NEW DELHI – The Indian military intelligence unit set up by former army chief General VK Singh was involved in sensitive covert operations in Pakistan and was even on the trail of 26/11 mastermind and Lashkar-e-Taiba chief Hafiz Saeed, officials associated with it have told HT.
“Our main task was to combat the rising trend of state-sponsored terrorism by the ISI and we had developed contacts across the Line of Control in a bid to infiltrate Hafiz Saeed’s inner circle,” an official who served with the controversial Technical Services Division (TSD) said.
Asked for an official response, an army spokesperson said, “The unit has been disbanded. Details of the unit, which was the subject matter of an inquiry, are only known to the Chief and a few senior officers. It is for the defence ministry now to initiate any further inquiries.”
The spook unit was set up after the 26/11 Mumbai attacks on a defence ministry directive asking for the creation of covert capability.
Army documents, perused by HT, reveal the senior-most officers signed off on the formation of this unit. File No A/106/TSD and 71018/ MI give details of approvals by the Director General Military Intelligence, vice-chief and chief of army staff.
The TSD – disbanded after allegations that it spied on defence ministry officials through off-the-air interceptors – was raised as a strategic force multiplier for preparing, planning and executing special operations “inside depth areas of countries of interest and countering enemy efforts within the country by effective covert means”.
But it then got caught in an internecine battle between army chiefs. The TSD – which reported directly to Gen VK Singh – used secret service funds to initiate a PIL against current chief General Bikram Singh. As reported by HT in October 2012, secret funds were paid to an NGO to file the PIL, in a bid to stall Bikram Singh’s appointment as chief.
However, covert ops were the unit’s essential mandate and deniability was built into it and it reads, “The proposed organization (TSD) will enable the military intelligence directorate to provide a quick response to any act of state-sponsored terrorism with a high degree of deniability.” Its task was to carry out special missions and “cover any tracks leading to the organisation”.
Though covert operations were formally shut down by IK Gujral when he was PM in 1997, sources reveal the TSD carried out several such operations within and outside the country – such as Op Rehbar 1, 2 and 3 (in Kashmir), Op Seven Sisters (Northeast) and Op Deep Strike (Pakistan). Controversy is dogging the unit once again after disclosures in The Indian Express that secret service funds were also used to destabilise the Omar Abdullah government in Held Kashmir. The BJP has raised questions over the timing of the disclosures. While the defence ministry has had the inquiry report since March, the revelations have come soon after Singh shared the stage with the saffron party’s PM candidate Narendra Modi last Sunday.

September 23, 2013
The Nation Monitoring

Find this story at 23 September 2013

© The Nation

In het voorjaar van 2010 was India een paar weken in de ban van een afluisterschandaal, maar vervolgens verdween dat in de vergetelheid. Dit is opmerkelijk gezien de staat van dienst van de inlichtingenwereld in India. Schandalen die gewone Indiërs raken, maar ook corruptie, slecht management, verkeerde technologie en apparatuur en bovenal incompetentie lijken de boventoon te voeren bij de NTRO, die verantwoordelijk wordt gehouden voor het schandaal. NTRO, National Technical Research Organisation, gebruikt IMSI Catchers om voor lange tijd en op grote schaal politici, ambtenaren, zakenmensen, beroemdheden en gewone Indiërs af te luisteren.

Het gebruik van een IMSI catcher moet nauwlettend gecontroleerd worden. Het afluisterschandaal in India laat zien wat de gevaren zijn van het toelaten van het apparaat in een veiligheidsstelsel. Een IMSI catcher is een mobiele zendmast. Het International Mobile Subscriber Identity nummer is een uniek nummer dat aan een SIM kaart voor een mobiele telefoon is gekoppeld. Aan het IMSI nummer zit tevens een uniek telefoonnummer. Het IMSI nummer bestaat uit drie groepen getallen, 111/22/3333333333. Aan het nummer is te zien uit welk land de SIM kaart komt. De eerste cijfers (111) staan voor het land, Nederland heeft bijvoorbeeld 204 als code. De tweede set cijfers (22) onthullen de provider, KPN heeft bijvoorbeeld 08 en Vodafone 04. De laatste cijfers, maximaal tien cijfers, zijn het unieke abonnementsnummer. Dit is niet hetzelfde als het telefoonnummer. Telefoons waar twee SIM kaarten in zitten, hebben ook twee IMSI nummers.
De IMSI catcher fungeert als mobiele antenne die het gsm verkeer in de buurt opvangt, hierbij gaat het alleen om uitgaande gesprekken. Bij gewone mobiele telefoons vindt de versleuteling van de conversaties plaats in de dichtstbijzijnde mast. De IMSI catcher hoeft de informatie dus niet te kraken, maar kan simpelweg de gesproken of geschreven data lezen. De catcher moet het telefoonverkeer wel doorgeleiden naar een reguliere mast anders kan er geen contact worden gemaakt met de persoon die door de gsm wordt gebeld. De catcher fungeert als tussenstation om de data ofwel direct af te vangen ofwel niet versleuteld door te geleiden. Het doel van de catcher is natuurlijk ook? om het telefoonnummer van een beller te achterhalen. Voor opsporingsinstanties die het gsm nummer van een verdachte niet kunnen traceren is dit een handig middel. Men plaatst een catcher in de buurt van de persoon in kwestie, vangt de nummers allemaal af en kan nagaan welk nummer men moet hebben. Bij politie-invallen kan het apparaat ook zijn dienst bewijzen door op locatie het telefoonverkeer te monitoren, vooral als binnen een onderzoek niet alle gsm-nummers bekend zijn. Tevens kan de catcher worden gebruikt voor spionage doeleinden, vooral spionage die de overheid niet aan de grote klok wil hangen. Bij het afluisteren met een IMSI catcher heeft men namelijk geen medewerking van een Telecom provider nodig. De IMSI catcher laat echter wel een spoor achter die een gebruiker kan wijzen op onregelmatigheden in de transmissie en het apparaat is niet altijd succesvol. De IMSI catcher was tot begin 2011 ook te koop door particulieren. Verschillende bedrijven in New Delhi, Gurgaon en Noida boden de ‘off-the-air-monitoring’ systemen aan. In 2011 besloot de regering de handel van de apparaten aan banden te leggen. Private ondernemingen bleken namelijk gebruik te maken van de catcher.

NTRO
In India is de IMSI Catcher op grote schaal ingezet voor spionage doeleinden, zo onthulde het weekblad Outlook in het voorjaar van 2010. Vanaf waarschijnlijk eind 2006 tot en met april 2010 werden politieke tegenstanders, mensen die promotie zouden maken, leden van het kabinet en allerlei andere politieke en niet politieke figuren door één van de Indiase geheime diensten afgeluisterd. De gesprekken werden afgeluisterd, opgenomen en bewaard. De dienst die verantwoordelijk is voor het afluisteren is de National Technical Research Organisation, de NTRO. De NTRO werd na de Kargil oorlog in 1999 opgezet. Dit conflict ontstond toen het Pakistaanse leger posities in het district Kargil, in de regio Kashmir innam. India reageerde furieus en verdreef de Pakistanen uit een groot deel van Kargil. De laatste posities werden door Pakistan verlaten na diplomatieke druk. De Kargil Review Committee concludeerde in 1999 dat een van de redenen van het uit de hand lopen van het conflict gebrekkige inlichtingen was. De Defence Intelligence Agency (DIA) en de National Technical Facilities Organization (NTFO) die al snel NTRO werd gedoopt, werden opgezet.
De NTRO begon zijn werkzaamheden in april 2004. De NTRO is de Indiase stofzuiger van data, zowel internet als telecommunicatie data, en monitort het Indiase grondgebied en luchtruim. De NTRO gebruikt hiervoor allerlei technische hulpmiddelen, van satellieten tot IMSI catchers. De Technology Experiment Satellite (TES), een satelliet die is uitgerust met een camera die foto’s kan maken van voorwerpen van een meter, is een van de hulpmiddelen. De satelliet werd in oktober 2001 gelanceerd en de beelden worden beheerd door de Indian Space Research Organisation (ISRO). Beelden worden ook commercieel verhandeld door een bedrijf dat verbonden is aan de ISRO, Antrix Corporation. BBC News rapporteerde dat India door TES ook beelden bezit van de oorlog in Afghanistan. In 2001 was India het tweede land naast de Verenigde Staten dat een satelliet bezit die beelden kan genereren van voorwerpen van een meter groot. Een van de functionarissen die centraal staat in de introductie van de afluister praktijken door de NTRO is dhr. Narayanan. Narayanan heeft decennia lang een centrale rol gespeeld in de Indiase inlichtingenwereld. Hij was hoofd van het Intelligence Bureau van 1988 tot 1992, en diende daarbij onder vijf verschillende minister-presidenten. Daarna nam hij een adviserende rol op zich onder de directe verantwoordelijkheid van de minister-president van India. In zijn rol als National Security Advisor (NSA) introduceerde hij de nieuwe afluistertechnologie in India in 2005. Narayanan wordt wel de ‘super spook’ van India genoemd, omdat hij zijn gehele wat? leven? al in de kringen van de Research and Analysis Wing (R&AW), het Intelligence Bureau en de NSA heeft bewogen. Zijn verhouding met minister-president Manmohan Singh was toen hij National Security Advisor niet close. Hij had bezwaren tegen de nucleaire samenwerking tussen Amerika en India en de toenadering van India en Pakistan. In de Wikileaks Cables over India die begin 2011 zijn vrijgegeven door The Hindu wordt Narayanan echter wel omschreven als een belangenbehartiger van de relatie met de Verenigde Staten. In een van de berichten wordt hij omschreven als de smeerolie voor zaken die voor de Amerikanen interessant zijn.
De NTRO valt onder de verantwoordelijkheid van de inlichtingendienst buitenland van India, de Research and Analysis Wing (R&AW), hoewel het een zekere mate van onafhankelijkheid heeft. De NTRO faciliteit waar het afluisteren van de communicatie met het buitenland wordt gedaan ligt in de buurt van Kala Ghoda, zuidelijk Mumbai. Bij Malad, dat in de buurt ligt van Kala Ghoda, komen de datakabels die internet- en telecommunicatie tussen continenten mogelijk maken het Indiase vasteland binnen. De NTRO zit er letterlijk boven op. Hierbij gaat het om communicatie tussen India en het buitenland. De inlichtingendiensten van India hebben daarnaast genoeg binnenlandse capaciteit om de iedere Indiase burger af te luisteren.

Afluisteren
Het afluisterschandaal van de NTRO werd eind april 2010 door het weekblad Outlook onthuld. In de editie van 3 mei van dat jaar zegt een senior inlichtingenofficier dat de NTRO geen toestemming nodig heeft om een telefoon te tappen. Het gaat volgens hem om het onderscheppen van een signaal tussen de gsm en de antenne. Volgens de officier gaat het daarom niet om het afluisteren van een telefoonnummer. Het apparaat zou signalen binnen een cirkel van twee kilometer kunnen onderscheppen. De medewerker van de NTRO lijkt te suggereren dat er helemaal niets mis is met het afluisteren met behulp van een IMSI catcher, het signaal wordt gewoon opgevangen en bewaard. Op dezelfde wijze lijkt de minister van Binnenlandse Zaken van India, P. Chidambaram, de storm rond het afluisterschandaal te willen sussen. In een van de eerste reacties verklaarden bronnen binnen de regering dat het ging om een proef van de NTRO. De regering had geen opdracht gegeven, dus is zij niet verantwoordelijk, en er hoeft geen onderzoek te komen. Volgens de minister waren in de bestanden van de NTRO ook geen bewijzen gevonden van het afluisteren van politici. Tevens wees de regering erop dat de NTRO niet zelfstandig operaties uitvoert, maar werkt onder auspiciën van andere diensten. Bij deze diensten zou het gaan om zeven inlichtingendiensten: het Intelligence Bureau, de Research and Analysis Wing, de Directorate of Revenue Intelligence, Enforcement Directorate, Narcotics Control Bureau, Economic Intelligence Unit and Directorate-General of Investigations, Income-Tax (CBDT). Een oud medewerker van de NTRO voegde daar in de Economic Times van 24 april 2010 nog aan toe dat de dienst slechts onderzoek doet naar technische hulpmiddelen. Volgens hem luistert de dienst geen individuen af en wordt het NTRO in diskrediet gebracht door verongelijkte werknemers.
Ook de politie heeft de bevoegdheid om af te luisteren. De minister van Binnenlandse Zaken stelde dat ruim dertig instanties in de verschillende Indiase deelstaten de mogelijkheid hebben om te tappen en af te luisteren. Volgens minister Chidambaram ligt daarom de macht tot het uitvoeren van deze observaties niet alleen op nationaal niveau, maar ook op deelstaatniveau. Dat dit ook daadwerkelijk aan de hand is werd in dezelfde periode geïllustreerd door een afluisterschandaal van de CBDT. Deze dienst had lobbyisten van de telecommunicatie industrie afgeluisterd ten tijde van de toewijzing van mobiele breedband netwerken met de 2G technologie. Bij deze onthulling werd niet de CBDT beschuldigd van illegale taps, maar kregen de bedrijven het te verduren. De afgeluisterde gesprekken onthulden de grote invloed van de industrie op de besluitvorming van de regering. De CBDT luisterde de lobbyisten af in het kader van een onderzoek naar belastingfraude. Zowel politiek als binnen de juridische wereld worden er vraagtekens gezet bij het afluisteren van mensen die worden verdacht van belastingfraude.
Hoewel de onthulling in de Outlook erg gedetailleerd was, was het antwoord van de minister en de dienst dat er niets aan de hand is. Er wordt niet afgeluisterd en er is geen bewijs gevonden dat het is gebeurd, luidde het officiële regeringsstandpunt. De Indiase Telecomwet van 1885 en de toegevoegde wijziging van 2008 maken afluisteren echter wel mogelijk. Bij het afluisteren gaat het om uitzonderlijke situaties en niet om een standaard regel. Het was dus wel degelijk een schending van wettelijke regels. In de week erna bevestigden enkele inlichtingenofficieren anoniem dat er op grote schaal afgeluisterd wordt. Naast de vier politici waarover Outlook in het nummer van 3 mei 2010 publiceerde bleken er veel meer mensen te zijn afgeluisterd. Het gaat daarbij naast politici om ambtenaren, zakenmensen, gewone Indiërs en beroemdheden. Volgens de anonieme officieren werden de gesprekken zonder wettelijke toestemming afgeluisterd . De officieren vertellen in de Outlook van 10 mei 2010 dat zij de opdrachten mondeling kregen of soms op een geel memo papiertje. Volgens de officieren waren de afluisteroperaties allemaal illegaal , zonder toestemming van de NSA of het kabinet van de minister-president. Er mocht ook geen administratie van worden bijgehouden. De IMSI catchers werden ingezet om bijvoorbeeld in Delhi, de hoofdstad van India, rond te rijden om gsm verkeer op te vangen. Eigenlijk waren het ‘fishing operaties’ op zoek naar dat ene gesprek dat mogelijk een gevaar kan zijn voor de nationale veiligheid. Het systeem scant alle nummers zonder onderscheid te maken en kan alles opnemen. Op elk willekeurig moment kan het apparaat dat in India is gebruikt maximaal 64 gesprekken opnemen. Sommige gesprekken werden vernietigd, andere werden bewaard. Het wordt uit het interview met de medewerkers niet duidelijk wie er verantwoordelijk was voor het besluit om gesprekken al dan niet te vernietigen. In The Times of India worden anonieme bronnen aangehaald die zeggen dat het afluisteren van de politici was uitgevoerd door “junior officials”, maar dat hun werk deel uitmaakt van een grotere operatie.
Volgens de medewerkers van de inlichtingendiensten gaat het om in totaal vijf apparaten die door de NTRO gebruikt worden. Van de ritten van de auto met de IMSI Catcher worden twee logboeken bijgehouden. Het ene logboek bevat geen enkel detail van de operatie. Het andere logboek is “top secret” en bevat gedetailleerde informatie over de locatie waar het apparaat heeft afgeluisterd. De precieze route, bestemmingen, data en tijden zijn in dat logboek te vinden. Medewerkers van de inlichtingendienst vertelden dat het niet alleen de NTRO hoeft te zijn die verantwoordelijk is voor het tappen. Verschillende van de zeven inlichtingendiensten en zelfs de politie hebben een IMSI catcher. Bronnen in de inlichtingenwereld hebben het weekblad Outlook aangegeven dat er in totaal 90 apparaten zijn aangeschaft door de verschillende instanties. Vooral in regio’s waar veel moslims wonen gebeurt dit volgens de officier. De inlichtingenofficieren die in Outlook worden geïnterviewd worden ondersteund in hun verhalen door een oud- directeur van het Intelligence Bureau (IB), dhr. Dhar. Hij vertelde het Indiase weekblad Tehelka dat de NTRO namen moet hebben gekregen om af te luisteren. Tevens verklaart hij dat politieke leiders regelmatig inlichtingendiensten de opdracht geven om mensen af te luisteren zonder schriftelijke toestemming. Medewerkers van diensten die weigeren aan deze afluisterpraktijken mee te doen, worden ontslagen volgens de oud-directeur van het Intelligence Bureau.

Iedereen is verdacht
Het is onduidelijk wat het doel is van de afluisteroperatie die zeker vier jaar heeft geduurd. Hoewel de verantwoordelijk minister in zijn eerste reactie had aangegeven niets van het afluisteren af te weten, gaven regeringsbronnen aan de The Times of India toe dat de NTRO wel toezicht uitvoerde. Welk toezicht wordt door de Times niet vermeld. Volgens de bronnen staan die activiteiten onder directe verantwoordelijkheid van de National Security Advisor of het kabinet van de minister-president waaronder de Research and Analysis Wing en de NTRO valt. Bij de NSA zou het gaan om dhr. Narayanan, de man die aan de wieg stond van het afluisteren in 2005. In de Indiase media worden ook verbanden gelegd met de lange traditie van de Indian National Congress (INC), een regeringspartij, om de oppositie in diskrediet te brengen door het verzamelen van politiek gevoelige informatie door het inzetten van inlichtingendiensten. Het dagblad The Pioneer vergelijkt het met de werkwijze van de Indiase roddelpers, maar dan veel serieuzer. Volgens de krant gaat het er bij het afluisteren om om te achterhalen wie elkaar ontmoeten, met wie iemand contact heeft, met wie personen van de elite slapen en vergelijkbare vragen uit de roddelbladen. Het lijkt er volgens de krant op dat de inlichtingendiensten de levens van politieke spelers in kaart probeert te brengen.
De Indian National Congress (INC) is echter niet de enige politieke partij die deze middelen inzet. Het lijkt erop dat het binnen de Indiase democratie de gewoonte is om de oppositie op allerlei manieren in de gaten te houden. De wijze waarop de oppositie het schandaal gebruikte om de regering onder druk te zetten, lijkt deze stelling ook te ondersteunen. De oppositie is geschokt en wil uitleg van de minister-president, maar daadwerkelijke wettelijke hervormingen werden niet met zoveel woorden geëist.
De verantwoordelijk minister voor de afluisteroperatie is Chidambaram. Chidambaram is lid van de Indian National Congress (INC). Onder de afgeluisterde politici bevond zich ook de minister voor Consumentenzaken, voedsel en distributie, Sharad Pawar van de Nationalist Congress Party (NCP), een afsplitsing van de INC. De NCP neemt op dit moment ook deel aan de regering samen met het INC. Ook leden van de partij van de minister van Binnenlandse Zaken zoals dhr. Digvijay Singh werden afgeluisterd, evenals leden van de oppositie, zoals het hoofd van de Communistische Partij India, dhr. Karat. Het afluisteren vond niet alleen nationaal plaats, ook in deelstaten van India zoals in Bihar werden hoge politici afgeluisterd, zoals de premier van Bihar, dhr. Kumar.
De onderwerpen van de gesprekken die Outlook in haar bezit heeft, zijn uiteenlopend. Bij de gesprekken van de minister van Consumentenzaken ging het om het grote schandaal rond de Indian Premier League (IPL), de Indiase cricket competitie, IPL-gate, waar sprake was van witwassen van geld en het vooraf bepalen van de winnaar van een wedstrijd. De premier van Bihar belde een collega om te lobbyen voor meer geld voor zijn deelstaat. En van de communistische partij zijn gesprekken bewaard uit 2008 toen er oppositie werd gevoerd tegen de aankoop van nucleaire technologie van de Verenigde Staten. Hoewel Karat tegenstander was van de overeenkomst tussen India en de Verenigde Staten stond hij onderhandelingen met minister-president Singh niet in weg. Hij fungeerde ook als een belangrijke exponent van de oppositie in India tegen de overeenkomst. De gegevens over de afluisterpraktijk van de NTRO geven nu aan dat dhr. Karat toen is afgeluisterd. Uiteindelijk bleef de Communistische Partij bij haar standpunt om tegen te stemmen, maar de regering behaalde toch een nipte overwinning. De Samajwadi Party (SP) en tien leden van de BJP, beide oppositie partijen, hielpen de regering aan haar meerderheid. De overeenkomst met de Amerikanen kon doorgaan. Naar nu blijkt werden er tijdens de onderhandelingen over het akkoord met de Amerikanen parlementariërs omgekocht. In documenten van de Amerikaanse vertegenwoordiging in India die door Wikileaks zijn buitgemaakt, blijkt dat de Amerikanen op de hoogte waren van de steekpenningen die parlementariërs ontvingen om voor te stemmen. Of de afgeluisterde gesprekken hebben bijgedragen aan het omkopen van leden van het parlement is niet duidelijk.

DE NTRO als schandaal
De NTRO heeft absoluut geen schoon blazoen. De korte historie van de dienst kent al vele schandalen, gebrekkig functioneren, politieke benoemingen en tekenen van corruptie. India kent geen Commissie van Toezicht op de Inlichtingen en Veiligheidsdiensten, wel een algemene controledienst, te vergelijken met de algemene Rekenkamer. De regering stelde dhr. P.V. Kumar van de Comptroller and Auditor General of India (CAG) aan om de misstanden bij de NTRO te onderzoeken. Kumar is een oud medewerker van de Research and Analysis Wing en werd na zijn onderzoek begin 2011 aangesteld om de NTRO te leiden. In hoeverre er een einde is gekomen aan de misstappen is dan ook niet duidelijk. Een van de schandalen naast het afluisteren van politici is de benoeming van de tweede man van de dienst, dhr. Vijararaghavan, en zijn betrokkenheid bij een deal met het Amerikaanse bedrijf CISCO. Na de deal met CISCO werd de dochter van Vijararaghavan door CISCO in dienst genomen. De positie van de tweede man staat ook ter discussie omdat hij naast zijn functie bij de NTRO ook nog zijn oude functie als hoofd van Defence Research and Development Organisation (DRDO) vervult en tevens directeur is van een lobbygroep van de elektronica-industrie. Ook diverse andere benoemingen worden door de CAG onderzocht op hun onvolkomenheden. Het gerechtshof in Delhi oordeelde verder dat er een onderzoek moet komen naar administratieve en financiële onregelmatigheden bij de aanstelling van ruim zeventig werknemers. Vacatures zouden zijn opgevuld met niet capabele mensen zonder de juiste opleiding en voor sommige functies is zelfs geen vacature uitgeschreven, maar die zijn onderhands opgevuld.
Naast het personeelsbeleid zijn er ook vragen gerezen over de aankoop van apparatuur door de dienst. Een medewerker schafte zonder overleg met het agentschap dat over de aankopen van gevoelige apparatuur gaat, computers aan die vitale Chinese onderdelen bevat. De spanningen tussen India en China fluctueren al decennia lang tussen gespannen en vriendschappelijk. De laatste jaren gaat het beter, maar tien jaar geleden had de verhouding tussen de twee landen een nieuw dieptepunt bereikt na Indiase kernproeven. En dat de relatie verre van close is maakten Canadese onderzoekers van de Information Warfare Monitor (IWM) duidelijk toen zij India erop wezen dat begin 2010 Chinese hackers zich de toegang hadden verschaft tot computers van het Indiase leger. IWM had de Indiase overheid er een jaar eerder al op gewezen dat haar computers en servers kwetsbaar waren voor aanvallen uit vooral China. Op de computers die in 2010 gehackt zijn, zou informatie staan over het raketprogramma van India, de artillerie-brigades van Assam, luchtmachtbases en andere militaire informatie. De Canadese onderzoekers produceerden een rapport over de Chinese elektronische infiltratie, ‘Shadow in the Cloud’. In mei 2010 bleek dat de schade van de Chinese spionage operatie aanzienlijk is. Computers en servers van diplomatieke vestigingen van India in Kabul, Moskou, Dubai, Abuja, in de Verenigde Staten, Servië, België, Duitsland, Cyprus, het Verenigd Koninkrijk en Zimbabwe waren door de Chinezen overgenomen. Ook het kantoor van de National Security Advisor was besmet en zelfs bedrijven als Tata, YKK India en DLF Limited. Naast deze militair en economisch strategische spionage hadden de Chinezen het ook gemunt op de Tibetaanse gemeenschap in Dharamshala.
Een andere medewerker kocht satelliet communicatiemiddelen van een bedrijf uit Singapore (Singapore Technologies), een bedrijf dat door de Indiase overheid op een zwarte lijst was geplaatst. Bij de aanbesteding van de satelliet communicatie apparatuur kwamen de specificaties van de NTRO precies overeen met het product van Singapore Technologies. In andere gevallen, zoals bij de aanschaf van onbemande vliegtuigen van het Israëlische bedrijf Israel Aerospace Industries (IAI) is door het NTRO geen aanbesteding uitgeschreven volgens de onderzoekers van CAG. De onbemande vliegtuigen moesten in januari 2010 aan de grond worden gehouden, omdat bleek dat de NTRO onveilige en open radiofrequenties gebruikte voor de besturing van de vliegtuigen. Volgens de India Today zouden ook de onbemande vliegtuigen van het Indiase leger op deze manier worden bediend. Bij grote uitgaven dient de NTRO een aanbesteding te doen en toestemming te vragen aan de National Security Advisor en uiteindelijk de minister-president. Ook dit laatste is bij diverse aankopen door de dienst niet gebeurd.
Naast deze personele en technische misstappen wordt de kwaliteit van het werk van de dienst in het publieke debat in India in twijfel getrokken. Hoewel haar taak het verzamelen van informatie over mogelijke terroristische aanslagen, cyber crime, opstanden en illegale grensoverschrijdingen is, heeft de dienst geen enkel duidelijk succes geboekt. De aanslagen van 26 november 2008 in Mumbai worden gezien als het bewijs van de mislukking van de dienst. Toch lijkt de dienst onaantastbaar, zoals zoveel inlichtingendiensten. Twee jaar later was het opnieuw raak. Op basis van informatie van de inlichtingendiensten werd een man gearresteerd die verantwoordelijk werd gehouden van de aanslag op de “Duitse bakkerij”, een populaire uitgaansgelegenheid voor toeristen in Pune. Minister Chidambaram feliciteerde de inlichtingendiensten, maar ze bleken het bij het verkeerde eind te hebben. De man moest worden vrijgelaten wegens ontlastend bewijs.
En hoewel de NTRO de stofzuiger is van data van Indiase burgers staat zij net als de andere spelers in de Indiase inlichtingenwereld bekend om het ‘kwijtraken’ van gevoelige data. In 2003 was de Defence Research and Development Organisation (DRDO) plotseling 53 computers kwijt. Toen zij werden teruggevonden, ontbraken de harde schijven. Op de harde schijven stonden geheime codes voor communicatie met inlichtingendiensten en het leger. In 2006 raakte een belangrijke wetenschapper van de DRDO zijn laptop kwijt op het vliegveld van Delhi. Op de laptop bewaarde de wetenschapper geheime informatie over het Indiase kernwapenarsenaal en raketsystemen. En in 2008 raakte een directeur van de NTRO zijn laptop met geheime informatie over de kernwapenprogramma’s in Pakistan, China en Noord Korea kwijt in Washington DC.

Het schandaal staat niet op zich
De NTRO is niet de enige dienst die tekenen vertoont van verval. Ook de dienst waaruit zij is voortgekomen, de Research and Analysis Wing, wordt geteisterd door technische, personele, administratieve en financiële schandalen. Eigenlijk is het niet onlogisch dat er schandalen optreden binnen de Indiase inlichtingenwereld. Met zoveel onregelmatigheden is het bijna vanzelfsprekend dat er schandalen plaatsvinden die ook Indiase burgers raken. Het NTRO schandaal staat dan ook niet op zich. Vergelijkbare afluisterpraktijken zijn de afgelopen decennia aan het licht gekomen. In de jaren tachtig kwam aan het licht dat de Indiase overheid politieke leiders afluisterde. Daarnaast werden ook toen toonaangevende journalisten in de gaten gehouden. In 1990 – 1991 was het opnieuw raak met een nieuw afluisterschandaal. De Peoples Union for Civil Liberties (PUCL), een burgerrechtenbeweging, bracht de zaak voor de rechter. Tijdens de rechtzaak gaf de CBI, Central Bureau of Investigation, toe dat op grote schaal journalisten, parlementariërs en leden van het kabinet zowel op nationaal als op deelstaatniveau waren afgeluisterd. Het CBI gaf toe dat deze afluisterpartij onwettig was.
En is er wat veranderd na het schandaal in het voorjaar van 2010 dat de Indiase politiek enkele weken bezig hield? Nee, in juli van hetzelfde jaar werd de IMSI Catcher als nieuw gepresenteerd in een operatie met de codenaam Fox, alsof het om een nieuwe strijd ging tegen terrorisme en criminele bendes. De media waren het schandaal van twee maanden eerder al weer vergeten.

Find this story at 20 April 2013

The Conservative government says Defence officials have assured it that no listening devices have been found at the former Nortel campus,

OTTAWA — The Conservative government says Defence officials have assured it that no listening devices have been found at the former Nortel campus, contradicting previous security concerns raised by both former Nortel and government intelligence employees.

Former Nortel employees have contacted the Citizen to say that the listening devices were found when Department of National Defence officials did their initial security sweeps of the facility, purchased for DND’s new home.

DND documents also indicate that concerns about the security surrounding the former Nortel campus were raised last year within the department. A briefing document for then-Defence minister Peter MacKay warned that the public announcement that the DND was moving into the complex before it could be properly secured created a major problem.

“This not only raises the level of difficulty of verifying appropriate security safeguards in the future, it will probably dramatically increase security costs and cause delays to reach full operational capability,” MacKay was told in April 2012 by Canadian Forces security officers.

Last year senior Nortel staff acknowledged that the company had been the subject of a number of spy and computer hacking operations over a decade, with the main culprits suspected of being associated with China.

Michel Juneau-Katsuya, a former senior officer with the Canadian Security Intelligence Service, said the spy agency also determined that Nortel had been targeted. “We knew it was well penetrated,” he told the Citizen. “When I was the Chief of Asia-Pacific we warned Nortel.”

But Julie Di Mambro, spokeswoman for Defence Minister Rob Nicholson, said Tuesday the government has now received assurances from DND. “Security officials have assured us that they have not discovered any bugs or listening devices,” she noted in an email. “Our government continues to be vigilant when it comes to maintaining the security of information and personnel.”

No further details were provided.

The purchase and refit of the Nortel campus has emerged as a political issue, with opposition MPs and others questioning whether the Conservative government’s plan to spend almost $1 billion on the purchase and renovations of the site makes financial sense. Retired lieutenant-general Andrew Leslie, now an adviser for Liberal Leader Justin Trudeau, told CTV on Monday that he thought it was a bad idea to spend such a large amount of money on a new military headquarters.

The government spent $208 million to buy the property, with an additional $790 million to be spent on renovating the buildings for DND’s needs, according to a presentation made to the Senate by Treasury Board officials. The cost to prepare the site involves everything from creating new offices to installing secure computer networks.

Asked last week for details about the listening devices and whether they were still functioning, the DND responded with a statement to the Citizen that it takes security at its installations seriously. “The Department of National Defence and Canadian Armed Forces cannot provide any information regarding specific measures and tests undertaken to secure a location or facility for reasons of national security,” noted an email from DND spokeswoman Carole Brown. “The DND/CAF must maintain a safe and secure environment at all of its facilities, in order to maintain Canada’s security posture at home and abroad.”

In February, MacKay was also briefed about the poor state of DND security. Among the points raised in the presentation was that the Defence Department’s “security posture does not currently meet government standards,” according to documents obtained by Postmedia.

The case of Royal Canadian Navy officer Jeffrey Delisle, who spied for the Russians, was specifically mentioned on the same page as the presentation noted that “repeated audits have called for improvement, but insufficient action has occurred.” Those audits calling for improved security included reviews by internal auditors and the federal auditor general’s office.

Phil McNeely, Liberal MPP for Ottawa-Orléans, said he is concerned the government and the DND did not do its due diligence before the Nortel campus was purchased. McNeely, who opposes the DND move to Nortel, said he is worried taxpayers are “now stuck with a $208 million lemon.”

An internal security study by Nortel suggested that the hackers had been able to download research and development studies and business plans starting in 2000. The hackers also placed spyware so deep into some employee computers it escaped detection, the Wall Street Journal reported last year.

Another spy operation was launched against Nortel from the Philippines, security officials determined. That operation involved freelance computer hackers who were working for a “foreign power.”

By David Pugliese, OTTAWA CITIZEN October 1, 2013

Find this story at 1 October 2013

© Copyright (c) The Ottawa Citizen

Former Nortel campus was subject of decade-long industrial espionage
A bird’s eye view of the former Nortel campus in Ottawa, bought by the Department of National Defence in 2010.

OTTAWA — Workers preparing the former Nortel complex as the new home for the Department of National Defence have discovered electronic eavesdropping devices, prompting new fears about the security of the facility.

It’s not clear whether the devices were recently planted or left over from an industrial espionage operation when Nortel occupied the complex.

Asked for details about the listening devices and whether they were still functioning, the DND responded with a statement to the Citizen that it takes security at its installations seriously.

The DND/CAF must maintain a safe and secure environment at all of its facilities

“The Department of National Defence and Canadian Armed Forces cannot provide any information regarding specific measures and tests undertaken to secure a location or facility for reasons of national security,” noted an email from DND spokeswoman Carole Brown. “The DND/CAF must maintain a safe and secure environment at all of its facilities, in order to maintain Canada’s security posture at home and abroad.”

Recently released DND documents, however, indicate that concerns about the security surrounding the former Nortel campus at 3500 Carling Ave. were raised last year.

A briefing document for then Defence Minister Peter MacKay warned that the public announcement the DND was moving into the complex before it could be properly secured created a major problem. “This not only raises the level of difficulty of verifying appropriate security safeguards in the future, it will probably dramatically increase security costs and cause delays to reach full operational capability,” MacKay was told in April 2012 by Canadian Forces security officers.

The briefing note was released under the Access to Information law.

Last year it was also revealed that Nortel had been the target of industrial espionage for almost a decade, with the main culprits thought to be hackers based in China. An internal security study by Nortel suggested that the hackers had been able to download research and development studies and business plans starting in 2000.

The hackers also placed spyware so deep into some employee computers it escaped detection, the Wall Street Journal reported last year.

The Conservative government has earmarked almost $1 billion for its plan to move military personnel and Department of National Defence staff to the former Nortel campus. That includes $208 million to buy the property, with an additional $790 million to be spent to renovate the buildings for DND’s needs, according to a presentation made to the Senate by Treasury Board officials. The cost to prepare the site involves everything from creating new offices to installing secure computer networks.

Recently, however, the federal government has noted it could be open to revisiting its plans to have the DND occupy the facility. Public Works has been considering whether other government departments might make their home there instead.

“Public Works and Government Services Canada is currently reviewing its plans for the renovation and future occupancy of the Carling Campus in light of the current environment of fiscal restraint to ensure that the use of the campus provides best value for taxpayers,” Brown added in her email.

The DND originally estimated the cost of preparing the Nortel site for its needs would be $633 million, according to department documents obtained by the Citizen through the Access to Information law.

Although DND is planning for the move, cabinet has not yet made the final decision authorizing the department to occupy the Nortel site.

Some have questioned the move at a time of cost-cutting, particularly since the DND will still continue to occupy key buildings such as its main headquarters, the Major-General George R. Pearkes Building on Colonel By Drive, as well as its facility on Star Top Road. The DND’s presence in the Louis St. Laurent Building, the National Printing Bureau building and the Hotel de Ville building in Gatineau will also continue.

The department has estimated it would save $50 million a year by moving many of its employees in the Ottawa area into the Nortel campus but it has not provided a breakdown on how it came up with that figure.

In justifying the move, the department noted it would save money through reduced cab fares, less need for commissionaires to guard offices and an atmosphere that allows people to work better together.

David Pugliese, Ottawa Citizen
Published: September 30, 2013, 10:38 am

Find this story at 30 September 2013

© COPYRIGHT – POSTMEDIA NEWS

The German magazine Der Spiegel this week cites presentation slides leaked by Edward Snowden, a former contractor with the National Security Agency, CSEC’s American counterpart.
OTTAWA—The national eavesdropping agency is refusing to comment on allegations that it mounts foreign operations through Canada’s embassies abroad.

Lauri Sullivan, a spokeswoman for Communications Security Establishment Canada, says the agency does not comment “on our foreign intelligence collection activities or capabilities.”

German magazine Der Spiegel says Canada is using diplomatic facilities to support surveillance operations in league with key allies the United States, Britain and Australia.

Word of the Canadian reference — first reported by blogger Bill Robinson, who closely tracks CSEC — came as the NDP unsuccessfully sought support in the House of Commons to create a parliamentary committee that would look into stronger oversight for the intelligence community.

The magazine report published this week cites presentation slides leaked by Edward Snowden, a former contractor with the National Security Agency, CSEC’s American counterpart.

One slide indicates the Canadian spy agency hosts “Stateroom” sites — a term for covert signals-intelligence gathering bases hidden in consulates and embassies.

“These sites are small in size and in number of personnel staffing them,” says the slide. “They are covert, and their true mission is not known by the majority of the diplomatic staff at the facility where they are assigned.”

Der Spiegel alleges that the U.S. NSA, Britain’s Government Communications Headquarters and Australia’s Defense Signals Directorate also host such covert stations, with equipment installed on rooftops or upper floors of embassy buildings — protected from view by screens or false structures.

It’s just the latest of several references to the Ottawa-based spy service in Snowden’s cache of leaked materials.

Earlier documents suggest Canada helped the U.S. and Britain spy on participants at the London G20 summit four years ago. Britain’s Guardian newspaper published slides describing the operation, including one featuring the CSEC emblem.

More recently, Brazil demanded answers following accusations CSEC initiated a sophisticated spy operation against the South American country’s ministry of mines and energy.

CSEC, tasked with gathering foreign intelligence of interest to Canada, has a staff of more than 2,000 — including skilled mathematicians, linguists and computer analysts — and a budget of about $350 million.

The recent revelations — including concerns that CSEC gathers information about Canadians in the course of its foreign spying — have sparked criticism from civil libertarians and opposition politicians.

An NDP motion put forward Tuesday by defence critic Jack Harris called for a special committee to study the intelligence oversight systems of other countries and make recommendations “appropriate to Canada’s unique circumstances.” The committee would have reported its findings by May 30 next year.

The motion quickly went down to defeat. The Conservative government maintains CSEC is already subject to scrutiny by an independent commissioner who has never found an instance of the spy service straying outside the law.

By: Jim Bronskill The Canadian Press, Published on Tue Oct 29 2013

Find this story at 29 October 2013

© Copyright Toronto Star Newspapers Ltd. 1996-2013

Security experts say that Canadian intelligence has developed a powerful spying tool to scope out and target specific phones and computers so as to better set up hacking and bugging operations.

The outlines of the technology are contained in the slides of a PowerPoint presentation made to allied security agencies in June, 2012. Communications Security Establishment Canada (CSEC) called the tool “Olympia,” showing how its analysts sifted through an immense amount of communications data and zeroed in on the phones and computer servers they determined merited attention – in the demonstration case, inside the Brazilian Ministry of Energy and Mines.

Within weeks, CSEC figured out who was talking to whom by plugging phone numbers and Internet protocol addresses into an array of intelligence databases. In this way it “developed a detailed map of the institution’s communications,” Paulo Pagliusi, a Brazilian security expert who examined the slides, told The Globe.

The slides are part of a large trove of documents that have been leaked by Edward Snowden, the former contractor with the U.S. National Security Agency (NSA) whose disclosures have set off a debate over whether the agency has improperly intruded on the privacy of Americans. Other disclosures have raised questions about its spying on foreign governments, sometimes with the assistance of allied intelligence agencies.

The Globe and Mail has collaborated with the Brazil-based American journalist Glenn Greenwald, based on information obtained from the Snowden documents. Mr. Snowden, who went into hiding in Hong Kong before the first cache of NSA documents was leaked, has been charged by the United States with espionage and theft of government property. Russia has granted him temporary sanctuary.

Canadian officials declined to comment on the slides. Responding to an e-mail requesting comment on whether Canada co-operated with its U.S. counterpart in tapping into Brazilian communications, CSEC spokesman Andy McLaughlin said the agency “cannot comment on its foreign intelligence activities or capabilities.” Prime Minister Stephen Harper said earlier this month that he is “very concerned” about reports CSEC focused on the Brazil ministry.

Any ability to sift through telecommunications data for specific leads can be valuable for electronic-eavesdropping agencies, especially the capacity to map out – without necessarily listening into – an organization’s Internet or voice communications. This, in turn, can help isolate specific devices for potential hacking operations. By developing “Olympia” as a method for doing just this, Canada added to its spymasters’ toolkit.

The PowerPoint presentation by CSEC was first reported by Brazil’s Fantastico TV program, which earlier reported the NSA spying, in conjunction with Mr. Greenwald. Brazilian officials expressed outrage at the United States, but their criticism of Canada was more fleeting. They say they now intend to put public employees on an encrypted e-mail system.

The CSEC presentation – titled Advanced Network Tradecraft – described a technological reconnaissance mission aimed at the Brazilian energy ministry in April and May of 2012. According to the presentation, the agency knew very little about the ministry going in, apart from its Internet domain name and a few associated phone numbers. The presentation never makes clear CSEC’s intentions for targeting the Brazilian ministry.

The leaked slides also suggest Canada sought to partner with the NSA, with one slide saying CSEC was “working with TAO to further examine the possibility” of a more aggressive operation to intercept Internet communications.

“TAO” refers to “tailored access operations,” said Bruce Schneier, a privacy specialist for the Berkman Center for the Internet and Society at Harvard. “It’s the NSA ‘blackbag’ people.” (A “blackbag job” refers to a government-sanctioned break-and-enter operation – hacking in this case – to acquire intelligence.)

It is not clear whether CSEC or the NSA followed up with other actions involving the Brazilian ministry.

COLIN FREEZE AND STEPHANIE NOLEN
WASHINGTON and RIO DE JANEIRO — The Globe and Mail
Published Saturday, Oct. 19 2013, 8:00 AM EDT

Find this story at 19 October 2013

© Copyright 2013 The Globe and Mail Inc.

Observers have suggested that Canada’s actions are related to potential competition to its tar sands. Photograph: Orjan F Ellingvag/Corbis

The Canadian government agency that allegedly hacked into the Brazilian mining and energy ministry has participated in secret meetings in Ottawa where Canadian security agencies briefed energy corporations, it has emerged.

Claims of spying on the ministry by Communications Security Establishment Canada (CSEC) come amid the Canadian government’s increasingly aggressive promotion of resource corporations at home and abroad, including unprecedented surveillance and intelligence sharing with companies.

According to freedom of information documents obtained by the Guardian, the meetings – conducted twice a year since 2005 – involved federal ministries, spy and police agencies, and representatives from scores of companies who obtained high-level security clearance.

Meetings were officially billed to discuss “threats” to energy infrastructure but also covered “challenges to energy projects from environmental groups”, “cyber security initiatives” and “economic and corporate espionage”.

The documents – heavily redacted agendas – do not indicate that any international espionage was shared by CSEC officials, but the meetings were an opportunity for government agencies and companies to develop “ongoing trusting relations” that would help them exchange information “off the record”, wrote an official from the Natural Resources ministry in 2010.

At the most recent meeting in May 2013, which focused on “security of energy resources development”, meals were sponsored by Enbridge, a Canadian oil company trying to win approval for controversial tar sands pipelines.

Since coming to power, Conservative prime minister, Stephen Harper, has used his government apparatus to serve a natural resources development agenda, while creating sweeping domestic surveillance programs that have kept close tabs on indigenous and environmental opposition and shared intelligence with companies.

Harper has transformed Canada’s foreign policy to offer full diplomatic backing to foreign mining and oil projects, tying aid pledges to their advancement and jointly funding ventures with companies throughout Africa, South America and Asia.

Keith Stewart, an energy policy analyst with Greenpeace Canada, said: “There seems to be no limit to what the Harper government will do to help their friends in the oil and mining industries. They’ve muzzled scientists, gutted environmental laws, reneged on our international climate commitments, labelled environmental critics as criminals and traitors, and have now been caught engaging in economic espionage in a friendly country. Canadians, and our allies, have a right to ask who exactly is receiving the gathered intelligence and whose interests are being served.”

Observers have suggested that Canadian spying on Brazil is related to the country’s auctioning of massive offshore oil finds, potential competition to Canada’s tar sands, and Canada’s desire to gain competitive advantage for more than 40 Canadian companies involved in Brazil’s mining sector.

“There is very substantial evidence that the spying Canada was doing for economic reasons aimed at Brazil is far from an aberration,” Guardian columnist Glenn Greenwald told Canadian media on Tuesday. Greenwald hinted that he will be publishing further documents on CSEC.

“We’ve already seen how Canadian embassies around the world essentially act as agents for Canadian companies – even when they’re implicated in serious human rights abuses,” said Jamie Kneen of MiningWatch Canada, an NGO watchdog. “We just had no idea how far they were willing to go.”

Martin Lukacs and Tim Groves
theguardian.com, Wednesday 9 October 2013 12.08 BST

Find this story at 9 October 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

A former high-ranking member of Canada’s spy service says he suspects the leaked documents that purport to show Ottawa was spying on Brazil are in fact part of a pretend “wargame scenario.”

“There’s no smoking gun here. It’s again more little snippets and snapshots from the Snowden revelations; they actually mislead more than they inform,” says Ray Boisvert, until last year a deputy director of the Canadian Security Intelligence Service.

“I don’t believe it’s likely Brazil was targeted.”

A Brazilian television report on Sunday said Canada’s electronic eavesdropping agency, the Communication Security Establishment Canada (CSEC) targeted the ministry that manages the South American nation’s vast mineral and oil resources. The report was based on documents leaked by former U.S. National Security Agency contractor Edward Snowden.

Mr. Boisvert, who left the Canadian Security Intelligence Service in 2012, said the top priority for CSIS and CSEC is counter-terrorism. The directive from on high was national security, not infiltrating a Brazilian government department of mining.

“When I worked there, very closely with CSEC and I was a top-line operational leader, we were all too busy chasing bad guys who want to kill people,” the former CSIS official said.

“At the end of the day CSIS and CSEC have a mandate to go after foreign powers if those are acting in a way that’s inimical to our interests, so the poster child for that would be Iran. Everything from nuclear proliferation to state-sponsored terror,” he said.

“Brazil seems highly unlikely to me,” Mr. Boisvert said.

He said one regular practice of security organizations, however, is war-gaming.

“I’m more inclined to think that this is probably a case of a hypothetical scenario,” Mr. Boisvert said.

“CSEC does war gaming just like the military and in their case they look at [computer] networks. Before they go after a target, they will play a game on paper,” he said.

“I have got a funny feeling that is all Snowden has: is just that exploratory war game piece saying ‘OK, what would we do, boys and girls, if we had to do this?’ ”

When pressed Monday for comment on allegations that CSEC spied on Brazilians, the Harper government gave repeated indirect answers to the question, saying the CSE does not conduct surveillance on Canadians.

“This organization cannot and does not target Canadians under Canadian law,” Defence Minister Rob Nicholson said.

Canadians and Brazilians are both working on a United Nations peacekeeping mission in Haiti and Mr. Nicholson rejected the suggestion the revelations might hurt relations between Canada and Brazil.‎ “I believe our collaboration and friendship will continue,” Mr. Nicholson said.

“It’s wise not to get involved with commenting on foreign intelligence gathering activities and so I don’t do that.”

Mr. Boisvert said he assumes the Canadian government is reaching out to Brazil to explain what really happened.

STEVEN CHASE
OTTAWA — The Globe and Mail
Published Monday, Oct. 07 2013, 1:12 PM EDT

Find this story at 7 October 2013

© Copyright 2013 The Globe and Mail Inc.

Leaked documents showing that Canada’s electronic intelligence-gathering agency targeted the Brazilian government threaten to disrupt relations between the countries – and thrust the secretive CSEC into the public spotlight.

On Sunday night, Brazil’s flagship Fantastico investigative program on the Globo television network revealed leaked documents suggesting that Communications Security Establishment Canada (CSEC) has spied on computers and smartphones affiliated with Brazil’s mining and energy ministry in a bid to gain economic intelligence.

The report, attributed to documents first obtained by the former U.S. government contractor Edward Snowden, includes frames of a CSEC-earmarked presentation that was apparently shared with the United States and other allies in June, 2012.

“Brazilian Ministry of Mines and Energy (MME),” a title page of the leaked case study reads. “New target to develop.”

The presentation then rhetorically asks “How can I use the information available in SIGINT [signals-intelligence] data sources to learn about the target?” before delving into specific hacking techniques.

The documents were part of a collaboration with Globo by Glenn Greenwald. The Rio de Janeiro-based journalist and confidante of Mr. Snowden has spent the past four months steadily disclosing a treasure trove of leaked materials recording the electronic eavesdropping practices of the United States and its allies.

Washington has been reeling from the disclosures. In Brazil, they have caused the most serious rift between the two nations in years – after the first revelations about NSA espionage were made last month, Brazilian president Dilma Rousseff canceled an official state visit to Washington; it was to be the first in 18 years and was intended to showcase the growing economic and political ties between the two countries. Instead Ms. Rousseff went to the UN General Assembly where she complained of “totally unacceptable” U.S. spying in her country. She gained a considerable bump in personal approval ratings after lashing out at the U.S. over the NSA activity, which has elicited a reaction of deep offense from many Brazilians.

***

http://www.theglobeandmail.com/news/world/five-highlights-from-the-canada-brazil-spying-revelations/article14721506/

Five highlights from the Canada-Brazil spying revelations Add to
…
GLOBE STAFF

The Globe and Mail
Published Monday, Oct. 07 2013, 11:02 AM EDT

Canada’s signals-intelligence agency has been spying on Brazil’s Mines and Energy Ministry, according to documents the former U.S. government contractor Edward Snowden leaked to Brazil’s Globo television network.

Globo obtained a copy of a slide presentation made by someone at the Communications Security Establishment Canada (CSEC). The document was shown at a June 2012 gathering of members of the “Five Eyes,” the signals-intelligence alliance of Canada, the United States, Britain, Australia and New Zealand.

Here are some highlights that can be gleaned from the slides:

1. Using a program called Olympia, CSEC took aim at Brazil’s Ministry of Mines and Energy, describing it as a “new target to develop” despite “limited access/target knowledge.”

2. One of the slide shows that CSEC focused on ministry portable devices and was able to identify their carriers (such as Brasil Telecom S.A. or Global Village Telecom), the kind of hardware being used (for example a Nokia 3120 or an Android-based Motorola MRUQ7) and metadata about where calls were placed, in countries such as Peru, Venezuela, Poland, Singapore, Great Britain.

Another slide in the presentation explains how analysts cross-referenced a handset’s SIM card with the network telephone number assigned to it and the handset’s unique number (IMEI).

3. CSEC metadata collection included calls made from the Ministry of Mines and Energy to the Brazilian embassy in Peru and the head office of OLADE, the Latin American Energy Organization, in Quito, Ecuador.

One slide titled showed how the Canadians connected an IP addresses assigned to the ministry to e-mail communications with Canada, Eritrea, Saudi Arabia, Thailand, Afghanistan, Jordan and South Africa.

4. Another phone monitored by CSEC belonged to Paulo Cordeiro de Andrade Pinto, a career diplomat who was ambassador to Canada from 2008 to 2011, and is now Brazil’s Under Secretary for Middle East and Africa.

5. CSEC’s next step was going to be the collection of e-mails and cooperation with a hacking specialists working for a secret unit of the U.S. National Security Agency.

“I have identified MX [email] servers which have been targeted to passive collection by the Intel analysts,” says a slide titled “Moving Forward.”

The slide mentions TAO (Tailored Access Operations), an NSA unit specializes in installing spyware and tracking devices and has been reported to have played a role in the hunt for Osama Bin Laden.

“I am working with TAO to further examine the possibility for a Man on the Side operation,” the CSEC slide says, alluding to a form of online eavesdropping.

The impact for Canada of these revelations could be equally grave: they come at a time when Brazil has become a top destination for Canadian exports, when a stream of delegations from the oil and gas industries are making pilgrimages to Rio de Janeiro to try to get a piece of the booming offshore oil industry, and when the Canadian government is eager to burnish ties with Brasilia. Foreign Affairs Minister John Baird visited Brazil in August, and spoke repeatedly about the country as a critical partner for Canadian business.

American lawmakers have introduced several bills that aim to rein in the U.S. National Security Agency’s domestic surveillance programs.

Throughout all this, Canada’s electronic eavesdropping agency has kept a relatively low profile, never before emerging as the central figure in any Snowden-leaked spying program. Although it has existed since the Second World War, CSEC has rarely discussed any of its operations in public.

CSEC has a $350-million budget and 2,000 employees. By law, it has three mandates – to safeguard Canadian government communications and computers from foreign hackers, to help other federal security agencies where legally possible, and to gather “foreign intelligence.”

The federal government is building a new $1-billion headquarters for CSEC on the outskirts of Ottawa.

Given wide latitude by its political and bureaucratic masters to collect what “foreign intelligence” it can, CSEC is exceedingly discreet. The spy agency’s leaders rarely make any public remarks. When they do, they tend only to speak vaguely of the agency’s role in fighting terrorism.

But economic espionage appears to be a business line for CSEC. Former Carleton University Professor Martin Rudner has pointed out that the spy agency started recruiting economists and business analysts in the mid-1990s.

“CSE[C] operations in economic intelligence have gone rather beyond the strictly defensive to also help promote Canadian economic competitiveness,” Mr. Rudner wrote in an essay published in 2000. He added that the spy agency is rumoured to have given the Canadian government a leg up during NAFTA negotiations with Mexico, and also eavesdropped on the 1997 APEC summit.

Mr. Rudner added that Ottawa officials don’t necessarily share with Canadian businesses what CSEC surveillance turns up. Instead, he writes, they “sometimes provide advice and counsel by way of helping to promote Canadian trade, without necessarily revealing their sources in economic intelligence.”

While CSEC’s role in conducting economic espionage has been alluded to before, how it does this job has not. The significance of the documents obtained by Globo in Brazil is that they speak to how “metadata” analysis by CSEC can be used to exploit a rival country’s computer systems.

The CSEC-labeled slides about the “Olympia” program describe the “Brazilian Ministry of Mines and Energy” as a “new target to develop” despite “limited access/target knowledge.”

The presentation goes on to map out how an individual’s smartphone – “target’s handset” – can be discerned by analysis, including by cross-referencing the smartphone’s Sim card with the network telephone number assigned to it and also to the handset’s unique number (IMEI).

The “top secret” presentation also refers to attacks on email servers.

“I have identified MX [email] servers which have been targeted to passive collection by the Intel analysts,” one slide says, without explaining who the speaker is.

The slide suggests the presenter hoped to reach out to American superhackers – the NSA’s “Tailored Access Operations” group – for a more specialized operation: “I am working with TAO to further examine the possibility for a Man on the Side operation.”

A “Man on the Side” operation is a form of interception. According to a recent Guardian column, the NSA has installed secret servers on the Internet that can be used “impersonate a visited Web site” that a target plans to visit. The rerouting of the target’s traffic opens his or her computer or mobile device to invasion by the impersonating website.

The “Top Secret” presentation obtained by Globo is an exceedingly rare disclosure. In Ottawa, CSEC’s employees are sworn to secrecy and visitors to its complex have to check their smartphones, iPads, laptops and memory sticks at the door.

The CSEC-labeled presentation appears to have been shared with the NSA, the agency Mr. Snowden once worked for. He had retained access to the NSA’s data repositories as a security-cleared private contractor, prior to copying reams of material early this year and then flying with it to Hong Kong this summer.

Mr. Snowden leaked the materials to Mr. Greenwald in Hong Kong, prior to flying to Russia to seek asylum. The U.S. government wants to try him on espionage charges.

The leaked “CSEC – Advanced Network Tradecraft” presentation about the Olympia spying program kicks off with an allusion to Greek mythology.

It alludes to how Zeus and his sibling deities waged a 10-year battle to overthrow an older order of gods, known as the Titans. “And they said to the Titans ‘Watch Out OLYMPIAns in the house!” reads a slide in the presentation.

COLIN FREEZE AND STEPHANIE NOLEN
TORONTO AND RIO DE JANEIRO — The Globe and Mail
Published Monday, Oct. 07 2013, 7:14 AM EDT

Find this story at 7 October 2013

© Copyright 2013 The Globe and Mail Inc.

One week after revealing USA surveillance of the presidents of Brazil and Mexico, Fantastico brings another exclusive.

One of the prime targets of American spies in Brazil is far away from the center of power – out at sea, deep beneath the waves. Brazilian oil. The internal computer network of Petrobras, the Brazilian oil giant partly owned by the state, has been under surveillance by the NSA, the National Security Agency of the United States.

The spying is confirmed by top secret documents leaked by Edward Snowden, and obtained exclusively by Fantastico. Snowden, an ex-intelligence analyst employed by the NSA, made these and thousands of other documents public last June. He has been given asylum by Russia.
These new disclosures contradict statements by the NSA denying espionage for economic purposes.
saiba mais

The information was found by journalist Glen Greenwald, co-author of this story along with TV Globo Reporter Sonia Bridi, amid the thousands of documents given to him by Edward Snowden in June.

This statement addressed to “The Washington Post” this week highlights that ‘The department does ***not*** engage in economic espionage in any domain, including cyber.'”

However, a top secret presentation dated May 2012 is used by the NSA to train new agents step-by-step how to access and spy upon private computer networks – the internal networks of companies, governments, financial institutions – networks designed precisely to protect information.

The name of Petrobras – Brazil’s largest company – appears right at the beginning, under the title: “MANY TARGETS USE PRIVATE NETWORKS.”

Besides Petrobras, e-mail and internet services provider Google’s infrastructure is also listed as a target. The company, often named as collaborating with the NSA, is shown here as a victim.

Other targets include French diplomats – with access to the private network of the Ministry of Foreign Affairs of France – and the SWIFT network, the cooperative that unites over ten thousand banks in 212 countries and provides communications that enable international financial transactions. All transfers of money between banks across national borders goes through SWIFT.

Names of other companies and institutions on the list were blacked out in order not to compromise operations involving targets linked to terrorism.

Greenwald defends the decision to omit the names. “It’s a question of responsible journalism”, says Greenwald. “These documents contain information regarding spying against terrorists, matters of national security which should not be published, because nobody doubts that the United States, just as any other country, has the right to spy in order to guarantee national security. But there is much more information on spying on innocents, against people who have nothing to do with terrorism, or on industrial issues, which need to be made public.”

The documents are classified as “top-secret”, to be seen only by those named by the Americans as “Five Eyes” – the five countries allied in spying: the United States, Australia, Canada, Great Britain and New Zealand.

The name of Petrobras appears on several slides, as the training goes deeper in explaining how date from the target companies is monitored.

Individual folders are created for each target – and contain all the intercepted communications and IP addresses – the identification of each computer on the network – which should be immune to these attacks.

Paulo Pagliusi has a PhD in information security and has written books on the subject. He analyzed the documents for Fantastico.

“The networks in the presentation all belong to real companies. These are not made-up situations”, says Pagliusi. “Some details stand out. For instance, some numbers were blacked out. Why would they be blacked out if they weren’t real? It’s as if the instructors didn’t want the trainees to see them.”

Pagliusi points to signs that this is part of systematic spying. “You don’t obtain all of this in a single run. From what I see, this is a very consistent system that yields powerful results; it’s a very efficient form of spying,” he says.

Pagliusi concludes that this has been going on for a while: “There’s no place for amateurs in this area.”

The yearly profits of Petrobras are over 280 billion reais – US$ 120 billion. More than the GDP of many countries. And there are plenty of motives for spies to want access to the company’s protected network.

Petrobras has two supercomputers, used mainly for seismic research – which evaluate oil reserves from samples collected at sea. This is how the company mapped the Pre-salt layer, the largest discovery of new oil reserves in the world in recent years.

There is no information on the extent of the spying, nor if it managed to access the data contained in the company’s computers. It’s clear Petrobras was a target, but no documents show exactly what information the NSA searched for. But at any rate, Petrobras has strategic knowledge of deals involving billions of dollars.

For example, the details of each lot in an auction set for next month: for exploration of the Libra Field, in the Bay of Santos, part of the Pre-salt. Whether the spies had access to this information is one of the questions the Brazilian government will have to put to the United States.

Former Petrobras Director Roberto Villa considers this the greatest action in the history of oil exploration. “It’s a very peculiar auction. The auction of an area where we already know there’s oil, there’s no risk”, he says. What no one else should know, Villa says, is which are the richest lots. “Petrobras knows. And I hope only they know.” He considers that such information, if stolen, could give someone an advantage. “Someone would have an edge. If this information was leaked and someone else has obtained it, he would be in a privileged position at the auction. He’ll know where to invest and where not to. It’s a handy little secret.”

Another former Petrobras Director considers this a serious matter. “Commercially, internationally, this means a game with marked cards for some places, some countries, some friends,” says Antonio Menezes.

The Pre-salt oil is found at high seas, at depths of two thousand meters – below a layer of rocky salt, four kilometers below the ocean floor. Reaching this oil requires a lot of technology, and Petrobras is a world leader in deep-sea oil extraction.

Adriano Pires, a specialist in infrastructure, considers that spies could be specially interested in ocean-floor exploration technology. “Petrobras is the world’s number one in drilling for oil at sea. Pre-salt layers exist all around the world – there’s a pre-salt in Africa, in the Gulf of Mexico, in the North Sea. If I have this technology, I can drill for oil anywhere I want,” says Pires.

The NSA presentation contains documents prepared by the GCHQ – the British Spy agency, from a country that appears as an ally of the United States in spying. The British agency shows how two spy programs operate. “Flying Pig” and “Hush Puppy” also monitor private networks which carry supposedly secure information. These networks are known as TLS/SSL.

The presentation explains how data is intercepted, through an attack known as “Man in the Middle”. In this case, data is rerouted to the NSA central, and then relayed to its destination, without either end noticing.

A few pages ahead, the document lists the results obtained. “Results – what do we find?” “Foreign government networks”, “airlines”, “energy companies” – like Petrobras – and “financial organisations.”

TLS/SSL networks are also the security system used in financial transactions, such as when someone accesses their bank account through an ATM. The connection between a remote terminal and the bank’s central goes through a sort of secure tunnel through the internet. No one is supposed to see what travels through it.

Later, the NSA presentation shows in detail how the data of a chosen target is rerouted through spy filters beginning at the very source, until they reach the NSA’s supercomputers.

In this document the NSA names Latin America as a key target of the “SILVERZEPHYR” program, which collects the contents of voice recordings, faxes, as well as metadata, which is the overall information being transmitted in the network.

Last Sunday, Fantastico showed exclusively how the President of Brazil is a direct target of espionage.

On Thursday, President Dilma Rousseff met American counterpart Barack Obama at the G20 Summit in Russia, and she demanded explanations.

“This is what I asked: It’s very complicated for me to learn about these things through the press. I read something one day, then two days later I learn something else, and this goes on piece by piece. I’d like to know what exists (about spying). I want to know what’s going on. If there is something or not, I want to know. Is it real or not? Besides what’s been published by the press, I want to know everything they have regarding Brazil. The word ‘everything’ is very comprehensive. It means all. Every bit. In English, ‘everything’.” – the President told a press conference on Friday.

On the day Rousseff and Obama met, a story published simultaneously by British newspaper The Guardian and the American New York Times revealed that the NSA and the British GCHQ broke the protected communication codes of several internet providers – enabling them to spy on the communications of millions of people, and also on banking transactions.

The story shows that cryptography, the system of codes provided by some internet operators, comes with a built-in vulnerability, inserted on purpose by the NSA, which allows the spies to enter the system, copy, snoop, even make alterations, without leaving footprints. There is also evidence that some equipment put together in the United States comes with factory-installed spying devices.

The “New York Times” says this was done with at least one foreign government that bought American computers. But it does not reveal which government payed to be spied upon.

Lastly, another document obtained by Fantastico shows who are the spies’ clients – who gets the information obtained: American diplomats, the intelligence agencies, and the White House. It proves that spying doesn’t have as its sole purpose the fight against terrorism. On this list of objectives are also diplomatic, political and economic information.

Petrobras declined to comment. President Dilma Rousseff awaits clarifications by the U.S. government later this week.

The NSA has sent a statement attributed to James Clapper, director of National Intelligence, declaring that the agency collects information in order to give the United States and their allies early warning of international financial crises which could negatively impact the global economy and also to provide insight into other countries’ economic policy or behavior which could affect global markets.

The statement also stresses that the collected intelligence is not used “to steal the trade secrets of foreign companies on behalf of – or give intelligence we collect to – US companies to enhance their international competitiveness or increase their bottom line.”

The UK Foreign Office in London and the British Embassy in Brasilia declared they do not comment on intelligence-related issues.

Globo TV – Fantástico
Edição do dia 08/09/2013
08/09/2013 22h52 – Atualizado em 09/09/2013 00h07

Find this story at 9 September 2013

© Copyright 2013 Globo Comunicação e Participações S.A. Política de Privacidade

Brazil says it will demand an explanation from the US after allegations that the National Security Agency (NSA) spied on Brazilian government communications.

The allegations were made by Rio-based journalist Glenn Greenwald in a programme on TV Globo on Sunday.

Mr Greenwald obtained secret files from US whistle-blower Edward Snowden.

Communications from the Mexican president were also accessed by the NSA, Mr Greenwald said.

The US ambassador to Brazil, Thomas Shannon, was briefly summoned to the Brazilian foreign ministry, “to explain” the claims made by the American journalist.

He did not speak to reporters when he left, and there have been no comments from the foreign ministry either.
‘Attack on sovereignty’

Mr Greenwald, a columnist for the British Guardian newspaper, told TV Globo’s news programme Fantastico that secret documents leaked by Edward Snowden showed how US agents had spied on communications between aides of Brazil’s President Dilma Rousseff.

Brazil’s Justice Minister Jose Eduardo Cardozo said that “if these facts prove to be true, it would be unacceptable and could be called an attack on our country’s sovereignty”.

According to the report, the NSA also used a programme to access all internet content that Ms Rousseff visited online.

Her office said the president was meeting top ministers to discuss the case.

The BBC’s Julia Carneiro in Sao Paulo says that the suspicion in Brazil as to why the United States is allegedly spying Brazilian government communications is because Brazil is a big player and there are lots of commercial interests involved.
Mexican connection

The report also alleges that the NSA monitored the communications of Mexican President Enrique Pena Nieto, even before he was elected in July last year.

Mr Greenwald said that a document dating from June 2012 showed that Mr Pena Nieto’s emails were being read.

A spokesman for the Mexican foreign ministry told the Agence France Presse news agency that he had seen the report but had no comment.

The documents were provided to Mr Greenwald by ex-US intelligence analyst Edward Snowden, who was granted temporary asylum in Russia after leaking secret information to media in the US and Britain.

Mr Greenwald was the first journalist to reveal the secret documents leaked by Mr Snowden on 6 June. Since then, he has written a series of stories about surveillance by US and UK authorities.

The detention last month for nine hours at London’s Heathrow airport of Mr Greenwald’s partner, David Miranda, caused widespread controversy in the UK and abroad.

Mr Greenwald said the detention of his partner amounted to “bullying” and was “clearly intended to send a message of intimidation” to those working on the NSA revelations.

2 September 2013 Last updated at 12:20 ET

Find this story at 2 September 2013

BBC © 2013 The BBC

Washington Post report accuses Ankara of blowing the cover of 10 Iranians who met in Turkey with Mossad handlers.

Davutoglu said the Washington Post allegations were “without any foundation” [Reuters]

Turkey denied on Thursday a US newspaper report claiming it had revealed an Israeli spy ring working with Iranians on its soil to the authorities in Tehran, a sign of the souring ties between the once-close allies.

Washington Post columnist David Ignatius said Prime Minister Recep Tayyip Erdogan’s government had last year revealed to Iranian intelligence the identities of up to 10 Iranians who had been meeting in Turkey with Mossad handlers.

But Turkish Foreign Minister Ahmet Davutoglu said the allegations were “without any foundation”.

“[Turkish intelligence chief Hakan] Fidan and other security agents report only to the Turkish government and the parliament,” he said.

The allegation angered officials in Ankara, already on the defensive after a Wall Street Journal article last week suggested Washington was concerned that Fidan had shared sensitive information with Iran.

Other officials in Ankara, speaking on condition they not be named, described the article as part of an attempt to discredit Turkey by foreign powers uncomfortable with its growing influence in the Middle East.

“Turkey is a regional power and there are power centres which are uncomfortable with this… stories like these are part of a campaign,” a Turkish official said, asking not to be identified because of the sensitivity of the subject.

‘Very complex’

There was no immediate comment from Israel, but Israeli ministers have accused Erdogan of adopting an anti-Israeli stance in recent years. Deputy Israeli Foreign Minister Zeev Elkin declined to comment on the report, but said relations with Turkey were “very complex.”

“The Turks made a strategic decision … to seek the leadership of our region, in the Middle East, and they chose the convenient anti-Israeli card in order to build up leadership,” he told Israel Radio.

The relationship hit the rocks in 2010 after Israeli commandos killed nine Turkish activists seeking to break Israel’s long-standing naval blockade of the Gaza Strip.

Relations between the two US allies have been fraught ever since, with military cooperation frozen and mutual distrust scuppering attempts to restore ties, despite efforts by US President Barack Obama to broker a reconciliation.

Iran has long accused Israel of spying on it soil and of killing several Iranian nuclear scientists, the last in January 2012.

In April 2012, Iran announced that it had broken up a large Israeli spy network and arrested 15 suspects. It was not clear if this was connected to the alleged Turkish leak.

Last Modified: 17 Oct 2013 17:15

Find this story at 17 October 2013

The Turkish-Israeli relationship became so poisonous early last year that the Turkish government of Prime Minister Recep Tayyip Erdogan is said to have disclosed to Iranian intelligence the identities of up to 10 Iranians who had been meeting inside Turkey with their Mossad case officers.

Knowledgeable sources describe the Turkish action as a “significant” loss of intelligence and “an effort to slap the Israelis.” The incident, disclosed here for the first time, illustrates the bitter, multi-dimensional spy wars that lie behind the current negotiations between Iran and Western nations over a deal to limit the Iranian nuclear program. A Turkish Embassy spokesman had no comment.

Israeli anger at the deliberate compromise of its agents may help explain why Prime Minister Benjamin Netanyahu became so entrenched in his refusal to apologize to Erdogan about the May 2010 Gaza flotilla incident . In that confrontation at sea, Israeli commandos boarded a Turkish-organized convoy of ships carrying humanitarian aid to Gaza. Nine Turks were killed.

Netanyahu finally apologized to Erdogan by phone in March after President Obama negotiated a compromise formula. But for more than a year before that, the Israeli leader had resisted entreaties from Obama and Secretary of State Hillary Clinton to heal the feud.

Top Israeli officials believe that, despite the apology, the severe strain with Erdogan continues. The Turkish intelligence chief, Hakan Fidan, is also suspect in Israel because of what are seen as friendly links with Tehran; several years ago, Israeli intelligence officers are said to have described him facetiously to CIA officials as “the MOIS station chief in Ankara,” a reference to Iran’s Ministry of Intelligence and Security. The United States continued to deal with Fidan on sensitive matters, however.

Though U.S. officials regarded exposure of the Israeli network as an unfortunate intelligence loss, they didn’t protest directly to Turkish officials. Instead, Turkish-American relations continued warming last year to the point that Erdogan was among Obama’s key confidants. This practice of separating intelligence issues from broader policymaking is said to be a long-standing U.S. approach.

U.S. officials were never sure whether the Turkish disclosure was done in retaliation for the flotilla incident or was part of a broader deterioration in Turkish-Israeli relations.

Israeli intelligence had apparently run part of its Iranian spy network through Turkey, which has relatively easy movement back and forth across its border with Iran. The Turkish intelligence service, known as the Milli Istihbarat Teskilati, or MIT, conducts aggressive surveillance inside its borders, so it had the resources to monitor Israeli-Iranian covert meetings.

U.S. officials assessed the incident as a problem of misplaced trust, rather than bad tradecraft. They reasoned that the Mossad, after more than 50 years of cooperation with Turkey, never imagined the Turks would “shop” Israeli agents to a hostile power, in the words of one source. But Erdogan presented a unique challenge, as he moved in 2009 to champion the Palestinian cause and, in various ways, steered Ankara away from what had been, in effect, a secret partnership with Jerusalem.

The Israeli-Turkish intelligence alliance was launched in a secret meeting in August 1958 in Ankara between David Ben-Gurion, then Israel’s prime minister, and Adnan Menderes, then Turkey’s prime minister. “The concrete result was a formal but top-secret agreement for comprehensive cooperation” between the Mossad and Turkish intelligence, wrote Dan Raviv and Yossi Melman in their 2012 book, “Spies Against Armageddon.”

The groundwork had been laid secretly by Reuven Shiloah, the founding director of the Mossad, as part of what he called a “peripheral alliance strategy.” Through that partnership, Israelis provided training in espionage to the Turks and, ironically, also to Iranians under the shah’s government, which was toppled in 1979.

Fidan, the Turkish spy chief, is a key Erdogan adviser. He became head of the MIT in 2010 after serving as a noncommissioned officer in the Turkish army and gaining a bachelor’s degree from the University of Maryland and a doctorate in Ankara. After Fidan took over the Turkish service, “he rattled Turkey’s allies by allegedly passing to Iran sensitive intelligence collected by the U.S. and Israel,” according to a recent profile in the Wall Street Journal. The Journal also noted U.S. fears that Fidan was arming jihadist rebels in Syria.

The Netanyahu-Erdogan quarrel, with its overlay of intelligence thrust and parry, is an example of the kaleidoscopic changes that may be ahead in the Middle East. The United States, Israel, Iran, Saudi Arabia and Egypt are all exploring new alliances and struggling to find a new equilibrium — overtly and covertly.

Read more from David Ignatius’s archive, follow him on Twitter or subscribe to his updates on Facebook.

Read more about this issue: David Ignatius: Rouhani sees a nuclear deal in 3 months Soli Ozel: The protests in Turkey won’t be the last Fareed Zakaria: Israel dominates the new Middle East Sonet Cagaptay: Syria becomes a wedge between the United States and Turkey Dani Rodrik: Turkey’s miscarriage of justice

By David Ignatius, Published: October 17

Find this story at 17 October 2013
© The Washington Post Company

Une semaine après les manifestations d’indignation exprimées par les autorités politiques françaises après les révélations du Monde sur l’ampleur des interceptions électroniques réalisées, en France, par l’Agence nationale de sécurité (NSA) américaine, de nouveaux éléments montrent que cette émotion pouvait être, en partie, feinte.

Mardi 29 octobre, devant la commission du renseignement de la Chambre des représentants, le chef de la NSA, le général Keith Alexander, a juré que les informations du Monde ainsi que celles d’El Mundo, en Espagne, et de L’Espresso, en Italie, sur l’interception de communications de citoyens européens par la NSA étaient « complètement fausses ». Il a précisé qu’il s’agissait de « données fournies à la NSA » par ces mêmes partenaires européens.

Quelques heures plus tôt, le quotidien américain The Wall Street Journal, s’appuyant sur des sources anonymes, affirmait que les 70,3 millions de données téléphoniques collectées en France, par la NSA, entre le 10 décembre 2012 et le 8 janvier 2013, ont été communiquées par les services français eux-mêmes. Ces éléments auraient été transmis, selon ce journal, conformément à un accord de coopération en matière de renseignement entre les Etats-Unis et la France.

UN ACCORD DE COOPÉRATION CONNU SOUS LE NOM DE « LUSTRE »

Ces informations, qui tendent à dédouaner la NSA de toute intrusion, ne permettent de progresser dans la compréhension de l’espionnage américain dans le monde qu’à condition de les mettre en résonance avec l’éclairage apporté, le 28 octobre, par la Süddeutsche Zeitung. La presse allemande a signalé, grâce à une note dévoilée par l’ex-consultant de la NSA Edward Snowden, l’existence d’un accord de coopération sur la surveillance entre la France et les Etats-Unis connu sous le nom de « Lustre ».

Selon nos informations, recueillies auprès d’un haut responsable de la communauté du renseignement en France, la direction des services extérieurs français, la DGSE, a, en effet, établi, à partir de la fin 2011 et début 2012, un protocole d’échange de données avec les Etats-Unis.

La France bénéficie d’un positionnement stratégique en matière de transport de données électroniques. Les câbles sous-marins par lesquels transitent la plupart des données provenant d’Afrique et d’Afghanistan atterrissent à Marseille et à Penmarc’h, en Bretagne. Ces zones stratégiques sont à la portée de la DGSE française, qui intercepte et stocke l’essentiel de ce flux entre l’étranger et la France.

“UN TROC ENTRE LA DIRECTION DE LA NSA ET CELLE DE LA DGSE”

« C’est un troc qui s’est institué entre la direction de la NSA et celle de la DGSE, explique la même source. On donne des blocs entiers sur ces zones et ils nous donnent, en contrepartie, des parties du monde où nous sommes absents, mais la négociation ne s’est pas effectuée en une fois, le périmètre du partage s’élargit au fil des discussions qui se prolongent encore aujourd’hui. »

Il paraît donc, a priori, en partie exact, qu’une partie des données téléphoniques transitant sur le sol français soit transmise, conformément aux accords de coopération, et sans tri préalable, par la DGSE à la NSA. Il s’agit donc de données concernant aussi bien des citoyens français recevant des communications de ces zones géographiques que d’étrangers utilisant ces canaux.

Il paraît peu probable que le gouvernement français, qui supervise le financement des infrastructures d’interception et de stockage de la DGSE, ne soit pas au courant de ces pratiques. Ce qui relativise la sincérité des récriminations françaises après l’annonce, par Le Monde, de ces interceptions américaines.

GÉOGRAPHIE SOUS-MARINE

L’absence de statut juridique clair des métadonnées en France et l’étrange discrétion de la Commission nationale de contrôle des interceptions de sécurité (CNCIS) paraissent, de plus, avoir facilité la transmission à la NSA par la DGSE de millions de données relevant de la vie privée de millions de Français.

Au regard de la quantité des interceptions réalisées en un seul mois, la justification avancée par les services de renseignement concernant des questions liées à la lutte contre le terrorisme peut également être sujette à caution.

D’après un responsable à Matignon, la France n’est pas la seule à « troquer » ainsi les données passant sur son territoire. Elle appartiendrait à « une amicale » qui comprend des pays tels qu’Israël, la Suède ou l’Italie, vers lesquels convergent également des câbles sous-marins stratégiques pour les Américains. Depuis 2011, une nouvelle redistribution des cartes de la coopération en matière de renseignement s’est ainsi réalisée sur le seul fondement de cette géographie sous-marine.

RESPONSABILITÉ DES AUTORITÉS POLITIQUES FRANÇAISES

Ces informations viennent donc préciser celles déjà publiées par Le Monde concernant la collecte, en un mois, par la NSA, de 70,3 millions de données téléphoniques concernant la France. Qu’une partie de ces informations soient transmises avec l’assentiment de la DGSE ne change en rien son caractère attentatoire aux libertés. Ce nouvel éclairage pose avant tout la responsabilité des autorités politiques françaises. Sollicitée sur cette coopération, la DGSE s’est refusée à tout commentaire.

Par ailleurs, Le Monde maintient, sur la base des documents dévoilés par Edward Snowden permettant de décrypter les tableaux d’interceptions de données téléphoniques et numériques à travers le monde, qu’il s’agit d’opérations « contre » un pays nommé. Dans ce cas précis, la France.

Un haut responsable du renseignement français, joint, mercredi matin, a admis, sous couvert d’anonymat, l’existence de « ces échanges de données ». Il a néanmoins démenti « catégoriquement » que la DGSE puisse transférer « 70,3 millions de données à la NSA ».

LE MONDE | 30.10.2013 à 12h51
Par Jacques Follorou

Find this story at 30 October 2013

© Le Monde.fr

Le général Keith Alexander, le chef de la NSA, a mis en cause, mardi 29 octobre lors d’une audition devant la Chambre des représentants, les informations publiées par plusieurs journaux européens, dont Le Monde, sur la surveillance exercée par l’agence de renseignement dans leurs pays respectifs.

Que disent les autorités américaines ?

Selon Keith Alexander, les informations publiées par plusieurs journaux européens sont fondées sur des documents qui n’ont pas été “compris”.

A l’instar du général américain, des sources anonymes ont affirmé au Wall Street Journal que ces documents, sur lesquels se sont appuyés les journaux européens, ne montrent pas des données interceptées par la NSA au sein de ces pays, mais des informations captées par les services de renseignement européens eux-mêmes, à l’extérieur de leurs frontières.

D’où vient ce document ?

DOCUMENT

Le document sur lequel Le Monde s’est appuyé pour ses révélations fait partie des documents exfiltrés de la NSA par l’ancien sous-traitant de l’agence Edward Snowden, auxquels nous a donné accès notre collaboration avec Glenn Greenwald.

Il est issu d’un logiciel, Boundless Informant, qui agrège et organise les données contenues dans les innombrables bases de données de la NSA et permet aux analystes de l’agence d’en avoir un aperçu en quelques clics. Son existence, ainsi que la carte du monde qui en est tirée et montre l’ampleur des données collectées pour chaque pays, a été révélée par le Guardian en juin.

Ce logiciel permet aussi d’afficher un récapitulatif par pays des données le concernant. C’est le cas du document reproduit par Le Monde, sur lequel nous nous sommes fondés pour évoquer le chiffre de près de 70,3 millions de données téléphoniques interceptées.

C’est également ce type de document que El Mundo en Espagne, L’Espresso en Italie et, avant eux, Der Spiegel en Allemagne ont utilisé pour étayer leurs révélations sur la surveillance.

Que montre-t-il ?

Le document montre clairement que 70 271 990 données téléphoniques concernant la France ont été incorporées dans les bases de données de l’agence entre le 10 décembre 2012 et le 8 janvier 2013.

Pour s’y retrouver dans les nombreux “tuyaux” qui lui fournissent les données, la NSA utilise une nomenclature spécifique. Ainsi, au bas du document que nous reproduisons, on apprend que le “canal” “US-985D” – celui qui fournit l’ensemble des 70 millions de données françaises – est alimenté via deux outils techniques : “DRTBOX” et “WHITEBOX”. Le premier se taille la part du lion en récoltant près de 89 % des données affichées sur le document.

Extratit du document obtenu par “Le Monde”

Qu’est-ce qui reste flou ?

Selon la version défendue par les sources anonymes du Wall Street Journal et par Keith Alexander, ce document ne montre pas des données de Français interceptées par la NSA, mais des informations collectées par la France et ses services, en dehors du territoire hexagonal et visant avant tout des cibles non françaises. Autrement dit, les données sont-elles fournies par la France, ou sont-elles issues d’une surveillance de la France ? L’intitulé du document – “France, 30 derniers jours” – ne permet pas de trancher.

Extrait d’un document obtenu par “Le Monde”

L’existence des deux techniques d’interception “DRTBOX” et “WHITEBOX” pourrait accréditer l’existence d’un partenariat avec les services français, dont les informations du Monde fournissent la preuve.

Mais un document d’aide destiné aux analystes de la NSA répondant à leurs questions sur Boundless Informant permet, sinon de contredire, au moins de fortement nuancer l’hypothèse de la NSA, accréditant les informations du Monde. Publié par le site du Guardian en juin, il précise à plusieurs reprises que les informations qui y sont affichées sont issues de collecte “contre” les pays spécifiés.

Le document explique par exemple qu'”un clic sur un pays [depuis la carte] montre la posture de collecte (…) contre ce pays en particulier”.

Extrait d’un document publié par le “Guardian”. Le surlignage a été effectué par le “Monde”.

Ailleurs, le document précise que “l’outil [Boundless Informant] permet à ses utilisateurs de selectionner un pays [ainsi que] les détails de la collecte contre ce pays”, est-il ainsi écrit. La question “combien de données sont collectées contre un pays en particulier ?” figure, elle, dans les exemples de requêtes que peuvent formuler les analystes dans le logiciel. Enfin, il est fait mention des “capacités de collecte de la NSA” que les analystes peuvent évaluer grâce à Boundless Informant.

Extrait d’un document publié par le “Guardian”. Le surlignage a été effectué par le “Monde”.

Comme Le Monde l’a écrit lors de ses révélations, les modalités techniques précises et le périmètre de cette surveillance sont inconnus.

Pourquoi les autorités américaines démentent-elles aujourd’hui ?
Il y a plusieurs semaines déjà, des médias partenaires de M. Greenwald ont utilisé des documents similaires à celui reproduit par Le Monde. Lorsque le Spiegel annonce que 500 millions de communications de citoyens allemands sont surveillées, il le fait en se fondant notamment sur un document issu de Boundless Informant. A l’époque, la NSA n’a ni commenté ni démenti ces informations.

De fait, ce démenti public formulé par Keith Alexander intervient alors que la pression politique, domestique et internationale, s’est considérablement accrue sur son agence.

Notons enfin que les informations concernant la surveillance d’intérêts économiques hexagonaux, tout comme celle d’importants diplomates, n’a pas été démentie par le chef de l’agence de renseignement américaine.

Le Monde.fr | 30.10.2013 à 18h39
Par Martin Untersinger

Find this story at 30 October 2013

© Le Monde.fr