, these three unnamed people never appeared in the legal case again. They appear to have been completely innocent of any tie to Zazi’s plot. If so, then, in addition to being a success story, the Zazi case would also be a perfect example of how these tools can implicate perfectly innocent people as terrorists for something as innocent as buying hair care supplies.

    At the very least, the fuzzy cases Feinstein and Clapper are boasting about demonstrate the need for far more transparency on these tools. If they’re justifying a gross incursion on American privacy, in part because they helped track down an informant our intelligence services lost track of — and created false positives based on hair bleach purchases — then we need to seriously reconsider their use.

    Marcy Wheeler writes at EmptyWheel.net and is the author of “Anatomy of Deceit.”

    Monday, Jun 10, 2013 07:10 PM +0200

    By Marcy Wheeler

    Find this story at 10 June 2013

    Copyright © 2013 Salon Media Group, Inc.

    Public Documents Contradict Claim Email Spying Foiled Terror Plot

    Defenders of “PRISM” say it stopped subway bombings. But British and American court documents suggest old-fashioned police work nabbed Zazi.

    Would-be subway bomber Najibullah Zazi. Image by Marc Piscotty / Getty Images

    Defenders of the American government’s online spying program known as “PRISM” claimed Friday that the suddenly controversial secret effort had saved New York City’s subways from a 2009 terrorist plot led by a young Afghan-American, Najibullah Zazi.

    But British and American legal documents from 2010 and 2011 contradict that claim, which appears to be the latest in a long line of attempts to defend secret programs by making, at best, misleading claims that they were central to stopping terror plots. While the court documents don’t exclude the possibility that PRISM was somehow employed in the Zazi case, the documents show that old-fashioned police work, not data mining, was the tool that led counterterrorism agents to arrest Zazi. The public documents confirm doubts raised by the blogger Marcy Wheeler and the AP’s Adam Goldman, and call into question a defense of PRISM first floated by House Intelligence Committee Chairman Mike Rogers, who suggested that PRISM had stopped a key terror plot.

    Reuters’s Mark Hosenball advanced the claim Friday, based on anonymous “government sources”:

    A secret U.S. intelligence program to collect emails that is at the heart of an uproar over government surveillance helped foil an Islamist militant plot to bomb the New York City subway system in 2009, U.S. government sources said on Friday.

    The sources said Representative Mike Rogers, chairman of the House of Representatives Intelligence Committee, was talking about a plot hatched by Najibullah Zazi, an Afghan-born U.S. resident, when he said on Thursday that such surveillance had helped thwart a significant terrorist plot in recent years.

    President Barack Obama’s administration is facing controversy after revelations of details of massive programs run by the National Security Agency for collecting information from telephone and Internet companies.

    The surveillance program that halted the Zazi plot was one that collected email data on foreign intelligence suspects, a U.S. government source said.

    The New York Times also emphasized the Zazi case Friday:

    To defenders of the N.S.A., the Zazi case underscores how the agency’s Internet surveillance system, called Prism, which was set up over the past decade to collect data from online providers of e-mail and chat services, has yielded concrete results.

    “We were able to glean critical information,” said a senior intelligence official, who spoke on the condition of anonymity. “It was through an e-mail correspondence that we had access to only through Prism.”

    But public — though not widely publicized — details of the Zazi plot cast into doubt the notion that a data mining program had much to do with the investigation. Zazi traveled to Pakistan in 2008 to train with al Qaeda. He was charged in 2009 with leading two other men in a plot to detonate suicide bombs in the New York subways.

    The path to his capture, according to the public records, began in April 2009, when British authorities arrested several suspected terrorists. According to a 2010 ruling from Britain’s Special Immigration Appeals Commission, one of the suspects’ computers included email correspondence with an address in Pakistan.

    The open case is founded upon a series of emails exchanged between a Pakistani registered email account sana_pakhtana@yahoo.com and an email account admittedly used by Naseer humaonion@yahoo.com between 30 November 2008 and 3 April 2009. The Security Service’s assessment is that the user of the sana_pakhtana account was an Al Qaeda associate…”

    “For reasons which are wholly set out in the closed judgment, we are sure satisfied to the criminal standard that the user of the sana_pakhtana account was an Al Qaeda associate,” the British court wrote.

    Later that year, according to a transcript of Zazi’s July, 2011 trial, Zazi emailed his al Qaeda handler in Pakistan for help with the recipe for his bombs. He sent his inquiry to the same email address: sana_pakhtana@yahoo.com.

    An FBI agent, Eric Jurgenson, testified, “I was notified, I should say. My office was in receipt of several e-mail messages, e-mail communications.” Those emails — from Zazi to the same sana_pakhtana@yahoo.com — “led to the investigation,” he testified.

    The details of terror investigations are not always laid out this clearly in public; but they appear to belie the notion, advanced by anonymous government officials Friday, that sweeping access to millions of email accounts played an important roil in foiling the subway attack. Instead, this is the sort investigation made possible by ordinary warrants under the Foreign Intelligence Surveillance Act; authorities appear simply to have been monitoring the Pakistani email account that had been linked to terrorists earlier that year.

    This was, in fact, reported at the time. That November, British authorities were bragging to the Telegraph about their role in arresting Zazi:

    The plan, which reportedly would have been the biggest attack on America since 9/11, was uncovered after Scotland Yard intercepted an email….The alleged plot was unmasked after an email address that was being monitored as part of [the 2009 U.K. case] was suddenly reactivated.

    The existence of PRISM was revealed Thursday by the Washington Post and the Guardian. Authorities are now scrambling to justify the program.

    posted on June 7, 2013 at 10:21pm EDT

    Ben Smith
    BuzzFeed Staff

    Find this story at 7 June 2013

    Copyright © 2013 BuzzFeed, Inc.

    Brussels failed to act against US surveillance of EU citizens

    European authorities have known since mid-2011 that the US could conduct surveillance on EU citizens. But experts say that European countries had little interest in picking a fight with their ally in Washington.
    There has been widespread outrage in Europe over the scope of the National Security Agency’s PRISM surveillance program. European experts, however, are not surprised by American whistleblower Edward Snowden’s revelations.
    “What Snowden revealed about PRISM was already known to certain well-connected people for a long time,” Benjamin Bergemann, the author of the German blog netzpolitik.org and a member of the Digitale Gesellschaft (Digital Society) e.V., told DW.
    The European Parliament commissioned a report in 2012, which showed that US authorities could theoretically access European citizens’ data since 2008. The report’s authors were hard on European authorities.
    In the EU, there was no awareness that mass political surveillance was possible, according to the authors of the study. Incredibly, since 2011 “neither the EU Commission nor the national lawmakers nor the European Parliament had any knowledge of FISAAA 1881a.”
    FISAAA 1881a refers to a section of a 2008 amendment to the US Foreign Intelligence Surveillance Act of 1978. That section of the 2008 amendment empowers US spy agencies to collect information stored in American cloud computing providers.
    The authors of the EU study warned that US authorities had access to the data of non-US citizens in these so-called data clouds. The EU was neglecting to protect its citizens, according to the report’s devastating conclusion.

    Focus on China and Russia

    Europeans had long invested their energy in the fight for consumer protection in the Internet and against cyber crime, according to Julien Jeandesboz of the Centre d’Etudes sur les Conflits. Jeandesboz said that the focus in the EU was not on state-sponsored threats to its citizens.
    The Europeans debated about hackers, identity theft, and the regulation of Internet companies. And in the rare moments when the discussion did turn to state-sponsored activities, the EU’s attention was focused on China and Russia.
    Jeandesboz believes that political motivations explain the EU’s blind eye to US spy activities. The Patriot Act, which gave Washington broad wiretapping authority after the September 11, 2001 attacks, was controversial and publicly discussed in the EU. But while it’s one thing to target cyber criminals, it’s totally different to move against the US government, according to Jeandesboz.
    For most European governments, the US is an important ally and trade partner as well as the world’s leading Internet provider.

    European intelligence agencies complicit?

    According to Britain’s Guardian newspaper, European intelligence agencies may have profited from the Americans’ surveillance activities. The Guardian reported that Britain’s equivalent to the NSA, the GCHQ, appears to have made use of American intelligence gleaned from PRISM.
    Every European user of Facebook and Google should be aware that their data may be subject to PRISM, said blogger Benjamin Bergemann.
    “One could say, ‘what interest does the US have in me?’ But one should not forget that the European criminal justice systems have an interest in such surveillance and so a coalition of interests could form,” Bergemann said.

    EU citizens’ rights violated

    While Internet users in Europe can sue in court for the control of their own data, no such legal right exists in the US. And European law is at a loss when it comes to transnational data transfers.
    According to Nicolas Hernanz, many laws that are passed in the US now also affect EU citizens. Hernanz, with the Center for European Policy Studies in Brussels, said that Europeans’ legal right to control their own personal data is being “thrown in the garbage can” as a result of US surveillance activities.
    US lobbyists have managed numerous times to water down tough data protection provisions in EU treaties, according to Bergemann. He hopes that the importance of data protection and privacy will be reflected in pending EU legislative initiatives.
    Jeandesboz believes that if the revelations about PRISM cannot move the EU to act, then nothing can. While experts thought that such sweeping surveillance was possible, it was not considered likely. Jeandesboz said that Europeans need to stand up for their legal tradition in the face of the US. Otherwise, more civil liberties could be sacrificed for security, he continued.
    “The fear of terrorism and the preventative security concept have reached their high point,” said blogger Benjamin Bergemann.

    Data protection directive

    There are many proposals for how the EU can protect its citizens from US surveillance. But there is little unity in the 27-member bloc. A data protection directive, which is supposed to be passed before the 2014 EU elections, has been vigorously debated.
    EU parliamentarians have proposed several changes to the directive. One proposal would flag American web services, warning EU users that the site is governed by US law and could be under the control of US authorities. Another proposal would extend protection to the whistleblower Edward Snowden.

    Disturbing trends in Europe

    At the very least, political pressure could be placed on the US, if Washington was forced to sign a law enforcement treaty with the EU. But not even that exists at the moment. And experts warn that pointing the finger across the pond is not enough.
    Within the EU, there has to be a discussion about whether or not data protection should be sacrificed to counterterrorism, the experts say. The concept of preventive security is becoming more prominent in the 27-member bloc, according to Bergemann.
    “The telecommunications providers have been forced to set up an electronic interface for the authorities, so that IP addresses can be retrieved,” Bergemann said. “These trends also exist in Europe.”

    Deutsche Welle
    11.06.2013
    Nina Haase

    Find this story at 11 June 2013

    © 2013 Deutsche Welle

    Is CSE metadata-mining Canadian call records?

    The recent confirmation that NSA is performing data mining on the telephone records of Americans raises an important question for Canadians, is CSE likewise mining the call records of people in Canada?

    The short answer is I don’t know. But there are some telling indications that CSE is interested in undertaking such monitoring and that it may well be doing it to one degree or another.

    First, let’s look at the program in the U.S. From the original Guardian report and subsequent revelations (see, for example, Shane Harris, “What We Know About the NSA Metadata Program,” Dead Drop blog, 6 June 2013) we now know quite a lot about the NSA’s domestic phone records monitoring program, including the following features about it:
    Current procedures date from 2006, but the program began shortly after 9/11
    Entails data mining of nationwide telephone call records
    Focus on metadata, not content
    Network analysis involved
    Undertaken as part of counter-terrorism effort
    Now consider this description of data mining research conducted in 2006 by CSE and the Mathematics of Information Technology and Complex Systems (MITACS) project, a Canadian network of academia, industry, and the public sector (originally posted here but subsequently removed; archived version here; first blogged by me here):
    As part of ongoing collaborations with the Communications Security Establishment (CSE), we are applying unsupervised and semi-supervised learning methods to understand transactions on large dynamic networks, such as telephone and email networks. When viewed as a graph, the nodes correspond to individuals that send or receive messages, and edges correspond to the messages themselves. The graphs we address can be observed in real-time, include from hundreds to hundreds of thousands of nodes, and feature thousands to millions of transactions. There are two goals associated with this project: firstly, there is the semi-supervised learning task, and rare-target problem, in which we wish to identify certain types of nodes; secondly, there is the unsupervised learning task of detecting anomalous messages. For reasons of efficiency, we have restricted our attention to meta-data of message transactions, such as the time, sender, and recipient, and ignored the contents of messages themselves. In collaboration with CSE, we are studying the problem of counter-terrorism, a semi-supervised problem in which some terrorists in a large network are labeled, but most are not…. Another common feature of counter-terrorism problems is the fact that large volumes of data are often “streamed” through various collection sites, in order to provide maximal information in a timely fashion. A consequence of efficient collection of transactions on very large graphs is that the data itself can only be stored for a short time. This leads to a nonstandard learning problem, since most learning algorithms assume that the full dataset can be accessed for training purposes. Working in conjunction with CSE, we will devise on-line learning algorithms that scale efficiently with increasing volume, and need only use each example once. [Emphasis added.]
    Note these features:
    Applicable to telephone and email networks
    Thousands to millions of transactions
    Metadata, not content, examined
    Counter-terrorism related

    Familiar looking?

    Consider also this comment made by then-CSE Chief John Adams to the Standing Senate Committee on National Security and Defence on 30 April 2007:
    What is your interpretation of intercept, if I were to ask? If you asked me, it would be if I heard someone talking to someone else or if I read someone’s writing. An intercept would not be to look on the outside of the envelope. That is not an intercept to me. Unfortunately, that is not everyone’s interpretation of intercept, so the suggestion is that we should define that in the legislation…. Intercept is defined in another piece of legislation, and that is where people would probably look if they were searching for a definition of intercept. They are saying that could be troublesome for us, so we had better define it in our act to avoid that problem. That sort of thing has not come up as an issue, but it could.

    As I noted in an earlier post, that sounds an awful lot like something you would say if you wanted to collect phone call metadata (number called, duration of call, etc.) and similar addressing information for e-mails and other communications — and felt you already had the legal basis to do so.

    Would such monitoring be legal in Canada? I don’t know. (Usual disclaimer about not being a lawyer applies.)

    Michael Geist suggests that s. 21 of the CSIS Act might be used to authorize the activity; CSE’s participation would then be based on CSIS’s authority.

    Another possibility is that CSE might consider its foreign intelligence mandate (processing the records as part of the hunt for foreign terrorists) sufficient to authorize such monitoring. It is possible that this somewhat cryptic passage in the CSE oversight commissioner’s 2010-11 Annual Report is referring in whole or in part to such activities:

    CSEC conducts a number of activities for the purposes of locating new sources of foreign intelligence. When other means have been exhausted, CSEC may use information about Canadians when it has reasonable grounds to believe that using this information may assist in identifying and obtaining foreign intelligence. CSEC conducts these activities infrequently, but they can be a valuable tool in meeting Government of Canada intelligence priorities. CSEC does not require a ministerial authorization to conduct these activities because they do not involve interception of private communications. However, a ministerial directive provides guidance on the conduct of these activities.

    In recent years, three reviews have involved some degree of examination of these activities: a Review of CSEC’s foreign intelligence collection in support of the Royal Canadian Mounted Police (RCMP) (Phase II) (2006); a Review of CSEC’s activities carried out under a (different) ministerial directive (2008); and a Review of CSEC’s support to the Canadian Security Intelligence Service (CSIS) (2008).

    In his 2006–2007 Annual Report, the late Commissioner Gonthier questioned whether the foreign signals intelligence part of CSEC’s mandate (part (a) of its mandate) was the appropriate authority in all instances for CSEC to provide support to the RCMP in the pursuit of its domestic criminal investigations. In his 2007–2008 Annual Report, Commissioner Gonthier stated that pending a re-examination of the legal issues raised, no assessment would be made of the lawfulness of CSEC’s activities in support of the RCMP under the foreign signals intelligence part of CSEC’s mandate. He also noted that CSEC’s support to CSIS raised similar issues. Commissioner Gonthier emphasized that although he was in agreement with the advice that the Department of Justice had provided to CSEC, he questioned which part of CSEC’s mandate — part (a) or part (c), the assistance part of CSEC’s mandate — should be used as the proper authority for conducting the activities.

    Subsequent to these reviews and statements in the annual reports, the Chief of CSEC suspended these activities. CSEC then made significant changes to related policies, procedures and practices.

    Review rationale

    These activities involve CSEC’s use and analysis of information about Canadians for foreign intelligence purposes. Specific controls are placed on these activities to ensure compliance with legal, ministerial and policy requirements. Major changes to certain policies, procedures and practices have recently occurred. This was the first review of these activities since the Chief of CSEC allowed their resumption under new policies and procedures.

    None of the above proves that CSE has been analyzing Canadians’ call records. But with NSA examining U.S. records, you can bet that CSE at the very least has taken a good, hard look at the possibility of doing the same in Canada. And some of the above certainly suggests that they may have gone well beyond just considering the possibility.

    When the question of whether CSE was data mining Canadian call records came up in 2006, CSE was quick to make a perhaps carefully worded denial. This time around, not so much (Mitch Potter & Michelle Shephard, “Canadians not safe from U.S. online surveillance, expert says,” Toronto Star, 7 June 2013):

    the Toronto Star contacted CSEC for comment Friday about its own metadata collection program, but received a boilerplate statement stressing that the agency is “prohibited by law from directing its activities at Canadians anywhere in the world or at any person in Canada” and “operates within all Canadian laws.”

    “The Communications Security Establishment Canada (CSEC) cannot comment on its methods, operations and capabilities. To do so would undermine CSEC’s ability to carry out its mandate. It would also be inappropriate to comment on the activities or capabilities of our allies,” the statement said.

    Which doesn’t prove anything either.

    [Update 10 June 2013: But it would appear that this article does prove that metadata monitoring is being done: Colin Freeze, “Data-collection program got green light from MacKay in 2011,” Globe and Mail, 10 June 2013.]

    Sunday, June 09, 2013

    Find this story at 9 June 2013

    Prism scandal: Agency to reveal US links ‘shortly’ after claims that thousands of Britons may have been spied on by GCHQ

    Disclosure triggers civil liberties storm as the information-sharing agreement had not been made known to Parliament or the public as accusations raise ethical and legal concerns over direct access to ‘millions’ of web users

    A report by GCHQ to Parliament’s Intelligence and Security Committee on the listening agency’s links to a secret US spy programme is due shortly.

    The Intelligence and Security Committee (ISC) will receive a report on claims that it received material through the secret Prism scheme “very shortly”, according to chairman Sir Malcolm Rifkind.

    “The ISC is aware of the allegations surrounding data obtained by GCHQ via the US Prism programme,” Sir Malcolm said.

    “The ISC will be receiving a full report from GCHQ very shortly and will decide what further action needs to be taken as soon as it receives that information.”

    This development came after allegations that thousands of Britons could have been spied on by GCHQ under a “chilling” link to a secret American operation covertly collecting data from the world’s largest internet companies.

    David Cameron and Theresa May, the Home Secretary, faces cross-party demands to spell out details of links between the electronic eavesdropping centre in Cheltenham and the previously-unknown Prism programme operated by the National Security Agency (NSA).

    The disclosure triggered a civil liberties storm as the information-sharing agreement had not been made known to Parliament or the public.

    Ms May, who is determined to revive her own “snoopers’ charter” plans to require telecoms companies to collect data about people’s internet habits, will be confronted by MPs over the claims in the Commons on Monday.

    Under Prism, American agents were able to glean data, including the contents of emails and web-chats, direct from the servers of major providers including Facebook, Google and Yahoo.

    It emerged that some of the information had been passed to GCHQ, raising fears that the agency had been sidestepping the usual legal process for requesting intelligence material about UK nationals. The agency insists it operates within a “strict legal and policy framework”.

    According to documents, GCHQ received 197 intelligence reports through the Prism system in the 12 months to May 2012, a rise of 137 per cent on the previous year.

    Keith Vaz, the chairman of the Commons home affairs select committee, said he was writing to Ms May to demand an explanation.

    He said: “I am astonished by these revelations which could involve the data of thousands of Britons. The most chilling aspect is that ordinary American citizens and potentially British citizens too were apparently unaware that their phone and online interactions could be watched. This seems to be the snooper’s charter by the back door.”

    The existence of the Prism programme was revealed by the Washington Post and the Guardian, which obtained a copy of a presentation to NSA agents on the extent of its reach.

    Further classified documents released yesterday pointed to the British link, noting that “special programmes exist for GCHQ for focused Prism processing”, suggesting the agency may have been making requests for specific information.

    A GCHQ spokesman said: “Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Intelligence and Security Committee.”

    A Government spokesman said he would “neither confirm nor deny” the claims about GCHQ and refused to disclose whether the subject was being discussed with the US authorities.

    However, the senior Conservative MP, David Davis, said it was difficult to reconcile GCHQ’s statement that it was subject to proper scrutiny with Parliament’s ignorance of the programme.

    He said: “In the absence of parliamentary knowledge approval by a secretary of state is a process of authorisation, not a process of holding to account. Since nobody knew it was happening at all there is no possibility of complaint.”

    The Liberal Democrat MP Julian Huppert said he would be tabling a series of parliamentary questions about the GCHQ revelations on Monday and would be calling for a Commons statement from Ms May.

    He said: “We have to understand exactly what information they have had and what the safeguards are. It’s deeply, deeply alarming.”

    The controversy has added to the pressure on Nick Clegg from Liberal Democrats not to allow Ms May to revive the “snooper’s charter” after the Woolwich terrorist attack. Gareth Epps, co-chair the Social Liberal Forum, said: “Instead of Theresa May forcing through expensive and intrusive legislation, there should be statement by the Government on the purpose and scope of data harvesting of British citizens under Prism.”

    Concerns about the disclosures were also raised by the Information Commissioner’s Office. A spokesman said: “There are real issues about the extent to which US law enforcement agencies can access personal data of UK and other European citizens. Aspects of US law under which companies can be compelled to provide information to US agencies potentially conflict with European data protection law, including the UK’s own Data Protection Act.”

    Nick Pickles of the civil liberties campaign group Big Brother Watch said questions needed to be asked at the “highest levels” to establish whether British citizens had had their privacy breached “without adherence to the proper legal process or any suspicion of wrongdoing”.

    James Blessing, chief technology officer of ISP Keycom, and a council member of the Internet Service Providers’ Association, described the leaked document describing the NSA programme as “really quite scary”.

    He said: “If, as this document claims, the NSA has direct access to those servers – unfettered, unbroken access – the NSA can see anything anyone in the UK is doing without any safeguards or controls. It’s been shown that if people have unfettered access they have a propensity to go and look, they can’t help themselves and they will go and find things.”

    Whitehall sources said established channels had long been used by GCHQ to request information from the US. However, that the UK service had no direct access to Prism or any similar intelligence gathering systems of the NSA. There were no UK personnel present even as part of any exchange programme when the system may have been used, they claimed.

    According to US sources what is called telephone “metadata” gathered from the mobile telephone records of customers of Verizon by the NSA was almost certainly been passed on to GCHQ, although what was released remained at the discretion of the Americans.

    Nigel Morris, Kim Sengupta, Ian Burrell
    Saturday, 8 June 2013

    Find this story at 8 June 2013

    © independent.co.uk

    UK gathering secret intelligence via covert NSA operation

    Exclusive: UK security agency GCHQ gaining information from world’s biggest internet firms through US-run Prism programme

    Documents show GCHQ (above) has had access to the NSA’s Prism programme since at least June 2010. Photograph: David Goddard/Getty Images

    The UK’s electronic eavesdropping and security agency, GCHQ, has been secretly gathering intelligence from the world’s biggest internet companies through a covertly run operation set up by America’s top spy agency, documents obtained by the Guardian reveal.

    The documents show that GCHQ, based in Cheltenham, has had access to the system since at least June 2010, and generated 197 intelligence reports from it last year.

    The US-run programme, called Prism, would appear to allow GCHQ to circumvent the formal legal process required to seek personal material such as emails, photos and videos from an internet company based outside the UK.

    The use of Prism raises ethical and legal issues about such direct access to potentially millions of internet users, as well as questions about which British ministers knew of the programme.

    In a statement to the Guardian, GCHQ, insisted it “takes its obligations under the law very seriously”.

    The details of GCHQ’s use of Prism are set out in documents prepared for senior analysts working at America’s National Security Agency, the biggest eavesdropping organisation in the world.

    Dated April this year, the papers describe the remarkable scope of a previously undisclosed “snooping” operation which gave the NSA and the FBI easy access to the systems of nine of the world’s biggest internet companies. The group includes Google, Facebook, Microsoft, Apple, Yahoo and Skype.

    The documents, which appear in the form of a 41-page PowerPoint presentation, suggest the firms co-operated with the Prism programme. Technology companies denied knowledge of Prism, with Google insisting it “does not have a back door for the government to access private user data”. But the companies acknowledged that they complied with legal orders.

    The existence of Prism, though, is not in doubt.

    Thanks to changes to US surveillance law introduced under President George W Bush and renewed under Barack Obama in December 2012, Prism was established in December 2007 to provide in-depth surveillance on live communications and stored information about foreigners overseas.

    The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.

    The documents make clear the NSA has been able to obtain unilaterally both stored communications as well as real-time collection of raw data for the last six years, without the knowledge of users, who would assume their correspondence was private.

    The NSA describes Prism as “one of the most valuable, unique and productive accesses” of intelligence, and boasts the service has been made available to spy organisations from other countries, including GCHQ.

    It says the British agency generated 197 intelligence reports from Prism in the year to May 2012 – marking a 137% increase in the number of reports generated from the year before. Intelligence reports from GCHQ are normally passed to MI5 and MI6.

    The documents underline that “special programmes for GCHQ exist for focused Prism processing”, suggesting the agency has been able to receive material from a bespoke part of the programme to suit British interests.

    Unless GCHQ has stopped using Prism, the agency has accessed information from the programme for at least three years. It is not mentioned in the latest report from the Interception of Communications Commissioner Office, which scrutinises the way the UK’s three security agencies use the laws covering the interception and retention of data.

    Asked to comment on its use of Prism, GCHQ said it “takes its obligations under the law very seriously. Our work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the intelligence and security committee”.

    The agency refused to be drawn on how long it had been using Prism, how many intelligence reports it had gleaned from it, or which ministers knew it was being used.

    A GCHQ spokesperson added: “We do not comment on intelligence matters.”

    The existence and use of Prism reflects concern within the intelligence community about access it has to material held by internet service providers.

    Many of the web giants are based in the US and are beyond the jurisdiction of British laws. Very often, the UK agencies have to go through a formal legal process to request information from service providers.

    Because the UK has a mutual legal assistance treaty with America, GCHQ can make an application through the US department of justice, which will make the approach on its behalf.

    Though the process is used extensively – almost 3,000 requests were made to Google alone last year – it is time consuming. Prism would appear to give GCHQ a chance to bypass the procedure.

    In its statement about Prism, Google said it “cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a back door for the government to access private user data”.

    Several senior tech executives insisted they had no knowledge of Prism or of any similar scheme. They said they would never have been involved in such a programme.

    “If they are doing this, they are doing it without our knowledge,” one said. An Apple spokesman said it had “never heard” of Prism.

    In a statement confirming the existence of Prism, James Clapper, the director of national intelligence in the US, said: “Information collected under this programme is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats.”

    A senior US administration official said: “The programme is subject to oversight by the foreign intelligence surveillance court, the executive branch, and Congress. It involves extensive procedures, specifically approved by the court, to ensure that only non-US persons outside the US are targeted, and that minimise the acquisition, retention and dissemination of incidentally acquired information about US persons.”

    Nick Hopkins
    guardian.co.uk, Friday 7 June 2013 14.27 BST

    Find this story at 7 June 2013

    © 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Phone Records Shared With U.K.

    Data on U.S. customers, secretly collected from phone companies, has been shared with British security agencies, writes Eli Lake. Plus, everything you need to know about the NSA Spying Program.

    At least one foreign government has gained access to sensitive data collected by the National Security Agency from U.S. telecommunications companies in dragnet court warrants demanding the secret transfer of U.S. customers’ calling records.

    The information collected by the NSA, known as “metadata,” does not include the content of the phone calls or the names of the people associated with the accounts. But it does tell the government when calls were made, what numbers were dialed, and the location and duration of those calls. Current and former U.S. intelligence officials familiar with the longstanding program to collect metadata from American telecommunications and Internet companies tell The Daily Beast that, in a few discreet cases, the NSA has shared unedited analysis of these records with its British counterpart, the Government Communications Headquarters (GCHQ).

    The Guardian on Friday reported that documents the newspaper obtained showed the GCHQ in 2010 gained access to an NSA metadata collection program known as Prism to secretly tap into the servers of leading internet companies such as Apple and Google. The documents showed the British generated 197 intelligence reports from access to the system in 2012, the Guardian reported.

    Late Thursday, James Clapper, the director of national intelligence, issued a statement defending the government’s collection of phone records, which he said protected the privacy of most Americans. For example, Clapper said only specially trained personnel could access the vast database of metadata collected by the government. A secret body known as the Foreign Intelligence Surveillance Court reviews the program every 90 days and only allows the government to query the database “when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization.”

    Clapper was responding to an article The Guardian published Wednesday based on a secret court order that demanded Verizon Business Network Services Inc. hand over to the federal government all “metadata” from its customers between April 25 and July 19. On Thursday the chairmen and ranking members of the House and Senate intelligence committees said the program had been in place since 2006, and the court order disclosed by The Guardian was a routine request by the government for the caller records. The Washington Post on Thursday disclosed that the NSA has also run a separate monitoring program to tap directly into the servers of nine U.S. Internet companies to extract information from users, ranging from video and audio files to emails.

    With advances in computer science, intelligence services can now mine vast amounts of data collected by telecom companies, Internet service providers, and social-media sites for patterns that can illuminate terrorist networks and help solve crimes. Rep. Mike Rogers, the Republican chairman of the House Permanent Select Committee on Intelligence, told reporters that he knew of one instance where the NSA metadata program thwarted a domestic terrorist attack.

    ‘Somebody’s gotta go to jail for something!’ Watch these amateur Internet pundits scold the NSA.
    These metadata, these intelligence officers say, reside in vast hard drives that belong to the NSA. Analysts there can then take a phone number or email address and uncover suspected terrorists’ associates, find their locations, and even learn clues about their possible targets.

    Peter Wood, the CEO of First Base Technologies, a security firm that works closely with British law enforcement in this area, says this kind of “big data” analysis can be useful to federal law enforcement.

    “All emails have headers, which are full of information most people don’t see,” Wood says. “It allows law enforcement to trace the root and source of emails—that gives them the provenance of an email. This allows them to determine the physical origin of threats, if they can be sure the source of the email has not, in turn, been compromised itself.” Wood compared the analysis to how commercial Internet companies use similar data to target ads to individuals based on their search patterns.

    “The big open question is what happens to this data when it’s collected.”
    Sometimes, the analysis of metadata is shared between allied services, current and retired U.S. intelligence officers say. This is particularly true with the GCHQ, Britain’s equivalent of the NSA.

    One former senior U.S. intelligence official with knowledge of the program tells The Daily Beast, “My understanding is if the British had a phone number, we might run the number through the database for them and provide them with the results.”

    “I do not know of cases where the U.S. government has shared this kind of metadata with the United Kingdom, but I would be surprised if this never happened,” Wood says. “Both countries cooperate very closely on counterterrorism.”

    The U.S. and the U.K. have an agreement to share signal intercepts and electronic intelligence through a pact known as the United Kingdom United States of America Agreement. Over the years, the agreement has been expanded to include Australia, Canada, and New Zealand.

    U.S. intelligence officials who spoke to The Daily Beast said that British nationals were not permitted to sit at the actual terminals where NSA analysts mine the metadata collected from phone companies and Internet service providers. But British GCHQ has received unredacted analysis of targeted searches, according to these sources.

    A spokeswoman for the NSA declined to comment for this article.

    “The whole idea of sharing information that could be of value in a terrorism investigation would be a high priority, especially after 9/11,” says James Bamford, the author of three histories of the NSA, including his most recent book, The Shadow Factory. “If the United States feels it got the information legally, which it does in this case, then from all I know the NSA believes it has the authority to pass the intelligence on to intelligence partners.”

    Jameel Jaffer, deputy legal director at the American Civil Liberties Union, says he is worried about what becomes of the records collected by the NSA. “The big open question is what happens to this data when it’s collected,” Jaffer says. “Is it shared amongst agencies? Is it used in law-enforcement investigations? Has it been used in prosecutions? And has it been shared with foreign countries—and which foreign countries has it been shared with and under what conditions?”

    The Daily Beast
    by Eli Lake Jun 7, 2013 4:45 AM EDT

    Find this story at 7 June 2013

    © 2013 The Newsweek/Daily Beast Company LLC

    Verizon giving US government information about British companies

    American telecoms giant Verizon has been handing information about British companies to the US government, putting it on a collision course with UK regulators.
    On Verizon’s UK website, the company makes a point of telling customers it will help to defend them against spying by government agencies Photo: AP

    The company has found itself at the centre of a major scandal in the US, after it emerged that the National Security Agency (NSA) is collecting the telephone records of millions of customers on an “ongoing, daily basis”, under a top-secret court order issued in April.

    The US is also reaching directly into the servers of Facebook, Google and other internet companies to harvest data. The NSA’s classified PRISM programme reportedly allows the government to collect virtually limitless amounts of information from emails, pictures and social media accounts.

    Verizon on Thursday battled to prevent a customer backlash by telling them it had no choice in the matter. The Obama administration justified the surveillance, claiming it was a “critical tool in protecting the nation from terrorist threats”.

    Two other major American wireless providers, AT&T and Sprint, have also been receiving similar orders, as have credit card companies, sources told the Wall Street Journal.

    It is not clear whether Verzion Wireless, the US wireless operator owned by Verizon and Britain’s Vodafone, has received an order. Vodafone, which owns 45pc and has no operational role in the company, had no comment on Friday.
    Related Articles
    US spy scandal threatens Silicon Valley 11 Jun 2013
    US harvests data from Facebook, Google and other web giants 07 Jun 2013
    US to declassify secret surveillance documents after uproar 07 Jun 2013
    Obama govt secretly collecting US phone records 06 Jun 2013
    Analysis: latest leak could devastate Obama 06 Jun 2013
    EE to offer shared smartphone and tablet data plans 06 Jun 2013

    Verizon’s court order did not just stop at US shores. Washington called for Verizon to hand over all telephone records “for communications between the United States and abroad”, including calls routed via Verizon’s UK subsidiary, based in Reading.

    On Verizon’s UK website, the company makes a point of telling customers it will help to defend them against spying by government agencies.

    “Whether global or local, [your communications] must be secure because there are many threats to your organisation, from those that want to destroy your reputation and from those that want to take what’s yours,” the company says in a video entitled “2013 data breach”.

    “This year’s most talked about threat is espionage… with many [breaches] tracing back to state affiliated culprits, taking months or even years to detect.”

    However, the US government’s secret court order instructed Verizon to collect the numbers of the people at either end of each call, information about their location and the time and length of the conversation. It was not asked to record the actual conversations, but it was obliged to hold the information for a minimum of three months.

    The Information Commissioner’s Office, the regulator responsible for safeguarding privacy in the UK, is expected to investigate the security breach.

    When ordinary customers make calls out of the US, their network will connect them to the UK network they are calling, meaning Verizon has limited information about calls. However, it has comprehensive details about business customers making calls to colleagues across the Atlantic, as their calls are kept within the confines of the same network. Verizon would have pulled the information from its UK servers.

    These so-called enterprise systems are theoretically designed to reduce costs and boost security.

    Verizon could not be reached for comment.

    Unlike the phone tracking programme, where telecom companies are forced to hand over records, PRISM appears to allow the NSA to freely search the tech firms’ networks at any time.

    PRISM also allows the government access to the content of online accounts, whereas the phone programme provides data on the time and location of a call but does not tell investigators what was said.

    A secret slide show obtained by The Guardian and The Washington Post appear to indicate that the nine companies are willing participants in the programme, beginning with Microsoft in 2007.

    However, the Guardian reported that several of the companies claimed to have no knowledge of that their servers were being accessed by the government.

    Google said in a statement: “From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a ‘back door’ for the government to access private user data.”

    An Apple spokesman said: “We have never heard of PRISM. We do not provide any government agency with direct access to our servers and any agency requesting customer data must get a court order,” he said.

    The scale of the operation is detailed in a 41-page slideshow obtained by the two newspapers, which describes PRISM as the single largest source of NSA data.

    By Katherine Rushton, US Business Editor

    10:30AM BST 07 Jun 2013

    Find this story at 7 June 2013

    © Copyright of Telegraph Media Group Limited 2013

    Eyes and ears wide open; 2000

    Sophisticated telecommunication interception capabilities, of the sort that was used to unravel the cricket corruption scandal, are pushing the frontiers of communications intelligence.

    IN the age of digital communication, criminals are often better equipped but the line is also increasingly becoming unsafe. So, it appears, is running a large corporation, managing state secrets or just being a political dissident.

    Troops on border duties, even those on counter-terrorist duties in Jammu and Kashmir, have long known what Hansie Cronje and his associates evidently did not: no means of electronic communications is safe. Radio silence is maintained during all battle-fr ont operations. In emergencies, soldiers who speak Naga, Malayalam, or other languages, unlikely to be known to Pakistani signals intelligence, are pressed into service. Pakistan troops and irregulars on the Kargil heights last summer used a bewildering mix of Drassi, Shina, and Pushto in order to confuse Indian intelligence personnel, who were then forced to trawl the Kargil area for translators.

    Emerging material on interception capabilities of the United States makes clear just what the future might hold. The recently-exposed Project Echelon, for example, allows the U.S. to copy almost every piece of electronic communication worldwide: every fa x transmission, every e-mail messages, every mobile phone call, every other kind of telephone conversation.

    Few analysts of the cricket corruption scandal appear to have understood the capabilities of communication intelligence. The latest episode was, in fact, preceded by a series of successful technical telecommunication interception operations. Even as Indi an Airlines Flight IC 814 was on the tarmac in Kandahar last year, Research and Analysis Wing (RAW) officials had a good idea of who had carried out the hijacking, and how – thanks to a series of calls made by the Harkatul Mujahideen’s Mumbai-based opera tive, Abdul Ahmed Latif, during the course of the hijacking. Latif used a mobile telephone, and also a pay phone owned by three brothers from Jogeshwari – Rafiq Sheikh, Javed Sheikh and Muzaffar Sheikh – to remain in contact with his handlers in Karachi.

    Among the calls Latif made was one to an Urdu-service staff reporter at the British Broadcasting Corporation headquarters in London, complaining about the Indian negotiators’ intransigence in Kandahar. What Latif did not know was that RAW personnel, who use sophisticated electronic equipment to scan thousands of international and domestic long-distance calls, were listening in. When RAW chief A.S. Dulat visited Jammu two days later to persuade a reluctant Chief Minister Farooq Abdullah to allow the rele ase of prisoners in exchange for the lives of the passengers on IC 814, he was able to promise rapid progress to secure justice. Working with the telephone numbers provided by RAW, Mumbai Crime Branch investigators tracked down Latif and his associates w ithin two days. Their interrogation was crucial in identifying the hijackers.

    PAUL BATES / REUTERS

    At Menwith Hill in the U.K., one of the data analysis centres under Project Echelon, the world’s most sophisticated intelligence gathering network. The Echelon system allows the U.S. and its associates in the controversial project to monitor almost ev ery piece of electronic communication worldwide.

    Other technical operations have also been successful. In the summer of 1998, Punjab Police officials began an electronic communications sweep directed at the renewed activities of the Khalistan Liberation Force (KLF). Among the conversations that they st umbled upon were threat calls directed at affluent businessmen in Ludhiana, made by Dawood Ibrahim’s Nairobi-based associate Abu Salem, and from five unidentified mobile telephones in New Delhi. The numbers were passed on to the Delhi Crime Branch, where Inspector Ishwar Singh, responsible for the Hansie Cronje operation, was assigned charge of the investigation. The Delhi numbers were identified as belonging to the now-notorious Romesh Sharma.

    By November, Delhi Police and Intelligence Bureau officials say, they held hours of taped conversations between Sharma, Abu Salem and even top businessmen like Reliance industries chief Dhirubhai Ambani. Ambani, Central Bureau of Investigation (CBI) offi cials now conducting the probe say, was being pressured to meet payments that two high-profile Mumbai stock brokers claimed as their dues. The deal may just have been closed had it not been for a fateful October 20 police raid on Sharma, carried out by c ity South Range officials who had no knowledge of the Crime Branch-Intelligence Bureau surveillance operation. Nothing significant has been heard of the affair since the CBI took charge, perhaps unsurprising given the agency’s track record in cases invol ving political corruption.

    Other technical operations have not been quite as high profile, but they have led to significant results in combating terrorism. The five cellphone numbers provided by the Punjab Police in the Romesh Sharma case had also led, earlier that year, to the di scovery of a major arms-running operation run from New Delhi’s maximum security Tihar Jail. Punjab Police officials had begun by investigating reports that the KLF’s Harnek Singh ‘Bhap’ had entered into an alliance with jailed Uttar Pradesh mafia don Om Prakash ‘Babloo’ Shrivastav. The KLF, the force’s informants said, had agreed to provide personnel to execute a series of kidnappings to raise funds, while the Shrivastav gang in turn would be responsible for making available safehouses.

    Surveillance led the Crime Branch investigators to some bizarre findings. Mobile phones activate the radio cells nearest to their users’ locations. The five cellphone numbers being monitored activated a single cell, that nearest to Tihar Jail. The Babbar Khalsa International (BKI), it transpired, had already cut a deal with criminals, using phones made available by corrupt prison administration officials, for the delivery of an explosives consignment. Delhi Police officials were waiting for the Haryana- registered truck when it arrived in New Delhi on August 12, 1998. A consignment of RDX or Research Department Explosive, weighing 18 kg, had been hiden in the space between the rim and the boot of the truck, along with four sophisticated electronic timin g devices.

    Major breakthroughs based on technical operations came as early as 1996. Shortly after massive blasts occured in New Delhi’s Lajpat Nagar market on May 21, 1996, RAW made available intercepts that led the Srinagar Special Operations Group (SOG) of the Ja mmu and Kashmir Police to Jammu and Kashmir Islamic Front (JKIF) operative Farida Wani. Soon after, her boss, Hilal Baig, was shot dead by the SOG on July 17, 1996. Telephone intercepts also led the Gujarat Police to one of the JKIF’s top associates, Ahm edabad underworld baron and Dawood Ibrahim associate Abdul Rashid Latif. Latif was arrested from New Delhi by a Gujarat Police Anti-Terrorist Squad on October 10, 1996, and was killed later while attempting to escape from custody in Ahmedabad.

    Although intelligence officials are unwilling to discuss details, sources say dozens of recent operations targeting the Lashkar-e-Taiba’s activities outside Jammu and Kashmir have been similarly based on communications intelligence. Khalistan terrorists have also been hit through technical means; the January 1999 arrest of a Babbar Khalsa operative who crossed over from Pakistan is one instance. In 1998, Indian intelligence personnel monitoring calls from two U.S.- based Khalistan financiers detected su ccessive calls to a mobile number in Chandigarh. Monitoring led the local police to the gates of the Burail Jail, where, it turned out, Beant Singh assassination-accused Jagtar Singh Hawara had been using the telephone not only to organise a jailbreak bu t to order pizzas, using the convenient address of the Jail Superintendent’s office.

    JUST how, then, does communications intelligence work? Contrary to the popular perception, intercepting communications is fairly easy. Scanners can pluck mobile phone signals from the air, and many Western countries have an underground business in fake s ubscriber-identity cards. On August 27 last year, for example, the New York Police arrested three men who were intercepting pager messages meant for the city’s Mayor and Police Commissioner and then selling the contents to media outlets. A conference cal l between U.S. House Speaker Newt Gingrich and his party colleagues was similarly intercepted, and the transcript published in The New York Times. Commercially available equipment even allows remote espionage on the text being typed on a computer screen, or eavesdroppers to listen in to conversations being conducted over a hundred metres away.

    Since 1997, however, is a growing body of material on the world’s largest and most sophisticated communications intelligence network, codenamed Echelon. Now the subject of growing controversy following revelations that Echelon was used by the U.S. for co mmercial espionage directed at its North Atlantic Treaty Organisation (NATO) allies, notably France, the organisation emerged from a 1947 United Kingdom-U.S. treaty on sharing intelligence. Canada, Australia and New Zealand later joined the treaty.

    Unlike routine espionage operations, Echelon does not target individual electronic communications. It instead gathers vast amounts of traffic on satellites, sub-sea cables, microwave relay stations and high frequency radio. This body of information is su bjected to computer analysis at Echelon centres around the world, notably at Menwith Hill in the U.K., Pine Gap in Australia, Buckley Field near Denver in the U.S., and Bad Aibling in Germany. The computers separate the data gathered into fax, data and v oice communication. This body of material is then subject to searches for certain key words, for example ‘atomic’ or ‘missile’, or for specific telephone numbers and e-mail addresses.

    A WELTER of means is available in the Echelon system to monitor almost all long-distance electronic communication. According to a report by expert Duncan Campbell, which formed the core of discussions in the European Parliament in 1998, U.S. Central Inte lligence Agency (CIA) satellites are central to the Echelon system. Satellites of the Magnum, Orion and Rutley class can target very high frequency (VHF) radios, cellular phones, pagers and mobile data links across the globe. Since only a fraction of mic rowave signals in fact arrive at the receiving station, and the rest pass into space, such traffic is also vulnerable. Satellites of the Mercury class target microwave communications, which carry much inter-city traffic. Other satellites intercept traffi c directed at communication satellites, including the Intelsat system.

    Embassies and High Commissions form a second important chain in the Echelon system. Foreign missions are located in capital cities and important business centres, which also tend to be the hub for inter-city microwave networks. Since diplomatic premises are not subject to national regulations, most missions install surveillance equipment targeted at their host countries. In some cases, Echelon systems tap directly into the telecommunications infrastructure. Campbell discovered that the Menwith Hill stat ion, for example, taps directly into the British Telecom microwave hub, which receives traffic from sub-sea transatlantic cables. Some media reports have even accused U.S.-based corporations, such as Microsoft of cooperating with their governments to bui ld surveillance mechanisms into software.

    Key word searches are just one of the means through which Echelon surveillance works. Since such searches are most effective for text, there has been extensive research on software that can translate voice communications into computer-readable characters . Campbell’s report to the European Parliament suggests that such technology is, at best, of only limited reliability. There has, however, been success in the matter of voice recognition software, which enables computer systems to pick out an individual speaking through the mass of intercepted data. In theory, for example, Echelon systems could detect Osama bin Laden once he initiated a conversation.

    The Echelon network is not the world’s only major intelligence gathering operation, although it is by far the world’s most sophisticated. At least 30 countries operate large-scale communications intelligence operations, including India and Pakistan. The largest are outside Echelon is the Russian FAPSI, with some 54,000 employees. China also maintains a large establishment, with two stations directed at Russia in tandem with the U.S. There are no firm figures on Echelon’s budget, but reliable estimates s uggest that over $20 billion is spent worldwide on communication intelligence-related activities. Much of India’s effort has been focussed on military-related signals intelligence, which acquires not only communications but also radar data and details of Army movements.

    Nor is it clear whether fighting crime or terrorism is the sole concern of major communications intelligence organisations. The 1998 European Parliament report on electronic espionage claims that U.S. intelligence intercepted conversations between govern ment officials in Brazil and the French firm Thompson-CSF. It used the information to secure a $1.3 billion contract for Thompson-CSF’s U.S. rival, Raytheon. Mike Frost, in his book Spyworld, claims that Canadian agents tapped the U.S. Ambassador’ s conversations to undercut that country’s bid for a $2.5 billion wheat deal. Frost, himself a former operative of the Canadian communication security establishment, claims that British intelligence even invited their counterparts in Canada to place unde r surveillance two politicians suspected by former Prime Minister Margaret Thatcher of political disloyalty.

    NEW developments could push the frontiers of communications intelligence even further. In January, U.S. civil rights organisations challenged new rules which would compel telecommunications firms to provide on demand, without a warrant, the exact locatio n of mobile phone users to the Federal Bureau of Investigation (FBI). The new rules, which came about as a result of the Communications Assistance to Law Enforcement Act of 1994, would also mean that companies would have to deliver packet mode communicat ions, those used on the Internet, to the FBI. Echelon had allowed intelligence agencies to bypass laws forbidding unauthorised surveillance of U.S. and U.K. citizens by the simple expedient of asking their alliance counterparts, not bound by such laws, t o carry out the task.

    There is little anecdotal material, and even less reliable literature, on the Indian capabilities in this field. It is known, for example, that intelligence agencies compelled pager and mobile phone companies to install surveillance equipment, but only o ther technical means that are at their disposal are not known. Few officials are willing to discuss the subject. Informed sources, however, told Frontline that RAW did have facilities to scan communications for key words, but that both the softwar e and the hardware used left more than a little to be desired. Its voice recognition capabilities too are relatively limited. Police organisations, for their part, have minimal access to such technology, which is limited relatively to simple operations s uch as mobile phone scanning. And while the pending Information Technology Bill of 1999 will give intelligence agencies wide powers to intercept Internet traffic, existing legal restrictions on telephone interception mean that little such evidence can be admitted to have been gathered in the first place, let alone used in trial courts.

    When news of the cricket corruption scandal broke, commentators claimed variously that it was impossible to intercept mobile phone conversations or that the Delhi Police had secured a technological feat. Neither was true. Intercepting communications, voi ce or otherwise, is almost industrial in scale, more automated perhaps than any manufacturing process. Be sure when you next send an e-mail out into cyberspace that its recipient might not be the only one to read it with interest.

    Volume 17 – Issue 09, Apr. 29 – May 12, 2000

    PRAVEEN SWAMI

    Find this story at 29 April 2000

    Copyrights © 2000, Frontline.

    Trade Secrets : Is the U.S.’s most advanced surveillance system feeding economic intelligence to American businesses? 1999

    No one is surprised that the United States uses sophisticated electronic spying techniques against its enemies. But Europeans are increasingly worried about allegations that the U.S. uses those same techniques to gather economic intelligence about its allies.

    The most extensive claims yet came this spring in a report written for the European Parliament. The report says that the U.S.

    National Security Agency, through an electronic surveillance system called Echelon, routinely tracks telephone, fax, and e-mail transmissions from around the world and passes on useful corporate intelligence to American companies.

    Among the allegations: that the NSA fed information to Boeing and McDonnell Douglas enabling the companies to beat out European Airbus Industrie for a $ 6 billion contract; and that Raytheon received information that helped it win a $ 1.3 billion contract to provide radar to Brazil, edging out the French company Thomson-CSF. These claims follow previous allegations that the NSA supplied U.S. automakers with information that helped improve their competitiveness with the Japanese (see “Company Spies,” May/June 1994).

    Is there truth to these allegations? The NSA is among the most secretive of U.S. intelligence agencies and won’t say much beyond the fact that its mission is “foreign signals intelligence.” The companies involved all refused to comment.

    “Since the NSA’s collection capabilities are so grotesquely powerful, it’s difficult to know what’s going on over there,” says John Pike, an analyst at the watchdog group Federation of American Scientists, who has tracked the NSA for years.

    This much is known: The NSA owns one of the largest collections of supercomputers in the world, and it’s an open secret–as documented in the European Parliament report–that Echelon vacuums up massive amounts of data from communications satellites and the Internet and then uses its computers to winnow it down. The system scans communications for keywords–“bomb,” for instance–that might tip off analysts to an interesting topic.

    Fueling allegations of corporate espionage is the fact that defense contractors and U.S. intelligence agencies are linked extensively through business relationships. Raytheon, for instance, has large contracts to service NSA equipment, according to the European report.

    Englishman Glyn Ford, the European Parliament member who initiated the study, wants the NSA to come clean about its activities in Europe. And the Europeans have some leverage on this issue, if they decide to use it. In a drive to improve surveillance, the United States is pressuring European governments to make telephone companies build eavesdropping capabilities into their new systems. But if that’s what the U.S. wants, says Ford, it’s going to have to be open about what information it’s collecting: “If we are going to leave the keys under the doormat for the United States, we want a guarantee that they’re not going to steal the family silver,” he says.

    In the meantime, congressional critics have started to wonder if all that high-powered eavesdropping is limited to overseas snooping. In April, Bob Barr (R-Ga.), a member of the House Government Reform Committee, said he was worried by reports that the NSA was engaged in illicit domestic spying.

    “We don’t have any direct evidence from the NSA, since they’ve refused to provide any reports, even when asked by the House Intelligence Committee,” Barr says. “But if in fact the NSA is pulling two million transmissions an hour off of these satellites, I don’t think there’s any way they have of limiting them to non-U.S. citizens.”

    Last May, after the NSA stonewalled requests to discuss the issue, Congress amended the intelligence appropriations bill to require the agency to submit a report to Congress. (The bill is still in a conference committee.) And the NSA will face more questions when the Government Reform Committee holds hearings on Echelon and other surveillance programs.

    “We ought to prevent any agency from the dragnet approach–where they throw out a net and drag anything in,” Barr says.

    Kurt Kleiner
    Mother Jones November 1, 1999

    Find this story at 1 November 1999

    Copyright © 2013 Mother Jones and the Foundation for National Progress.

    We Call a Top NSA Whistleblower … And Get the REAL SCOOP on Spying

    Government Tapping CONTENT, Not Just Metadata … Using Bogus “Secret Interpretation” of Patriot Act

    We reported in 2008 that foreign companies have had key roles scooping up Americans’ communications for the NSA:

    At least two foreign companies play key roles in processing the information.

    Specifically, an Israeli company called Narus processes all of the information tapped by AT &T (AT & T taps, and gives to the NSA, copies of all phone calls it processes), and an Israeli company called Verint processes information tapped by Verizon (Verizon also taps, and gives to the NSA, all of its calls).

    Business Insider notes today:

    The newest information regarding the NSA domestic spying scandal raises an important question: If America’s tech giants didn’t ‘participate knowingly’ in the dragnet of electronic communication, how does the NSA get all of their data?

    One theory: the NSA hired two secretive Israeli companies to wiretap the U.S. telecommunications network.

    In April 2012 Wired’s James Bamford — author of the book “The Shadow Factory: The NSA from 9/11 to the Eavesdropping on America” — reported that two companies with extensive links to Israel’s intelligence service provided hardware and software the U.S. telecommunications network for the National Security Agency (NSA).

    By doing so, this would imply, companies like Facebook and Google don’t have to explicitly provide the NSA with access to their servers because major Internet Service Providers (ISPs) such as AT&T and Verizon already allows the U.S. signals intelligence agency to eavesdrop on all of their data anyway.

    From Bamford (emphasis ours):

    “According to a former Verizon employee briefed on the program, Verint, owned by Comverse Technology, taps the communication lines at Verizon…

    At AT&T the wiretapping rooms are powered by software and hardware from Narus, now owned by Boeing, a discovery made by AT&T whistleblower Mark Klein in 2004.”

    Klein, an engineer, discovered the “secret room” at AT&T central office in San Francisco, through which the NSA actively “vacuumed up Internet and phone-call data from ordinary Americans with the cooperation of AT&T” through the wiretapping rooms, emphasizing that “much of the data sent through AT&T to the NSA was purely domestic.”

    NSA whistleblower Thomas Drake corroborated Klein’s assertions, testifying that while the NSA is using Israeli-made NARUS hardware to “seize and save all personal electronic communications.”

    Both Verint and Narus were founded in Israel in the 1990s.

    ***

    “Anything that comes through (an internet protocol network), we can record,” Steve Bannerman, marketing vice president of Narus, a Mountain View, California company, said. “We can reconstruct all of their e-mails along with attachments, see what web pages they clicked on, we can reconstruct their (voice over internet protocol) calls.”

    With a telecom wiretap the NSA only needs companies like Microsoft, Google, and Apple to passively participate while the agency to intercepts, stores, and analyzes their communication data. The indirect nature of the agreement would provide tech giants with plausible deniability.

    And having a foreign contractor bug the telecom grid would mean that the NSA gained access to most of the domestic traffic flowing through the U.S. without technically doing it themselves.

    This would provide the NSA, whose official mission is to spy on foreign communications, with plausible deniability regarding domestic snooping.

    The reason that Business Insider is speculating about the use of private Israeli companies to thwart the law is that 2 high-ranking members of the Senate Intelligence Committee – Senators Wyden and Udall – have long said that the government has adopted a secret interpretation of section 215 of the Patriot Act which would shock Americans, because it provides a breathtakingly wide program of spying.

    Last December, top NSA whistleblower William Binney – a 32-year NSA veteran with the title of senior technical director, who headed the agency’s global digital data gathering program (featured in a New York Times documentary, and the source for much of what we know about NSA spying) – said that the government is using a secret interpretation of Section 215 of the Patriot Act which allows the government to obtain:

    Any data in any third party, like any commercial data that’s held about U.S. citizens ….

    (relevant quote starts at 4:19).

    I called Binney to find out what he meant.

    I began by asking Binney if Business Insider’s speculation was correct. Specifically, I asked Binney if the government’s secret interpretation of Section 215 of the Patriot Act was that a foreign company – like Narus, for example – could vacuum up information on Americans, and then the NSA would obtain that data under the excuse of spying on foreign entities … i.e. an Israeli company.

    Binney replied no … it was broader than that.

    Binney explained that the government is taking the position that it can gather and use any information about American citizens living on U.S. soil if it comes from:

    Any service provider … any third party … any commercial company – like a telecom or internet service provider, libraries, medical companies – holding data about anyone, any U.S. citizen or anyone else.

    I followed up to make sure I understood what Binney was saying, asking whether the government’s secret interpretation of Section 215 of the Patriot Act was that the government could use any information as long as it came from a private company … foreign or domestic. In other words, the government is using the antiquated, bogus legal argument that it was not using its governmental powers (called “acting under color of law” by judges), but that it was private companies just doing their thing (which the government happened to order all of the private companies to collect and fork over).

    Binney confirmed that this was correct. This is what the phone company spying program and the Prism program – the government spying on big Internet companies – is based upon. Since all digital communications go through private company networks, websites or other systems, the government just demands that all of the companies turn them over.

    Let’s use an analogy to understand how bogus this interpretation of the Patriot Act is. This argument is analogous to a Congressman hiring a hit man to shoot someone asking too many questions, and loaning him his gun to carry out the deed … and then later saying “I didn’t do it, it was that private citizen!” That wouldn’t pass the laugh test even at an unaccredited, web-based law school offered through a porn site.

    I then asked the NSA veteran if the government’s claim that it is only spying on metadata – and not content – was correct. We have extensively documented that the government is likely recording content as well. (And the government has previously admitted to “accidentally” collecting more information on Americans than was legal, and then gagged the judges so they couldn’t disclose the nature or extent of the violations.)

    Binney said that was not true; the government is gathering everything, including content.

    Binney explained – as he has many times before – that the government is storing everything, and creating a searchable database … to be used whenever it wants, for any purpose it wants (even just going after someone it doesn’t like).

    Binney said that former FBI counter-terrorism agent Tim Clemente is correct when he says that no digital data is safe (Clemente says that all digital communications are being recorded).

    Binney gave me an idea of how powerful Narus recording systems are. There are probably 18 of them around the country, and they can each record 10 gigabytes of data – the equivalent of a million and a quarter emails with 1,000 characters each – per second.

    Binney next confirmed the statement of the author of the Patriot Act – Congressman Jim Sensenbrenner – that the NSA spying programs violate the Patriot Act. After all, the Patriot Act is focused on spying on external threats … not on Americans.

    Binney asked rhetorically: “How can an American court [FISA or otherwise] tell telecoms to cough up all domestic data?!”

    Update: Binney sent the following clarifying email about content collection:

    It’s clear to me that they are collecting most e-mail in full plus other text type data on the web.

    As for phone calls, I don’t think they would record/transcribe the approximately 3 billion US-to-US calls every day. It’s more likely that they are recording and transcribing calls made by the 500,000 to 1,000,000 targets in the US and the world.

    Posted on June 8, 2013 by WashingtonsBlog

    Find this story at 8 June 2013

    © 2007 – 2013 Washington’s Blog

    Whistle-Blower Outs NSA Spy Room: 2006

    AT&T’s central office on Folsom Street in San Francisco houses a secret room that allows the National Security Agency to monitor phone and internet traffic, according to former AT&T technician-cum-whistle-blower Mark Klein. View Slideshow

    AT&T provided National Security Agency eavesdroppers with full access to its customers’ phone calls, and shunted its customers’ internet traffic to data-mining equipment installed in a secret room in its San Francisco switching center, according to a former AT&T worker cooperating in the Electronic Frontier Foundation’s lawsuit against the company.

    Mark Klein, a retired AT&T communications technician, submitted an affidavit in support of the EFF’s lawsuit this week. That class action lawsuit, filed in federal court in San Francisco last January, alleges that AT&T violated federal and state laws by surreptitiously allowing the government to monitor phone and internet communications of AT&T customers without warrants.

    On Wednesday, the EFF asked the court to issue an injunction prohibiting AT&T from continuing the alleged wiretapping, and filed a number of documents under seal, including three AT&T documents that purportedly explain how the wiretapping system works.

    According to a statement released by Klein’s attorney, an NSA agent showed up at the San Francisco switching center in 2002 to interview a management-level technician for a special job. In January 2003, Klein observed a new room being built adjacent to the room housing AT&T’s #4ESS switching equipment, which is responsible for routing long distance and international calls.

    “I learned that the person whom the NSA interviewed for the secret job was the person working to install equipment in this room,” Klein wrote. “The regular technician work force was not allowed in the room.”

    Klein’s job eventually included connecting internet circuits to a splitting cabinet that led to the secret room. During the course of that work, he learned from a co-worker that similar cabinets were being installed in other cities, including Seattle, San Jose, Los Angeles and San Diego.

    “While doing my job, I learned that fiber optic cables from the secret room were tapping into the Worldnet (AT&T’s internet service) circuits by splitting off a portion of the light signal,” Klein wrote.

    The split circuits included traffic from peering links connecting to other internet backbone providers, meaning that AT&T was also diverting traffic routed from its network to or from other domestic and international providers, according to Klein’s statement.

    The secret room also included data-mining equipment called a Narus STA 6400, “known to be used particularly by government intelligence agencies because of its ability to sift through large amounts of data looking for preprogrammed targets,” according to Klein’s statement.

    Narus, whose website touts AT&T as a client, sells software to help internet service providers and telecoms monitor and manage their networks, look for intrusions, and wiretap phone calls as mandated by federal law.

    Klein said he came forward because he does not believe that the Bush administration is being truthful about the extent of its extrajudicial monitoring of Americans’ communications.

    “Despite what we are hearing, and considering the public track record of this administration, I simply do not believe their claims that the NSA’s spying program is really limited to foreign communications or is otherwise consistent with the NSA’s charter or with FISA,” Klein’s wrote. “And unlike the controversy over targeted wiretaps of individuals’ phone calls, this potential spying appears to be applied wholesale to all sorts of internet communications of countless citizens.”

    After asking for a preview copy of the documents last week, the government did not object to the EFF filing the paper under seal, although the EFF asked the court Wednesday to make the documents public.

    One of the documents is titled “Study Group 3, LGX/Splitter Wiring, San Francisco,” and is dated 2002. The others are allegedly a design document instructing technicians how to wire up the taps, and a document that describes the equipment installed in the secret room.

    In a letter to the EFF, AT&T objected to the filing of the documents in any manner, saying that they contain sensitive trade secrets and could be “could be used to ‘hack’ into the AT&T network, compromising its integrity.”

    According to court rules, AT&T has until Thursday to file a motion to keep the documents sealed. The government could also step in to the case and request that the documents not be made public, or even that the entire lawsuit be barred under the seldom-used State Secrets Privilege.

    AT&T spokesman Walt Sharp declined to comment on the allegations, citing a company policy of not commenting on litigation or matters of national security, but did say that “AT&T follows all laws following requests for assistance from government authorities.”

    Ryan Singel 04.07.06

    Find this story at 4 July 2006

    Wired.com © 2013 Condé Nast

    What was the Israeli involvement in collecting U.S. communications intel for NSA?

    Israeli high-tech firms Verint and Narus have had connections with U.S. companies and Israeli intelligence in the past, and ties between the countries’ intelligence agencies remain strong.

    Were Israeli companies Verint and Narus the ones that collected information from the U.S. communications network for the National Security Agency?

    The question arises amid controversy over revelations that the NSA has been collecting the phone records of hundreds of millions of Americans every day, creating a database through which it can learn whether terror suspects have been in contact with people in the United States. It also was disclosed this week that the NSA has been gathering all Internet usage – audio, video, photographs, emails and searches – from nine major U.S. Internet providers, including Microsoft and Google, in hopes of detecting suspicious behavior that begins overseas.

    According to an article in the American technology magazine “Wired” from April 2012, two Israeli companies – which the magazine describes as having close connections to the Israeli security community – conduct bugging and wiretapping for the NSA.

    Verint, which took over its parent company Comverse Technology earlier this year, is responsible for tapping the communication lines of the American telephone giant Verizon, according to a past Verizon employee sited by James Bamford in Wired. Neither Verint nor Verizon commented on the matter.

    Natus, which was acquired in 2010 by the American company Boeing, supplied the software and hardware used at AT&T wiretapping rooms, according to whistleblower Mark Klein, who revealed the information in 2004. Klein, a past technician at AT&T who filed a suit against the company for spying on its customers, revealed a “secret room” in the company’s San Fransisco office, where the NSA collected data on American citizens’ telephone calls and Internet surfing.

    Klein’s claims were reinforced by former NSA employee Thomas Drake who testified that the agency uses a program produced by Narus to save the personal electrical communications of AT&T customers.

    Both Verint and Narus have ties to the Israeli intelligence agency and the Israel Defense Forces intelligence-gathering unit 8200. Hanan Gefen, a former commander of the 8200 unit, told Forbes magazine in 2007 that Comverse’s technology, which was formerly the parent company of Verint and merged with it this year, was directly influenced by the technology of 8200. Ori Cohen, one of the founders of Narus, told Fortune magazine in 2001 that his partners had done technology work for the Israeli intelligence.

    International intel

    The question of whether intelligence communities outside the United States were involved has been raised. According to The Guardian, the Government Communications Headquarters (GCHQ), Britain’s intelligence agency, secretly collected intelligence information from the world’s largest Internet companies via the American program PRISM. According to a top secret document obtained by The Guardian, GCHQ had access to PRISM since 2010 and it used the information to prepare 197 intelligence reports last year. In a statement to the Guardian, GCHQ, said it “takes its obligations under the law very seriously.”

    According to The Guardian, details of GCHQ’s use of PRISM are set out in a 41-page PowerPoint presentation prepared for senior NSA analysts, and describe a “snooping” operation that gave the NSA and FBI access to the systems of nine Internet giants, including Google, Facebook, Microsoft, Apple, Yahoo and Skype.

    Given the close ties between U.S. and Israeli intelligence, the question arises as to whether Israeli intelligence, including the Mossad, was party to the secret.

    Obama stands by spies

    At turns defensive and defiant, U.S. President Barack Obama stood by the spy programs revealed this week.

    He declared Friday that his country is “going to have to make some choices” balancing privacy and security, launching a vigorous defense of formerly secret programs that sweep up an estimated 3 billion phone calls a day and amass Internet data from U.S. providers in an attempt to thwart terror attacks.

    Obama also warned that it will be harder to detect threats against the United States now that the two top-secret tools to target terrorists have been so thoroughly publicized.

    “Nobody is listening to your telephone calls,” Obama assured the nation after two days of reports that many found unsettling. What the government is doing, he said, is digesting phone numbers and the durations of calls, seeking links that might “identify potential leads with respect to folks who might engage in terrorism.” If there’s a hit, he said, “if the intelligence community then actually wants to listen to a phone call, they’ve got to go back to a federal judge, just like they would in a criminal investigation.”

    Tapping thwarted terror attack

    While Obama said the aim of the programs is to make America safe, he offered no specifics about how the surveillance programs have done this. House Intelligence Committee Chairman Mike Rogers, R-Mich., on Thursday said the phone records sweeps had thwarted a domestic terror attack, but he also didn’t offer specifics.

    U.S. government sources said on Friday that the attack in question was an Islamist militant plot to bomb the New York City subway system in 2009.

    Obama asserted his administration had tightened the phone records collection program since it started in the George W. Bush administration and is auditing the programs to ensure that measures to protect Americans’ privacy are heeded – part of what he called efforts to resist a mindset of “you know, `Trust me, we’re doing the right thing. We know who the bad guys are.'”

    But again, he provided no details on how the program was tightened or what the audit is looking at.

    Obama: 100% privacy is impossible

    The furor this week has divided Congress, and led civil liberties advocates and some constitutional scholars to accuse Obama of crossing a line in the name of rooting out terror threats.

    Obama, himself a constitutional lawyer, strove to calm Americans’ fears – but also remind them that Congress and the courts had signed off on the surveillance.

    “I think the American people understand that there are some trade-offs involved,” Obama said when questioned by reporters at a health care event in San Jose, California.

    “It’s important to recognize that you can’t have 100 percent security and also then have 100 percent privacy and zero inconvenience,” he said. “We’re going to have to make some choices as a society. And what I can say is that in evaluating these programs, they make a difference in our capacity to anticipate and prevent possible terrorist activity.”

    Obama said U.S. intelligence officials are looking at phone numbers and lengths of calls – not at people’s names – and not listening in.

    The two classified surveillance programs were revealed this week in newspaper reports that showed, for the first time, how deeply the National Security Agency dives into telephone and Internet data to look for security threats. The new details were first reported by The Guardian and The Washington Post, and prompted Director of National Intelligence James Clapper to take the unusual and reluctant step of acknowledging the programs’ existence.

    Obama echoed intelligence experts – both inside and outside the government – who predicted that potential attackers will find other, secretive ways to communicate now that they know that their phone and Internet records may be targeted.

    By TheMarker, Haaretz, The Associated Press and Reuters | Jun.08, 2013 | 12:41 PM | 17

    Find this story at 8 June 2013

    © Haaretz Daily Newspaper Ltd.

    U.S. Collects Vast Data Trove; NSA Monitoring Includes Three Major Phone Companies, as Well as Online Activity

    WASHINGTON—The National Security Agency’s monitoring of Americans includes customer records from the three major phone networks as well as emails and Web searches, and the agency also has cataloged credit-card transactions, said people familiar with the agency’s activities.

    Jerry Seib explains how the far-reaching data collection conducted by the U.S. government includes phone companies in addition to Verizon, plus Internet service providers and Apple. Photo: Getty Images

    The disclosure this week of an order by a secret U.S. court for Verizon Communications Inc.’s phone records set off the latest public discussion of the program. But people familiar with the NSA’s operations said the initiative also encompasses phone-call data from AT&T Inc. and Sprint Nextel Corp., records from Internet-service providers and purchase information from credit-card providers.

    The Obama administration says its review of complete phone records of U.S. citizens is a “necessary tool” in protecting the nation from terror threats. Is this the accepted new normal, or has the Obama administration pushed the bounds of civil liberties? Cato Institute Director of Information Policy Studies Jim Harper weighs in. Photo: Getty Images.

    The agency is using its secret access to the communications of millions of Americans to target possible terrorists, said people familiar with the effort.

    The NSA’s efforts have become institutionalized—yet not so well known to the public—under laws passed in the wake of the Sept. 11, 2001, attacks. Most members of Congress defended them Thursday as a way to root out terrorism, but civil-liberties groups decried the program.
    Vote and comment

    The National Security Agency is obtaining phone records from all Verizon U.S. customers under a secret court order, according to a newspaper report and ex-officials. WSJ intelligence correspondent Siobhan Gorman joins MoneyBeat. Photo: AP.

    “Everyone should just calm down and understand this isn’t anything that is brand new,” said Senate Majority Leader Harry Reid (D., Nev.), who added that the phone-data program has “worked to prevent” terrorist attacks.

    Senate Intelligence Chairman Dianne Feinstein (D., Calif.) said the program is lawful and that it must be renewed by the secret U.S. court every three months. She said the revelation about Verizon, reported by the London-based newspaper the Guardian, seemed to coincide with its latest renewal.
    All Things D
    The Laws That Make It Easy for the Government to Spy on Americans
    More
    What the NSA Wants to Know About You and Your Phone
    Tech Companies’ Data Is Also Tapped
    FISA Court in Focus
    Obama’s Civil-Liberties Record Questioned
    When NSA Calls, Companies Answer
    Mixed Reactions on Hill
    Lawmakers Push Holder for Briefing on Phone Records | More Reaction
    Verizon Says Must Comply with Data Requests
    Government Is Tracking Verizon Calls
    NSA’s Domestic Spying Grows as Agency Sweeps Up Data (3/10/2008)
    NSA Exceeds Legal Limits in Eavesdropping Program (4/16/2009)
    U.S. Plans ‘Perfect Citizen’ Cyber Shield for Utilities, Companies (7/8/2010)
    NSA Activities Violated Fourth Amendment Rights, Letter Discloses (7/20/2012)

    Civil-liberties advocates slammed the NSA’s actions. “The most recent surveillance program is breathtaking. It shows absolutely no effort to narrow or tailor the surveillance of citizens,” said Jonathan Turley, a constitutional law expert at George Washington University.

    Meanwhile, the Obama administration acknowledged Thursday a secret NSA program dubbed Prism, which a senior administration official said targets only foreigners and was authorized under U.S. surveillance law. The Washington Post and the Guardian reported earlier Thursday the existence of the previously undisclosed program, which was described as providing the NSA and FBI direct access to server systems operated by tech companies that include Google Inc., Apple Inc., Facebook Inc., Yahoo Inc., Microsoft Corp. and Skype. The newspapers, citing what they said was an internal NSA document, said the agencies received the contents of emails, file transfers and live chats of the companies’ customers as part of their surveillance activities of foreigners whose activity online is routed through the U.S. The companies mentioned denied knowledge or participation in the program.

    The arrangement with Verizon, AT&T and Sprint, the country’s three largest phone companies means, that every time the majority of Americans makes a call, NSA gets a record of the location, the number called, the time of the call and the length of the conversation, according to people familiar with the matter. The practice, which evolved out of warrantless wiretapping programs begun after 2001, is now approved by all three branches of the U.S. government.

    AT&T has 107.3 million wireless customers and 31.2 million landline customers. Verizon has 98.9 million wireless customers and 22.2 million landline customers while Sprint has 55 million customers in total.

    NSA also obtains access to data from Internet service providers on Internet use such as data about email or website visits, several former officials said. NSA has established similar relationships with credit-card companies, three former officials said.

    It couldn’t be determined if any of the Internet or credit-card arrangements are ongoing, as are the phone company efforts, or one-shot collection efforts. The credit-card firms, phone companies and NSA declined to comment for this article.
    From the Archives

    More
    Video: U.S. Data Gathering Highlights Carriers’ Balancing Act
    Video: U.S. Tracks Verizon Calls: A Lawyer’s Take

    Though extensive, the data collection effort doesn’t entail monitoring the content of emails or what is said in phone calls, said people familiar with the matter. Investigators gain access to so-called metadata, telling them who is communicating, through what medium, when, and where they are located.

    But the disconnect between the program’s supporters and detractors underscored the difficulty Congress has had navigating new technology, national security and privacy.

    The Obama administration, which inherited and embraced the program from the George W. Bush administration, moved Thursday to forcefully defend it. White House spokesman Josh Earnest called it “a critical tool in protecting the nation from terror threats.”

    But Sen. Ron Wyden (D., Ore.), said he has warned about the breadth of the program for years, but only obliquely because of classification restrictions.

    “When law-abiding Americans call their friends, who they call, when they call, and where they call from is private information,” he said. “Collecting this data about every single phone call that every American makes every day would be a massive invasion of Americans’ privacy.”

    In the wake of the Sept. 11 attacks, phone records were collected without a court order as a component of the Bush-era warrantless surveillance program authorized by the 2001 USA Patriot Act, which permitted the collection of business records, former officials said.

    The ad hoc nature of the NSA program changed after the Bush administration came under criticism for its handling of a separate, warrantless NSA eavesdropping program.

    President Bush acknowledged its existence in late 2005, calling it the Terrorist Surveillance Program, or TSP.

    When Democrats retook control of Congress in 2006, promising to investigate the administration’s counterterrorism policies, Bush administration officials moved to formalize court oversight of the NSA programs, according to former U.S. officials.

    Congress in 2006 also made changes to the Patriot Act that made it easier for the government to collect phone-subscriber data under the Foreign Intelligence Surveillance Act.

    Those changes helped the NSA collection program become institutionalized, rather than one conducted only under the authority of the president, said people familiar with the program.

    Along with the TSP, the NSA collection of phone company customer data was put under the jurisdiction of a secret court that oversees the Foreign Intelligence Surveillance Act, according to officials.

    David Kris, a former top national security lawyer at the Justice Department, told a congressional hearing in 2009 that the government first used the so-called business records authority in 2004.

    At the time he was urging the reauthorization of the business-records provisions, known as Section 215 of the Patriot Act, which Congress later approved.

    The phone records allow investigators to establish a database used to run queries when there is “reasonable, articulable suspicion” that the records are relevant and related to terrorist activity, Ms. Feinstein said Thursday.

    Director of National Intelligence James Clapper also issued a defense of the phone data surveillance program, saying it is governed by a “robust legal regime.” Under the court order, the data can only “be queried when there is a reasonable suspicion, based on specific facts, that the particular basis for the query is associated with a foreign terrorist organization.” When the data is searched, all information acquired is “subject to strict restrictions on handling” overseen by the Justice Department and the surveillance court, and the program is reviewed roughly every 90 days, he said. Another U.S. official said less than 1% of the records are accessed.

    The database allows investigators to “map” individuals connected with that information, said Jeremy Bash, who until recently was chief of staff at the Pentagon and is a former chief counsel to the House Intelligence committee.

    “We are trying to find a needle in a haystack, and this is the haystack,” Mr. Bash said, referring to the database.

    Sen. Wyden on Thursday questioned whether U.S. officials have been truthful in public descriptions of the program. In March, Mr. Wyden noted, he questioned Mr. Clapper, who said the NSA did not “wittingly” collect any type of data pertaining to millions Americans. Spokesmen for Mr. Clapper didn’t respond to requests for comment.

    For civil libertarians, this week’s disclosure of the court authorization for part of the NSA program could offer new avenues for challenges. Federal courts largely have rebuffed efforts that target NSA surveillance programs, in part because no one could prove the information was being collected. The government, under both the Bush and Obama administrations, has successfully used its state-secrets privilege to block such lawsuits.

    Jameel Jaffer, the American Civil Liberties Union’s deputy legal director, said the fact the FISA court record has now become public could give phone-company customers standing to bring a lawsuit.

    “Now we have a set of people who can show they have been monitored,” he said.

    Updated June 7, 2013, 9:25 a.m. ET

    By SIOBHAN GORMAN, EVAN PEREZ and JANET HOOK

    —Danny Yadron and Jennifer Valentino-DeVries contributed to this article.

    Find this story at 7 June 2013

     

    Copyright 2012 Dow Jones & Company, Inc. All Rights Reserved

    NSA revelations put Booz Allen Hamilton, Carlyle Group in uncomfortable limelight

    The Carlyle Group has spent years attempting to shed its image as a well-connected private equity firm leveraging Washington heavyweights in the defense sector. Instead, it nurtured a reputation as a financially sophisticated asset manager that buys and sells everything from railroads to oil refineries.

    The recent disclosures involving National Security Agency surveillance on U.S. citizens by an employee of Booz Allen Hamilton, a Virginia consulting firm that is majority owned by Carlyle, has thrust two of Washington’s most prominent corporate entities uncomfortably into the limelight, bound by the thread of turning government secrets into profits.

    Booz Allen employee Edward Snowden was fired Tuesday after he confessed to being the source of stories about NSA data collection programs. Federal investigators are examining how Snowden, who worked at an NSA facility in Hawaii and had also worked for the CIA, was able to gain access to sensitive information.

    Carlyle declined to comment.

    Booz Allen, based in Tysons Corner, has been a local fixture for years, employing thousands and providing management and consulting services to the government, particularly the defense and intelligence agencies. It even sponsored a local golf tournament — the Booz Allen Classic — between 2004 and 2006.

    It also became a leader among the contractors supplying tens of thousands of intelligence analysts to the government in recent years, including technologists such as Snowden.

    Those government contracts, and thousands more like them, in 2008 made Booz Allen a ripe acquisition target for Carlyle.

    It paid $2.54 billion for Booz Allen as a deep recession took hold. Fearing the risks of taking on too much debt in the midst of a financial crisis, Carlyle put up 50 percent cash instead of its normal 30 percent. It borrowed the rest to buy the company, which was then privately held.

    Upon the close of the deal, the less profitable international and commercial business was spun off to become Booz & Co., leaving Carlyle with a government-only company.

    After the split, the new Booz Allen Hamilton established an incentive-based compensation structure that gave the remaining partners a stake in the firm’s success. In effect, said one person close to the deal who was not authorized to speak publicly, “you got to eat what you killed.”

    The incentives helped spur profits.

    “Everybody has a responsibility, depending on your title, to bring in a certain amount of business,” said William Loomis, managing director at financial services firm Stifel Nicolaus.

    Booz Allen, which employs 24,500, had a net profit of $219 million on revenue of nearly $5.8 billion for the fiscal year ended March 31. For the same period ending in 2010, the year the company went public, the company earned $25 million on $5.1 billion in revenue.

    George A. Price Jr., senior equity research analyst for aerospace, defense and government services at BB&T Capital Markets, said “they’ve got a great brand, they’ve focused over time on hiring top people, including bringing on people who have a lot of senior government experience.”

    Carlyle has cashed in on the increased demand of Booz Allen’s services. As profits and revenue have grown, Booz Allen has borrowed money to pay dividends to shareholders, including Carlyle.

    Carlyle collected nearly $550 million in dividends in 2009 alone. Last year, Booz Allen issued another special shareholder dividend valued at $765 million — most of which went to Carlyle investors.

    Booz Allen went public in 2010, and Carlyle now owns 95.66 million shares — around 69 percent of the total shares outstanding — valued at about $1.66 billion at the current stock price.

    As government contracting began to wane, Booz Allen has pursued commercial work and opened an office in Abu Dhabi in the United Arab Emirates. The contractor, for instance, is marketing cybersecurity and other services to Middle Eastern companies and governments.

    The moves are at least partly in response to federal budget cutting, which has taken a toll on the business.

    “We consider ourselves a well-run company, and in the past year we’ve become even better in managing our business in a difficult market for government contracting,” Booz Allen spokesman James Fisher said.

    Price, the analyst, said the company has seen revenue and profit declines more recently. “They’re not immune from the current environment,” he said, adding that the cuts the company has made have “blunted” the effect.

    Carlyle may ultimately reap as much as $3 billion on its initial nearly $1 billion investment. In the end, Booz Allen is shaping up to be one of the firm’s biggest home runs.

    By Thomas Heath and Marjorie Censer, Published: June 12

    Find this story at 12 June 2013

    © The Washington Post Company

    Leak highlights risk of outsourcing US spy work

    WASHINGTON: The explosive leak uncovering America’s vast surveillance program highlights the risks Washington takes by entrusting so much of its defense and spy work to private firms, experts said on Monday.

    From analyzing intelligence to training new spies, jobs that were once performed by government employees are now carried out by paid contractors, in a dramatic shift that began in the 1990s amid budget pressures.

    Edward Snowden, the 29-year-old man whose leak uncovered how spy agencies sift through phone records and Internet traffic, is among a legion of private contractors who make up nearly 30 percent of the workforce in intelligence agencies.

    After the attacks of September 11, 2001, the use of contractors boomed, as government agencies turned to private firms in the global hunt for terror suspects, touting it as a cost-effective way to avoid a permanent increase in the number of civil servants.

    As a “contractor alley” rose in the suburbs of northern Virginia outside Washington, the increasing reliance on contractors by the Pentagon and spy services has often been criticized as wasteful and possibly corrupt. But some former intelligence officers and experts warn that it also opens up the spy agencies to big security risks.

    The contractors who wear a “green badge” to enter government offices may lack the ethos and discretion of career intelligence officers who wear the “blue badge,” according to John Schindler, a former analyst at the National Security Agency and counterintelligence officer. In a series of tweets, Schindler, who now teaches at the Naval War College, heaped scorn on Snowden for spilling secrets.

    But he said it was not surprising the disclosure came from a “green badge” holder and suggested sensitive information technology jobs should not be contracted out. “Been telling my CI (counter intelligence) peeps for years that NSA & IC ( intelligence community) only 1 disgruntled, maladjusted IT dork away from disaster (esp IT contractor)…oh well,” he wrote.

    Systems administrators are the 21st century equivalent of the Cold War-era “code clerks,” he said, as they may not hold a high rank but have access to vital information.

    Most contractors are former military or intelligence officers, and America’s top spy chief, James Clapper, once worked at Booz Allen Hamilton, the same firm that employed Snowden. Another former national intelligence director, Michael McConnell, also worked at the firm before and after holding the director’s post.

    Booz Allen has profited heavily from intelligence work, reportedly earning $1.3 billion or 23 percent of its total revenue from contracts with spy agencies. Former CIA director and defense secretary Robert Gates has voiced concern that too much sensitive work has been farmed out to private companies.

    “You want somebody who’s really in it for a career because they’re passionate about it and because they care about the country and not just because of the money,” he told the Washington Post in 2010.

    A special website lists job openings for those with security credentials, clearancejobs.com, with positions advertised such as “Intelligence Analyst 3/Targeter” for Northrop Grumman.

    “The primary function of a Specialized Skills Officer is to collaborate with a team of intelligence professionals in support of HUMINT operations against priority targets,” said the notice for a workplace in McLean, Virgina.

    But the threat of damaging leaks may have less to do with a dependence on contractors and more to do with a younger generation’s distrust of Washington, said James Lewis, a former senior official and cyber security expert at the Center for Strategic and International Studies.

    Private contracting does not in and itself pose a serious threat to keeping secrets, Lewis told AFP. “It’s a risk because of the differing attitudes of generations,” he said. “People who haven’t been in the federal service for a long time, who have this view of government shaped by the popular culture are probably more inclined to do this.”

    He noted that the most extensive leak of US classified documents came not from a contractor but a low-ranking soldier in the US Army, Private Bradley Manning, who is on trial on espionage charges after admitting to handing over hundreds of thousands of secret files to the WikiLeaks website.

    AFP Jun 11, 2013, 04.52AM IST

    Find this story at 11 June 2013

    © 2013 Bennett, Coleman & Co. Ltd.

    Boundless Informant NSA data-mining tool – four key slides

    The top-secret Boundless Informant tool details and maps by country the voluminous amount of information it collects from computer and telephone networks

    guardian.co.uk, Saturday 8 June 2013 20.11 BST

    Find this story at 8 June 2013

    Boundless Informant: the NSA’s secret tool to track global surveillance data

    Revealed: The NSA’s powerful tool for cataloguing global surveillance data – including figures on US collection

    The color scheme ranges from green (least subjected to surveillance) through yellow and orange to red (most surveillance). Note the ‘2007’ date in the image relates to the document from which the interactive map derives its top secret classification, not to the map itself.

    The National Security Agency has developed a powerful tool for recording and analysing where its intelligence comes from, raising questions about its repeated assurances to Congress that it cannot keep track of all the surveillance it performs on American communications.

    The Guardian has acquired top-secret documents about the NSA datamining tool, called Boundless Informant, that details and even maps by country the voluminous amount of information it collects from computer and telephone networks.

    The focus of the internal NSA tool is on counting and categorizing the records of communications, known as metadata, rather than the content of an email or instant message.

    The Boundless Informant documents show the agency collecting almost 3 billion pieces of intelligence from US computer networks over a 30-day period ending in March 2013. One document says it is designed to give NSA officials answers to questions like, “What type of coverage do we have on country X” in “near real-time by asking the SIGINT [signals intelligence] infrastructure.”

    An NSA factsheet about the program, acquired by the Guardian, says: “The tool allows users to select a country on a map and view the metadata volume and select details about the collections against that country.”

    Under the heading “Sample use cases”, the factsheet also states the tool shows information including: “How many records (and what type) are collected against a particular country.”

    A snapshot of the Boundless Informant data, contained in a top secret NSA “global heat map” seen by the Guardian, shows that in March 2013 the agency collected 97bn pieces of intelligence from computer networks worldwide.
    The heat map reveals how much data is being collected from around the world. Note the ‘2007’ date in the image relates to the document from which the interactive map derives its top secret classification, not to the map itself.

    Iran was the country where the largest amount of intelligence was gathered, with more than 14bn reports in that period, followed by 13.5bn from Pakistan. Jordan, one of America’s closest Arab allies, came third with 12.7bn, Egypt fourth with 7.6bn and India fifth with 6.3bn.

    The heatmap gives each nation a color code based on how extensively it is subjected to NSA surveillance. The color scheme ranges from green (least subjected to surveillance) through yellow and orange to red (most surveillance).

    The disclosure of the internal Boundless Informant system comes amid a struggle between the NSA and its overseers in the Senate over whether it can track the intelligence it collects on American communications. The NSA’s position is that it is not technologically feasible to do so.

    At a hearing of the Senate intelligence committee In March this year, Democratic senator Ron Wyden asked James Clapper, the director of national intelligence: “Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?”

    “No sir,” replied Clapper.

    Judith Emmel, an NSA spokeswoman, told the Guardian in a response to the latest disclosures: “NSA has consistently reported – including to Congress – that we do not have the ability to determine with certainty the identity or location of all communicants within a given communication. That remains the case.”

    Other documents seen by the Guardian further demonstrate that the NSA does in fact break down its surveillance intercepts which could allow the agency to determine how many of them are from the US. The level of detail includes individual IP addresses.

    IP address is not a perfect proxy for someone’s physical location but it is rather close, said Chris Soghoian, the principal technologist with the Speech Privacy and Technology Project of the American Civil Liberties Union. “If you don’t take steps to hide it, the IP address provided by your internet provider will certainly tell you what country, state and, typically, city you are in,” Soghoian said.

    That approximation has implications for the ongoing oversight battle between the intelligence agencies and Congress.

    On Friday, in his first public response to the Guardian’s disclosures this week on NSA surveillance, Barack Obama said that that congressional oversight was the American peoples’ best guarantee that they were not being spied on.

    “These are the folks you all vote for as your representatives in Congress and they are being fully briefed on these programs,” he said. Obama also insisted that any surveillance was “very narrowly circumscribed”.

    Senators have expressed their frustration at the NSA’s refusal to supply statistics. In a letter to NSA director General Keith Alexander in October last year, senator Wyden and his Democratic colleague on the Senate intelligence committee, Mark Udall, noted that “the intelligence community has stated repeatedly that it is not possible to provide even a rough estimate of how many American communications have been collected under the Fisa Amendments Act, and has even declined to estimate the scale of this collection.”

    At a congressional hearing in March last year, Alexander denied point-blank that the agency had the figures on how many Americans had their electronic communications collected or reviewed. Asked if he had the capability to get them, Alexander said: “No. No. We do not have the technical insights in the United States.” He added that “nor do we do have the equipment in the United States to actually collect that kind of information”.

    Soon after, the NSA, through the inspector general of the overall US intelligence community, told the senators that making such a determination would jeopardize US intelligence operations – and might itself violate Americans’ privacy.

    “All that senator Udall and I are asking for is a ballpark estimate of how many Americans have been monitored under this law, and it is disappointing that the inspectors general cannot provide it,” Wyden told Wired magazine at the time.

    The documents show that the team responsible for Boundless Informant assured its bosses that the tool is on track for upgrades.

    The team will “accept user requests for additional functionality or enhancements,” according to the FAQ acquired by the Guardian. “Users are also allowed to vote on which functionality or enhancements are most important to them (as well as add comments). The BOUNDLESSINFORMANT team will periodically review all requests and triage according to level of effort (Easy, Medium, Hard) and mission impact (High, Medium, Low).”

    Emmel, the NSA spokeswoman, told the Guardian: “Current technology simply does not permit us to positively identify all of the persons or locations associated with a given communication (for example, it may be possible to say with certainty that a communication traversed a particular path within the internet. It is harder to know the ultimate source or destination, or more particularly the identity of the person represented by the TO:, FROM: or CC: field of an e-mail address or the abstraction of an IP address).

    “Thus, we apply rigorous training and technological advancements to combine both our automated and manual (human) processes to characterize communications – ensuring protection of the privacy rights of the American people. This is not just our judgment, but that of the relevant inspectors general, who have also reported this.”

    She added: “The continued publication of these allegations about highly classified issues, and other information taken out of context, makes it impossible to conduct a reasonable discussion on the merits of these programs.”

    Glenn Greenwald and Ewen MacAskill
    guardian.co.uk, Tuesday 11 June 2013 14.00 BST
    Additional reporting: James Ball in New York and Spencer Ackerman in Washington

    Find this story at 11 June 2013

    © 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Sources: NSA sucks in data from 50 companies

    Analysts at the National Security Agency can now secretly access real-time user data provided by as many as 50 American companies, ranging from credit rating agencies to internet service providers, two government officials familiar with the arrangements said.

    Several of the companies have provided records continuously since 2006, while others have given the agency sporadic access, these officials said. These officials disclosed the number of participating companies in order to provide context for a series of disclosures about the NSA’s domestic collection policies. The officials, contacted independently, repeatedly said that “domestic collection” does not mean that the target is based in the U.S. or is a U.S. citizen; rather, it refers only to the origin of the data.

    The Wall Street Journal reported today that U.S. credit card companies had also provided customer information. The officials would not disclose the names of the companies because, they said, doing so would provide U.S. enemies with a list of companies to avoid. They declined to confirm the list of participants in an internet monitoring program revealed by the Washington Post and the Guardian, but both confirmed that the program existed.

    “The idea is to create a mosaic. We get a tip. We vet it. Then we mine the data for intelligence,” one of the officials said.

    In a statement, Director of National Intelligence James Clapper said that programs collect communications “pursuant to section 702 of the Foreign Intelligence Surveillance Act, ” and “cannot be used to intentionally target any U.S. citizen, any other U.S person, or anyone within the United States.”

    He called the leaks “reprehensible” and said the program “is among the most important” sources of “valuable” intelligence information the government takes in.

    One of the officials who spoke to me said that because data types are not standardized, the NSA needs several different collection tools, of which PRISM, disclosed today by the Guardian and the Washington Post, is one. PRISM works well because it is able to handle several different types of data streams using different basic encryption methods, the person said. It is a “front end” system, or software, that allows an NSA analyst to search through the data and pull out items of significance, which are then stored in any number of databases. PRISM works with another NSA program to encrypt and remove from the analysts’ screen data that a computer or the analyst deems to be from a U.S. person who is not the subject of the investigation, the person said. A FISA order is required to continue monitoring and analyzing these datasets, although the monitoring can start before an application package is submitted to the Foreign Intelligence Surveillance Court.

    From the different types of data, including their credit card purchases, the locations they sign in to the internet from, and even local police arrest logs, the NSA can track people it considers terrorism or espionage suspects in near-real time. An internet geo-location cell is on constant standby to help analysts determine where a subject logs in from. Most of the collection takes place on subjects outside the U.S, but a large chunk of the world’s relevant communication passes through American companies with servers on American soil. So the NSA taps in locally to get at targets globally.

    It is not clear how the NSA interfaces with the companies. It cannot use standard law enforcement transmission channels to do, since most use data protocols that are not compatible with that hardware. Several of the companies mentioned in the Post report deny granting access to the NSA, although it is possible that they are lying, or that the NSA’s arrangements with the company are kept so tightly compartmentalized that very few people know about it. Those who do probably have security clearances and are bound by law not to reveal the arrangement.

    This arrangement allows the U.S. companies to “stay out of the intelligence business,” one of the officials said. That is, the government bears the responsibility for determining what’s relevant, and the company can plausibly deny that it subjected any particular customer to unlawful government surveillance. Previously, Congressional authors of the FAA said that such a “get out of jail free” card was insisted by corporations after a wave of lawsuits revealed the extent of their cooperation with the government.

    It is possible, but not likely, that the NSA clandestinely burrows into servers on American soil, without the knowledge of the company in question, although that would be illegal.

    The 2008 FISA Amendments Act allow the NSA to analyze, with court orders, domestic communications of all types for counter-terrorism, counter-espionage, counter-narcotics and counter-proliferation purposes. If the agency believes that both ends of the communication, or the circle of those communicating, are wholly within the U.S., the FBI takes over. If one end of the conversation is outside the U.S., the NSA keeps control of the monitoring. An administration official said that such monitoring is subject to “extensive procedures,” but as the Washington Post reported, however, it is often very difficult to segregate U.S. citizens and residents from incidental contact.

    One official likened the NSA’s collection authority to a van full of sealed boxes that are delivered to the agency. A court order, similar to the one revealed by the Guardian, permits the transfer of custody of the “boxes.” But the NSA needs something else, a specific purpose or investigation, in order to open a particular box. The chairman of the Senate intelligence committee, Sen. Dianne Feinstein, said the standard was “a reasonable, articulatable” suspicion, but did not go into details.

    Legally, the government can ask companies for some of these records under a provision of the PATRIOT Act called the “business records provision.” Initially, it did so without court cognizance. Now, the FISC signs off on every request.

    Armed with what amounts to a rubber stamp court order, however, the NSA can collect and store trillions of bytes of electromagnetic detritus shaken off by American citizens. In the government’s eyes, the data is simply moving from one place to another. It does not become, in the government’s eyes, relevant or protected in any way unless and until it is subject to analysis. Analysis requires that second order.

    And the government insists that the rules allowing the NSA or the FBI to analyze anything relating to U.S. persons or corporations are strict, bright-line, and are regularly scrutinized to ensure that innocents don’t get caught up in the mix. The specifics, however, remain classified, as do the oversight mechanisms in place.

    The wave of disclosures about the NSA programs have significantly unsettled the intelligence community.

    The documents obtained by the two newspapers are marked ORCON, or originator controlled, which generally means that the agency keeps a record of every person who accesses them online and knows exactly who might have printed out or saved or accessed a copy. The NSA in particular has a good record of protecting its documents.

    The scope of the least suggest to one former senior intelligence official who now works for a corporation that provides data to the NSA that several people with top-level security clearances had to be involved.

    The motive, I suspect, is to punch through the brittle legal and moral foundation that modern domestic surveillance is based upon. Someone, at a very high level, or several people, may have simply found that the agency’s zeal to collect information blinded it to the real-world consequences of such a large and unending program. The minimization procedures might also be well below the threshold that most Americans would expect.

    Clapper said in his statement that the disclosures about the program “risk important protections for the security of Americans.”

    June 6, 2013, at 8:02 PM

    Ambinder is co-author of a new book about government secrecy and surveillance, Deep State: Inside the Government Secrecy Industry.

    Find this story at 6 June 2013

    © 2013 THE WEEK PUBliCATIONS, INC.

    NSA Prism program taps in to user data of Apple, Google and others

    A slide depicting the top-secret PRISM program.

    The National Security Agency has obtained direct access to the systems of Google, Facebook, Apple and other US internet giants, according to a top secret document obtained by the Guardian.

    The NSA access is part of a previously undisclosed program called Prism, which allows officials to collect material including search history, the content of emails, file transfers and live chats, the document says.

    The Guardian has verified the authenticity of the document, a 41-slide PowerPoint presentation – classified as top secret with no distribution to foreign allies – which was apparently used to train intelligence operatives on the capabilities of the program. The document claims “collection directly from the servers” of major US service providers.

    Although the presentation claims the program is run with the assistance of the companies, all those who responded to a Guardian request for comment on Thursday denied knowledge of any such program.

    In a statement, Google said: “Google cares deeply about the security of our users’ data. We disclose user data to government in accordance with the law, and we review all such requests carefully. From time to time, people allege that we have created a government ‘back door’ into our systems, but Google does not have a back door for the government to access private user data.”

    Several senior tech executives insisted that they had no knowledge of Prism or of any similar scheme. They said they would never have been involved in such a program. “If they are doing this, they are doing it without our knowledge,” one said.

    An Apple spokesman said it had “never heard” of Prism.

    The NSA access was enabled by changes to US surveillance law introduced under President Bush and renewed under Obama in December 2012.

    The program facilitates extensive, in-depth surveillance on live communications and stored information. The law allows for the targeting of any customers of participating firms who live outside the US, or those Americans whose communications include people outside the US.

    It also opens the possibility of communications made entirely within the US being collected without warrants.

    Disclosure of the Prism program follows a leak to the Guardian on Wednesday of a top-secret court order compelling telecoms provider Verizon to turn over the telephone records of millions of US customers.

    The participation of the internet companies in Prism will add to the debate, ignited by the Verizon revelation, about the scale of surveillance by the intelligence services. Unlike the collection of those call records, this surveillance can include the content of communications and not just the metadata.

    Some of the world’s largest internet brands are claimed to be part of the information-sharing program since its introduction in 2007. Microsoft – which is currently running an advertising campaign with the slogan “Your privacy is our priority” – was the first, with collection beginning in December 2007.

    It was followed by Yahoo in 2008; Google, Facebook and PalTalk in 2009; YouTube in 2010; Skype and AOL in 2011; and finally Apple, which joined the program in 2012. The program is continuing to expand, with other providers due to come online.

    Collectively, the companies cover the vast majority of online email, search, video and communications networks.

    The extent and nature of the data collected from each company varies.

    Companies are legally obliged to comply with requests for users’ communications under US law, but the Prism program allows the intelligence services direct access to the companies’ servers. The NSA document notes the operations have “assistance of communications providers in the US”.

    The revelation also supports concerns raised by several US senators during the renewal of the Fisa Amendments Act in December 2012, who warned about the scale of surveillance the law might enable, and shortcomings in the safeguards it introduces.

    When the FAA was first enacted, defenders of the statute argued that a significant check on abuse would be the NSA’s inability to obtain electronic communications without the consent of the telecom and internet companies that control the data. But the Prism program renders that consent unnecessary, as it allows the agency to directly and unilaterally seize the communications off the companies’ servers.

    A chart prepared by the NSA, contained within the top-secret document obtained by the Guardian, underscores the breadth of the data it is able to obtain: email, video and voice chat, videos, photos, voice-over-IP (Skype, for example) chats, file transfers, social networking details, and more.

    The document is recent, dating to April 2013. Such a leak is extremely rare in the history of the NSA, which prides itself on maintaining a high level of secrecy.

    The Prism program allows the NSA, the world’s largest surveillance organisation, to obtain targeted communications without having to request them from the service providers and without having to obtain individual court orders.

    With this program, the NSA is able to reach directly into the servers of the participating companies and obtain both stored communications as well as perform real-time collection on targeted users.

    The presentation claims Prism was introduced to overcome what the NSA regarded as shortcomings of Fisa warrants in tracking suspected foreign terrorists. It noted that the US has a “home-field advantage” due to housing much of the internet’s architecture. But the presentation claimed “Fisa constraints restricted our home-field advantage” because Fisa required individual warrants and confirmations that both the sender and receiver of a communication were outside the US.

    “Fisa was broken because it provided privacy protections to people who were not entitled to them,” the presentation claimed. “It took a Fisa court order to collect on foreigners overseas who were communicating with other foreigners overseas simply because the government was collecting off a wire in the United States. There were too many email accounts to be practical to seek Fisas for all.”

    The new measures introduced in the FAA redefines “electronic surveillance” to exclude anyone “reasonably believed” to be outside the USA – a technical change which reduces the bar to initiating surveillance.

    The act also gives the director of national intelligence and the attorney general power to permit obtaining intelligence information, and indemnifies internet companies against any actions arising as a result of co-operating with authorities’ requests.

    In short, where previously the NSA needed individual authorisations, and confirmation that all parties were outside the USA, they now need only reasonable suspicion that one of the parties was outside the country at the time of the records were collected by the NSA.

    The document also shows the FBI acts as an intermediary between other agencies and the tech companies, and stresses its reliance on the participation of US internet firms, claiming “access is 100% dependent on ISP provisioning”.

    In the document, the NSA hails the Prism program as “one of the most valuable, unique and productive accesses for NSA”.

    It boasts of what it calls “strong growth” in its use of the Prism program to obtain communications. The document highlights the number of obtained communications increased in 2012 by 248% for Skype – leading the notes to remark there was “exponential growth in Skype reporting; looks like the word is getting out about our capability against Skype”. There was also a 131% increase in requests for Facebook data, and 63% for Google.

    The NSA document indicates that it is planning to add Dropbox as a PRISM provider. The agency also seeks, in its words, to “expand collection services from existing providers”.

    The revelations echo fears raised on the Senate floor last year during the expedited debate on the renewal of the FAA powers which underpin the PRISM program, which occurred just days before the act expired.

    Senator Christopher Coons of Delaware specifically warned that the secrecy surrounding the various surveillance programs meant there was no way to know if safeguards within the act were working.

    “The problem is: we here in the Senate and the citizens we represent don’t know how well any of these safeguards actually work,” he said.

    “The law doesn’t forbid purely domestic information from being collected. We know that at least one Fisa court has ruled that the surveillance program violated the law. Why? Those who know can’t say and average Americans can’t know.”

    Other senators also raised concerns. Senator Ron Wyden of Oregon attempted, without success, to find out any information on how many phone calls or emails had been intercepted under the program.

    When the law was enacted, defenders of the FAA argued that a significant check on abuse would be the NSA’s inability to obtain electronic communications without the consent of the telecom and internet companies that control the data. But the Prism program renders that consent unnecessary, as it allows the agency to directly and unilaterally seize the communications off the companies’ servers.

    When the NSA reviews a communication it believes merits further investigation, it issues what it calls a “report”. According to the NSA, “over 2,000 Prism-based reports” are now issued every month. There were 24,005 in 2012, a 27% increase on the previous year.

    In total, more than 77,000 intelligence reports have cited the PRISM program.

    Jameel Jaffer, director of the ACLU’s Center for Democracy, that it was astonishing the NSA would even ask technology companies to grant direct access to user data.

    “It’s shocking enough just that the NSA is asking companies to do this,” he said. “The NSA is part of the military. The military has been granted unprecedented access to civilian communications.

    “This is unprecedented militarisation of domestic communications infrastructure. That’s profoundly troubling to anyone who is concerned about that separation.”

    A senior administration official said in a statement: “The Guardian and Washington Post articles refer to collection of communications pursuant to Section 702 of the Foreign Intelligence Surveillance Act. This law does not allow the targeting of any US citizen or of any person located within the United States.

    “The program is subject to oversight by the Foreign Intelligence Surveillance Court, the Executive Branch, and Congress. It involves extensive procedures, specifically approved by the court, to ensure that only non-US persons outside the US are targeted, and that minimize the acquisition, retention and dissemination of incidentally acquired information about US persons.

    “This program was recently reauthorized by Congress after extensive hearings and debate.

    “Information collected under this program is among the most important and valuable intelligence information we collect, and is used to protect our nation from a wide variety of threats.

    “The Government may only use Section 702 to acquire foreign intelligence information, which is specifically, and narrowly, defined in the Foreign Intelligence Surveillance Act. This requirement applies across the board, regardless of the nationality of the target.”

    Additional reporting by James Ball and Dominic Rushe

    Glenn Greenwald and Ewen MacAskill
    The Guardian, Friday 7 June 2013

    Find this story at 7 June 2013

    © 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Verizon order casts spotlight on secretive U.S. surveillance court

    (Reuters) – The leak of a document showing the Obama administration asked for millions of phone records has turned a spotlight anew on a secretive U.S. federal court set up 35 years ago to curb intelligence abuses.

    Made up of 11 judges who serve staggered seven-year terms, it is called the U.S. Foreign Intelligence Surveillance Court. The judges’ identities are known, along with the name of the person who appoints them: the chief justice, now John Roberts.

    In a departure from other courts, all of its rulings are secret and there is no adversarial system. Instead, government lawyers make a request and the judge either approves or rejects it. No other parties are present. The court approves nearly all requests, according to Justice Department data.

    In an annual report to Congress that is publicly available, the department said that in 2012 the government made 212 applications for access to business records, which is the same kind of request as that made of Verizon Communications Inc in the present case.

    The court denied none of the applications but amended 200 of them, the report said.

    The court also oversees applications for electronic surveillance and physical searches. There were 1,856 such applications in 2012, when all were approved except for one, which the government withdrew before the court could rule.

    Congress enacted the Foreign Intelligence Surveillance Act setting up the court in 1978 amid concerns about the lack of legal oversight over the intelligence community’s activities.

    Activity by the U.S. intelligence community uncovered by congressional investigations included illegal mail-opening programs and the targeting of domestic protesters and political opponents by the Nixon administration.

    Now, critics say, the court set up to curb misconduct is rubber-stamping drastically expanded intelligence gathering efforts started after the September 11, 2001, attacks that prompt similar concerns about infringements on civil liberties.

    Government authority to obtain records was expanded further by the 2001 USA Patriot Act, which Congress passed with overwhelming bipartisan support in the immediate aftermath of the attacks.

    ‘ANY TANGIBLE THINGS’

    The government cited Section 215 of the Patriot Act in making its request in the Verizon case. This section allows the government to ask the court for “any tangible things” as part of any authorized investigation related to terrorism or intelligence activities.

    As the Justice Department wrote in an October 2011 letter to members of Congress, the government must show, among other things, that the information sought is “relevant to an authorized national security investigation.”

    At least one president has tried to sidestep the court.

    President George W. Bush’s administration chose not to ask the court to approve wiretapping of calls between suspected terrorists until 2007, news accounts of the program’s existence prompted controversy. This incident led to increased concerns among civil liberties advocates that the government effectively had a green light to invade the privacy of Americans.

    Among the few who know how the secret court acts are members of Congress. The Obama administration has been keen to highlight how access to orders and opinions issued by the secret court is provided to members of both parties on the intelligence committees in both houses of Congress and on the Senate Judiciary Committee.

    The court is comprised of sitting federal judges, appointed for life, who take on the additional responsibility for the seven years of the surveillance court term. The judges are all over the country, although several are in the Washington area.

    It is not clear exactly how the chief justice chooses the judges who serve on the court. Some of the judges have a national security background while others do not, according to a source familiar with the court. Further information on how Chief Justice Roberts appoints judges was not immediately available from a U.S. Supreme Court spokeswoman.

    WASHINGTON PRESENCE

    The court has a physical presence in the U.S. District Court in Washington. The current presiding judge is Reggie Walton, a U.S. district judge in Washington who was appointed by Bush.

    The vast majority of judges now on the court are Republican appointees.

    The judge who approved the Verizon order, Roger Vinson, is a senior federal district judge in Florida. His term ended at the beginning of May. Vinson, a U.S. Navy veteran, was appointed to the bench by Republican President Ronald Reagan in 1983.

    The intelligence court’s workload increased after the September 11 attacks. Between 1978 and 2001, it received 46 emergency requests. In the year after September 11, there were 113, according to a legal textbook on national security by legal experts J. Douglas Wilson and David Kris, who was head of the Justice Department’s national security division from 2009 to 2011.

    A former member, U.S. District Judge Royce Lamberth of the District of Columbia, described his experience serving in a 2002 speech in which he denied that the court was a rubber stamp.

    “I ask questions. I get into the nitty gritty,” he said. “I know exactly what is going to be done and why. And my questions are answered, in every case, before I approve an application.”

    By Lawrence Hurley
    WASHINGTON | Thu Jun 6, 2013 6:40pm EDT
    (Reporting by Lawrence Hurley; Editing by Howard Goller and Philip Barbara)

    Find this story at 6 June 2013

    @2013 Thomson Reuters

    How Congress unknowingly legalized PRISM in 2007

    On Sept. 11, 2007, the National Security Agency signed up Microsoft as its first partner for PRISM, a massive domestic surveillance program whose existence was reported by the Washington Post today. That’s barely a month after Congress passed, and President George W. Bush signed, the Protect America Act.

    The Bush Administration portrayed the PAA as a technical fix designed to close a gap in America’s surveillance capabilities that had been opened by a then-recent ruling of the secretive Foreign Intelligence Surveillance Court (FISC). It proved to be much more than that.

    While the details are still classified, reports suggested that the FISC had ruled that it was illegal for the government to intercept communications between two foreign endpoints if the communications happened to pass through the United States. Warning that the U.S. would suddenly lose the ability to continue its surveillance of terrorists, the administration pushed the PAA through Congress in a matter of days.

    In reality, the PAA represented a sweeping change to American surveillance law. Before conducting surveillance, the PAA only required executive branch officials to “certify” that there were “reasonable procedures” in place for ensuring that surveillance “concerns” persons located outside the United States and that the foreign intelligence is a “significant purpose” of the program. A single certification could cover a broad program intercepting the communications of numerous individuals. And there was no requirement for judicial review of individual surveillance targets within a “certified” program.

    Civil liberties groups warned that the PAA’s vague requirements and lack of oversight would give the government a green light to seek indiscriminate access to the private communications of Americans. They predicted that the government would claim that they needed unfettered access to domestic communications to be sure they had gotten all relevant information about suspected terrorists.

    It now appears that this is exactly what the government did. Today’s report suggests that the moment the PAA was the law of the land, the NSA started using it to obtain unfettered access to the servers of the nation’s leading online services. To comply with the requirement that the government not target Americans, PRISM searches are reportedly “designed to produce at least 51 percent confidence in a target’s ‘foreignness’” — the lowest conceivable standard. PRISM training materials reportedly instruct users that if searches happen to turn up the private information of Americans, “it’s nothing to worry about.”

    The Protect America Act included a short six-month sunset provision, triggering another heated debate in the midst of the 2008 Democratic primary campaign. But that debate focused more on the past than the future. The telecom industry sought retroactive immunity for their participation in warrantless surveillance programs prior to 2007, a request Congress did not grant with the PAA.

    Retroactive immunity for telecom companies dominated the 2008 debate, overshadowing the more important issue of the sweeping new powers that Congress had just granted to the executive branch. When Congress finally passed the FISA Amendments Act in July 2008, it included both immunity and a four-year extension of the government’s warrantless spying powers. But few members of Congress realized the breadth of the surveillance powers they were effectively approving.

    The FISA Amandments Act was re-authorized for another five years in 2012 with little controversy. It will come up for a vote again in 2017 — though Congress could always choose to revisit it earlier.

    By Timothy B. Lee, Updated: June 6, 2013

    Find this story at 6 June 2013

    © The Washington Post Company

    NSA has massive database of Americans’ phone calls: 2006

    The National Security Agency has been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth, people with direct knowledge of the arrangement told USA TODAY.

    The NSA program reaches into homes and businesses across the nation by amassing information about the calls of ordinary Americans — most of whom aren’t suspected of any crime. This program does not involve the NSA listening to or recording conversations. But the spy agency is using the data to analyze calling patterns in an effort to detect terrorist activity, sources said in separate interviews.

    QUESTIONS AND ANSWERS: The NSA record collection program

    “It’s the largest database ever assembled in the world,” said one person, who, like the others who agreed to talk about the NSA’s activities, declined to be identified by name or affiliation. The agency’s goal is “to create a database of every call ever made” within the nation’s borders, this person added.

    For the customers of these companies, it means that the government has detailed records of calls they made — across town or across the country — to family members, co-workers, business contacts and others.

    The three telecommunications companies are working under contract with the NSA, which launched the program in 2001 shortly after the Sept. 11 terrorist attacks, the sources said. The program is aimed at identifying and tracking suspected terrorists, they said.

    The sources would talk only under a guarantee of anonymity because the NSA program is secret.

    Air Force Gen. Michael Hayden, nominated Monday by President Bush to become the director of the CIA, headed the NSA from March 1999 to April 2005. In that post, Hayden would have overseen the agency’s domestic call-tracking program. Hayden declined to comment about the program.

    The NSA’s domestic program, as described by sources, is far more expansive than what the White House has acknowledged. Last year, Bush said he had authorized the NSA to eavesdrop — without warrants — on international calls and international e-mails of people suspected of having links to terrorists when one party to the communication is in the USA. Warrants have also not been used in the NSA’s efforts to create a national call database.

    In defending the previously disclosed program, Bush insisted that the NSA was focused exclusively on international calls. “In other words,” Bush explained, “one end of the communication must be outside the United States.”

    As a result, domestic call records — those of calls that originate and terminate within U.S. borders — were believed to be private.

    Sources, however, say that is not the case. With access to records of billions of domestic calls, the NSA has gained a secret window into the communications habits of millions of Americans. Customers’ names, street addresses and other personal information are not being handed over as part of NSA’s domestic program, the sources said. But the phone numbers the NSA collects can easily be cross-checked with other databases to obtain that information.

    Don Weber, a senior spokesman for the NSA, declined to discuss the agency’s operations. “Given the nature of the work we do, it would be irresponsible to comment on actual or alleged operational issues; therefore, we have no information to provide,” he said. “However, it is important to note that NSA takes its legal responsibilities seriously and operates within the law.”

    The White House would not discuss the domestic call-tracking program. “There is no domestic surveillance without court approval,” said Dana Perino, deputy press secretary, referring to actual eavesdropping.

    She added that all national intelligence activities undertaken by the federal government “are lawful, necessary and required for the pursuit of al-Qaeda and affiliated terrorists.” All government-sponsored intelligence activities “are carefully reviewed and monitored,” Perino said. She also noted that “all appropriate members of Congress have been briefed on the intelligence efforts of the United States.”

    The government is collecting “external” data on domestic phone calls but is not intercepting “internals,” a term for the actual content of the communication, according to a U.S. intelligence official familiar with the program. This kind of data collection from phone companies is not uncommon; it’s been done before, though never on this large a scale, the official said. The data are used for “social network analysis,” the official said, meaning to study how terrorist networks contact each other and how they are tied together.

    Carriers uniquely positioned

    AT&T recently merged with SBC and kept the AT&T name. Verizon, BellSouth and AT&T are the nation’s three biggest telecommunications companies; they provide local and wireless phone service to more than 200 million customers.

    The three carriers control vast networks with the latest communications technologies. They provide an array of services: local and long-distance calling, wireless and high-speed broadband, including video. Their direct access to millions of homes and businesses has them uniquely positioned to help the government keep tabs on the calling habits of Americans.

    Among the big telecommunications companies, only Qwest has refused to help the NSA, the sources said. According to multiple sources, Qwest declined to participate because it was uneasy about the legal implications of handing over customer information to the government without warrants.

    Qwest’s refusal to participate has left the NSA with a hole in its database. Based in Denver, Qwest provides local phone service to 14 million customers in 14 states in the West and Northwest. But AT&T and Verizon also provide some services — primarily long-distance and wireless — to people who live in Qwest’s region. Therefore, they can provide the NSA with at least some access in that area.

    Created by President Truman in 1952, during the Korean War, the NSA is charged with protecting the United States from foreign security threats. The agency was considered so secret that for years the government refused to even confirm its existence. Government insiders used to joke that NSA stood for “No Such Agency.”

    In 1975, a congressional investigation revealed that the NSA had been intercepting, without warrants, international communications for more than 20 years at the behest of the CIA and other agencies. The spy campaign, code-named “Shamrock,” led to the Foreign Intelligence Surveillance Act (FISA), which was designed to protect Americans from illegal eavesdropping.

    Enacted in 1978, FISA lays out procedures that the U.S. government must follow to conduct electronic surveillance and physical searches of people believed to be engaged in espionage or international terrorism against the United States. A special court, which has 11 members, is responsible for adjudicating requests under FISA.

    Over the years, NSA code-cracking techniques have continued to improve along with technology. The agency today is considered expert in the practice of “data mining” — sifting through reams of information in search of patterns. Data mining is just one of many tools NSA analysts and mathematicians use to crack codes and track international communications.

    Paul Butler, a former U.S. prosecutor who specialized in terrorism crimes, said FISA approval generally isn’t necessary for government data-mining operations. “FISA does not prohibit the government from doing data mining,” said Butler, now a partner with the law firm Akin Gump Strauss Hauer & Feld in Washington, D.C.

    The caveat, he said, is that “personal identifiers” — such as names, Social Security numbers and street addresses — can’t be included as part of the search. “That requires an additional level of probable cause,” he said.

    The usefulness of the NSA’s domestic phone-call database as a counterterrorism tool is unclear. Also unclear is whether the database has been used for other purposes.

    The NSA’s domestic program raises legal questions. Historically, AT&T and the regional phone companies have required law enforcement agencies to present a court order before they would even consider turning over a customer’s calling data. Part of that owed to the personality of the old Bell Telephone System, out of which those companies grew.

    Ma Bell’s bedrock principle — protection of the customer — guided the company for decades, said Gene Kimmelman, senior public policy director of Consumers Union. “No court order, no customer information — period. That’s how it was for decades,” he said.

    The concern for the customer was also based on law: Under Section 222 of the Communications Act, first passed in 1934, telephone companies are prohibited from giving out information regarding their customers’ calling habits: whom a person calls, how often and what routes those calls take to reach their final destination. Inbound calls, as well as wireless calls, also are covered.

    The financial penalties for violating Section 222, one of many privacy reinforcements that have been added to the law over the years, can be stiff. The Federal Communications Commission, the nation’s top telecommunications regulatory agency, can levy fines of up to $130,000 per day per violation, with a cap of $1.325 million per violation. The FCC has no hard definition of “violation.” In practice, that means a single “violation” could cover one customer or 1 million.

    In the case of the NSA’s international call-tracking program, Bush signed an executive order allowing the NSA to engage in eavesdropping without a warrant. The president and his representatives have since argued that an executive order was sufficient for the agency to proceed. Some civil liberties groups, including the American Civil Liberties Union, disagree.

    Companies approached

    The NSA’s domestic program began soon after the Sept. 11 attacks, according to the sources. Right around that time, they said, NSA representatives approached the nation’s biggest telecommunications companies. The agency made an urgent pitch: National security is at risk, and we need your help to protect the country from attacks.

    The agency told the companies that it wanted them to turn over their “call-detail records,” a complete listing of the calling histories of their millions of customers. In addition, the NSA wanted the carriers to provide updates, which would enable the agency to keep tabs on the nation’s calling habits.

    The sources said the NSA made clear that it was willing to pay for the cooperation. AT&T, which at the time was headed by C. Michael Armstrong, agreed to help the NSA. So did BellSouth, headed by F. Duane Ackerman; SBC, headed by Ed Whitacre; and Verizon, headed by Ivan Seidenberg.

    With that, the NSA’s domestic program began in earnest.

    AT&T, when asked about the program, replied with a comment prepared for USA TODAY: “We do not comment on matters of national security, except to say that we only assist law enforcement and government agencies charged with protecting national security in strict accordance with the law.”

    In another prepared comment, BellSouth said: “BellSouth does not provide any confidential customer information to the NSA or any governmental agency without proper legal authority.”

    Verizon, the USA’s No. 2 telecommunications company behind AT&T, gave this statement: “We do not comment on national security matters, we act in full compliance with the law and we are committed to safeguarding our customers’ privacy.”

    Qwest spokesman Robert Charlton said: “We can’t talk about this. It’s a classified situation.”

    In December, The New York Times revealed that Bush had authorized the NSA to wiretap, without warrants, international phone calls and e-mails that travel to or from the USA. The following month, the Electronic Frontier Foundation, a civil liberties group, filed a class-action lawsuit against AT&T. The lawsuit accuses the company of helping the NSA spy on U.S. phone customers.

    Last month, U.S. Attorney General Alberto Gonzales alluded to that possibility. Appearing at a House Judiciary Committee hearing, Gonzales was asked whether he thought the White House has the legal authority to monitor domestic traffic without a warrant. Gonzales’ reply: “I wouldn’t rule it out.” His comment marked the first time a Bush appointee publicly asserted that the White House might have that authority.

    Similarities in programs

    The domestic and international call-tracking programs have things in common, according to the sources. Both are being conducted without warrants and without the approval of the FISA court. The Bush administration has argued that FISA’s procedures are too slow in some cases. Officials, including Gonzales, also make the case that the USA Patriot Act gives them broad authority to protect the safety of the nation’s citizens.

    The chairman of the Senate Intelligence Committee, Sen. Pat Roberts, R-Kan., would not confirm the existence of the program. In a statement, he said, “I can say generally, however, that our subcommittee has been fully briefed on all aspects of the Terrorist Surveillance Program. … I remain convinced that the program authorized by the president is lawful and absolutely necessary to protect this nation from future attacks.”

    The chairman of the House Intelligence Committee, Rep. Pete Hoekstra, R-Mich., declined to comment.

    One company differs

    One major telecommunications company declined to participate in the program: Qwest.

    According to sources familiar with the events, Qwest’s CEO at the time, Joe Nacchio, was deeply troubled by the NSA’s assertion that Qwest didn’t need a court order — or approval under FISA — to proceed. Adding to the tension, Qwest was unclear about who, exactly, would have access to its customers’ information and how that information might be used.

    Financial implications were also a concern, the sources said. Carriers that illegally divulge calling information can be subjected to heavy fines. The NSA was asking Qwest to turn over millions of records. The fines, in the aggregate, could have been substantial.

    The NSA told Qwest that other government agencies, including the FBI, CIA and DEA, also might have access to the database, the sources said. As a matter of practice, the NSA regularly shares its information — known as “product” in intelligence circles — with other intelligence groups. Even so, Qwest’s lawyers were troubled by the expansiveness of the NSA request, the sources said.

    The NSA, which needed Qwest’s participation to completely cover the country, pushed back hard.

    Trying to put pressure on Qwest, NSA representatives pointedly told Qwest that it was the lone holdout among the big telecommunications companies. It also tried appealing to Qwest’s patriotic side: In one meeting, an NSA representative suggested that Qwest’s refusal to contribute to the database could compromise national security, one person recalled.

    In addition, the agency suggested that Qwest’s foot-dragging might affect its ability to get future classified work with the government. Like other big telecommunications companies, Qwest already had classified contracts and hoped to get more.

    Unable to get comfortable with what NSA was proposing, Qwest’s lawyers asked NSA to take its proposal to the FISA court. According to the sources, the agency refused.

    The NSA’s explanation did little to satisfy Qwest’s lawyers. “They told (Qwest) they didn’t want to do that because FISA might not agree with them,” one person recalled. For similar reasons, this person said, NSA rejected Qwest’s suggestion of getting a letter of authorization from the U.S. attorney general’s office. A second person confirmed this version of events.

    In June 2002, Nacchio resigned amid allegations that he had misled investors about Qwest’s financial health. But Qwest’s legal questions about the NSA request remained.

    Unable to reach agreement, Nacchio’s successor, Richard Notebaert, finally pulled the plug on the NSA talks in late 2004, the sources said.

    By Leslie Cauley, USA TODAY
    Contributing: John Diamond
    Posted 5/10/2006 11:16 PM ET
    Updated 5/11/2006 10:38 AM ET

    Find this story at 5 October 2006

    Copyright 2011 USA TODAY

    Confirmed: The NSA is Spying on Millions of Americans

    Today, the Guardian newspaper confirmed what EFF (and many others) have long claimed: the NSA is conducting widespread, untargeted, domestic surveillance on millions of Americans. This revelation should end, once and for all, the government’s long-discredited secrecy claims about its dragnet domestic surveillance programs. It should spur Congress and the American people to make the President finally tell the truth about the government’s spying on innocent Americans.

    In a report by Glenn Greenwald, the paper published an order from the Foreign Intelligence Surveillance Court (or FISC) that directs Verizon to provide “on an ongoing daily basis” all call records for any call “wholly within the United States, including local telephone calls” and any call made “between the United States and abroad.”

    In plain language: the order gave the NSA a record of every Verizon customer’s call history — every call made, the location of the phone, the time of the call, the duration of the call, and other “identifying information” for the phone and call — from April 25, 2013 (the date the order was issued) to July 19, 2013. The order does not require content or the name of any subscriber and is issued under 50 USC sec.1861, also known as section 215 of the Patriot Act.

    There is no indication that this order to Verizon was unique or novel. It is very likely that business records orders like this exist for every major American telecommunication company, meaning that, if you make calls in the United States, the NSA has those records. And this has been going on for at least 7 years, and probably longer.

    This type of untargeted, wholly domestic surveillance is exactly what EFF, and others, have been suing about for years. In 2006, USA Today published a story disclosing that the NSA had compiled a massive database of call records from American telecommunications companies. Our case, Jewel v. NSA, challenging the legality of the NSA’s domestic spying program, has been pending since 2008, but its predecessor, Hepting v. AT&T filed in 2006, alleged the same surveillance. In 2011, on the 10th Anniversary of the Patriot Act, we filed a FOIA lawsuit against the Department of Justice for records about the government’s use of Section 215 – the legal authority the government was relying on to perform this type of untargeted surveillance.

    But at each step of the way, the government has tried to hide the truth from the American public: in Hepting, behind telecom immunity; in Jewel, behind the state secrets privilege; in the FOIA case, by claiming the information is classified at the top secret level. In May 2011, Senator Ron Wyden, one of the few courageous voices fighting against the government’s domestic surveillance program, said this in a debate about reauthorizing Section 215:

    I want to deliver a warning this afternoon: when the American people find out how their government has secretly interpreted the Patriot Act, they will be stunned and they will be angry.

    Today is that day. The American people have confirmed how the government has secretly interpreted Section 215. And we’re angry. It’s time to stop hiding behind legal privileges and to come clean about Section 215 and FISA. It’s time to start the national dialogue about our rights in the digital age. And it’s time to end the NSA’s unconstitutional domestic surveillance program.

    June 5, 2013 | By Cindy Cohn and Mark Rumold

    Find this story at 5 June 2013

    A hidden world, growing beyond control (19 July 2010)

    The top-secret world the government created in response to the terrorist attacks of Sept. 11, 2001, has become so large, so unwieldy and so secretive that no one knows how much money it costs, how many people it employs, how many programs exist within it or exactly how many agencies do the same work.

    These are some of the findings of a two-year investigation by The Washington Post that discovered what amounts to an alternative geography of the United States, a Top Secret America hidden from public view and lacking in thorough oversight. After nine years of unprecedented spending and growth, the result is that the system put in place to keep the United States safe is so massive that its effectiveness is impossible to determine.

    The investigation’s other findings include:

    * Some 1,271 government organizations and 1,931 private companies work on programs related to counterterrorism, homeland security and intelligence in about 10,000 locations across the United States.

    * An estimated 854,000 people, nearly 1.5 times as many people as live in Washington, D.C., hold top-secret security clearances.

    * In Washington and the surrounding area, 33 building complexes for top-secret intelligence work are under construction or have been built since September 2001. Together they occupy the equivalent of almost three Pentagons or 22 U.S. Capitol buildings – about 17 million square feet of space.

    * Many security and intelligence agencies do the same work, creating redundancy and waste. For example, 51 federal organizations and military commands, operating in 15 U.S. cities, track the flow of money to and from terrorist networks.

    * Analysts who make sense of documents and conversations obtained by foreign and domestic spying share their judgment by publishing 50,000 intelligence reports each year – a volume so large that many are routinely ignored.

    These are not academic issues; lack of focus, not lack of resources, was at the heart of the Fort Hood shooting that left 13 dead, as well as the Christmas Day bomb attempt thwarted not by the thousands of analysts employed to find lone terrorists but by an alert airline passenger who saw smoke coming from his seatmate.

    They are also issues that greatly concern some of the people in charge of the nation’s security.

    “There has been so much growth since 9/11 that getting your arms around that – not just for the CIA, for the secretary of defense – is a challenge,” Defense Secretary Robert M. Gates said in an interview with The Post last week.

    In the Department of Defense, where more than two-thirds of the intelligence programs reside, only a handful of senior officials – called Super Users – have the ability to even know about all the department’s activities. But as two of the Super Users indicated in interviews, there is simply no way they can keep up with the nation’s most sensitive work.

    “I’m not going to live long enough to be briefed on everything” was how one Super User put it. The other recounted that for his initial briefing, he was escorted into a tiny, dark room, seated at a small table and told he couldn’t take notes. Program after program began flashing on a screen, he said, until he yelled ”Stop!” in frustration.

    “I wasn’t remembering any of it,” he said.

    Underscoring the seriousness of these issues are the conclusions of retired Army Lt. Gen. John R. Vines, who was asked last year to review the method for tracking the Defense Department’s most sensitive programs. Vines, who once commanded 145,000 troops in Iraq and is familiar with complex problems, was stunned by what he discovered.

    “I’m not aware of any agency with the authority, responsibility or a process in place to coordinate all these interagency and commercial activities,” he said in an interview. “The complexity of this system defies description.”

    The result, he added, is that it’s impossible to tell whether the country is safer because of all this spending and all these activities. “Because it lacks a synchronizing process, it inevitably results in message dissonance, reduced effectiveness and waste,” Vines said. “We consequently can’t effectively assess whether it is making us more safe.”

    The Post’s investigation is based on government documents and contracts, job descriptions, property records, corporate and social networking Web sites, additional records, and hundreds of interviews with intelligence, military and corporate officials and former officials. Most requested anonymity either because they are prohibited from speaking publicly or because, they said, they feared retaliation at work for describing their concerns.

    The Post’s online database of government organizations and private companies was built entirely on public records. The investigation focused on top-secret work because the amount classified at the secret level is too large to accurately track.

    Today’s article describes the government’s role in this expanding enterprise. Tuesday’s article describes the government’s dependence on private contractors. Wednesday’s is a portrait of one Top Secret America community. On the Web, an extensive, searchable database built by The Post about Top Secret America is available at washingtonpost.com/topsecretamerica.

    Defense Secretary Gates, in his interview with The Post, said that he does not believe the system has become too big to manage but that getting precise data is sometimes difficult. Singling out the growth of intelligence units in the Defense Department, he said he intends to review those programs for waste. “Nine years after 9/11, it makes a lot of sense to sort of take a look at this and say, ‘Okay, we’ve built tremendous capability, but do we have more than we need?’ ” he said.

    CIA Director Leon Panetta, who was also interviewed by The Post last week, said he’s begun mapping out a five-year plan for his agency because the levels of spending since 9/11 are not sustainable. “Particularly with these deficits, we’re going to hit the wall. I want to be prepared for that,” he said. “Frankly, I think everyone in intelligence ought to be doing that.”

    In an interview before he resigned as the director of national intelligence in May, retired Adm. Dennis C. Blair said he did not believe there was overlap and redundancy in the intelligence world. “Much of what appears to be redundancy is, in fact, providing tailored intelligence for many different customers,” he said.

    Blair also expressed confidence that subordinates told him what he needed to know. “I have visibility on all the important intelligence programs across the community, and there are processes in place to ensure the different intelligence capabilities are working together where they need to,” he said.

    Weeks later, as he sat in the corner of a ballroom at the Willard Hotel waiting to give a speech, he mused about The Post’s findings. “After 9/11, when we decided to attack violent extremism, we did as we so often do in this country,” he said. “The attitude was, if it’s worth doing, it’s probably worth overdoing.”

    Outside a gated subdivision of mansions in McLean, a line of cars idles every weekday morning as a new day in Top Secret America gets underway. The drivers wait patiently to turn left, then crawl up a hill and around a bend to a destination that is not on any public map and not announced by any street sign.

    Liberty Crossing tries hard to hide from view. But in the winter, leafless trees can’t conceal a mountain of cement and windows the size of five Wal-Mart stores stacked on top of one another rising behind a grassy berm. One step too close without the right badge, and men in black jump out of nowhere, guns at the ready.

    Past the armed guards and the hydraulic steel barriers, at least 1,700 federal employees and 1,200 private contractors work at Liberty Crossing, the nickname for the two headquarters of the Office of the Director of National Intelligence and its National Counterterrorism Center. The two share a police force, a canine unit and thousands of parking spaces.

    Liberty Crossing is at the center of the collection of U.S. government agencies and corporate contractors that mushroomed after the 2001 attacks. But it is not nearly the biggest, the most costly or even the most secretive part of the 9/11 enterprise.

    In an Arlington County office building, the lobby directory doesn’t include the Air Force’s mysteriously named XOIWS unit, but there’s a big “Welcome!” sign in the hallway greeting visitors who know to step off the elevator on the third floor. In Elkridge, Md., a clandestine program hides in a tall concrete structure fitted with false windows to look like a normal office building. In Arnold, Mo., the location is across the street from a Target and a Home Depot. In St. Petersburg, Fla., it’s in a modest brick bungalow in a run-down business park.

    Each day at the National Counterterrorism Center in McLean, workers review at least 5,000 pieces of terrorist-related data from intelligence agencies and keep an eye on world events. (Photo by: Melina Mara / The Washington Post)

    Every day across the United States, 854,000 civil servants, military personnel and private contractors with top-secret security clearances are scanned into offices protected by electromagnetic locks, retinal cameras and fortified walls that eavesdropping equipment cannot penetrate.

    This is not exactly President Dwight D. Eisenhower’s “military-industrial complex,” which emerged with the Cold War and centered on building nuclear weapons to deter the Soviet Union. This is a national security enterprise with a more amorphous mission: defeating transnational violent extremists.

    Much of the information about this mission is classified. That is the reason it is so difficult to gauge the success and identify the problems of Top Secret America, including whether money is being spent wisely. The U.S. intelligence budget is vast, publicly announced last year as $75 billion, 21/2 times the size it was on Sept. 10, 2001. But the figure doesn’t include many military activities or domestic counterterrorism programs.

    At least 20 percent of the government organizations that exist to fend off terrorist threats were established or refashioned in the wake of 9/11. Many that existed before the attacks grew to historic proportions as the Bush administration and Congress gave agencies more money than they were capable of responsibly spending.

    The Pentagon’s Defense Intelligence Agency, for example, has gone from 7,500 employees in 2002 to 16,500 today. The budget of the National Security Agency, which conducts electronic eavesdropping, doubled. Thirty-five FBI Joint Terrorism Task Forces became 106. It was phenomenal growth that began almost as soon as the Sept. 11 attacks ended.

    Nine days after the attacks, Congress committed $40 billion beyond what was in the federal budget to fortify domestic defenses and to launch a global offensive against al-Qaeda. It followed that up with an additional $36.5 billion in 2002 and $44 billion in 2003. That was only a beginning.

    With the quick infusion of money, military and intelligence agencies multiplied. Twenty-four organizations were created by the end of 2001, including the Office of Homeland Security and the Foreign Terrorist Asset Tracking Task Force. In 2002, 37 more were created to track weapons of mass destruction, collect threat tips and coordinate the new focus on counterterrorism. That was followed the next year by 36 new organizations; and 26 after that; and 31 more; and 32 more; and 20 or more each in 2007, 2008 and 2009.

    In all, at least 263 organizations have been created or reorganized as a response to 9/11. Each has required more people, and those people have required more administrative and logistic support: phone operators, secretaries, librarians, architects, carpenters, construction workers, air-conditioning mechanics and, because of where they work, even janitors with top-secret clearances.

    With so many more employees, units and organizations, the lines of responsibility began to blur. To remedy this, at the recommendation of the bipartisan 9/11 Commission, the George W. Bush administration and Congress decided to create an agency in 2004 with overarching responsibilities called the Office of the Director of National Intelligence (ODNI) to bring the colossal effort under control.

    While that was the idea, Washington has its own ways.

    The first problem was that the law passed by Congress did not give the director clear legal or budgetary authority over intelligence matters, which meant he wouldn’t have power over the individual agencies he was supposed to control.

    The second problem: Even before the first director, Ambassador John D. Negroponte, was on the job, the turf battles began. The Defense Department shifted billions of dollars out of one budget and into another so that the ODNI could not touch it, according to two senior officials who watched the process. The CIA reclassified some of its most sensitive information at a higher level so the National Counterterrorism Center staff, part of the ODNI, would not be allowed to see it, said former intelligence officers involved.

    And then came a problem that continues to this day, which has to do with the ODNI’s rapid expansion.

    When it opened in the spring of 2005, Negroponte’s office was all of 11 people stuffed into a secure vault with closet-size rooms a block from the White House. A year later, the budding agency moved to two floors of another building. In April 2008, it moved into its huge permanent home, Liberty Crossing.

    Today, many officials who work in the intelligence agencies say they remain unclear about what the ODNI is in charge of. To be sure, the ODNI has made some progress, especially in intelligence-sharing, information technology and budget reform. The DNI and his managers hold interagency meetings every day to promote collaboration. The last director, Blair, doggedly pursued such nitty-gritty issues as procurement reform, compatible computer networks, tradecraft standards and collegiality.

    But improvements have been overtaken by volume at the ODNI, as the increased flow of intelligence data overwhelms the system’s ability to analyze and use it. Every day, collection systems at the National Security Agency intercept and store 1.7 billion e-mails, phone calls and other types of communications. The NSA sorts a fraction of those into 70 separate databases. The same problem bedevils every other intelligence agency, none of which have enough analysts and translators for all this work.

    The practical effect of this unwieldiness is visible, on a much smaller scale, in the office of Michael Leiter, the director of the National Counterterrorism Center. Leiter spends much of his day flipping among four computer monitors lined up on his desk. Six hard drives sit at his feet. The data flow is enormous, with dozens of databases feeding separate computer networks that cannot interact with one another.

    There is a long explanation for why these databases are still not connected, and it amounts to this: It’s too hard, and some agency heads don’t really want to give up the systems they have. But there’s some progress: “All my e-mail on one computer now,” Leiter says. “That’s a big deal.”

    To get another view of how sprawling Top Secret America has become, just head west on the toll road toward Dulles International Airport.

    As a Michaels craft store and a Books-A-Million give way to the military intelligence giants Northrop Grumman and Lockheed Martin, find the off-ramp and turn left. Those two shimmering-blue five-story ice cubes belong to the National Geospatial-Intelligence Agency, which analyzes images and mapping data of the Earth’s geography. A small sign obscured by a boxwood hedge says so.

    Across the street, in the chocolate-brown blocks, is Carahsoft, an intelligence agency contractor specializing in mapping, speech analysis and data harvesting. Nearby is the government’s Underground Facility Analysis Center. It identifies overseas underground command centers associated with weapons of mass destruction and terrorist groups, and advises the military on how to destroy them.

    Clusters of top-secret work exist throughout the country, but the Washington region is the capital of Top Secret America.

    About half of the post-9/11 enterprise is anchored in an arc stretching from Leesburg south to Quantico, back north through Washington and curving northeast to Linthicum, just north of the Baltimore-Washington International Marshall Airport. Many buildings sit within off-limits government compounds or military bases.

    Others occupy business parks or are intermingled with neighborhoods, schools and shopping centers and go unnoticed by most people who live or play nearby.

    Many of the newest buildings are not just utilitarian offices but also edifices “on the order of the pyramids,” in the words of one senior military intelligence officer.

    Not far from the Dulles Toll Road, the CIA has expanded into two buildings that will increase the agency’s office space by one-third. To the south, Springfield is becoming home to the new $1.8 billion National Geospatial-Intelligence Agency headquarters, which will be the fourth-largest federal building in the area and home to 8,500 employees. Economic stimulus money is paying hundreds of millions of dollars for this kind of federal construction across the region.

    Construction for the National Geospatial-Intelligence Agency in Springfield (Photo by: Michael S. Williamson / The Washington Post)

    It’s not only the number of buildings that suggests the size and cost of this expansion, it’s also what is inside: banks of television monitors. “Escort-required” badges. X-ray machines and lockers to store cellphones and pagers. Keypad door locks that open special rooms encased in metal or permanent dry wall, impenetrable to eavesdropping tools and protected by alarms and a security force capable of responding within 15 minutes. Every one of these buildings has at least one of these rooms, known as a SCIF, for sensitive compartmented information facility. Some are as small as a closet; others are four times the size of a football field.

    SCIF size has become a measure of status in Top Secret America, or at least in the Washington region of it. “In D.C., everyone talks SCIF, SCIF, SCIF,” said Bruce Paquin, who moved to Florida from the Washington region several years ago to start a SCIF construction business. “They’ve got the penis envy thing going. You can’t be a big boy unless you’re a three-letter agency and you have a big SCIF.”

    SCIFs are not the only must-have items people pay attention to. Command centers, internal television networks, video walls, armored SUVs and personal security guards have also become the bling of national security.

    “You can’t find a four-star general without a security detail,” said one three-star general now posted in Washington after years abroad. “Fear has caused everyone to have stuff. Then comes, ‘If he has one, then I have to have one.’ It’s become a status symbol.”

    Among the most important people inside the SCIFs are the low-paid employees carrying their lunches to work to save money. They are the analysts, the 20- and 30-year-olds making $41,000 to $65,000 a year, whose job is at the core of everything Top Secret America tries to do.

    At its best, analysis melds cultural understanding with snippets of conversations, coded dialogue, anonymous tips, even scraps of trash, turning them into clues that lead to individuals and groups trying to harm the United States.

    Their work is greatly enhanced by computers that sort through and categorize data. But in the end, analysis requires human judgment, and half the analysts are relatively inexperienced, having been hired in the past several years, said a senior ODNI official. Contract analysts are often straight out of college and trained at corporate headquarters.

    When hired, a typical analyst knows very little about the priority countries – Iraq, Iran, Afghanistan and Pakistan – and is not fluent in their languages. Still, the number of intelligence reports they produce on these key countries is overwhelming, say current and former intelligence officials who try to cull them every day. The ODNI doesn’t know exactly how many reports are issued each year, but in the process of trying to find out, the chief of analysis discovered 60 classified analytic Web sites still in operation that were supposed to have been closed down for lack of usefulness. “Like a zombie, it keeps on living” is how one official describes the sites.

    The problem with many intelligence reports, say officers who read them, is that they simply re-slice the same facts already in circulation. “It’s the soccer ball syndrome. Something happens, and they want to rush to cover it,” said Richard H. Immerman, who was the ODNI’s assistant deputy director of national intelligence for analytic integrity and standards until early 2009. “I saw tremendous overlap.”

    Even the analysts at the National Counterterrorism Center (NCTC), which is supposed to be where the most sensitive, most difficult-to-obtain nuggets of information are fused together, get low marks from intelligence officials for not producing reports that are original, or at least better than the reports already written by the CIA, FBI, National Security Agency or Defense Intelligence Agency.

    When Maj. Gen. John M. Custer was the director of intelligence at U.S. Central Command, he grew angry at how little helpful information came out of the NCTC. In 2007, he visited its director at the time, retired Vice Adm. John Scott Redd, to tell him so. “I told him that after 41/2 years, this organization had never produced one shred of information that helped me prosecute three wars!” he said loudly, leaning over the table during an interview.

    Two years later, Custer, now head of the Army’s intelligence school at Fort Huachuca, Ariz., still gets red-faced recalling that day, which reminds him of his frustration with Washington’s bureaucracy. “Who has the mission of reducing redundancy and ensuring everybody doesn’t gravitate to the lowest-hanging fruit?” he said. “Who orchestrates what is produced so that everybody doesn’t produce the same thing?”

    He’s hardly the only one irritated. In a secure office in Washington, a senior intelligence officer was dealing with his own frustration. Seated at his computer, he began scrolling through some of the classified information he is expected to read every day: CIA World Intelligence Review, WIRe-CIA, Spot Intelligence Report, Daily Intelligence Summary, Weekly Intelligence Forecast, Weekly Warning Forecast, IC Terrorist Threat Assessments, NCTC Terrorism Dispatch, NCTC Spotlight . . .

    It’s too much, he complained. The inbox on his desk was full, too. He threw up his arms, picked up a thick, glossy intelligence report and waved it around, yelling.

    “Jesus! Why does it take so long to produce?”

    “Why does it have to be so bulky?”

    “Why isn’t it online?”

    The overload of hourly, daily, weekly, monthly and annual reports is actually counterproductive, say people who receive them. Some policymakers and senior officials don’t dare delve into the backup clogging their computers. They rely instead on personal briefers, and those briefers usually rely on their own agency’s analysis, re-creating the very problem identified as a main cause of the failure to thwart the attacks: a lack of information-sharing.

    A new Defense Department office complex goes up in Alexandria. (Photo by: Michael S. Williamson / The Washington Post)

    The ODNI’s analysis office knows this is a problem. Yet its solution was another publication, this one a daily online newspaper, Intelligence Today. Every day, a staff of 22 culls more than two dozen agencies’ reports and 63 Web sites, selects the best information and packages it by originality, topic and region.

    Analysis is not the only area where serious overlap appears to be gumming up the national security machinery and blurring the lines of responsibility.

    Within the Defense Department alone, 18 commands and agencies conduct information operations, which aspire to manage foreign audiences’ perceptions of U.S. policy and military activities overseas.

    And all the major intelligence agencies and at least two major military commands claim a major role in cyber-warfare, the newest and least-defined frontier.

    “Frankly, it hasn’t been brought together in a unified approach,” CIA Director Panetta said of the many agencies now involved in cyber-warfare.

    “Cyber is tremendously difficult” to coordinate, said Benjamin A. Powell, who served as general counsel for three directors of national intelligence until he left the government last year. “Sometimes there was an unfortunate attitude of bring your knives, your guns, your fists and be fully prepared to defend your turf.” Why? “Because it’s funded, it’s hot and it’s sexy.”

    Last fall, U.S. Army Maj. Nidal Malik Hasan allegedly opened fire at Fort Hood, Tex., killing 13 people and wounding 30. In the days after the shootings, information emerged about Hasan’s increasingly strange behavior at Walter Reed Army Medical Center, where he had trained as a psychiatrist and warned commanders that they should allow Muslims to leave the Army or risk “adverse events.” He had also exchanged e-mails with a well-known radical cleric in Yemen being monitored by U.S. intelligence.

    But none of this reached the one organization charged with handling counterintelligence investigations within the Army. Just 25 miles up the road from Walter Reed, the Army’s 902nd Military Intelligence Group had been doing little to search the ranks for potential threats. Instead, the 902’s commander had decided to turn the unit’s attention to assessing general terrorist affiliations in the United States, even though the Department of Homeland Security and the FBI’s 106 Joint Terrorism Task Forces were already doing this work in great depth.

    The 902nd, working on a program the commander named RITA, for Radical Islamic Threat to the Army, had quietly been gathering information on Hezbollah, Iranian Republican Guard and al-Qaeda student organizations in the United States. The assessment “didn’t tell us anything we didn’t know already,” said the Army’s senior counterintelligence officer at the Pentagon.

    Secrecy and lack of coordination have allowed organizations, such as the 902nd in this case, to work on issues others were already tackling rather than take on the much more challenging job of trying to identify potential jihadist sympathizers within the Army itself.

    Beyond redundancy, secrecy within the intelligence world hampers effectiveness in other ways, say defense and intelligence officers. For the Defense Department, the root of this problem goes back to an ultra-secret group of programs for which access is extremely limited and monitored by specially trained security officers.

    These are called Special Access Programs – or SAPs – and the Pentagon’s list of code names for them runs 300 pages. The intelligence community has hundreds more of its own, and those hundreds have thousands of sub-programs with their own limits on the number of people authorized to know anything about them. All this means that very few people have a complete sense of what’s going on.

    “There’s only one entity in the entire universe that has visibility on all SAPs – that’s God,” said James R. Clapper, undersecretary of defense for intelligence and the Obama administration’s nominee to be the next director of national intelligence.

    Such secrecy can undermine the normal chain of command when senior officials use it to cut out rivals or when subordinates are ordered to keep secrets from their commanders.

    One military officer involved in one such program said he was ordered to sign a document prohibiting him from disclosing it to his four-star commander, with whom he worked closely every day, because the commander was not authorized to know about it. Another senior defense official recalls the day he tried to find out about a program in his budget, only to be rebuffed by a peer. “What do you mean you can’t tell me? I pay for the program,” he recalled saying in a heated exchange.

    Another senior intelligence official with wide access to many programs said that secrecy is sometimes used to protect ineffective projects. “I think the secretary of defense ought to direct a look at every single thing to see if it still has value,” he said. “The DNI ought to do something similar.”

    The ODNI hasn’t done that yet. The best it can do at the moment is maintain a database of the names of the most sensitive programs in the intelligence community. But the database does not include many important and relevant Pentagon projects.

    Because so much is classified, illustrations of what goes on every day in Top Secret America can be hard to ferret out. But every so often, examples emerge. A recent one shows the post-9/11 system at its best and its worst.

    Last fall, after eight years of growth and hirings, the enterprise was at full throttle when word emerged that something was seriously amiss inside Yemen. In response, President Obama signed an order sending dozens of secret commandos to that country to target and kill the leaders of an al-Qaeda affiliate.

    In Yemen, the commandos set up a joint operations center packed with hard drives, forensic kits and communications gear. They exchanged thousands of intercepts, agent reports, photographic evidence and real-time video surveillance with dozens of top-secret organizations in the United States.

    That was the system as it was intended. But when the information reached the National Counterterrorism Center in Washington for analysis, it arrived buried within the 5,000 pieces of general terrorist-related data that are reviewed each day. Analysts had to switch from database to database, from hard drive to hard drive, from screen to screen, just to locate what might be interesting to study further.

    As military operations in Yemen intensified and the chatter about a possible terrorist strike increased, the intelligence agencies ramped up their effort. The flood of information into the NCTC became a torrent.

    Somewhere in that deluge was even more vital data. Partial names of someone in Yemen. A reference to a Nigerian radical who had gone to Yemen. A report of a father in Nigeria worried about a son who had become interested in radical teachings and had disappeared inside Yemen.

    These were all clues to what would happen when a Nigerian named Umar Farouk Abdulmutallab left Yemen and eventually boarded a plane in Amsterdam bound for Detroit. But nobody put them together because, as officials would testify later, the system had gotten so big that the lines of responsibility had become hopelessly blurred.

    “There are so many people involved here,” NCTC Director Leiter told Congress.

    “Everyone had the dots to connect,” DNI Blair explained to the lawmakers. “But I hadn’t made it clear exactly who had primary responsibility.”

    And so Abdulmutallab was able to step aboard Northwest Airlines Flight 253. As it descended toward Detroit, he allegedly tried to ignite explosives hidden in his underwear. It wasn’t the very expensive, very large 9/11 enterprise that prevented disaster. It was a passenger who saw what he was doing and tackled him. “We didn’t follow up and prioritize the stream of intelligence,” White House counterterrorism adviser John O. Brennan explained afterward. “Because no one intelligence entity, or team or task force was assigned responsibility for doing that follow-up investigation.”

    Blair acknowledged the problem. His solution: Create yet another team to run down every important lead. But he also told Congress he needed more money and more analysts to prevent another mistake.

    More is often the solution proposed by the leaders of the 9/11 enterprise. After the Christmas Day bombing attempt, Leiter also pleaded for more – more analysts to join the 300 or so he already had.

    The Department of Homeland Security asked for more air marshals, more body scanners and more analysts, too, even though it can’t find nearly enough qualified people to fill its intelligence unit now. Obama has said he will not freeze spending on national security, making it likely that those requests will be funded.

    More building, more expansion of offices continues across the country. A $1.7 billion NSA data-processing center will be under construction soon near Salt Lake City. In Tampa, the U.S. Central Command’s new 270,000-square-foot intelligence office will be matched next year by an equally large headquarters building, and then, the year after that, by a 51,000-square-foot office just for its special operations section.

    Just north of Charlottesville, the new Joint-Use Intelligence Analysis Facility will consolidate 1,000 defense intelligence analysts on a secure campus.

    Meanwhile, five miles southeast of the White House, the DHS has broken ground for its new headquarters, to be shared with the Coast Guard. DHS, in existence for only seven years, already has its own Special Access Programs, its own research arm, its own command center, its own fleet of armored cars and its own 230,000-person workforce, the third-largest after the departments of Defense and Veterans Affairs.

    Soon, on the grounds of the former St. Elizabeths mental hospital in Anacostia, a $3.4 billion showcase of security will rise from the crumbling brick wards. The new headquarters will be the largest government complex built since the Pentagon, a major landmark in the alternative geography of Top Secret America and four times as big as Liberty Crossing.

    Staff researcher Julie Tate contributed to this report.

    Methodology and credits

    Comments

    The Top Secret America database was put together by compiling hundreds of thousands of public records of government organizations and private-sector companies over the past two years.

    From these records, The Washington Post identified 45 government organizations (for example, the FBI) engaged in top-secret work and determined that those 45 organizations could be broken down into 1,271 sub-units (for example, the Terrorist Screening Center of the FBI). One of the 45 organizations is represented as “unknown”; this category was created as a catchall for companies doing work for a government organization that could not be determined.

    At the private-sector level, The Post identified 1,931 companies engaged in top-secret work for the government. Private-sector companies were grouped together and listed by a parent company’s name (for example, General Dynamics), even though one company might contain multiple sub-units (for example, General Dynamics Information Technology).

    In a case where a large corporation (for example, Boeing) has a distinctly named sub-unit engaged in top-secret work (for example, Boeing’s Digital Receiver Technology), the name of the sub-unit was used. In the case of large corporations not primarily in the defense industry (for example, AT&T) that have similarly named sub-units that focus on top-secret work (for example, AT&T Government Solutions), the name of the parent company is used and the name of the sub-unit is noted. For every company listed, revenue and employee data and the date of establishment were drawn from public filings, Dun & Bradstreet data and original reporting.

    State and local government organizations generally do not work at the top-secret level; that type of clearance is rarely granted to state officials. But the organizations are all part of a secretive domestic intelligence and homeland security world. The Post examined nearly 1,000 threat documents marked “For Official Use Only” and collected information from government Web sites, reports and other documents to identify 4,058 government organizations involved in domestic counterterrorism and homeland security. Of the total, 2,880 are federal organizations that work at the state level, such as the FBI’s Joint Terrorism Task Forces (JTTFs). There are also 818 state and 360 local organizations. Many of these listed themselves in documents as participants in either Joint Terrorism Task Forces, fusion centers or Anti-Terrorism Advisory Councils in 2009 or 2010.

    More than 20 journalists worked on the investigation, including investigative reporters, cartography experts, database reporters, video journalists, researchers, interactive graphic designers, digital designers, graphic designers, and graphics editors at The Washington Post:

    Stephanie Clark, Ben de la Cruz, Kat Downs, Dan Drinkard, Anne Ferguson-Rohrer, Justin Ferrell, David Finkel, Jennifer Jenkins, Robert Kaiser, Laris Karklis, Jacqueline Kazil, Lauren Keane, Todd Lindeman, Greg Manifold, Jennifer Morehead, Bonnie Jo Mount, Larry Nista, Ryan O’Neil, Sarah Sampsel, Whitney Shefte, Laura Stanton, Julie Tate, Doris Truong, Nathaniel Vaughn Kelso, Michael Williamson, Karen Yourish, Amanda Zamora

    One researcher was funded in part by the Center on Law and Security at New York University Law School.

    Monday, July 19, 2010; 4:50 PM

    Find this story at 19 July 2010

    Find the project at

    © 2013 The Washington Post Company

     

     

    Not just Verizon? Secret NSA effort to gather phone data is years old

    WASHINGTON — The massive National Security Agency collection of telephone records disclosed Wednesday was part of a continuing program that has been in effect nonstop since 2006, according to the two top leaders of the Senate Intelligence Committee.

    “As far as I know, this is the exact three-month renewal of what has been in place for the past seven years,” Sen. Dianne Feinstein (D-Calif.) told reporters Thursday. The surveillance “is lawful” and Congress has been fully briefed on the practice, she added.

    Her Republican counterpart, Saxby Chambliss, concurred: “This is nothing new. This has been going on for seven years,” he said. “Every member of the United States Senate has been advised of this. To my knowledge there has not been any citizen who has registered a complaint. It has proved meritorious because we have collected significant information on bad guys, but only on bad guys, over the years.”

    The statements by the two senators, whose committee positions give them wide access to classified data, appeared to rule out the possibility that the court order directing Verizon to turn over telephone records was related to the Boston Marathon bombings. The order was effective as of April 19, shortly after the bombings, which had sparked speculation about a link.

    Instead, the surveillance, which was revealed Wednesday by Britain’s Guardian newspaper, appears to have been of far longer duration. Although the senators did not specify the scope of the surveillance, the fact that it has been in place since 2006 also suggests that it is not limited to any one phone carrier.

    The Obama administration defended the program Thursday, saying the data collection “has been a critical tool in protecting the nation from terrorist threats to the United States.”

    A senior administration official released a statement which did not confirm the existence of the court order authorizing the surveillance, which, according to the copy released by the Guardian, is marked “Top Secret.” It was issued in late April by the Foreign Intelligence Surveillance Court, a secret court that meets in Washington, and allowed the government to collect the bulk data until July 19.

    “The information acquired does not include the content of any communications or the name of any subscriber,” the official said. “It relates exclusively to metadata, such as a telephone number or the length of a call.

    The court order was authorized under a provision of the Foreign Intelligence Surveillance Act that allows the government to collect business records in bulk if its requests are approved by the court.

    The official said telephone data allow “counterterrorism personnel to discover whether known or suspected terrorists have been in contact with other persons who may be engaged in terrorist activities, particularly people located inside the United States.”

    The official requested anonymity to discuss the counterterrorism program.

    In defending the data collection program, the administration official sought to spread responsibility, noting that “all three branches” of government were tasked with review and oversight of surveillance.

    “There is a robust legal regime in place governing all activities conducted pursuant to the Foreign Intelligence Surveillance Act,” the official said. He said that involves oversight by the Department of Justice, the Office of the Director of National Intelligence and the FISA court.

    Separately, the Justice Department released a letter defending the administration’s handling of the FISA law that they had sent in 2011 to two senators who had objected to it.

    “We do not believe the Executive Branch is operating pursuant to ‘secret law’ or ‘secret opinions of the Department of Justice,’ “ said the letter, signed by Assistant Atty. Gen. Ronald Weich. The “Intelligence Community is conducting court-authorized intelligence activities pursuant to a public statute, with the knowledge and oversight of Congress and the Intelligence Communities of both Houses.”

    “Many other collection activities are classified,” Weich added, saying that “this is necessary because public disclosure of the activities they discuss would harm national security and impede the effectiveness of the intelligence tools that Congress has approved.”

    Weich further defended the program by saying intelligence officials have “determined that public disclosure of the classified use” of the law “would expose sensitive sources and methods to our adversaries and therefore harm national security.”

    He said collection of records, as now underway with Verizon phone logs, was different than material obtained through grand jury subpoenas. Grand jury subpoenas, he said, can be obtained by prosecutors without court approval. In contrast, he said, the intelligence collections can be done only with approval from a federal judge sitting on the Foreign Intelligence Surveillance Court.

    Most importantly, he noted that FISA courts require a showing by officials that the records sought “are relevant to an authorized national security investigation.”

    The Weich letter was sent to Sen. Ron Wyden (D-0re.).

    Atty. Gen. Eric H. Holder Jr. is testifying Thursday morning before the Senate Appropriations Committee, and is expected to address the matter further.

    By Richard A. Serrano and Kathleen Hennessey

    8:54 AM PDT, June 6, 2013Advertisement

    Find this story at 6 June 2013

    Copyright © 2013, Los Angeles Times

    Verizon forced to hand over telephone data – full court ruling

    The US government is collecting the phone records of millions of US customers of Verizon under a top secret court order. Read the Foreign Intelligence Surveillance Court order

    Find this story at 6 June 2013

    guardian.co.uk, Thursday 6 June 2013 00.04 BST

    NSA collecting phone records of millions of Verizon customers daily

    Exclusive: Top secret court order requiring Verizon to hand over all call data shows scale of domestic surveillance under Obama

    Under the terms of the order, the numbers of both parties on a call are handed over, as is location data and the time and duration of all calls. Photograph: Matt Rourke/AP

    The National Security Agency is currently collecting the telephone records of millions of US customers of Verizon, one of America’s largest telecoms providers, under a top secret court order issued in April.

    The order, a copy of which has been obtained by the Guardian, requires Verizon on an “ongoing, daily basis” to give the NSA information on all telephone calls in its systems, both within the US and between the US and other countries.

    The document shows for the first time that under the Obama administration the communication records of millions of US citizens are being collected indiscriminately and in bulk – regardless of whether they are suspected of any wrongdoing.

    The secret Foreign Intelligence Surveillance Court (Fisa) granted the order to the FBI on April 25, giving the government unlimited authority to obtain the data for a specified three-month period ending on July 19.

    Under the terms of the blanket order, the numbers of both parties on a call are handed over, as is location data, call duration, unique identifiers, and the time and duration of all calls. The contents of the conversation itself are not covered.

    The disclosure is likely to reignite longstanding debates in the US over the proper extent of the government’s domestic spying powers.

    Under the Bush administration, officials in security agencies had disclosed to reporters the large-scale collection of call records data by the NSA, but this is the first time significant and top-secret documents have revealed the continuation of the practice on a massive scale under President Obama.

    The unlimited nature of the records being handed over to the NSA is extremely unusual. Fisa court orders typically direct the production of records pertaining to a specific named target who is suspected of being an agent of a terrorist group or foreign state, or a finite set of individually named targets.

    The Guardian approached the National Security Agency, the White House and the Department of Justice for comment in advance of publication on Wednesday. All declined. The agencies were also offered the opportunity to raise specific security concerns regarding the publication of the court order.

    The court order expressly bars Verizon from disclosing to the public either the existence of the FBI’s request for its customers’ records, or the court order itself.

    “We decline comment,” said Ed McFadden, a Washington-based Verizon spokesman.

    The order, signed by Judge Roger Vinson, compels Verizon to produce to the NSA electronic copies of “all call detail records or ’telephony metadata’ created by Verizon for communications between the United States and abroad” or “wholly within the United States, including local telephone calls”.

    The order directs Verizon to “continue production on an ongoing daily basis thereafter for the duration of this order”. It specifies that the records to be produced include “session identifying information”, such as “originating and terminating number”, the duration of each call, telephone calling card numbers, trunk identifiers, International Mobile Subscriber Identity (IMSI) number, and “comprehensive communication routing information”.

    The information is classed as “metadata”, or transactional information, rather than communications, and so does not require individual warrants to access. The document also specifies that such “metadata” is not limited to the aforementioned items. A 2005 court ruling judged that cell site location data – the nearest cell tower a phone was connected to – was also transactional data, and so could potentially fall under the scope of the order.

    While the order itself does not include either the contents of messages or the personal information of the subscriber of any particular cell number, its collection would allow the NSA to build easily a comprehensive picture of who any individual contacted, how and when, and possibly from where, retrospectively.

    It is not known whether Verizon is the only cell-phone provider to be targeted with such an order, although previous reporting has suggested the NSA has collected cell records from all major mobile networks. It is also unclear from the leaked document whether the three-month order was a one-off, or the latest in a series of similar orders.

    The court order appears to explain the numerous cryptic public warnings by two US senators, Ron Wyden and Mark Udall, about the scope of the Obama administration’s surveillance activities.

    For roughly two years, the two Democrats have been stridently advising the public that the US government is relying on “secret legal interpretations” to claim surveillance powers so broad that the American public would be “stunned” to learn of the kind of domestic spying being conducted.

    Because those activities are classified, the senators, both members of the Senate intelligence committee, have been prevented from specifying which domestic surveillance programs they find so alarming. But the information they have been able to disclose in their public warnings perfectly tracks both the specific law cited by the April 25 court order as well as the vast scope of record-gathering it authorized.

    Julian Sanchez, a surveillance expert with the Cato Institute, explained: “We’ve certainly seen the government increasingly strain the bounds of ‘relevance’ to collect large numbers of records at once — everyone at one or two degrees of separation from a target — but vacuuming all metadata up indiscriminately would be an extraordinary repudiation of any pretence of constraint or particularized suspicion.” The April order requested by the FBI and NSA does precisely that.

    The law on which the order explicitly relies is the so-called “business records” provision of the Patriot Act, 50 USC section 1861. That is the provision which Wyden and Udall have repeatedly cited when warning the public of what they believe is the Obama administration’s extreme interpretation of the law to engage in excessive domestic surveillance.

    In a letter to attorney general Eric Holder last year, they argued that “there is now a significant gap between what most Americans think the law allows and what the government secretly claims the law allows.”

    “We believe,” they wrote, “that most Americans would be stunned to learn the details of how these secret court opinions have interpreted” the “business records” provision of the Patriot Act.

    Privacy advocates have long warned that allowing the government to collect and store unlimited “metadata” is a highly invasive form of surveillance of citizens’ communications activities. Those records enable the government to know the identity of every person with whom an individual communicates electronically, how long they spoke, and their location at the time of the communication.

    Such metadata is what the US government has long attempted to obtain in order to discover an individual’s network of associations and communication patterns. The request for the bulk collection of all Verizon domestic telephone records indicates that the agency is continuing some version of the data-mining program begun by the Bush administration in the immediate aftermath of the 9/11 attack.

    The NSA, as part of a program secretly authorized by President Bush on 4 October 2001, implemented a bulk collection program of domestic telephone, internet and email records. A furore erupted in 2006 when USA Today reported that the NSA had “been secretly collecting the phone call records of tens of millions of Americans, using data provided by AT&T, Verizon and BellSouth” and was “using the data to analyze calling patterns in an effort to detect terrorist activity.” Until now, there has been no indication that the Obama administration implemented a similar program.

    These recent events reflect how profoundly the NSA’s mission has transformed from an agency exclusively devoted to foreign intelligence gathering, into one that focuses increasingly on domestic communications. A 30-year employee of the NSA, William Binney, resigned from the agency shortly after 9/11 in protest at the agency’s focus on domestic activities.

    In the mid-1970s, Congress, for the first time, investigated the surveillance activities of the US government. Back then, the mandate of the NSA was that it would never direct its surveillance apparatus domestically.

    At the conclusion of that investigation, Frank Church, the Democratic senator from Idaho who chaired the investigative committee, warned: “The NSA’s capability at any time could be turned around on the American people, and no American would have any privacy left, such is the capability to monitor everything: telephone conversations, telegrams, it doesn’t matter.”

    Additional reporting by Ewen MacAskill and Spencer Ackerman

    The Guardian, Thursday 6 June 2013

    Find this story at 6 June 2013

    © 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

    Use These Secret NSA Google Search Tips to Become Your Own Spy Agency

    There’s so much data available on the internet that even government cyberspies need a little help now and then to sift through it all. So to assist them, the National Security Agency produced a book to help its spies uncover intelligence hiding on the web.

    The 643-page tome, called Untangling the Web: A Guide to Internet Research (.pdf), was just released by the NSA following a FOIA request filed in April by MuckRock, a site that charges fees to process public records for activists and others.

    The book was published by the Center for Digital Content of the National Security Agency, and is filled with advice for using search engines, the Internet Archive and other online tools. But the most interesting is the chapter titled “Google Hacking.”

    Say you’re a cyberspy for the NSA and you want sensitive inside information on companies in South Africa. What do you do?

    Search for confidential Excel spreadsheets the company inadvertently posted online by typing “filetype:xls site:za confidential” into Google, the book notes.

    Want to find spreadsheets full of passwords in Russia? Type “filetype:xls site:ru login.” Even on websites written in non-English languages the terms “login,” “userid,” and “password” are generally written in English, the authors helpfully point out.

    Misconfigured web servers “that list the contents of directories not intended to be on the web often offer a rich load of information to Google hackers,” the authors write, then offer a command to exploit these vulnerabilities — intitle: “index of” site:kr password.

    “Nothing I am going to describe to you is illegal, nor does it in any way involve accessing unauthorized data,” the authors assert in their book. Instead it “involves using publicly available search engines to access publicly available information that almost certainly was not intended for public distribution.” You know, sort of like the “hacking” for which Andrew “weev” Aurenheimer was recently sentenced to 3.5 years in prison for obtaining publicly accessible information from AT&T’s website.

    Stealing intelligence on the internet that others don’t want you to have might not be illegal, but it does come with other risks, the authors note: “It is critical that you handle all Microsoft file types on the internet with extreme care. Never open a Microsoft file type on the internet. Instead, use one of the techniques described here,” they write in a footnote. The word “here” is hyperlinked, but since the document is a PDF the link is inaccessible. No word about the dangers that Adobe PDFs pose. But the version of the manual the NSA released was last updated in 2007, so let’s hope later versions cover it.

    By Kim Zetter05.08.132:37 PM

    Find this story at 8 May 2013

    Untangling the Web: A Guide to Internet Research

    Wired.com © 2013 Condé Nast.

    Cyber Corps program trains spies for the digital age At the University of Tulsa school, students learn to write computer viruses, hack digital networks and mine data from broken cellphones. Many graduates head to the CIA or NSA.

    TULSA, Okla. — Jim Thavisay is secretly stalking one of his classmates. And one of them is spying on him.

    “I have an idea who it is, but I’m not 100% sure yet,” said Thavisay, a 25-year-old former casino blackjack dealer.

    Stalking is part of the curriculum in the Cyber Corps, an unusual two-year program at the University of Tulsa that teaches students how to spy in cyberspace, the latest frontier in espionage.

    Students learn not only how to rifle through trash, sneak a tracking device on cars and plant false information on Facebook. They also are taught to write computer viruses, hack digital networks, crack passwords, plant listening devices and mine data from broken cellphones and flash drives.

    It may sound like a Jason Bourne movie, but the little-known program has funneled most of its graduates to the CIA and the Pentagon’s National Security Agency, which conducts America’s digital spying. Other graduates have taken positions with the FBI, NASA and the Department of Homeland Security.

    The need for stronger cyber-defense — and offense — was highlighted when Defense Secretary Leon E. Panetta warned in an Oct. 11 speech that a “a cyber-terrorist attack could paralyze the nation,” and that America needs experts to tackle the growing threat.

    “An aggressor nation or extremist group could gain control of critical switches and derail passenger trains, or trains loaded with lethal chemicals,” Panetta said. “They could contaminate the water supply in major cities, or shut down the power grid across large parts of the country.”

    Panetta said the Pentagon spends more than $3 billion annually for cyber-security. “Our most important investment is in skilled cyber-warriors needed to conduct operations in cyberspace,” he said.

    That’s music to the ears of Sujeet Shenoi, a naturalized citizen from India who founded the cyber program in 1998. He says 85% of the 260 graduates since 2003 have gone to the NSA, which students call “the fraternity,” or the CIA, which they call “the sorority.”

    Shenoi subjects his students to both classroom theory and practical field work. Each student is assigned to a Tulsa police crime lab on campus and uses digital skills to help uncover evidence — most commonly child pornography images — from seized devices. Several students have posed as children online to lure predators. In 2003, students helped solve a triple homicide by cracking an email account linking the perpetrator to his victims.

    “I throw them into the deep end,” Shenoi said. “And they become fearless.”

    The Secret Service has also tapped the Cyber Corps. Working from a facility on campus, students help agents remove evidence from damaged cellphones, GPS units and other devices.

    “Working alongside U.S. Secret Service agents, Tulsa Cyber Corps students have developed techniques for extracting evidence from burned or shattered cellphones,” Hugh Dunleavy, who heads the Secret Service criminal division, said in a written statement. More than 5,000 devices have been examined at the facility, he added.

    In 2007, California’s secretary of state, Debra Bowen, hired the University of California to test the security of three electronic voting systems used in the state, and Shenoi and several students joined one of the “red” teams assigned to try to hack the voting machines. They succeeded. One of the students, who now works at the NSA, showed that someone could use an off-the-shelf device with Bluetooth connectivity to change all the votes in a given machine, Shenoi said.

    “All our results were provided to the companies so they could fix the machines to the extent possible,” Shenoi said.

    In May, the NSA named Tulsa as one of four national centers of academic excellence in cyber-operations. The others were Northeastern University in Boston, Naval Postgraduate School in Monterey, Calif., and Dakota State University in Madison, S.D.

    “Tulsa students show up to NSA with a lot of highly relevant hands-on experience,” said Neal Ziring, a senior NSA official who visited the school recently to consult about the curriculum and to interview students for jobs and internships. “There are very few schools that are like Tulsa in terms of having participation with law enforcement, with industry, with government.”

    Shenoi’s students have ranged in age from 17 to 63. Many are retired from the military, or otherwise starting second careers. They are usually working toward degrees in computer science, engineering, law or business. About two-thirds get a cyber-operations certification on their diplomas, or what Shenoi calls a “cyber-ninja” designation “because they have to be super techie.”

    To be accepted into the corps, applicants must be U.S. citizens with the ability to obtain a security clearance of “top secret” or higher. But not all of them spend their careers in government.

    One former student, Philip McAllister, worked after graduation at the Naval Research Laboratory, which does scientific research and development for the Navy and Marines. He later moved to San Francisco and worked at several startup companies before he joined Instagram, which developed a photo-sharing mobile application, early this year. Facebook purchased Instagram, which had only 13 employees, for $1 billion three months later.

    “Sujeet gets incredibly talented people,” said Richard “Dickie” George, who retired last year after a three-decade career at the NSA.

    November 22, 2012|By Ken Dilanian, Washington Bureau

    Find this story at 22 November 2012

    ken.dilanian@latimes.com

    Copyright 2012 Los Angeles Times

    The school that trains cyber spies: U.S. university training students in online espionage for jobs in the NSA and CIA

    University of Tulsa’s Cyber Corps programme is training students to write viruses, hack networks, crack passwords and mine data
    The little known course has been named as one of four ‘centres of excellence’ and places 85 per cent of graduates with the NSA or CIA

    Not your average student: The University of Tulsa is training students in the fundamentals of cyber-espionage, with many taking jobs in the CIA

    A university is offering a two-year course in cyber-espionage, with recruits going on to jobs with the CIA, the National Security Agency and the Secret Service.

    Students at the University of Tulsa, Oklahoma, are learning how to write computer viruses, hack networks, crack passwords and mine data from a range of digital devices.

    The little-known Cyber Corps programme already places 85 per cent of its graduates with the NSA – known to students as ’the fraternity – or the CIA – which they call ’the sorority’.

    Sujeet Shenoi, an Indian immigrant to the U.S., founded the programme at Tulsa’s Institute for Information Security in 1998 and continues to lead the teaching, the LA Times reported.

    Students are taught with a mixture of classroom theory and practical field work, he said, with each assigned to a police crime lab on campus to apply their skills to help recover evidence from digital devices.

    ‘I throw them into the deep end,’ Mr Shenoi told the LA Times. ‘And they become fearless.’

    Much of their work involves gathering evidence against paedophiles, with several students having posed as children on the internet to lure predators into stings.

    But his students in 2003 also helped solve a triple murder case by cracking an email account that linked the killer with his victims and, working alongside the Secret Service, they have developed new techniques for extracting data from damged smartphones, GPS devices and other digital devices.

    The NSA in May named Tulsa as one of four centres of academic excellence in cyber operations, alongside Northeastern University in Boston, the Naval Postgraduate School in Monterey, California, and Dakota State University in Madison, South Dakota.

    Neal Ziring, a senior NSA official who visited the school recently, told LA Times: ‘Tulsa students show up to NSA with a lot of highly relevant hands-on experience.

    ‘There are very few schools that are like Tulsa in terms of having participation with law enforcement, with industry, with government.’

    Centre of excellence: Tulsa was in May named by the NSA alongside four other schools as important centres for training cyber-security operatives
    WIRETAPPING THE INTERNET

    New eavesdropping technology could allow government agencies to ‘silently record’ conversations on internet chat services like Skype in real time.

    Until now, so called voice over internet protocol (VoIP) services have been difficult for police to tap into, because of the way they send information over the web.

    The services convert analogue audio signals into digital data packets, which are then sent in a way that is costly and complex for third parties to intercept.

    But now a California businessman has obtained a patent for a ‘legal intercept’ technology he says ‘would allow governments to “silently record” VoIP communications’.

    Dennis Chang, president of VoIP-PAL, an chat service similar to Skype, claims his system would allow authorities to identify and monitor suspects merely by accessing their username and subscriber data.

    Applicants to Tulsa’s programme, who have ranged in age from 17 to 63, must be U.S. citizens eligible for security clearance of ’top secret’ or higher.

    Many are military veterans or others looking to start second careers, usually people who are working towards degrees in computer science, engineering, law or business.

    By Damien Gayle

    PUBLISHED: 09:41 GMT, 26 November 2012 | UPDATED: 14:15 GMT, 26 November 2012

    Find this story at 26 November 2012

    Published by Associated Newspapers Ltd

    Part of the Daily Mail, The Mail on Sunday & Metro Media Group
    © Associated Newspapers Ltd

    Researcher: CIA, NSA may have infiltrated Microsoft to write malware

    Did spies posing as Microsofties write malware in Redmond? How do you spell ‘phooey’ in C#?

    June 18, 2012, 2:46 PM — A leading security researcher has suggested Microsoft’s core Windows and application development programming teams have been infiltrated by covert programmer/operatives from U.S. intelligence agencies.

    If it were true it would be another exciting twist to the stories of international espionage, sabotage and murder that surround Stuxnet, Duqu and Flame, the most successful cyberwar weapons deployed so far, with the possible exception of Windows itself.

    Nevertheless, according to Mikko Hypponen, chief research officer of antivirus and security software vendor F-Secure, the scenario that would make it simplest for programmers employed by U.S. intelligence agencies to create the Stuxnet, Duqu and Flame viruses and compromise Microsoft protocols to the extent they could disguise downloads to Flame as patches through Windows Update is that Microsoft has been infiltrated by members of the U.S. intelligence community.

    [ FREE DOWNLOAD: 68 great ideas for running a security department ]

    Having programmers, spies and spy-supervisors from the NSA, CIA or other secret government agencies infiltrate Microsoft in order to turn its technology to their own evil uses (rather than Microsoft’s) is the kind of premise that would get any writer thrown out of a movie producer’s office for pitching an idea that would put the audience to sleep halfway through the first act.

    Not only is it unlikely, the “action” most likely to take place on the Microsoft campus would be the kind with lots of tense, acronymically dense debates in beige conference rooms and bland corporate offices.

    The three remarkable bits of malware that attacked Iranian nuclear-fuel development facilities and stole data from its top-secret computer systems – Flame Duqu and Stuxnet – show clear signs of having been built by the same teams of developers, over a long period of time, Hypponen told PC Pro in the U.K.

    Flame used a counterfeit Microsoft security certificates to verify its trustworthiness to Iranian users, primarily because Microsoft is among the most widely recognized and trusted computer companies in the world, Hypponen said.

    Faking credentials from Microsoft would give the malware far more credibility than using certificates from other vendors, as would hiding updates in Windows Update, Hypponen said.

    The damage to Microsoft’s reputation and suspicion from international customers that it is a puppet of the CIA would be enough to keep Microsoft itself from participating in the operation, even if it were asked.

    That doesn’t mean it didn’t happen.

    “It’s plausible that if there is an operation under way and being run by a US intelligence agency it would make perfect sense for them to plant moles inside Microsoft to assist in pulling it off, just as they would in any other undercover operation,” Hypponen told PC Pro. “It’s not certain, but it would be common sense to expect they would do that.”

    The suggestion piqued the imaginations of conspiracy theorists, but doesn’t have a shred of evidence to support it.

    It does have a common-sense appeal, however. Planting operatives inside Microsoft would probably be illegal, would certainly be unethical and could have a long-range disadvantage by making Microsofties look like tools of the CIA rather than simply tools.

    “No-one has broken into Microsoft, but by repurposing the certificate and modifying it with unknown hash collision technologies, and with the power of a supercomputer, they were able to start signing any program they wanted as if it was from Microsoft,” Hypponen said. “If you combine that with the mechanism they were using to spoof MS Update server they had the crown jewels.”

    Hypponen is one of a number of security experts who have said Stuxnet and Duqu have the hallmarks of software written by traditionally minded software engineers accustomed to working in large, well-coordinated teams.

    After studying the code for Duqu, security researchers at Kaspersky Labs said the malware was most similar to the kind of work done by old-school programmers able to write code for more than one platform at a time, do good quality control to make sure the modules were able to install themselves and update in real time, and that the command-and-control components ahd been re-used from previous editions.

    “All the conclusions indicate a rather professional team of developers, which appear to be reusing older code written by top “old school” developers,” according to Kaspersky’s analysis. “Such techniques are normally seen in professional software and almost never in today’s malware. Once again, these indicate that Duqu, just like Stuxnet, is a ‘one of a kind’ piece of malware which stands out like a gem from the large mass of “dumb” malicious program we normally see.”

    Earlier this month the NYT ran a story detailing two years worth of investigations during which a range of U.S. officials, including, eventually, President Obama, confirmed the U.S. had been involved in writing the Stuxnet and Flame malware and siccing them on Iran.

    That’s far from conclusive proof that the NSA has moved its nonexistent offices to Redmond, Wash. It doesn’t rule it out either, however.

    Very few malware writers are able to write such clean code that can install on a variety of hardware systems, assess their new environments and download the modules they need to successfully compromise a new network, Kaspersky researchers said.

    Stuxnet and Flame are able to do all these things and to get their own updates through Windows Update using a faked Windows Update security certificate.

    No other malware writer, hacker or end user has been able to do that before. Knowing it happened this time makes it more apparent that the malware writers know what they are doing and know Microsoft code inside and out.

    That’s still no evidence that Microsoft could be or has been infiltrated by spies from the U.S. or from other countries.

    It does make sense, but so do a lot of conspiracy theories.

    Until there’s some solid indication Flame came from inside Microsoft, not outside, it’s probably safer to write off this string of associative evidence.

    Even in his own blog, Hypponen makes fun of those who make fun of Flame as ineffective and unremarkable, but doesn’t actually suggest moles at Microsoft are to blame.

    Find this story at 18 June 2012

    By Kevin Fogarty

    © 1994 – 2012 ITworld. All rights reserved.

      nieuwere artikelen >>