As NSA director General Keith Alexander blasts the leaks that exposed widespread surveillance of Americans, we’re joined by Chris Pyle, a former military instructor who exposed the CIA and Army’s monitoring of millions of Americans in the 1970s. Pyle discovered the Army and CIA were spying on millions of Americans engaged in lawful political activity while he was in the Army working as an instructor. His revelations prompted Senate hearings, including Senator Frank Church’s Select Committee on Intelligence, ultimately leading to a series of laws aimed at curbing government abuses. Now teaching constitutional law and civil liberties at Mount Holyoke College, Pyle says the NSA is known for attacking its critics instead of addressing the problems they expose.
Transcript

This is a rush transcript. Copy may not be in its final form.

JUAN GONZÁLEZ: We want to go on to the National Security Agency director, General Keith Alexander, who testified before Congress Wednesday, a week after a trove of secret documents about his agency’s widespread surveillance program stunned the nation and sparked heated debate. During his testimony, Alexander denied claims he has personal wiretapping abilities at the agency and insisted phone data collection has helped prevent dozens of terrorist attacks. He refused to publicly answer questions about how the NSA had made the transition to collecting phone records of Americans. Alexander also said he hoped for greater transparency around the surveillance programs, but he argued some secrecy helps the agency’s mission. He was also asked about the impact of the NSA leaks. This was his response.

GEN. KEITH ALEXANDER: Great harm has already been done by opening this up. And the consequence, I believe, is our security is jeopardized. There is no doubt in my mind that we will lose capabilities as a result of this and that not only the United States, but those allies that we have helped, will no longer be as safe as they were two weeks ago. And so, I am really concerned about that. I’m also concerned that, as we go forward, we now know that some of this has been released. So what does it make sense to explain to the American people so they have confidence that their government is doing the right thing? Because I believe we are, and we have to show them that.

JUAN GONZÁLEZ: The disclosure of the secret NSA surveillance program was based on information leaked by Edward Snowden, a former CIA employee who most recently worked inside the NSA’s Hawaii office for the private firm Booz Allen Hamilton. In an exclusive interview with the South China Morning Post, Snowden said, quote, “I’m neither traitor nor hero, I’m an American.” He also said he intends to stay in Hong Kong until he’s asked to leave, and he intends to fight any extradition attempts by the U.S. government. Snowden also told the paper, quote, “People who think I made a mistake in picking [Hong Kong] as a location misunderstand my intentions. I am not here to hide from justice; I am here to reveal criminality.”

AMY GOODMAN: Well, for more, we’re joined by Christopher Pyle, who first exposed domestic spying in the 1970s here in the U.S. Pyle discovered the CIA was spying on millions of Americans engaged in lawful activity while he was in the Army and worked as an instructor. After he left, he wrote about the Army’s vast and growing spy operations. His article from 1971 began, quote, “For the past four years, the U.S. Army has been closely watching civilian political activity within the United States.” Pyle’s story prompted Senate hearings, including Senator Frank Church’s Select Committee on Intelligence. These ultimately led to a series of laws aimed at curbing government abuse. Chris Pyle is the co-author of Military Surveillance of Civilian Politics, Getting Away with Torture and The Constitution Under Siege. He now teaches constitutional law and civil liberties at Mount Holyoke College and recently wrote a piece headlined, “Edward Snowden and the Real Issues.” He joins us from Chicopee, Massachusetts.

Welcome to Democracy Now!, Professor Pyle. Talk about what you feel those real issues are. But before you do, explain what happened to you, how it was you revealed in the early ’70s what was going on in the military.

CHRISTOPHER PYLE: I received a briefing at the U.S. Army Intelligence Command that showed me the extent of the surveillance system. There were about 1,500 Army agents in plain clothes watching every demonstration in the United States of 20 people or more. There was also a records system in a giant warehouse on about six million people. I disclosed the existence of that surveillance and then recruited 125 of the Army’s counterintelligence agents to tell what they knew about the spying to Congress, the courts and the press. As a result of those disclosures and the congressional hearings, the entire U.S. Army Intelligence Command was abolished. This was before Watergate.

JUAN GONZÁLEZ: And, Professor Pyle, did you, at that time, suffer any repercussions from your willingness to step forward and reveal what was going on to Congress?

CHRISTOPHER PYLE: Well, two things happened. The Army created a 50-man unit in the Pentagon whose sole job was to discredit my disclosures. That effort failed: The disclosures were all quite accurate. I was also put on President Nixon’s enemies list, which resulted in a tax audit.

AMY GOODMAN: Christopher Pyle, let’s turn for a minute to the Church Committee’s special Senate investigation of government misconduct, which you played a key role in the mid-’70s, U.S. Senate committee chaired by Democratic Senator Frank Church of Idaho, who conducted a massive investigation of the CIA and FBI’s misuse of power at home and abroad, the multi-year investigation examining domestic spying, the CIA’s attempts to assassinate foreign leaders, the FBI and CIA’s efforts to infiltrate and disrupt leftist organizations, and a lot more. This is Senator Frank Church speaking during one of the committee’s hearings.

SEN. FRANK CHURCH: You have seen today the dark side of those activities, where many Americans who were not even suspected of crime were not only spied upon, but they were harassed, they were discredited and, at times, endangered.

AMY GOODMAN: And this is another clip from the Church Committee Senate hearing. This is CIA Director William Colby testifying. He was asked if he found the work of the committee unwelcome.

WILLIAM COLBY: No, I do not. I’ve—as I’ve said to the chairman, I welcome the chance to try to describe to the American people what intelligence is really about today. It’s a—it is an opportunity to show how we Americans have modernized the whole concept of intelligence.

AMY GOODMAN: That was then-CIA Director William Colby. So, if you would, Chris Pyle, take this forward, from what came out of the Church Committee hearings, that started with your exposé from being a military whistleblower, to what you’re seeing today with Edward Snowden.

CHRISTOPHER PYLE: Well, what we’ve seen in the ensuing years has been a vast explosion in intelligence-gathering capabilities. But the most significant part of that is the fact that civilian corporations are now doing the government’s work. Seventy percent of the intelligence budget of the United States today goes to private contractors like Booz Allen, which employed Edward Snowden. This is a major change in the power of surveillance. It now goes not only to the government, but to private corporations.

JUAN GONZÁLEZ: Well, you seem—in a recent article, you seem to raise what you think are the real issues in these Snowden leaks. You mention, one, the inability of Congress to actually do legitimate oversight over intelligence. You say that the secrecy system is out of control. And you also say that the system is also profoundly corrupt because of all this use of private contractors who make huge amounts of money that no one can actually hold them accountable for. Could you talk about those issues?

CHRISTOPHER PYLE: Yes. The forerunner of the PRISM system that Snowden disclosed was called Trailblazer. It wasted $1 billion on private contracts. It replaced a much less expensive system called ThinThread, which had more privacy protections and had been developed inside the government. Now, the reason that private contractors get this business is because members of Congress intercede with them with government agencies. And we now have a situation where members of the Intelligence Committee and other committees of Congress intercede with the bureaucracy to get sweetheart contracts for companies that waste taxpayers’ money and also violate the Constitution and the privacy of citizens. This is a very serious situation, because it means that it’s much more difficult to get effective oversight from Congress.

AMY GOODMAN: I wanted to go back to the Senate Appropriation Committee hearing with the NSA director, General Keith Alexander, defending the phone surveillance practices exposed by Edward Snowden.

GEN. KEITH ALEXANDER: I thought the great part about this program was that we brought Congress, the administration and the courts all together. We did that. That’s what our government stands for, under the same Constitution. We follow that Constitution. We swear an oath to it. So I am concerned, and I think we have to balance that. I will not—I would rather take a public beating and people think I’m hiding something than to jeopardize the security of this country.

AMY GOODMAN: Professor Pyle, could you respond?

CHRISTOPHER PYLE: Well, we all want to protect the security of the country. We all want to protect the Constitution. But when government agencies are totally unaccountable, we can’t do that. Members of Congress do not go to those briefings, even if they’re offered, because once you go to the briefing, then you can’t talk about what you’ve been told, because it’s classified. So the briefing system is designed to silence Congress, not to promote effective oversight.

Members of Congress don’t want to spend time on oversight. They’re too busy raising money. New members of the House of Representatives this winter were told by the Democratic Campaign Committee that they should spend between four and six hours a day dialing for dollars. They have no time to do the public’s business. They’re too busy begging for money. President Obama himself attended 220 fundraisers last year. Where does he get the time to be president when he’s spending so much time asking wealthy people for money to support his campaign?

JUAN GONZÁLEZ: Well, Chris Pyle, in Wednesday’s Senate hearing, Senator Dick Durbin asked NSA director, General Keith Alexander, why someone like Booz Allen employee Edward Snowden was in a position in which he had access to the classified information he leaked.

SEN. DICK DURBIN: He was a high school dropout. He was a community college dropout. He had a GED degree. He was injured in training for the U.S. Army and had to leave as a result of that. And he took a job as a security guard for the NSA in Maryland. Shortly thereafter, he took a job for the CIA in what is characterized as IT security in The Guardian piece that was published. At age 23, he was stationed in an undercover manner overseas for the CIA and was given clearance and access to a wide—a wide array of classified documents. At age 25, he went to work for a private contractor and most recently worked for Booz Allen, another private contractor working for our government. I’m trying to look at this résumé and background—it says he ended up earning somewhere between $122,000 and $200,000 a year. I’m trying to look at the résumé background for this individual who had access to this highly classified information at such a young age, with a limited educational and work experience, part of it as a security guard, and ask you if you’re troubled that he was given that kind of opportunity to be so close to important information that was critical to the security of our nation?

GEN. KEITH ALEXANDER: I do have concerns about that, over the process, Senator. I have grave concerns over that, the access that he had, the process that we did. And those are things that I have to look into and fix from my end, and that across the intel community, Director Clapper said we’re going to look across that, as well. I think those absolutely need to be looked at. I would point out that in the IT arena, in the cyber-arena, some of these folks have tremendous skills to operate networks. That was his job, for the most part, from the 2009-’10, was as an IT, a system administrator within those networks. He had great skills in that areas. But the rest of it, you’ve hit on—you’ve hit on the head. We do have to go back and look at these processes, the oversight in those—we have those—where they went wrong, and how we fix those.

JUAN GONZÁLEZ: That was NSA director, General Keith Alexander, speaking before the Senate on Wednesday. Well, in 2012, General Alexander spoke at DEF CON, the annual hacker convention. During his speech, Alexander tried to court hackers to work at the National Security Agency. The third bullet on his PowerPoint presentation that he refers to is privacy and civil liberties must be protected.

GEN. KEITH ALEXANDER: I think the third bullet down is what we really want to do is innovate freedom, how we’re going to look at where we take this next. This is a great opportunity for not only our nation, but for the world. And, you know, one of the things that I’m really proud of saying is, when you look at Vint Cerf and the others, we’re the ones who helped develop, we’re the ones who built this Internet. And we ought to be the first ones to secure it. And I think you folks can help us do that.

JUAN GONZÁLEZ: That was General Keith Alexander speaking in 2012 at DEF CON. For our radio listeners, I should note that he was in a black T-shirt and wearing jeans as he spoke to the hackers. Chris Pyle, your response?

CHRISTOPHER PYLE: Well, it’s true. NSA doesn’t want to hire people like you and me. We don’t know enough about the Internet. That said, it’s important to note that the vice chairman of Booz Allen happens to be Mike McConnell, who was former director of NSA and of national intelligence. There is a revolving door between high government positions and private corporations, and this revolving door allows these people to make a great deal more money upon leaving the government, and then being rented back to the government in a contractor capacity. And that’s part of the corruption of the system.

JUAN GONZÁLEZ: Now, one of the things you’ve also said is that the top-secret designation is a way to—is more of a way for the government officials, the bureaucrats and the contractors not to be held accountable than it is to actually protect secrets that the government needs to protect. Could you expand on that?

CHRISTOPHER PYLE: Well, yes. The Fourth Amendment of the Constitution, which protects us from unreasonable searches and seizures, only binds the government, doesn’t bind corporations. That’s a serious problem. The reason we have privatization of prisons, in some ways, is for governments to escape liability. They put the liability on the private corporations that run the prisons, and they just charge their liabilities as an operating cost.

AMY GOODMAN: Chris Pyle, the attack on Edward Snowden—I mean, you’ve got the pundits. What Jeffrey Toobin, the legal pundit, quickly blogged: Snowden is “a grandiose narcissist who deserves to be in prison.” Thomas Friedman writes, “I don’t believe [that] Edward Snowden, the leaker of all this secret material, is some heroic whistle-blower.” David Brooks says, “Though obviously terrifically bright, he could not successfully work his way through the institution of high school. Then he failed to navigate his way through community college.” That’s the pundits. And then, of course, there’s the NSA. Can you talk about the attack on the whistleblower today and back when you were blowing the whistle?

CHRISTOPHER PYLE: Well, when I was blowing the whistle and they couldn’t get any dirt on me—I had led a very uninteresting life—they made up dirt and tried to peddle it on Capitol Hill in order to discredit me and prevent me from testifying before Senator Ervin’s Subcommittee on Constitutional Rights. Every bureaucracy hates dissenters. They must expel dissenters and discredit dissenters, because dissenters force them to reconsider what it is they’re doing, and no bureaucracy wants anybody to interrupt what they’re doing. And so, this is the natural, organic response of any bureaucracy or any establishment.

Now, I think it is inappropriate and quite irrelevant to analyze Ed Snowden’s motivations. It doesn’t matter much—except in court, to prove that he either did or did not intend to aid a foreign power or hurt the United States. But separate from that motivation, whether he’s a narcissist, like many people on television are, no, I don’t think that’s relevant at all. He’s neither a traitor nor a hero, and he says this himself. He’s just an ordinary American. He’s trying to start a debate in this nation over something that is critically important. He should be respected for that, taken at face value, and then we should move on to the big issues, including the corruption of our system that is done by massive secrecy and by massive amounts of money in politics.

AMY GOODMAN: Chris Pyle, we want to thank you for being with us, co-author of Military Surveillance of Civilian Politics, Getting Away with Torture and The Constitution Under Siege. In 1970, Christopher Pyle disclosed the military’s spying on civilians and worked for three congressional committees to end it, including Frank Church’s Select Committee on Intelligence. He now teaches constitutional law and civil liberties at Mount Holyoke College in South Hadley, Massachusetts. This is Democracy Now! Back in a minute.

Thursday, June 13, 2013

Find this story at 13 June 2013

The original content of this program is licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License. Please attribute legal copies of this work to democracynow.org. Some of the work(s) that this program incorporates, however, may be separately licensed. For further information or additional permissions, contact us.

PRISM appears to be a response to overseas data centers and Internet services’ increasing encryption of email.

WASHINGTON — Operating under secret court orders, the National Security Agency has access to a large segment of U.S. and global Internet traffic, allowing the giant spy agency to intercept specific information for counter-terrorism and foreign intelligence purposes, according to current and former intelligence officials.

News leaks this week revealed a highly classified NSA program code-named PRISM that allows it to mine data from domestic Internet and social media companies under certain circumstances. But PRISM is part of a much larger evolving effort by the intelligence agency to scoop up as much Internet traffic as possible, the officials said.

Most Internet data moves through fiber-optic cables in the United States, and the NSA physically intercepts much of it through equipment installed at telecommunications facilities, or from undersea cables.

But two trends have forced the NSA to adapt in recent years. Google and other major U.S.-based Internet providers have built computer server farms and data centers abroad. In addition, an increasing amount of digital traffic, including Google’s Gmail service, is encrypted to ensure privacy and to thwart cyber-theft.

The 6-year-old PRISM program appears to be a response to those developments. The agency can access emails, video and other data directly from the companies, U.S. officials said. It’s far simpler than tapping computer lines overseas or trying to decrypt emails.

It’s “the easy way,” a former senior NSA official said. “It’s also the complete way. You don’t have to worry about missing anything.”

U.S. officials denied Friday that the NSA had direct access to Internet company servers or their data streams, challenging published reports on the PRISM program. The officials said the NSA needs a surveillance court order to obtain bulk data, and must notify the companies.

The NSA was chartered to collect foreign intelligence. But as a general matter, surveillance on the Internet makes it difficult to cull Americans from the data stream and only focus on foreigners.

“You can set up a wiretap between Minsk and Pinsk and get Americans,” said Stewart Baker, a former NSA general counsel who was not briefed on the PRISM program.

The NSA reportedly seeks to “minimize,” or disregard, data on U.S. citizens that it is not authorized to collect. However, the agency has wide leeway under laws passed since Sept. 11, 2001, to target individual Americans if it can convince the Foreign Intelligence Surveillance Court that there is probable cause to believe the individual has terrorist links.

Under the court orders, Internet companies turn over data that meet so-called validated selectors chosen by the intelligence community. Those could be phone numbers, email addresses or other data that suggest a terrorist tie-in or foreign espionage.

A similar legal structure is used for the giant archive of telephone company records that the NSA has assembled since at least 2007. The trove includes toll records for every local call in the United States, as well as those to or from overseas numbers. But officials said a separate court order is required to utilize the vast database in any given investigation.

If the validated selectors show, for example, that an American is in contact with militants in Pakistan, the NSA could then use a warrant to obtain the American’s emails and other digital communications as well as permission to eavesdrop on phone calls.

“If it hits on that person’s communication, and I have been in communication with that person, then it’s likely that my phone number or email address will be pulled out,” the former official said. At some point, the FBI would go back to the surveillance court and seek a more specific warrant.

On Friday, two Democrats who serve on the Senate intelligence committee, Mark Udall of Colorado and Ron Wyden of Oregon, disputed claims by Obama administration officials that collecting Americans’ phone records had helped thwart terrorist attacks.

“After years of review, we believe statements that this very broad Patriot Act collection has been a critical tool in protecting the nation do not appear to hold up under close scrutiny,” they said in a joint statement.

ken.dilanian@latimes.com

Times staff writer Chris O’Brien in San Francisco contributed to this report.

June 07, 2013|By Ken Dilanian, Washington Bureau

Find this story at 7 June 2013

Copyright 2013 Los Angeles Times

It is not just personal information that is being swept into the National Security Agency’s (NSA) massive databases. It is corporate data as well

It is not just personal information that is being swept into the National Security Agency’s (NSA) massive databases. It is corporate data as well. And that could cause some serious international blowback for the US, both politically and economically.

According to a number of security experts, the U.S. surveillance state –exposed more officially than ever before by former NSA consultant Edward Snowden — will likely undercut the U.S.’s role and influence in Internet governance.

Ron Deibert, a professor of political science at the University of Toronto, wrote last week on the CNN website that, “there are unintended consequences of the NSA scandal that will undermine U.S. foreign policy interests – in particular, the ‘Internet Freedom’ agenda espoused by the US State Department and its allies.

“The revelations that have emerged will undoubtedly trigger a reaction abroad as policymakers and ordinary users realize the huge disadvantages of their dependence on US-controlled networks in social media, cloud computing, and telecommunications, and of the formidable resources that are deployed by US national security agencies to mine and monitor those networks,” Deibert wrote.

Bruce Schneier, CTO at BT and author/security guru, agreed. He linked to Deibert’s article on his own blog, adding, “Now, when countries like Russia and Iran say the U.S. is simply too untrustworthy to manage the Internet, no one will be able to argue.”

“We can’t fight for Internet freedom around the world, then turn around and destroy it back home.”

The revelations also pose an economic problem for US cloud providers on the international market. Richard Stiennon, chief research analyst at IT-Harvest, wrote in Forbes that this kind of, “vast foreign and domestic spying & threatens the global competitiveness of US tech companies.”

Stiennon wrote that since 2006, when making presentations outside the US, he has always been asked if the U.S. is reading foreigners’ email.

“Answers that allude to ‘protections from abuse’ and ‘oversight’ now seem specious,” he wrote. “From this week forward a universal suspicion has transformed into acknowledged fact. Yes, US government agencies are reading email, tracking phone calls, and monitoring all communications.”

It would seem that any savvy cloud customers in other parts of the world would have already been aware for years of the NSA’s data collection. Former longtime NSA employee William Binney has been talking about it for more than a decade, the agency’s capabilities have been widely reported in the mainstream and technology press and even members of Congress have hinted at it at least since 2009.

But Brian Honan, of BH consulting and also a board member of the UK & Ireland chapter of the Cloud Security Alliance, said that, “reassurances from both the providers and US government officials may have allayed to some extent some of those concerns. However the recent revelations about the alleged extent of the surveillance have undermined completely those reassurances.”

The “denials” coming from cloud providers are not much reassurance either. Kerri Catalozzi, speaking for Amazon, said by email that the company “is not participating in PRISM (an NSA program that reportedly has agreements to collect data from nine Internet companies).”

That is likely true: Amazon was not among the companies listed in a leaked PowerPoint presentation. But nonparticipation in PRISM offers no guarantee that data isn’t being collected.

The response was similar from Salesforce.com – spokesman Chi Hea Cho emailed a statement that, “nothing is more important to salesforce.com than the privacy and security of our customers’ data. We are not involved in the PRISM program, and we do not provide any governments with direct access to Salesforce servers.”

But “direct access” does not mean no access. As a number of analysts have pointed out, the data could come indirectly to the government, through a third party.

Honan said European companies using services from US Internet companies must now be concerned about whether they are in breach of EU Data Protection laws. Those laws require companies to, “ensure only authorized personnel have access to any personal information of individuals. The fact that US government agencies may be accessing this data could result in many European organizations being unable to satisfy their data protection obligations,” he said.

While US cloud providers are not saying if they are having trouble either gaining or holding international customers, Honan said he has talked with cloud providers based in the EU, “and they have told me they have seen an increase in sales inquiries.”

Stiennon wrote that there has been a level of distrust for a while.

“Email archiving services such as ProofPoint could not sell to even Canadian customers without building local infrastructure. Even establishing separate data centers in Canada and Europe is not enough to assure customers that their data would forever stay out of the grasp of US intelligence services.”

The recent revelations, he said, will only make things more difficult.

In an interview, Stiennon said the only way for U.S. cloud providers to bridge the current trust gap is to, “adjust their delivery model to a zero-trust mode. In this model the provider encrypts everything and does not even have the keys. Those are left to the customer to store and manage.”

And that, he noted, will only work for, “pure cloud providers. Google and Facebook have models that need access to that data to tailor ad delivery.”

Politically, he said, it will be a very tough sell.

“It would take a rollback of the surveillance state to deflect this avalanche. Once trust is betrayed, it takes a complete reversal of course to get it back. The US would have to become the privacy state, and demonstrate the absence of surveillance.”

Honan said he knows US Internet companies have to comply with legal requests for information from the government. But, he said they could reassure their international clients by, “being more transparent regarding the requests they get from the government agencies. As an industry these companies should also consider lobbying the government on how to balance the need of their clients with the security demands of the government.”

By Taylor Armerding, Framingham | Thursday, 20 June, 2013

Find this story at 20 June 2013
© Fairfax Media Business Group Fairfax New Zealand Limited, 2013 Privacy Policy

Foreign ministry spokesman shrugs off ‘groundless accusations’ by Australian media that Chinese hackers stole Asio blueprints

China has shrugged off allegations by Australian media that Chinese hackers have stolen the blueprints for the new Australian spy headquarters.

“China pays high attention to cybersecurity issues, and is firmly apposed to all forms of hacker attacks,” foreign ministry spokesman Hong Lei said at a regular press briefing on Tuesday afternoon. “Groundless accusations will not help solve this issue.”

The response came amid separate allegations that Chinese hackers had compromised some of the US’s most advanced weapons systems designs.

According to a classified report prepared for the Pentagon, the breaches compromised more than two dozen weapon designs for highly advanced missiles, fighter jets, helicopters and combat ships, the Washington Post reported.

Designs believed to have been compromised include those for the advanced Patriot missile system, the Black Hawk helicopter, and the $1.4tn F-35 Joint Strike Fighter, the most expensive weapons system ever built.

While the Defence Science Board, a senior advisory group that prepared the report, did not explicitly accuse the Chinese of stealing the designs, “senior military and industry officials with knowledge of the breaches said the vast majority were part of a widening Chinese campaign of espionage against US defence contractors and government agencies,” the Washington Post reported.

“In many cases, [the defence contractors] don’t know they’ve been hacked until the FBI comes knocking on their door,” an unidentified senior military official told the newspaper. “This is billions of dollars of combat advantage for China. They’ve just saved themselves 25 years of research and development. It’s nuts.”

In Canberra, the Australian foreign minister, Bob Carr, said claims that Chinese hackers stole top-secret blueprints of the Australian spy agency Asio’s new headquarters would not threaten bilateral ties.

Carr refused to confirm ABC reports that the cyber-attack netted documents containing details of the building’s floor plan, communications cabling layouts, server locations and security systems.

Concern has been rising over state-sponsored hacking emanating from China, with further allegations that its cyberspies have recently obtained sensitive Australian military secrets and foreign affairs documents.

Carr said the government was “very alive” to emerging cybersecurity threats but refused to confirm the ABC’s specific claims on Tuesday.

“I won’t comment on matters of intelligence and security for the obvious reason: we don’t want to share with the world and potential aggressors what we know about what they might be doing, and how they might be doing it,” he said.

The Australian prime minister, Julia Gillard, referred in parliament on Tuesday to “these inaccurate reports” without elaborating on which elements of the reports were wrong.

George Brandis, a senator with the opposition Liberal party, said on Wednesday that he had received a confidential briefing from Asio officials and the report was accurate. The Australian newspaper reported that the plans were stolen three years ago and no longer posed a threat to the operations of Australia’s main spy agency.

The Asio building’s construction had been plagued by delays and ballooning cost, with builders blaming late changes made to the internal design in response to cyber-attacks.

Chinese telecommunications giant Huawei was last year barred from bidding for construction contracts on the national broadband network amid fears of cyber-espionage.

Jonathan Kaiman in Beijing
guardian.co.uk, Wednesday 29 May 2013 03.10 BST

Find this story at 29 May 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

ABC Television says secret data stolen in major cyber attack on foreign affairs office housing overseas spy agency.

Carr says Australia’s relationship with China will not be damaged by the hacking allegations [Getty Images]

Chinese hackers have reportedly stolen plans for a new $600m Australian spy headquarters as part of a growing wave of cyber attacks against business and military targets of the US ally.

The hackers also stole confidential information from the Department of Foreign Affairs and Trade, which houses the overseas spy agency the Australian Secret Intelligence Service, Australia’s ABC Television said late on Monday.

The ABC report, which did not name sources, said that Chinese hackers had targeted Australia-based companies more aggressively than previously thought, including steel-manufacturer Bluescope Steel, and military and civilian communications manufacturer Codan.

The influential Greens party said on Tuesday that the reported hacking was a “security blunder of epic proportions” and called for an inquiry.

“I think there can be a proper investigation, an independent investigation, into this sorry saga of the ASIO building,” Christine Milne, head of the Greens party, said.

However, the Australian government has refused to comment directly on the allegations.

Relationship ‘not damaged’

Bob Carr, Australia’s foreign minister, said that the report would not damage the country’s ties with its biggest trade partner China.
David Vaile, of the University of New South Wales, talks about the implications of the latest hacking attack.

“I won’t comment on whether the Chinese have done what is being alleged or not,” he said.

“I won’t comment on matters of intelligence and security for the obvious reason: we don’t want to share with the world and potential aggressors what we know about what they might be doing, and how they might be doing it.”

The report follows several other hacking attacks on government facilities in the past two years.

The attack through the computers of a construction contractor exposed building layouts and the location of communication and computer networks, the ABC said.

The ASIO building, being built near the location of Australia’s top-secret Defence Signals Directorate, is supposed to have some of the most sophisticated hacking defences in the country, which is part of a global electronic intelligence gathering network including the US and the UK.

But its construction had been plagued by delays and cost blowouts, with some builders blaming late changes made to the internal design in response to cyber attacks.

Security priority

Australian officials, like those in the US and other Western nations, have made cyber attacks a security priority following a growing number of attacks of the resource rich country, mostly blamed on China.

Chinese telecommunications giant Huawei was barred last year from bidding for construction contracts on a new Australian high-speed broadband network amid fears of cyber espionage.

The Reserve Bank of Australia said in March that it had been targeted by cyber attacks, but no data had been lost or systems compromised amid reports that the hackers had tried to access intelligence on Group of 20 wealthy nations negotiations.

In the US, the Pentagon’s latest annual report on Chinese military developments accused China for the first time of trying to break into US defence networks, calling it “a serious concern”.

China has dismissed as groundless both the Pentagon report and a February report by the US computer security company Mandiant, which said a secretive Chinese military unit was probably behind a series of hacking attacks targeting the US that had stolen data from 100 companies.

Last Modified: 28 May 2013 06:10

Find this story at 28 May 2013

While debate rages over Australia’s border security, there’s growing evidence that the greatest threat to Australia’s national security potentially comes from foreign computer hackers. Few in government or business will admit the full extent of the break-ins, with one expert calling it a “dirty little secret”.

Next on Four Corners reporter Andrew Fowler reveals that hackers, working from locations overseas, have targeted key Federal Government departments and major corporations in Australia. Their intention is to steal national security secrets and vital business information.

In one case, an Australian company that supplies secret communications equipment used by military across the globe had its computer network hacked. It appears the hackers accessed the system holding vital design information involving a military radio system. The break-in meant secure communications used by Australia’s allies could be compromised.

Speaking with security specialists and insiders, Four Corners also details a number of specific high level break-ins involving Government departments. In each case it explains how the security system might have been breached.

A deafening silence surrounds this issue. Companies won’t speak about the break-ins because they fear it will alarm clients and shareholders. Governments refuse to speak up because inevitably they will be asked, who is doing this? The answer is uncomfortable.

A number of people, including former government advisors in cyber security, claim the digital trail leads to China. Although it’s unclear if the hackers are working for the Chinese Government, those same experts believe that any company doing significant business in China must assume it will be the target of corporate espionage.

HACKED!, reported by Andrew Fowler and presented by Kerry O’Brien, goes to air on Monday 27th May at 8.30pm on ABC1. The program is repeated on Tuesday 28th May at 11.35pm. It can also be seen on ABC News 24 on Saturday at 8.00pm, ABC iview or at abc.net.au/4corners.

By Andrew Fowler and Peter Cronau
Updated May 29, 2013 16:22:00

Find this story at 29 May 2013

© 2013 ABC

Inside Fort Meade, Maryland, a top-secret city bustles. Tens of thousands of people move through more than 50 buildings—the city has its own post office, fire department, and police force. But as if designed by Kafka, it sits among a forest of trees, surrounded by electrified fences and heavily armed guards, protected by antitank barriers, monitored by sensitive motion detectors, and watched by rotating cameras. To block any telltale electromagnetic signals from escaping, the inner walls of the buildings are wrapped in protective copper shielding and the one-way windows are embedded with a fine copper mesh.

This is the undisputed domain of General Keith Alexander, a man few even in Washington would likely recognize. Never before has anyone in America’s intelligence sphere come close to his degree of power, the number of people under his command, the expanse of his rule, the length of his reign, or the depth of his secrecy. A four-star Army general, his authority extends across three domains: He is director of the world’s largest intelligence service, the National Security Agency; chief of the Central Security Service; and commander of the US Cyber Command. As such, he has his own secret military, presiding over the Navy’s 10th Fleet, the 24th Air Force, and the Second Army.

Alexander runs the nation’s cyberwar efforts, an empire he has built over the past eight years by insisting that the US’s inherent vulnerability to digital attacks requires him to amass more and more authority over the data zipping around the globe. In his telling, the threat is so mind-bogglingly huge that the nation has little option but to eventually put the entire civilian Internet under his protection, requiring tweets and emails to pass through his filters, and putting the kill switch under the government’s forefinger. “What we see is an increasing level of activity on the networks,” he said at a recent security conference in Canada. “I am concerned that this is going to break a threshold where the private sector can no longer handle it and the government is going to have to step in.”

In its tightly controlled public relations, the NSA has focused attention on the threat of cyberattack against the US—the vulnerability of critical infrastructure like power plants and water systems, the susceptibility of the military’s command and control structure, the dependence of the economy on the Internet’s smooth functioning. Defense against these threats was the paramount mission trumpeted by NSA brass at congressional hearings and hashed over at security conferences.

But there is a flip side to this equation that is rarely mentioned: The military has for years been developing offensive capabilities, giving it the power not just to defend the US but to assail its foes. Using so-called cyber-kinetic attacks, Alexander and his forces now have the capability to physically destroy an adversary’s equipment and infrastructure, and potentially even to kill. Alexander—who declined to be interviewed for this article—has concluded that such cyberweapons are as crucial to 21st-century warfare as nuclear arms were in the 20th.

And he and his cyberwarriors have already launched their first attack. The cyberweapon that came to be known as Stuxnet was created and built by the NSA in partnership with the CIA and Israeli intelligence in the mid-2000s. The first known piece of malware designed to destroy physical equipment, Stuxnet was aimed at Iran’s nuclear facility in Natanz. By surreptitiously taking control of an industrial control link known as a Scada (Supervisory Control and Data Acquisition) system, the sophisticated worm was able to damage about a thousand centrifuges used to enrich nuclear material.

The success of this sabotage came to light only in June 2010, when the malware spread to outside computers. It was spotted by independent security researchers, who identified telltale signs that the worm was the work of thousands of hours of professional development. Despite headlines around the globe, officials in Washington have never openly acknowledged that the US was behind the attack. It wasn’t until 2012 that anonymous sources within the Obama administration took credit for it in interviews with The New York Times.

But Stuxnet is only the beginning. Alexander’s agency has recruited thousands of computer experts, hackers, and engineering PhDs to expand US offensive capabilities in the digital realm. The Pentagon has requested $4.7 billion for “cyberspace operations,” even as the budget of the CIA and other intelligence agencies could fall by $4.4 billion. It is pouring millions into cyberdefense contractors. And more attacks may be planned.

“We jokingly referred to him as Emperor Alexander, because whatever Keith wants, Keith gets.”

Inside the government, the general is regarded with a mixture of respect and fear, not unlike J. Edgar Hoover, another security figure whose tenure spanned multiple presidencies. “We jokingly referred to him as Emperor Alexander—with good cause, because whatever Keith wants, Keith gets,” says one former senior CIA official who agreed to speak on condition of anonymity. “We would sit back literally in awe of what he was able to get from Congress, from the White House, and at the expense of everybody else.”

Now 61, Alexander has said he plans to retire in 2014; when he does step down he will leave behind an enduring legacy—a position of far-reaching authority and potentially Strangelovian powers at a time when the distinction between cyberwarfare and conventional warfare is beginning to blur. A recent Pentagon report made that point in dramatic terms. It recommended possible deterrents to a cyberattack on the US. Among the options: launching nuclear weapons.

Illustrations by Mark Weaver, John Hyde/Getty Images, Getty Images, Evgeniyozhulay/Getty Images

H
e may be a four-star Army general, but Alexander more closely resembles a head librarian than George Patton. His face is anemic, his lips a neutral horizontal line. Bald halfway back, he has hair the color of strong tea that turns gray on the sides, where it is cut close to the skin, more schoolboy than boot camp. For a time he wore large rimless glasses that seemed to swallow his eyes. Some combat types had a derisive nickname for him: Alexander the Geek.

Born in 1951, the third of five children, Alexander was raised in the small upstate New York hamlet of Onondaga Hill, a suburb of Syracuse. He tossed papers for the Syracuse Post-Standard and ran track at Westhill High School while his father, a former Marine private, was involved in local Republican politics. It was 1970, Richard Nixon was president, and most of the country had by then begun to see the war in Vietnam as a disaster. But Alexander had been accepted at West Point, joining a class that included two other future four-star generals, David Petraeus and Martin Dempsey. Alexander would never get the chance to serve in Vietnam. Just as he stepped off the bus at West Point, the ground war finally began winding down.

In April 1974, just before graduation, he married his high school classmate Deborah Lynn Douglas, who grew up two doors away in Onondaga Hill. The fighting in Vietnam was over, but the Cold War was still bubbling, and Alexander focused his career on the solitary, rarefied world of signals intelligence, bouncing from secret NSA base to secret NSA base, mostly in the US and Germany. He proved a competent administrator, carrying out assignments and adapting to the rapidly changing high tech environment. Along the way he picked up masters degrees in electronic warfare, physics, national security strategy, and business administration. As a result, he quickly rose up the military intelligence ranks, where expertise in advanced technology was at a premium.

In 2001, Alexander was a one-star general in charge of the Army Intelligence and Security Command, the military’s worldwide network of 10,700 spies and eavesdroppers. In March of that year he told his hometown Syracuse newspaper that his job was to discover threats to the country. “We have to stay out in front of our adversary,” Alexander said. “It’s a chess game, and you don’t want to lose this one.” But just six months later, Alexander and the rest of the American intelligence community suffered a devastating defeat when they were surprised by the attacks on 9/11. Following the assault, he ordered his Army intercept operators to begin illegally monitoring the phone calls and email of American citizens who had nothing to do with terrorism, including intimate calls between journalists and their spouses. Congress later gave retroactive immunity to the telecoms that assisted the government.

In 2003, Alexander, a favorite of defense secretary Donald Rumsfeld, was named the Army’s deputy chief of staff for intelligence, the service’s most senior intelligence position. Among the units under his command were the military intelligence teams involved in the human rights abuses at Baghdad’s Abu Ghraib prison. Two years later, Rumsfeld appointed Alexander—now a three-star general—director of the NSA, where he oversaw the illegal, warrantless wiretapping program while deceiving members of the House Intelligence Committee. In a publicly released letter to Alexander shortly after The New York Times exposed the program, US representative Rush Holt, a member of the committee, angrily took him to task for not being forthcoming about the wiretapping: “Your responses make a mockery of congressional oversight.”

Alexander also proved to be militant about secrecy. In 2005 a senior agency employee named Thomas Drake allegedly gave information to The Baltimore Sun showing that a publicly discussed program known as Trailblazer was millions of dollars over budget, behind schedule, possibly illegal, and a serious threat to privacy. In response, federal prosecutors charged Drake with 10 felony counts, including retaining classified documents and making false statements. He faced up to 35 years in prison—despite the fact that all of the information Drake was alleged to have leaked was not only unclassified and already in the public domain but in fact had been placed there by NSA and Pentagon officials themselves. (As a longtime chronicler of the NSA, I served as a consultant for Drake’s defense team. The investigation went on for four years, after which Drake received no jail time or fine. The judge, Richard D. Bennett, excoriated the prosecutor and NSA officials for dragging their feet. “I find that unconscionable. Unconscionable,” he said during a hearing in 2011. “That’s four years of hell that a citizen goes through. It was not proper. It doesn’t pass the smell test.”)

But while the powers that be were pressing for Drake’s imprisonment, a much more serious challenge was emerging. Stuxnet, the cyberweapon used to attack the Iranian facility in Natanz, was supposed to be untraceable, leaving no return address should the Iranians discover it. Citing anonymous Obama administration officials, The New York Times reported that the malware began replicating itself and migrating to computers in other countries. Cybersecurity detectives were thus able to detect and analyze it. By the summer of 2010 some were pointing fingers at the US.

Natanz is a small, dusty town in central Iran known for its plump pears and the burial vault of the 13th-century Sufi sheikh Abd al-Samad. The Natanz nuclear enrichment plant is a vault of a different kind. Tucked in the shadows of the Karkas Mountains, most of it lies deep underground and surrounded by concrete walls 8 feet thick, with another layer of concrete for added security. Its bulbous concrete roof rests beneath more than 70 feet of packed earth. Contained within the bombproof structure are halls the size of soccer pitches, designed to hold thousands of tall, narrow centrifuges. The machines are linked in long cascades that look like tacky decorations from a ’70s discotheque.

To work properly, the centrifuges need strong, lightweight, well-balanced rotors and high-speed bearings. Spin these rotors too slowly and the critical U-235 molecules inside fail to separate; spin them too quickly and the machines self-destruct and may even explode. The operation is so delicate that the computers controlling the rotors’ movement are isolated from the Internet by a so-called air gap that prevents exposure to viruses and other malware.

In 2006, the Department of Defense gave the go-ahead to the NSA to begin work on targeting these centrifuges, according to The New York Times. One of the first steps was to build a map of the Iranian nuclear facility’s computer networks. A group of hackers known as Tailored Access Operations—a highly secret organization within the NSA—took up the challenge.

They set about remotely penetrating communications systems and networks, stealing passwords and data by the terabyte. Teams of “vulnerability analysts” searched hundreds of computers and servers for security holes, according to a former senior CIA official involved in the Stuxnet program. Armed with that intelligence, so-called network exploitation specialists then developed software implants known as beacons, which worked like surveillance drones, mapping out a blueprint of the network and then secretly communicating the data back to the NSA. (Flame, the complex piece of surveillance malware discovered by Russian cybersecurity experts last year, was likely one such beacon.) The surveillance drones worked brilliantly. The NSA was able to extract data about the Iranian networks, listen to and record conversations through computer microphones, even reach into the mobile phones of anyone within Bluetooth range of a compromised machine.

The next step was to create a digital warhead, a task that fell to the CIA Clandestine Service’s Counter-Proliferation Division. According to the senior CIA official, much of this work was outsourced to national labs, notably Sandia in Albuquerque, New Mexico. So by the mid-2000s, the government had developed all the fundamental technology it needed for an attack. But there was still a major problem: The secretive agencies had to find a way to access Iran’s most sensitive and secure computers, the ones protected by the air gap. For that, Alexander and his fellow spies would need outside help.

This is where things get murky. One possible bread crumb trail leads to an Iranian electronics and computer wholesaler named Ali Ashtari, who later confessed that he was recruited as a spy by the Mossad, Israel’s intelligence service. (Israel denied the claim.) Ashtari’s principal customers were the procurement officers for some of Iran’s most sensitive organizations, including the intelligence service and the nuclear enrichment plants. If new computers were needed or routers or switches had to be replaced, Ashtari was the man to see, according to reports from semi-official Iranian news agencies and an account of Ashtari’s trial published by the nonprofit Iran Human Rights Voice.
General Alexander’s Empire
The four-star general presides over a trifecta of intelligence agencies headquartered in Fort Meade, Maryland. Here’s a guide to the alphabet soup of agency and subagency acronyms. —Cameron Bird
Photo: Ann Heisenfelt/Corbis, Illustrations: Jeremy Loyd

NSA

(National Security Agency)

The nation’s largest employer of mathematicians. The Department of Defense created this agency in 1952 to intercept, collect, and decrypt foreign communications. In the past decade, the NSA poured hundreds of millions of dollars into offensive cyberwar R&D.

CSS

(Central Security Service)

Originally envisioned as a fourth branch of the armed services, this organization is now described as a “combat support agency.” It coordinates with the Army, Navy, Coast Guard, Marines, and Air Force to eavesdrop on foreign signals—like tapping into undersea cable or wireless communications.

USCYBERCOM

(US Cyber Command)

Established by the Department of Defense in 2009 to deter cyberattacks—”proactively.” In March, Alexander gave a hint of the command’s mandate to the House Armed Services Committee: “I would like to be clear that this team, this defend-the-nation team, is not a defensive team.”
CAE

(Centers for Academic Excellence)

Launched in 1998, this NSA initiative seeks to increase the number of college students competent in “information assurance.” Last year the agency accredited four universities to lead the way in training the next generation of cyber operators in “collection, exploitation, and response.”
SCS

(Special Collection Service)

A unit whose existence has never been officially acknowledged by the defense establishment. But according to the accounts of an anonymous CIA official, members of the ultra-top-secret group are involved in covert eavesdropping from US embassies around the world.
JFCC-NW

(Joint Functional Component Command for Network Warfare)

Created in 2005 as part of US Strategic Command, which controls the nation’s nuclear arsenal, it played a lead role in promoting the idea of thwarting Iran’s own nuclear ambitions with a cyberattack. Folded into Cybercom in 2010.

He not only had access to some of Iran’s most sensitive locations, his company had become an electronics purchasing agent for the intelligence, defense, and nuclear development departments. This would have given Mossad enormous opportunities to place worms, back doors, and other malware into the equipment in a wide variety of facilities. Although the Iranians have never explicitly acknowledged it, it stands to reason that this could have been one of the ways Stuxnet got across the air gap.

But by then, Iran had established a new counterintelligence agency dedicated to discovering nuclear spies. Ashtari was likely on their radar because of the increased frequency of his visits to various sensitive locations. He may have let down his guard. “The majority of people we lose as sources—who get wrapped up or executed or imprisoned—are usually those willing to accept more risk than they should,” says the senior CIA official involved with Stuxnet. In 2006, according to Iran Human Rights Voice, Ashtari was quietly arrested at a travel agency after returning from another trip out of the country.

The malware targeting Iran replicated and spread to computers in other countries.

In June 2008 he was brought to trial in Branch 15 of the Revolutionary Court, where he confessed, pleaded guilty to the charges, expressed remorse for his actions, and was sentenced to death. On the morning of November 17, in the courtyard of Tehran’s Evin Prison, a noose was placed around Ashtari’s neck, and a crane hauled his struggling body high into the air.

Ashtari may well have been one of the human assets that allowed Stuxnet to cross the air gap. But he was not Israel’s only alleged spy in Iran, and others may also have helped enable malware transfer. “Normally,” says the anonymous CIA official, “what we do is look for multiple bridges, in case a guy gets wrapped up.” Less then two weeks after Ashtari’s execution, the Iranian government arrested three more men, charging them with spying for Israel. And on December 13, 2008, Ali-Akbar Siadat, another importer of electronic goods, was arrested as a spy for the Mossad, according to Iran’s official Islamic Republic News Agency. Unlike Ashtari, who said he had operated alone, Siadat was accused of heading a nationwide spy network employing numerous Iranian agents. But despite their energetic counterintelligence work, the Iranians would not realize for another year and a half that a cyberweapon was targeting their nuclear centrifuges. Once they did, it was only a matter of time until they responded.

Sure enough, in August 2012 a devastating virus was unleashed on Saudi Aramco, the giant Saudi state-owned energy company. The malware infected 30,000 computers, erasing three-quarters of the company’s stored data, destroying everything from documents to email to spreadsheets and leaving in their place an image of a burning American flag, according to The New York Times. Just days later, another large cyberattack hit RasGas, the giant Qatari natural gas company. Then a series of denial-of-service attacks took America’s largest financial institutions offline. Experts blamed all of this activity on Iran, which had created its own cyber command in the wake of the US-led attacks. James Clapper, US director of national intelligence, for the first time declared cyberthreats the greatest danger facing the nation, bumping terrorism down to second place. In May, the Department of Homeland Security’s Industrial Control Systems Cyber Emergency Response Team issued a vague warning that US energy and infrastructure companies should be on the alert for cyberattacks. It was widely reported that this warning came in response to Iranian cyberprobes of industrial control systems. An Iranian diplomat denied any involvement.

The cat-and-mouse game could escalate. “It’s a trajectory,” says James Lewis, a cyber­security expert at the Center for Strategic and International Studies. “The general consensus is that a cyber response alone is pretty worthless. And nobody wants a real war.” Under international law, Iran may have the right to self-defense when hit with destructive cyberattacks. William Lynn, deputy secretary of defense, laid claim to the prerogative of self-defense when he outlined the Pentagon’s cyber operations strategy. “The United States reserves the right,” he said, “under the laws of armed conflict, to respond to serious cyberattacks with a proportional and justified military response at the time and place of our choosing.” Leon Panetta, the former CIA chief who had helped launch the Stuxnet offensive, would later point to Iran’s retaliation as a troubling harbinger. “The collective result of these kinds of attacks could be a cyber Pearl Harbor,” he warned in October 2012, toward the end of his tenure as defense secretary, “an attack that would cause physical destruction and the loss of life.” If Stuxnet was the proof of concept, it also proved that one successful cyberattack begets another. For Alexander, this offered the perfect justification for expanding his empire.

Illustrations by Mark Weaver, SSPL/Getty Images, Getty Images, Daniele Carotenuto/Getty Images

I
n May 2010, a little more than a year after President Obama took office and only weeks before Stuxnet became public, a new organization to exercise American rule over the increasingly militarized Internet became operational: the US Cyber Command. Keith Alexander, newly promoted to four-star general, was put in charge of it. The forces under his command were now truly formidable—his untold thousands of NSA spies, as well as 14,000 incoming Cyber Command personnel, including Navy, Army, and Air Force troops. Helping Alexander organize and dominate this new arena would be his fellow plebes from West Point’s class of 1974: David Petraeus, the CIA director; and Martin Dempsey, chair of the Joint Chiefs of Staff.

Indeed, dominance has long been their watchword. Alexander’s Navy calls itself the Information Dominance Corps. In 2007, the then secretary of the Air Force pledged to “dominate cyberspace” just as “today, we dominate air and space.” And Alexander’s Army warned, “It is in cyberspace that we must use our strategic vision to dominate the information environment.” The Army is reportedly treating digital weapons as another form of offensive capability, providing frontline troops with the option of requesting “cyber fire support” from Cyber Command in the same way they request air and artillery support.

All these capabilities require a giant expansion of secret facilities. Thousands of hard-hatted construction workers will soon begin erecting cranes, driving backhoes, and emptying cement trucks as they expand the boundaries of NSA’s secret city eastward, increasing its already enormous size by a third. “You could tell that some of the seniors at NSA were truly concerned that cyber was going to engulf them,” says a former senior Cyber Command official, “and I think rightfully so.”

In May, work began on a $3.2 billion facility housed at Fort Meade in Maryland. Known as Site M, the 227-acre complex includes its own 150-megawatt power substation, 14 administrative buildings, 10 parking garages, and chiller and boiler plants. The server building will have 90,000 square feet of raised floor—handy for supercomputers—yet hold only 50 people. Meanwhile, the 531,000-square-foot operations center will house more than 1,300 people. In all, the buildings will have a footprint of 1.8 million square feet. Even more ambitious plans, known as Phase II and III, are on the drawing board. Stretching over the next 16 years, they would quadruple the footprint to 5.8 million square feet, enough for nearly 60 buildings and 40 parking garages, costing $5.2 billion and accommodating 11,000 more cyberwarriors.

alexander’s forces are formidable—thousands of NSA spies, plus 14,000 cyber troops.

In short, despite the sequestration, layoffs, and furloughs in the federal government, it’s a boom time for Alexander. In April, as part of its 2014 budget request, the Pentagon asked Congress for $4.7 billion for increased “cyberspace operations,” nearly $1 billion more than the 2013 allocation. At the same time, budgets for the CIA and other intelligence agencies were cut by almost the same amount, $4.4 billion. A portion of the money going to Alexander will be used to create 13 cyberattack teams.

What’s good for Alexander is good for the fortunes of the cyber-industrial complex, a burgeoning sector made up of many of the same defense contractors who grew rich supplying the wars in Iraq and Afghanistan. With those conflicts now mostly in the rearview mirror, they are looking to Alexander as a kind of savior. After all, the US spends about $30 billion annually on cybersecurity goods and services.

In the past few years, the contractors have embarked on their own cyber building binge parallel to the construction boom at Fort Meade: General Dynamics opened a 28,000-square-foot facility near the NSA; SAIC cut the ribbon on its new seven-story Cyber Innovation Center; the giant CSC unveiled its Virtual Cyber Security Center. And at consulting firm Booz Allen Hamilton, where former NSA director Mike McConnell was hired to lead the cyber effort, the company announced a “cyber-solutions network” that linked together nine cyber-focused facilities. Not to be outdone, Boeing built a new Cyber Engagement Center. Leaving nothing to chance, it also hired retired Army major general Barbara Fast, an old friend of Alexander’s, to run the operation. (She has since moved on.)

Defense contractors have been eager to prove that they understand Alexander’s worldview. “Our Raytheon cyberwarriors play offense and defense,” says one help-wanted site. Consulting and engineering firms such as Invertix and Parsons are among dozens posting online want ads for “computer network exploitation specialists.” And many other companies, some unidentified, are seeking computer and network attackers. “Firm is seeking computer network attack specialists for long-term government contract in King George County, VA,” one recent ad read. Another, from Sunera, a Tampa, Florida, company, said it was hunting for “attack and penetration consultants.”

One of the most secretive of these contractors is Endgame Systems, a startup backed by VCs including Kleiner Perkins Caufield & Byers, Bessemer Venture Partners, and Paladin Capital Group. Established in Atlanta in 2008, Endgame is transparently antitransparent. “We’ve been very careful not to have a public face on our company,” former vice president John M. Farrell wrote to a business associate in an email that appeared in a WikiLeaks dump. “We don’t ever want to see our name in a press release,” added founder Christopher Rouland. True to form, the company declined Wired’s interview requests.

Perhaps for good reason: According to news reports, Endgame is developing ways to break into Internet-connected devices through chinks in their antivirus armor. Like safecrackers listening to the click of tumblers through a stethoscope, the “vulnerability researchers” use an extensive array of digital tools to search for hidden weaknesses in commonly used programs and systems, such as Windows and Internet Explorer. And since no one else has ever discovered these unseen cracks, the manufacturers have never developed patches for them.

Endgame hunts for hidden security weaknesses that are ripe for exploitation.

Thus, in the parlance of the trade, these vulnerabilities are known as “zero-day exploits,” because it has been zero days since they have been uncovered and fixed. They are the Achilles’ heel of the security business, says a former senior intelligence official involved with cyberwarfare. Those seeking to break into networks and computers are willing to pay millions of dollars to obtain them.

According to Defense News’ C4ISR Journal and Bloomberg Businessweek, Endgame also offers its intelligence clients—agencies like Cyber Command, the NSA, the CIA, and British intelligence—a unique map showing them exactly where their targets are located. Dubbed Bonesaw, the map displays the geolocation and digital address of basically every device connected to the Internet around the world, providing what’s called network situational awareness. The client locates a region on the password-protected web-based map, then picks a country and city— say, Beijing, China. Next the client types in the name of the target organization, such as the Ministry of Public Security’s No. 3 Research Institute, which is responsible for computer security—or simply enters its address, 6 Zhengyi Road. The map will then display what software is running on the computers inside the facility, what types of malware some may contain, and a menu of custom-designed exploits that can be used to secretly gain entry. It can also pinpoint those devices infected with malware, such as the Conficker worm, as well as networks turned into botnets and zombies— the equivalent of a back door left open.

Bonesaw also contains targeting data on US allies, and it is soon to be upgraded with a new version codenamed Velocity, according to C4ISR Journal. It will allow Endgame’s clients to observe in real time as hardware and software connected to the Internet around the world is added, removed, or changed. But such access doesn’t come cheap. One leaked report indicated that annual subscriptions could run as high as $2.5 million for 25 zero-day exploits.

The buying and using of such a subscription by nation-states could be seen as an act of war. “If you are engaged in reconnaissance on an adversary’s systems, you are laying the electronic battlefield and preparing to use it,” wrote Mike Jacobs, a former NSA director for information assurance, in a McAfee report on cyberwarfare. “In my opinion, these activities constitute acts of war, or at least a prelude to future acts of war.” The question is, who else is on the secretive company’s client list? Because there is as of yet no oversight or regulation of the cyberweapons trade, companies in the cyber-industrial complex are free to sell to whomever they wish. “It should be illegal,” says the former senior intelligence official involved in cyberwarfare. “I knew about Endgame when I was in intelligence. The intelligence community didn’t like it, but they’re the largest consumer of that business.”

Thus, in their willingness to pay top dollar for more and better zero-day exploits, the spy agencies are helping drive a lucrative, dangerous, and unregulated cyber arms race, one that has developed its own gray and black markets. The companies trading in this arena can sell their wares to the highest bidder—be they frontmen for criminal hacking groups or terrorist organizations or countries that bankroll terrorists, such as Iran. Ironically, having helped create the market in zero-day exploits and then having launched the world into the era of cyberwar, Alexander now says the possibility of zero-day exploits falling into the wrong hands is his “greatest worry.”

He has reason to be concerned. In May, Alexander discovered that four months earlier someone, or some group or nation, had secretly hacked into a restricted US government database known as the National Inventory of Dams. Maintained by the Army Corps of Engineers, it lists the vulnerabilities for the nation’s dams, including an estimate of the number of people who might be killed should one of them fail. Meanwhile, the 2013 “Report Card for America’s Infrastructure” gave the US a D on its maintenance of dams. There are 13,991 dams in the US that are classified as high-hazard, the report said. A high-hazard dam is defined as one whose failure would cause loss of life. “That’s our concern about what’s coming in cyberspace—a destructive element. It is a question of time,” Alexander said in a talk to a group involved in information operations and cyberwarfare, noting that estimates put the time frame of an attack within two to five years. He made his comments in September 2011.

By James Bamford06.12.139:00 PM

Illustrations by Mark Weaver, Mike Theiler/Corbis, Enzo Signorelli/Getty Images, Nick Servian/Alamy

Find this story at 12 June 2013

Wired.com © 2013 Condé Nast.

Designs for many of the nation’s most sensitive advanced weapons systems have been compromised by Chinese hackers, according to a report prepared for the Pentagon and to officials from government and the defense industry.

Among more than two dozen major weapons systems whose designs were breached were programs critical to U.S. missile defenses and combat aircraft and ships, according to a previously undisclosed section of a confidential report prepared for Pentagon leaders by the Defense Science Board.

Experts warn that the electronic intrusions gave China access to advanced technology that could accelerate the development of its weapons systems and weaken the U.S. military advantage in a future conflict.

The Defense Science Board, a senior advisory group made up of government and civilian experts, did not accuse the Chinese of stealing the designs. But senior military and industry officials with knowledge of the breaches said the vast majority were part of a widening Chinese campaign of espionage against U.S. defense contractors and government agencies.

The significance and extent of the targets help explain why the Obama administration has escalated its warnings to the Chinese government to stop what Washington sees as rampant cybertheft.

In January, the advisory panel warned in the public version of its report that the Pentagon is unprepared to counter a full-scale cyber-conflict. The list of compromised weapons designs is contained in a confidential version, and it was provided to The Washington Post.

Some of the weapons form the backbone of the Pentagon’s regional missile defense for Asia, Europe and the Persian Gulf. The designs included those for the advanced Patriot missile system, known as PAC-3; an Army system for shooting down ballistic missiles, known as the Terminal High Altitude Area Defense, or THAAD; and the Navy’s Aegis ballistic-missile defense system.

Also identified in the report are vital combat aircraft and ships, including the F/A-18 fighter jet, the V-22 Osprey, the Black Hawk helicopter and the Navy’s new Littoral Combat Ship, which is designed to patrol waters close to shore.

Also on the list is the most expensive weapons system ever built — the F-35 Joint Strike Fighter, which is on track to cost about $1.4 trillion. The 2007 hack of that project was reported previously.

China, which is pursuing a comprehensive long-term strategy to modernize its military, is investing in ways to overcome the U.S. military advantage — and cyber-espionage is seen as a key tool in that effort, the Pentagon noted this month in a report to Congress on China. For the first time, the Pentagon specifically named the Chinese government and military as the culprit behind intrusions into government and other computer systems.

As the threat from Chinese cyber-espionage has grown, the administration has become more public with its concerns. In a speech in March, Thomas Donilon, the national security adviser to President Obama, urged China to control its cyber-activity. In its public criticism, the administration has avoided identifying the specific targets of hacking.

But U.S. officials said several examples were raised privately with senior Chinese government representatives in a four-hour meeting a year ago. The officials, who spoke on the condition of anonymity to describe a closed meeting, said senior U.S. defense and diplomatic officials presented the Chinese with case studies detailing the evidence of major intrusions into U.S. companies, including defense contractors.

In addition, a recent classified National Intelligence Estimate on economic cyber-espionage concluded that China was by far the most active country in stealing intellectual property from U.S. companies.

The Chinese government insists that it does not conduct cyber-
espionage on U.S. agencies or companies, and government spokesmen often complain that Beijing is a victim of U.S. cyberattacks.

Obama is expected to raise the issue when he meets with Chinese President Xi Jinping next month in California.

A spokesman for the Pentagon declined to discuss the list from the science board’s report. But the spokesman, who was not authorized to speak on the record, said in an e-mail, “The Department of Defense has growing concerns about the global threat to economic and national security from persistent cyber-intrusions aimed at the theft of intellectual property, trade secrets and commercial data, which threatens the competitive edge of U.S. businesses like those in the Defense Industrial Base.”

The confidential list of compromised weapons system designs and technologies represents the clearest look at what the Chinese are suspected of targeting. When the list was read to independent defense experts, they said they were shocked by the extent of the cyber-espionage and the potential for compromising U.S. defenses.

“That’s staggering,” said Mark Stokes, executive director of the Project 2049 Institute, a think tank that focuses on Asia security issues. “These are all very critical weapons systems, critical to our national security. When I hear this in totality, it’s breathtaking.”

The experts said the cybertheft creates three major problems. First, access to advanced U.S. designs gives China an immediate operational edge that could be exploited in a conflict. Second, it accelerates China’s acquisition of advanced military technology and saves billions in development costs. And third, the U.S. designs can be used to benefit China’s own defense industry. There are long-standing suspicions that China’s theft of designs for the F-35 fighter allowed Beijing to develop its version much faster.

“You’ve seen significant improvements in Chinese military capabilities through their willingness to spend, their acquisitions of advanced Russian weapons, and from their cyber-espionage campaign,” said James A. Lewis, a cyber-policy expert at the Center for Strategic and International Studies. “Ten years ago, I used to call the PLA [People’s Liberation Army] the world’s largest open-air military museum. I can’t say that now.”

The public version of the science board report noted that such cyber-espionage and cyber-sabotage could impose “severe consequences for U.S. forces engaged in combat.” Those consequences could include severed communication links critical to the operation of U.S. forces. Data corruption could misdirect U.S. operations. Weapons could fail to operate as intended. Planes, satellites or drones could crash, the report said.

In other words, Stokes said, “if they have a better sense of a THAAD design or PAC-3 design, then that increases the potential of their ballistic missiles being able to penetrate our or our allies’ missile defenses.”

Winslow T. Wheeler, director of the Straus Military Reform Project at the Project on Government Oversight, made a similar point. “If they got into the combat systems, it enables them to understand it to be able to jam it or otherwise disable it,” he said. “If they’ve got into the basic algorithms for the missile and how they behave, somebody better get out a clean piece of paper and start to design all over again.”

The list did not describe the extent or timing of the penetrations. Nor did it say whether the theft occurred through the computer networks of the U.S. government, defense contractors or subcontractors.

Privately, U.S. officials say that senior Pentagon officials are frustrated by the scale of cybertheft from defense contractors, who routinely handle sensitive classified data. The officials said concerns have been expressed by Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, and Adm. James A. Winnefeld Jr., the vice chairman, as well as Gen. Keith Alexander, director of the National Security Agency.

“In many cases, they don’t know they’ve been hacked until the FBI comes knocking on their door,” said a senior military official who was not authorized to speak on the record. “This is billions of dollars of combat advantage for China. They’ve just saved themselves 25 years of research and development. It’s nuts.”

In an attempt to combat the problem, the Pentagon launched a pilot program two years ago to help the defense industry shore up its computer defenses, allowing the companies to use classified threat data from the National Security Agency to screen their networks for malware. The Chinese began to focus on subcontractors, and now the government is in the process of expanding the sharing of threat data to more defense contractors and other industries.

An effort to change defense contracting rules to require companies to secure their networks or risk losing Pentagon business stalled last year. But the 2013 Defense Authorization Act has a provision that requires defense contractors holding classified clearances to report intrusions into their networks and allow access to government investigators to analyze the breach.

The systems on the science board’s list are built by a variety of top defense contractors, including Boeing, Lockheed Martin, Raytheon and Northrop Grumman. None of the companies would comment about whether their systems have been breached.

But Northrop Grumman spokesman Randy Belote acknowledged the company “is experiencing greater numbers of attempts to penetrate its computer networks” and said the firm is “vigilant” about protecting its networks.

A Lockheed Martin official said the firm is “spending more time helping deal with attacks on the supply chain” of partners, subcontractors and suppliers than dealing with attacks directly against the company. “For now, our defenses are strong enough to counter the threat, and many attackers know that, so they go after suppliers. But of course they are always trying to develop new ways to attack.”

The Defense Science Board report also listed broad technologies that have been compromised, such as drone video systems, nanotechnology, tactical data links and electronic warfare systems — all areas where the Pentagon and Chinese military are investing heavily.

“Put all that together — the design compromises and the technology theft — and it’s pretty significant,” Stokes said.

By Ellen Nakashima, Published: May 28

Find this story at 28 May 2013

© The Washington Post Company

This weekend, U.S. President Barack Obama sat down for a series of meetings with China’s newly appointed leader, Xi Jinping. We know that the two leaders spoke at length about the topic du jour — cyber-espionage — a subject that has long frustrated officials in Washington and is now front and center with the revelations of sweeping U.S. data mining. The media has focused at length on China’s aggressive attempts to electronically steal U.S. military and commercial secrets, but Xi pushed back at the “shirt-sleeves” summit, noting that China, too, was the recipient of cyber-espionage. But what Obama probably neglected to mention is that he has his own hacker army, and it has burrowed its way deep, deep into China’s networks.

When the agenda for the meeting at the Sunnylands estate outside Palm Springs, California, was agreed to several months ago, both parties agreed that it would be a nice opportunity for President Xi, who assumed his post in March, to discuss a wide range of security and economic issues of concern to both countries. According to diplomatic sources, the issue of cybersecurity was not one of the key topics to be discussed at the summit. Sino-American economic relations, climate change, and the growing threat posed by North Korea were supposed to dominate the discussions.

Then, two weeks ago, White House officials leaked to the press that Obama intended to raise privately with Xi the highly contentious issue of China’s widespread use of computer hacking to steal U.S. government, military, and commercial secrets. According to a Chinese diplomat in Washington who spoke in confidence, Beijing was furious about the sudden elevation of cybersecurity and Chinese espionage on the meeting’s agenda. According to a diplomatic source in Washington, the Chinese government was even angrier that the White House leaked the new agenda item to the press before Washington bothered to tell Beijing about it.

So the Chinese began to hit back. Senior Chinese officials have publicly accused the U.S. government of hypocrisy and have alleged that Washington is also actively engaged in cyber-espionage. When the latest allegation of Chinese cyber-espionage was leveled in late May in a front-page Washington Post article, which alleged that hackers employed by the Chinese military had stolen the blueprints of over three dozen American weapons systems, the Chinese government’s top Internet official, Huang Chengqing, shot back that Beijing possessed “mountains of data” showing that the United States has engaged in widespread hacking designed to steal Chinese government secrets. This weekend’s revelations about the National Security Agency’s PRISM and Verizon metadata collection from a 29-year-old former CIA undercover operative named Edward J. Snowden, who is now living in Hong Kong, only add fuel to Beijing’s position.

But Washington never publicly responded to Huang’s allegation, and nobody in the U.S. media seems to have bothered to ask the White House if there is a modicum of truth to the Chinese charges.

It turns out that the Chinese government’s allegations are essentially correct. According to a number of confidential sources, a highly secretive unit of the National Security Agency (NSA), the U.S. government’s huge electronic eavesdropping organization, called the Office of Tailored Access Operations, or TAO, has successfully penetrated Chinese computer and telecommunications systems for almost 15 years, generating some of the best and most reliable intelligence information about what is going on inside the People’s Republic of China.

Hidden away inside the massive NSA headquarters complex at Fort Meade, Maryland, in a large suite of offices segregated from the rest of the agency, TAO is a mystery to many NSA employees. Relatively few NSA officials have complete access to information about TAO because of the extraordinary sensitivity of its operations, and it requires a special security clearance to gain access to the unit’s work spaces inside the NSA operations complex. The door leading to its ultramodern operations center is protected by armed guards, an imposing steel door that can only be entered by entering the correct six-digit code into a keypad, and a retinal scanner to ensure that only those individuals specially cleared for access get through the door.

According to former NSA officials interviewed for this article, TAO’s mission is simple. It collects intelligence information on foreign targets by surreptitiously hacking into their computers and telecommunications systems, cracking passwords, compromising the computer security systems protecting the targeted computer, stealing the data stored on computer hard drives, and then copying all the messages and data traffic passing within the targeted email and text-messaging systems. The technical term of art used by NSA to describe these operations is computer network exploitation (CNE).

TAO is also responsible for developing the information that would allow the United States to destroy or damage foreign computer and telecommunications systems with a cyberattack if so directed by the president. The organization responsible for conducting such a cyberattack is U.S. Cyber Command (Cybercom), whose headquarters is located at Fort Meade and whose chief is the director of the NSA, Gen. Keith Alexander.

Commanded since April of this year by Robert Joyce, who formerly was the deputy director of the NSA’s Information Assurance Directorate (responsible for protecting the U.S. government’s communications and computer systems), TAO, sources say, is now the largest and arguably the most important component of the NSA’s huge Signal Intelligence (SIGINT) Directorate, consisting of over 1,000 military and civilian computer hackers, intelligence analysts, targeting specialists, computer hardware and software designers, and electrical engineers.

The sanctum sanctorum of TAO is its ultramodern operations center at Fort Meade called the Remote Operations Center (ROC), which is where the unit’s 600 or so military and civilian computer hackers (they themselves CNE operators) work in rotating shifts 24 hours a day, seven days a week.

These operators spend their days (or nights) searching the ether for computers systems and supporting telecommunications networks being utilized by, for example, foreign terrorists to pass messages to their members or sympathizers. Once these computers have been identified and located, the computer hackers working in the ROC break into the targeted computer systems electronically using special software designed by TAO’s own corps of software designers and engineers specifically for this purpose, download the contents of the computers’ hard drives, and place software implants or other devices called “buggies” inside the computers’ operating systems, which allows TAO intercept operators at Fort Meade to continuously monitor the email and/or text-messaging traffic coming in and out of the computers or hand-held devices.

TAO’s work would not be possible without the team of gifted computer scientists and software engineers belonging to the Data Network Technologies Branch, who develop the sophisticated computer software that allows the unit’s operators to perform their intelligence collection mission. A separate unit within TAO called the Telecommunications Network Technologies Branch (TNT) develops the techniques that allow TAO’s hackers to covertly gain access to targeted computer systems and telecommunications networks without being detected. Meanwhile, TAO’s Mission Infrastructure Technologies Branch develops and builds the sensitive computer and telecommunications monitoring hardware and support infrastructure that keeps the effort up and running.

TAO even has its own small clandestine intelligence-gathering unit called the Access Technologies Operations Branch, which includes personnel seconded by the CIA and the FBI, who perform what are described as “off-net operations,” which is a polite way of saying that they arrange for CIA agents to surreptitiously plant eavesdropping devices on computers and/or telecommunications systems overseas so that TAO’s hackers can remotely access them from Fort Meade.

It is important to note that TAO is not supposed to work against domestic targets in the United States or its possessions. This is the responsibility of the FBI, which is the sole U.S. intelligence agency chartered for domestic telecommunications surveillance. But in light of information about wider NSA snooping, one has to prudently be concerned about whether TAO is able to perform its mission of collecting foreign intelligence without accessing communications originating in or transiting through the United States.

Since its creation in 1997, TAO has garnered a reputation for producing some of the best intelligence available to the U.S. intelligence community not only about China, but also on foreign terrorist groups, espionage activities being conducted against the United States by foreign governments, ballistic missile and weapons of mass destruction developments around the globe, and the latest political, military, and economic developments around the globe.

According to a former NSA official, by 2007 TAO’s 600 intercept operators were secretly tapping into thousands of foreign computer systems and accessing password-protected computer hard drives and emails of targets around the world. As detailed in my 2009 history of NSA, The Secret Sentry, this highly classified intercept program, known at the time as Stumpcursor, proved to be critically important during the U.S. Army’s 2007 “surge” in Iraq, where it was credited with single-handedly identifying and locating over 100 Iraqi and al Qaeda insurgent cells in and around Baghdad. That same year, sources report that TAO was given an award for producing particularly important intelligence information about whether Iran was trying to build an atomic bomb.

By the time Obama became president of the United States in January 2009, TAO had become something akin to the wunderkind of the U.S. intelligence community. “It’s become an industry unto itself,” a former NSA official said of TAO at the time. “They go places and get things that nobody else in the IC [intelligence community] can.”

Given the nature and extraordinary political sensitivity of its work, it will come as no surprise that TAO has always been, and remains, extraordinarily publicity shy. Everything about TAO is classified top secret codeword, even within the hypersecretive NSA. Its name has appeared in print only a few times over the past decade, and the handful of reporters who have dared inquire about it have been politely but very firmly warned by senior U.S. intelligence officials not to describe its work for fear that it might compromise its ongoing efforts. According to a senior U.S. defense official who is familiar with TAO’s work, “The agency believes that the less people know about them [TAO] the better.”

The word among NSA officials is that if you want to get promoted or recognized, get a transfer to TAO as soon as you can. The current head of the NSA’s SIGINT Directorate, Teresa Shea, 54, got her current job in large part because of the work she did as chief of TAO in the years after the 9/11 terrorist attacks, when the unit earned plaudits for its ability to collect extremely hard-to-come-by information during the latter part of George W. Bush’s administration. We do not know what the information was, but sources suggest that it must have been pretty important to propel Shea to her position today. But according to a recently retired NSA official, TAO “is the place to be right now.”

There’s no question that TAO has continued to grow in size and importance since Obama took office in 2009, which is indicative of its outsized role. In recent years, TAO’s collection operations have expanded from Fort Meade to some of the agency’s most important listening posts in the United States. There are now mini-TAO units operating at the huge NSA SIGINT intercept and processing centers at NSA Hawaii at Wahiawa on the island of Oahu; NSA Georgia at Fort Gordon, Georgia; and NSA Texas at the Medina Annex outside San Antonio, Texas; and within the huge NSA listening post at Buckley Air Force Base outside Denver.

The problem is that TAO has become so large and produces so much valuable intelligence information that it has become virtually impossible to hide it anymore. The Chinese government is certainly aware of TAO’s activities. The “mountains of data” statement by China’s top Internet official, Huang Chengqing, is clearly an implied threat by Beijing to release this data. Thus it is unlikely that President Obama pressed President Xi too hard at the Sunnydale summit on the question of China’s cyber-espionage activities. As any high-stakes poker player knows, you can only press your luck so far when the guy on the other side of the table knows what cards you have in your hand.
Save big when you subscribe to FP.

THOMAS SAMSON/AFP/Getty Images

Matthew M. Aid is the author of Intel Wars: The Secret History of the Fight Against Terror and The Secret Sentry: The Untold History of the National Security Agency, and is co-editor with Cees Wiebes of Secrets of Signals Intelligence During the Cold War and Beyond.

Foreign Policy Magazine

Thursday, June 20, 2013

BY MATTHEW M. AID | JUNE 10, 2013

Find this story at 10 June 2013

©2013 The Foreign Policy Group, LLC.

(Reuters) – China’s top Internet security official says he has “mountains of data” pointing to extensive U.S. hacking aimed at China, but it would be irresponsible to blame Washington for such attacks, and called for greater cooperation to fight hacking.

Cyber security is a major concern for the U.S. government and is expected to be at the top of the agenda when President Barack Obama meets with Chinese President Xi Jinping in California on Thursday and Friday.

Obama will tell Xi that Washington considers Beijing responsible for any cyber attacks launched from Chinese soil and must take action to curb high-tech spying, White House officials said on Tuesday.

China’s Internet security chief complained that Washington used the news media to raise cyber security concerns which would be better settled through communication, not confrontation.

“We have mountains of data, if we wanted to accuse the U.S., but it’s not helpful in solving the problem,” said Huang Chengqing, director of the National Computer Network Emergency Response Technical Team/Coordination Center of China, known as CNCERT.

“They advocated cases that they never let us know about,” Huang said in comments on Tuesday and carried by the government-run China Daily newspaper on Wednesday.

“Some cases can be addressed if they had talked to us, why not let us know? It is not a constructive train of thought to solve problems.”

CNCERT has instead co-operated with the United States, receiving 32 Internet security cases from the United States in the first four months of 2013, and handling most promptly, except for a few that lacked sufficient proof, Huang said.

Designs for more than two dozen major U.S. weapons systems have been compromised by Chinese hackers, the Washington Post reported late last month.

The compromised designs included combat aircraft and ships, as well as missile defense systems vital for Europe, Asia and the Gulf, the newspaper said, citing a report prepared for the U.S. Defense Department by the Defense Science Board.

Huang did not deny the report, but suggested that if the U.S. government wants to keep weapons programs secure, it should not allow them to be accessed online.

“Even following the general principle of secret-keeping, it should not have been linked to the Internet,” Huang said.

Cyber attacks from the United States have been as serious as the accusations from Washington, Huang said

CNCERT, which issues a weekly report on cyber attacks against China, says that 4,062 U.S.-based computer servers hijacked 2.91 million mainframe computers in China.

(Reporting by Terril Yue Jones; Editing by Michael Perry)

BEIJING | Wed Jun 5, 2013 12:24am EDT

Find this story at 5 June 2013

© Thomson Reuters

Hong Kong (CNN) — U.S. intelligence agents have been hacking computer networks around the world for years, apparently targeting fat data pipes that push immense amounts of data around the Internet, NSA leaker Edward Snowden told the South China Morning Post on Wednesday.

Among some 61,000 reported targets of the National Security Agency, Snowden said, are hundreds of computers in China — which U.S. officials have increasingly criticized as the source of thousands of attacks on U.S. military and commercial networks. China has denied such attacks.

The Morning Post said it had seen documents provided by Snowden but was unable to verify their authenticity. The English-language news agency, which operates in Hong Kong, also said it was unable to independently verify allegations of U.S. hacking of networks in Hong Kong and mainland China since 2009.
Snowden told the paper that some of the targets included the Chinese University of Hong Kong, public officials and students. The documents also “point to hacking activity by the NSA against mainland targets,” the newspaper reported.

The claims came just days after U.S. President Barack Obama pressed Chinese President Xi Jinping to address cyberattacks emanating from China that Obama described as “direct theft of United States property.”

Snowden’s allegations appear to give weight to claims by some Chinese government officials that the country has been a victim of similar hacking efforts coming from the United States.

His claims came as Gen. Keith Alexander, the National Security Agency chief, testified at a U.S. Senate hearing that the country’s cyberinfrastructure, including telephones and computer networks, is somewhat vulnerable to attack.

On a scale of one to 10, “our critical infrastructure’s preparedness to withstand a destructive cyberattack is about a three, based on my experience,” he said.

In the Morning Post interview — published one week after the British newspaper The Guardian revealed the first leaks attributed to Snowden — he claimed the agency he once worked for as a contractor typically targets high-bandwidth data lines that connect Internet nodes located around the world.

“We hack network backbones — like huge Internet routers, basically — that give us access to the communications of hundreds of thousands of computers without having to hack every single one,” the newspaper quoted him as saying.

A “backbone” is part of the inner workings of a computer network that links different parts of that network. It is used to deliver data from one part of the network to another and, as such, could expose data from multiple computers if hacked.

‘Trying to bully’

Snowden, 29, worked for the Booz Allen Hamilton computer consulting firm until Monday, when he was fired after documents he provided to journalists revealed the existence of secret programs to collect records of domestic telephone calls in the United States and the Internet activity of overseas residents.

While he has not been charged, the FBI is conducting an investigation into the leaks, and he has told The Guardian that he expects the United States will try to prosecute him.
Snowden told the Morning Post that he felt U.S. officials were pressuring his family and also accused them of “trying to bully” Hong Kong into extraditing him to prevent the release of more damaging information.

He vowed to resist extradition efforts if it comes to that, saying he “would rather stay and fight the United States government in the courts, because I have faith in Hong Kong’s rule of law.”

“My intention is to ask the courts and people of Hong Kong to decide my fate,” the South China Morning Post quoted Snowden as saying. “I have been given no reason to doubt your system.”

But Hong Kong lawmaker Regina Ip, a former secretary of security for the territory, said Tuesday that while any extradition process could take months, Snowden isn’t necessarily beyond the reach of the United States.

“If he thought there was a legal vacuum in Hong Kong which renders him safe from U.S. jurisdiction, that is unlikely to be the case,” she said.

The newspaper said Snowden has been hiding in undisclosed locations inside the semi-autonomous Chinese territory since checking out of his hotel room Monday — a day after he revealed his identity in an interview with The Guardian.

Snowden told the Morning Post he is not trying to evade U.S. authorities.

“People who think I made a mistake in picking Hong Kong as a location misunderstand my intentions,” the newspaper quoted him as saying. “I am not here to hide from justice; I am here to reveal criminality.”

The NSA and the National Intelligence director did not immediately respond to a CNN request for comment.

Asked during a media briefing on Wednesday for comment on Snowden’s latest claims, U.S. State Department spokeswoman Jennifer Psaki declined. She said she had not seen the latest Morning Post report.

On the defensive

The revelations have renewed debate over surveillance in the United States and overseas in the name of fighting terrorism, with supporters saying the programs revealed by Snowden are legal and have helped stop terror plots. Civil liberties advocates, however, call the measures dangerous and unacceptable intrusions.

Such criticisms have put Obama and his allies on the issue — both Democrats and Republicans — on the defensive against mounting criticisms from a similarly bipartisan group of critics demanding changes to rein in the programs.

There also is a sharp division among Americans over the issue.

A Gallup poll released Wednesday found that 44% of Americans believe Snowden did the right thing by releasing details about the classified surveillance programs, while 42% said it was wrong and 14% said they were unsure.

The poll for that question had a 6% margin of error.

It also found that more Americans disapprove than approve of the government’s surveillance programs, 53% to 37%. Ten percent had no opinion.

The poll for that question had a 4% margin of error.

Those differences were on display Wednesday when Alexander, the director of the National Security Agency, testified at a hearing into cybersecurity technology and civil liberties.

Officials have been unable to explain controversial data mining programs because they have been classified, Alexander testified.

But Alexander rejected the Snowden’s claim that the NSA could tap into any American’s phone or computer.

“I know of no way to do that,” Alexander said.

But he testified that phone records obtained by the government helped prevent “dozens” of terrorist events.

He would not discuss disrupted plots broadly, saying they were classified. But he did say federal data mining appeared to play a role in helping to disrupt a plot in recent years to attack the New York subway system.

Alexander said information developed overseas was passed along to the FBI, which he said was able to identify eventual suspect Najibullah Zazi in Colorado and ultimately uncover a plot. Zazi pleaded guilty to terror-related charges in 2010.

While not on the roster for Wednesday’s hearing, another administration official in the spotlight is Director of National Intelligence James Clapper, whom Democratic Sen. Ron Wyden has singled out for how he answered questions about the telephone surveillance program in March.

In March, Wyden asked Clapper whether the NSA collects “any type of data at all on millions or hundreds of millions of Americans?”

“No sir,” Clapper said.

On Saturday, Clapper told NBC News that he answered in the “most truthful or least most untruthful manner” possible.

Clapper told NBC that he had interpreted “collection” to mean actually examining the materials gathered by the NSA.

He previously told the National Journal he had meant that “the NSA does not voyeuristically pore through U.S. citizens’ e-mails,” but he did not mention e-mails at the hearing.

NSA leaker’s girlfriend says she’s ‘lost at sea’

EU questions

Fallout over revelations about the NSA’s intelligence-gathering has reached the European Union’s governing body, where Vice President Viviane Reding raised concerns that the United States may have targeted some of its citizens.

Reding said she plans to raise the issue during a meeting Friday with U.S. Attorney General Eric Holder.

“The respect for fundamental rights and the rule of law are the foundations of the EU-U.S. relationship. This common understanding has been, and must remain, the basis of cooperation between us in the area of Justice,” Reding, the EU commissioner for justice, said Wednesday.

“Trust that the rule of law will be respected is also essential to the stability and growth of the digital economy, including transatlantic business. This is of paramount importance for individuals and companies alike.”

CNN’s Jethro Mullen reported and wrote from Hong Kong, and Chelsea J. Carter reported and wrote from Atlanta. CNN’s Paul Steinhauser, Tom Cohen, Michael Pearson, Doug Gross, Shirley Henry, Brian Walker and Pamela Boykoff contributed to this report.

By Jethro Mullen and Chelsea J. Carter, CNN
June 13, 2013 — Updated 0932 GMT (1732 HKT)

Find this story at 13 June 2013

© 2013 Cable News Network

Obama administration says NSA data helped make arrests in two important cases – but critics say that simply isn’t true

A new NSA data farm is set to open in the fall in Bluffdale, Utah. A former CIA agent said: ‘[Data-mining] played no role in the Headley case.’ Photograph: George Frey/Getty Images

Lawyers and intelligence experts with direct knowledge of two intercepted terrorist plots that the Obama administration says confirm the value of the NSA’s vast data-mining activities have questioned whether the surveillance sweeps played a significant role, if any, in foiling the attacks.

The defence of the controversial data collection operations, highlighted in a series of Guardian disclosures over the past week, has been led by Dianne Feinstein, chairwoman of the Senate intelligence committee, and her equivalent in the House, Mike Rogers. The two politicians have attempted to justify the NSA’s use of vast data sweeps such as Prism and Boundless Informant by pointing to the arrests and convictions of would-be New York subway bomber Najibullah Zazi in 2009 and David Headley, who is serving a 35-year prison sentence for his role in the 2008 Mumbai attacks.

Rogers told ABC’s This Week that the NSA’s bulk monitoring of phone calls and internet contacts was central to intercepting the plotters. “I can tell you, in the Zazi case in New York, it’s exactly the programme that was used,” he said.

A similar point was made in anonymous briefings by administration officials to the New York Times and Reuters.

But court documents lodged in the US and UK, as well as interviews with involved parties, suggest that data-mining through Prism and other NSA programmes played a relatively minor role in the interception of the two plots. Conventional surveillance techniques, in both cases including old-fashioned tip-offs from intelligence services in Britain, appear to have initiated the investigations.

In the case of Zazi, an Afghan American who planned to attack the New York subway, the breakthrough appears to have come from Operation Pathway, a British investigation into a suspected terrorism cell in the north-west of England in 2009. That investigation discovered that one of the members of the cell had been in contact with an al-Qaida associate in Pakistan via the email address sana_pakhtana@yahoo.com.

British newspaper reports at the time of Zazi’s arrest said that UK intelligence passed on the email address to the US. The same email address, as Buzzfeed has pointed out, was cited in Zazi’s 2011 trial as a crucial piece of evidence. Zazi, the court heard, wrote to sana_pakhtana@yahoo.com asking in coded language for the precise quantities to use to make up a bomb.

Eric Jurgenson, an FBI agent involved in investigating Zazi once the link to the Pakistani email address was made, told the court: “My office was in receipt – I was notified, I should say. My office was in receipt of several email messages, email communications. Those email communications, several of them resolved to an individual living in Colorado.”

Michael Dowling, a Denver-based attorney who acted as Zazi’s defence counsel, said the full picture remained unclear as Zazi pleaded guilty before all details of the investigation were made public. But the lawyer said he was sceptical that mass data sweeps could explain what led law enforcement to Zazi.

“The government says that it does not monitor content of these communications in its data collection. So I find it hard to believe that this would have uncovered Zazi’s contacts with a known terrorist in Pakistan,” Dowling said.

Further scepticism has been expressed by David Davis, a former British foreign office minister who described the citing of the Zazi case as an example of the merits of data-mining as “misleading” and “an illusion”. Davis pointed out that Operation Pathway was prematurely aborted in April 2009 after Bob Quick, then the UK’s most senior counter-terrorism police officer, was pictured walking into Downing Street with top secret documents containing details of the operation in full view of cameras.

The collapse of the operation, and arrests of suspects that hurriedly followed, came five months before Zazi was arrested in September 2009. “That was the operation that led to the initial data links to Zazi – they put the clues in the database which gave them the connections,” Davis said.

Davis said that the discovery of the sana_pakhtana@yahoo.com email – and in turn the link to Zazi – had been made by traditional investigative work in the UK. He said the clue-driven nature of the inquiry was significant, as it was propelled by detectives operating on the basis of court-issued warrants.

“You can’t make this grand sweeping [data collection] stuff subject to warrants. What judge would give you a warrant if you say you want to comb through vast quantities of data?”

Legal documents lodged with a federal court in New York’s eastern district shortly after Zazi’s arrest show that US counter-intelligence officials had been keeping watch over him under targeted surveillance with the warranted approval of the special intelligence court. During the course of the prosecution, the US served notice that it would be offering evidence “obtained and derived from electronic surveillance and physical search conducted pursuant to the Foreign Intelligence Surveillance Act of 1978 (Fisa).”

Feinstein and Rogers have also pointed to the case of David Headley, who in January was sentenced to 35 years in jail for having made multiple scouting missions to Mumbai ahead of the 2008 terrorist attacks that killed 168 people. Yet the evidence in his case also points towards a British tip-off as the inspiration behind the US interception of him.

In July 2009, British intelligence began tracking Headley, a Pakistani American from Chicago, who was then plotting to attack Danish newspaper Jyllands-Posten in retaliation for its publication of cartoons of the prophet Mohammed. Information was passed to the FBI and he was thereafter, until his arrest that October, kept under targeted US surveillance.

An intelligence expert and former CIA operative, who asked to remain anonymous because he had been directly involved in the Headley case, was derisive about the claim that data-mining sweeps by the NSA were key to the investigation. “That’s nonsense. It played no role at all in the Headley case. That’s not the way it happened at all,” he said.

The intelligence expert said that it was a far more ordinary lead that ensnared Headley. British investigators spotted him when he contacted an informant.

The Headley case is a peculiar choice for the administration to highlight as an example of the virtues of data-mining. The fact that the Mumbai attacks occurred, with such devastating effect, in itself suggests that the NSA’s secret programmes were limited in their value as he was captured only after the event.

Headley was also subject to a plethora of more conventionally obtained intelligence that questions the central role claimed for the NSA’s data sweeps behind his arrest. In a long profile of Headley, the investigative website ProPublica pointed out that he had been an informant working for the Drug Enforcement Administration perhaps as recently as 2005. There are suggestions that he might have then worked in some capacity for the FBI or CIA.

Headley was also, ProPublica found, the subject of several inquiries by agents of the FBI-led Joint Terrorism Task Force. A year before the Mumbai attacks his then wife, Faiza Outalha, reported on him to the US embassy Islamabad, saying he was on a secret mission in India and was a “drug dealer, terrorist and spy”.

Ed Pilkington in New York and Nicholas Watt in London
guardian.co.uk, Wednesday 12 June 2013 15.51 BST

Find this story at 12 June 2013

© 2013 Guardian News and Media Limited or its affiliated companies. All rights reserved.

Listen to defenders of the U.S. government’s recently revealed data collection practices, and you’re likely to hear claims about terrorist plots these sweeping activities have purportedly stopped.

Senate Intelligence Committee Chairwoman Dianne Feinstein, D-Calif., explained on ABC’s “This Week” Sunday that in one of the signature uses of the dragnet collection of every American’s phone records, the NSA managed to track one of our own informants, David Headley, as he helped Islamic terrorists plan attacks. She did not mention that it did nothing to prevent the 2008 terrorist attack in Mumbai, which killed 166 — and in which Headley had a role in planning.

Director of National Intelligence James Clapper called the effort to track Headley – which did manage to thwart Headley’s 2009 plans to attack a Danish newspaper – a success, in an interview with Andrea Mitchell. Such is the value of these programs, it appears, that top proponents of the program celebrate the tracking of a DEA informant gone bad as their main talking point.

“U.S. officials say Headley simply slipped through the cracks,” ProPublica reported earlier this year in a blockbuster story on Headley. ProPublica describes competing claims about when the Drug Enforcement Agency, which first recruited Headley in 1997, stopped using him as an informant; DEA insists he was deactivated in 2002, while other sources say he remained a U.S. informant through 2005. What’s clear is that Headley spent the subsequent years leading up to the 2008 Mumbai attack traveling form Pakistan to India, casing out the terror plot.

Multiple warnings to the Indian government — perhaps based on the intelligence now being touted — failed to prevent the attack. “U.S. officials learned enough about his activities to become concerned, monitor him intermittently and pick up fragments of intelligence that contributed to the warnings to India,” reported ProPublica. At the time of the attack, Headley had returned safely to Lahore, Pakistan, and he even traveled between there, Chicago and Europe thereafter, planning another plot. In October 2009, the FBI arrested Headley in Chicago as he traveled to Pakistan to hand off intelligence for an attack on Denmark.

Before we start celebrating our finding an informant-turned-terrorist we lost as one of the successes that makes massive spying worthwhile, shouldn’t we first get an explanation for how our intelligence agencies lost track of Headley in the first place?

The flood of missed warnings about Headley’s increasing ties with Islamic terrorists did lead to an investigation led by DNI Clapper’s office in 2010, but the results of it have not been made public. Yet the embarrassment of having a former American informant play a key role in one of the biggest attacks since 9/11 doesn’t seem to have prevented Clapper and Feinstein from boasting of NSA’s success in his case.

Headley’s attacks are not the only ones cited by Feinstein and Clapper. Feinstein also cited the case of Najibullah Zazi, an Afghan immigrant to the U.S. who plotted to blow up the New York subway in 2009. FBI’s success in thwarting Zazi’s attack is probably the most serious publicly known example of a thwarted attack. To the extent the NSA’s programs played a key role, then, it is a significant success.

But even there, the claims appear fuzzy or overblown. Feinstein, for example, describes the success this way (emphasis added): “[Zazi] made the decision that he was going to blow up a New York subway, who went to a beauty wholesale supply place, bought enough hydrogen peroxide to make bombs, was surveilled by the FBI for six months, traveled to go to New York, to meet with a number of other people who were going to carry out this attack with him, and were arrested by the FBI, who has pled guilty and in federal prison.”

It’s an interesting use of the word “surveilled,” because according to sworn court testimony the lead that identified Zazi was an email account identified in a British terrorism case, which the NSA tracked. That account, not Zazi, was surveilled. Days, not months, before Zazi’s planned attack, he sent an email to the account asking for help making explosives, which led the FBI to uncover his plot.

PRISM — the direct access to Internet companies’ data, which Clapper’s office describes as a “computer system used to facilitate the government’s statutorily authorized collection of foreign intelligence information from electronic communication service providers” — appears to have been the means by which FBI conducted this surveillance. A New York Times source explains PRISM was the only means to access the email: “It was through an e-mail correspondence that we had access to only through Prism.” But tracking the email account would have been legal under the FISA laws in place prior to 9/11. As such, PRISM seems to have made it easier to capture Zazi, but may not have been pivotal.

The claim PRISM helped to nab Zazi is new since these revelations. But Feinstein has long insisted that Section 215 — the dragnet collection program — had a role, too (she made that claim, in part, to support the reauthorization of the language used to conduct the dragnet collection in 2009).

That makes the Zazi case troubling too, because there is a good deal of circumstantial evidence that the government used Section 215 to identify people in Aurora, Colo., who had, like Zazi, purchased hydrogen peroxide and acetone, which (in addition to being common household chemicals) are precursors for the explosives Zazi used. The government described three people associated with Zazi in an affidavit justifying his detention, implying they were accomplices. Yet, these three unnamed people never appeared in the legal case again. They appear to have been completely innocent of any tie to Zazi’s plot. If so, then, in addition to being a success story, the Zazi case would also be a perfect example of how these tools can implicate perfectly innocent people as terrorists for something as innocent as buying hair care supplies.

At the very least, the fuzzy cases Feinstein and Clapper are boasting about demonstrate the need for far more transparency on these tools. If they’re justifying a gross incursion on American privacy, in part because they helped track down an informant our intelligence services lost track of — and created false positives based on hair bleach purchases — then we need to seriously reconsider their use.

Marcy Wheeler writes at EmptyWheel.net and is the author of “Anatomy of Deceit.”

Monday, Jun 10, 2013 07:10 PM +0200

By Marcy Wheeler

Find this story at 10 June 2013

Copyright © 2013 Salon Media Group, Inc.

Defenders of “PRISM” say it stopped subway bombings. But British and American court documents suggest old-fashioned police work nabbed Zazi.

Would-be subway bomber Najibullah Zazi. Image by Marc Piscotty / Getty Images

Defenders of the American government’s online spying program known as “PRISM” claimed Friday that the suddenly controversial secret effort had saved New York City’s subways from a 2009 terrorist plot led by a young Afghan-American, Najibullah Zazi.

But British and American legal documents from 2010 and 2011 contradict that claim, which appears to be the latest in a long line of attempts to defend secret programs by making, at best, misleading claims that they were central to stopping terror plots. While the court documents don’t exclude the possibility that PRISM was somehow employed in the Zazi case, the documents show that old-fashioned police work, not data mining, was the tool that led counterterrorism agents to arrest Zazi. The public documents confirm doubts raised by the blogger Marcy Wheeler and the AP’s Adam Goldman, and call into question a defense of PRISM first floated by House Intelligence Committee Chairman Mike Rogers, who suggested that PRISM had stopped a key terror plot.

Reuters’s Mark Hosenball advanced the claim Friday, based on anonymous “government sources”:

A secret U.S. intelligence program to collect emails that is at the heart of an uproar over government surveillance helped foil an Islamist militant plot to bomb the New York City subway system in 2009, U.S. government sources said on Friday.

The sources said Representative Mike Rogers, chairman of the House of Representatives Intelligence Committee, was talking about a plot hatched by Najibullah Zazi, an Afghan-born U.S. resident, when he said on Thursday that such surveillance had helped thwart a significant terrorist plot in recent years.

President Barack Obama’s administration is facing controversy after revelations of details of massive programs run by the National Security Agency for collecting information from telephone and Internet companies.

The surveillance program that halted the Zazi plot was one that collected email data on foreign intelligence suspects, a U.S. government source said.

The New York Times also emphasized the Zazi case Friday:

To defenders of the N.S.A., the Zazi case underscores how the agency’s Internet surveillance system, called Prism, which was set up over the past decade to collect data from online providers of e-mail and chat services, has yielded concrete results.

“We were able to glean critical information,” said a senior intelligence official, who spoke on the condition of anonymity. “It was through an e-mail correspondence that we had access to only through Prism.”

But public — though not widely publicized — details of the Zazi plot cast into doubt the notion that a data mining program had much to do with the investigation. Zazi traveled to Pakistan in 2008 to train with al Qaeda. He was charged in 2009 with leading two other men in a plot to detonate suicide bombs in the New York subways.

The path to his capture, according to the public records, began in April 2009, when British authorities arrested several suspected terrorists. According to a 2010 ruling from Britain’s Special Immigration Appeals Commission, one of the suspects’ computers included email correspondence with an address in Pakistan.

The open case is founded upon a series of emails exchanged between a Pakistani registered email account sana_pakhtana@yahoo.com and an email account admittedly used by Naseer humaonion@yahoo.com between 30 November 2008 and 3 April 2009. The Security Service’s assessment is that the user of the sana_pakhtana account was an Al Qaeda associate…”

“For reasons which are wholly set out in the closed judgment, we are sure satisfied to the criminal standard that the user of the sana_pakhtana account was an Al Qaeda associate,” the British court wrote.

Later that year, according to a transcript of Zazi’s July, 2011 trial, Zazi emailed his al Qaeda handler in Pakistan for help with the recipe for his bombs. He sent his inquiry to the same email address: sana_pakhtana@yahoo.com.

An FBI agent, Eric Jurgenson, testified, “I was notified, I should say. My office was in receipt of several e-mail messages, e-mail communications.” Those emails — from Zazi to the same sana_pakhtana@yahoo.com — “led to the investigation,” he testified.

The details of terror investigations are not always laid out this clearly in public; but they appear to belie the notion, advanced by anonymous government officials Friday, that sweeping access to millions of email accounts played an important roil in foiling the subway attack. Instead, this is the sort investigation made possible by ordinary warrants under the Foreign Intelligence Surveillance Act; authorities appear simply to have been monitoring the Pakistani email account that had been linked to terrorists earlier that year.

This was, in fact, reported at the time. That November, British authorities were bragging to the Telegraph about their role in arresting Zazi:

The plan, which reportedly would have been the biggest attack on America since 9/11, was uncovered after Scotland Yard intercepted an email….The alleged plot was unmasked after an email address that was being monitored as part of [the 2009 U.K. case] was suddenly reactivated.

The existence of PRISM was revealed Thursday by the Washington Post and the Guardian. Authorities are now scrambling to justify the program.

posted on June 7, 2013 at 10:21pm EDT

Ben Smith
BuzzFeed Staff

Find this story at 7 June 2013

Copyright © 2013 BuzzFeed, Inc.

European authorities have known since mid-2011 that the US could conduct surveillance on EU citizens. But experts say that European countries had little interest in picking a fight with their ally in Washington.
There has been widespread outrage in Europe over the scope of the National Security Agency’s PRISM surveillance program. European experts, however, are not surprised by American whistleblower Edward Snowden’s revelations.
“What Snowden revealed about PRISM was already known to certain well-connected people for a long time,” Benjamin Bergemann, the author of the German blog netzpolitik.org and a member of the Digitale Gesellschaft (Digital Society) e.V., told DW.
The European Parliament commissioned a report in 2012, which showed that US authorities could theoretically access European citizens’ data since 2008. The report’s authors were hard on European authorities.
In the EU, there was no awareness that mass political surveillance was possible, according to the authors of the study. Incredibly, since 2011 “neither the EU Commission nor the national lawmakers nor the European Parliament had any knowledge of FISAAA 1881a.”
FISAAA 1881a refers to a section of a 2008 amendment to the US Foreign Intelligence Surveillance Act of 1978. That section of the 2008 amendment empowers US spy agencies to collect information stored in American cloud computing providers.
The authors of the EU study warned that US authorities had access to the data of non-US citizens in these so-called data clouds. The EU was neglecting to protect its citizens, according to the report’s devastating conclusion.

Focus on China and Russia

Europeans had long invested their energy in the fight for consumer protection in the Internet and against cyber crime, according to Julien Jeandesboz of the Centre d’Etudes sur les Conflits. Jeandesboz said that the focus in the EU was not on state-sponsored threats to its citizens.
The Europeans debated about hackers, identity theft, and the regulation of Internet companies. And in the rare moments when the discussion did turn to state-sponsored activities, the EU’s attention was focused on China and Russia.
Jeandesboz believes that political motivations explain the EU’s blind eye to US spy activities. The Patriot Act, which gave Washington broad wiretapping authority after the September 11, 2001 attacks, was controversial and publicly discussed in the EU. But while it’s one thing to target cyber criminals, it’s totally different to move against the US government, according to Jeandesboz.
For most European governments, the US is an important ally and trade partner as well as the world’s leading Internet provider.

European intelligence agencies complicit?

According to Britain’s Guardian newspaper, European intelligence agencies may have profited from the Americans’ surveillance activities. The Guardian reported that Britain’s equivalent to the NSA, the GCHQ, appears to have made use of American intelligence gleaned from PRISM.
Every European user of Facebook and Google should be aware that their data may be subject to PRISM, said blogger Benjamin Bergemann.
“One could say, ‘what interest does the US have in me?’ But one should not forget that the European criminal justice systems have an interest in such surveillance and so a coalition of interests could form,” Bergemann said.

EU citizens’ rights violated

While Internet users in Europe can sue in court for the control of their own data, no such legal right exists in the US. And European law is at a loss when it comes to transnational data transfers.
According to Nicolas Hernanz, many laws that are passed in the US now also affect EU citizens. Hernanz, with the Center for European Policy Studies in Brussels, said that Europeans’ legal right to control their own personal data is being “thrown in the garbage can” as a result of US surveillance activities.
US lobbyists have managed numerous times to water down tough data protection provisions in EU treaties, according to Bergemann. He hopes that the importance of data protection and privacy will be reflected in pending EU legislative initiatives.
Jeandesboz believes that if the revelations about PRISM cannot move the EU to act, then nothing can. While experts thought that such sweeping surveillance was possible, it was not considered likely. Jeandesboz said that Europeans need to stand up for their legal tradition in the face of the US. Otherwise, more civil liberties could be sacrificed for security, he continued.
“The fear of terrorism and the preventative security concept have reached their high point,” said blogger Benjamin Bergemann.

Data protection directive

There are many proposals for how the EU can protect its citizens from US surveillance. But there is little unity in the 27-member bloc. A data protection directive, which is supposed to be passed before the 2014 EU elections, has been vigorously debated.
EU parliamentarians have proposed several changes to the directive. One proposal would flag American web services, warning EU users that the site is governed by US law and could be under the control of US authorities. Another proposal would extend protection to the whistleblower Edward Snowden.

Disturbing trends in Europe

At the very least, political pressure could be placed on the US, if Washington was forced to sign a law enforcement treaty with the EU. But not even that exists at the moment. And experts warn that pointing the finger across the pond is not enough.
Within the EU, there has to be a discussion about whether or not data protection should be sacrificed to counterterrorism, the experts say. The concept of preventive security is becoming more prominent in the 27-member bloc, according to Bergemann.
“The telecommunications providers have been forced to set up an electronic interface for the authorities, so that IP addresses can be retrieved,” Bergemann said. “These trends also exist in Europe.”

Deutsche Welle
11.06.2013
Nina Haase

Find this story at 11 June 2013

© 2013 Deutsche Welle