Posts

The Rationale for NSA’s Bottomless Pit of Data: Hackers

/26 Comments/in , /by

In his must-read report on the bottomless data pit containing the NSA is building in Utah, James Bamford described the public explanations NSA Deputy Director Chris Inglis made when he broke ground on the facility.

[NSA deputy director Chris Inglis] arrived in Bluffdale at the site of the future data center, a flat, unpaved runway on a little-used part of Camp Williams, a National Guard training site. There, in a white tent set up for the occasion, Inglis joined Harvey Davis, the agency’s associate director for installations and logistics, and Utah senator Orrin Hatch, along with a few generals and politicians in a surreal ceremony. Standing in an odd wooden sandbox and holding gold-painted shovels, they made awkward jabs at the sand and thus officially broke ground on what the local media had simply dubbed “the spy center.” Hoping for some details on what was about to be built, reporters turned to one of the invited guests, Lane Beattie of the Salt Lake Chamber of Commerce. Did he have any idea of the purpose behind the new facility in his backyard? “Absolutely not,” he said with a self-conscious half laugh. “Nor do I want them spying on me.”

For his part, Inglis simply engaged in a bit of double-talk, emphasizing the least threatening aspect of the center: “It’s a state-of-the-art facility designed to support the intelligence community in its mission to, in turn, enable and protect the nation’s cybersecurity.” While cybersecurity will certainly be among the areas focused on in Bluffdale, what is collected, how it’s collected, and what is done with the material are far more important issues. Battling hackers makes for a nice cover—it’s easy to explain, and who could be against it? [my emphasis]

Inglis used hackers as cover for a spying facility that would collect and decrypt “all forms of communication, including the complete contents of private emails, cell phone calls, and Google searches, as well as all sorts of personal data trails—parking receipts, travel itineraries, bookstore purchases, and other digital ‘pocket litter’.” That is, Inglis used the threat of hackers to cover up for the fact that the government was spying on everyone.

Mind you, this was back in January 2011–before Anonymous threatened to take the Toobz down at a time when a key Anonymous hacker was being run by the FBI. Indeed, Inglis used hackers as his excuse for collecting massive amounts of data on everyone in the thick of the WikiLeaks excitement.

Nevertheless, Bamford describes Inglis publicly misleading about the centrality of hackers in the purpose of the bottomless pit when in fact the purpose is far broader. Particularly given the FBI’s recently exposed role running hackers, Inglis’ “double-talk” raises real questions about all the fear-mongering about hackers.

Operation Buckshot Yankee and WikiLeaks

/19 Comments/in /by

Ellen Nakashima had a long article on Thursday using the 2008 thumb drive infection of DOD’s networks (including, she mentions in passing, the top-secret JWICS system) to describe the evolution of our approach to cybersecurity.

The whole thing is worth a close reading. But I’m particularly interested (as always) in reading it with WikiLeaks in mind. As Nakashima notes after describing the supposedly stringent response to the 2008 infection, which included “banning” thumb drives, Bradley Manning is suspected of downloading entire databases via the same means, removable media.

As the NSA worked to neutralize Agent.btz on its government computers, Strategic Command, which oversees deterrence strategy for nuclear weapons, space and cyberspace, raised the military’s information security threat level. A few weeks later, in November, an order went out banning the use of thumb drives across the Defense Department worldwide. It was the most controversial order of the operation.

Agent.btz had spread widely among military computers around the world, especially in Iraq and Afghanistan, creating the potential for major losses of intelligence. Yet the ban generated backlash among officers in the field, many of whom relied on the drives to download combat imagery or share after-action reports.

[snip]

The ban on thumb drives has been partially lifted because other security measures have been put in place.

Read more

Anglo-Americans at Cyberwar: Two Weeks of Cupcakes

/in /by

I’ve been meaning to return to this Ellen Nakashima story on our cyberwar efforts. As you recall, it lays out the turf war between the CIA and DOD over clandestine cyberops, partly by telling the story a fight over whether or not to disrupt the jihadist online magazine “Inspire.”

Last year, for instance, U.S. intelligence officials learned of plans by an al-Qaeda affiliate to publish an online jihadist magazine in English called Inspire, according to numerous current and senior U.S. officials. And to some of those skilled in the emerging new world of cyber-warfare, Inspire seemed a natural target.

The head of the newly formed U.S. Cyber Command, Gen. Keith Alexander, argued that blocking the magazine was a legitimate counterterrorism target and would help protect U.S. troops overseas. But the CIA pushed back, arguing that it would expose sources and methods and disrupt an important source of intelligence. The proposal also rekindled a long-standing interagency struggle over whether disrupting a terrorist Web site overseas was a traditional military activity or a covert activity — and hence the prerogative of the CIA.

The CIA won out, and the proposal was rejected. But as the debate was underway within the U.S. government, British government cyber-warriors were moving forward with a plan.

When Inspire launched on June 30, the magazine’s cover may have promised an “exclusive interview” with Sheik Abu Basir al-Wahishi, a former aide to Osama bin Laden, and instructions on how to “Make a Bomb in the Kitchen of Your Mom.” But pages 4 through 67 of the otherwise slick magazine, including the bomb-making instructions, were garbled as a result of the British cyber-attack.

It took almost two weeks for al-Qaeda in the Arabian Peninsula to post a corrected version, said Evan Kohlmann, senior partner at Flashpoint Global Partners, which tracks jihadi Web sites.

The Telegraph elaborated on that story by telling of the swell cupcake recipes MI6 replaced the bomb recipe with.

The cyber-warfare operation was launched by MI6 and GCHQ in an attempt to disrupt efforts by al-Qaeda in the Arabian Peninsular to recruit “lone-wolf” terrorists with a new English-language magazine, the Daily Telegraph understands.

When followers tried to download the 67-page colour magazine, instead of instructions about how to “Make a bomb in the Kitchen of your Mom” by “The AQ Chef” they were greeted with garbled computer code.

The code, which had been inserted into the original magazine by the British intelligence hackers, was actually a web page of recipes for “The Best Cupcakes in America” published by the Ellen DeGeneres chat show.

Written by Dulcy Israel and produced by Main Street Cupcakes in Hudson, Ohio, it said “the little cupcake is big again” adding: “Self-contained and satisfying, it summons memories of childhood even as it’s updated for today’s sweet-toothed hipsters.”

It included a recipe for the Mojito Cupcake – “made of white rum cake and draped in vanilla buttercream”- and the Rocky Road Cupcake – “warning: sugar rush ahead!”

By contrast, the original magazine featured a recipe showing how to make a lethal pipe bomb using sugar, match heads and a miniature lightbulb, attached to a timer.

So apparently this operation against Inspire, which had government hackers and their bosses on two continents scheming and in-fighting, succeeded in delaying for two weeks the publication of a bomb recipe that probably existed elsewhere on the Internet already.

With cupcakes.

And these spooks are apparently impressed enough with themselves that they’re boasting about it openly to journalists.

Dudes. Two weeks of cupcakes do not equate to Stuxnet.

I’ve been pondering the apparent self-congratulation over this op ever since I read this story, particularly in light of the seeming similarity between this op and the WikiLeaks hack last year. Do our cyberwarriors consider it a legitimate “win” to simply delay the publication of a transnational internet operation for a week or so? At what cost? And by “cost,” I mean both the tens of millions we’re investing to develop, apparently, the capability to engage in juvenile pranks. And also the cost in credibility as a purported defender of free speech wastes its time harassing, but not preventing, the free speech of groups it doesn’t like.

I mean, there must be more to our cyberwarfare than two weeks of cupcakes, isn’t there?

Of course, there must be, if the CIA was concerned about sources and methods. Presumably, CIA was already monitoring who was reading Inspire. Which–whatever it says about the First Amendment in this country–is probably still a better use of cyberwar time and dollars than two weeks of cupcakes.

Or are we to believe that the Generals think we’re going to win the GWOT by playing cyber-whack-a-mole with a group whose competitive advantage over us is in its nimbleness?

Did Thomas Drake Include Privacy Concerns in His Complaints to DOD’s Inspector General?

/in /by

I’ve been reviewing the docket on Thomas Drake’s case to see whether it touches on the privacy concerns Drake had about NSA’s post-9/11 activities.

It appears it doesn’t, even while there was an ongoing dispute about whether or not Drake will have access to the materials he submitted to the DOD Inspector General in support of claims that the ThinThread program operated more effectively than the Trailblazer program that Michael Hayden chose to enrich SAIC with instead (the Judge ruled that material would be admissible, but not a formal whistleblower defense, which Drake wasn’t trying to do anyway).

There are a couple of reasons why the silence, in the legal filings, about privacy concerns is interesting (aside from the fact that it’s a focus of Jane Mayer’s article.

First, because the two-sentence summary of the conclusion of the DOD IG Report on Trailblazer and ThinThread that the defense provides in a filing doesn’t address privacy.

In 2004, after more than a year of fact-finding, the Inspector General issued its initial audit findings. In a report entitled, “Requirements for the Trailblazer and Thinthread Systems,” the auditors concluded that “the National Security Agency is inefficiently using resources to develop a digital network exploitation system that is not capable of fully exploiting the digital network intelligence available to analysts from the Global Information Network . . . (T)he NSA transformation effort may be developing a less capable long-term digital network exploitation solution that will take longer and cost significantly more to develop.” The NSA continued to support the “less capable” program and its successor.

Which suggests the IG Report may not have addressed the claim that, in addition to being less efficient at “connecting the dots” than ThinThread, Trailblazer also offered none of the privacy protections ThinThread had.

That’s important because the government argued that Drake couldn’t claim to be a whistleblower because, by 2007, the issues at hand were resolved. They’re arguing both that any whistleblower claims would be mooted because Turbulence, Trailblazer’s successor, integrated “significant portions” of ThinThread, and that the debate was “over” by 2007, when Drake was (according to the indictment) serving as a source for Baltimore Sun reporter Siobhan Gorman.

In or about December 2004, the DOD IG completed its audit of [Trailblazer], including the allegations raised in the complaint letter. The NSA responded in August 2004 and February 2005, stating that based on the judgments of NSA’s experienced technical experts, the allegations were unfounded. Nonetheless, NSA agreed to incorporate significant portions of [ThinThread] into [Trailblazer] as a result of the DOD IG recommendations, thus largely mooting the issues raised in the complaint. In addition, starting in late 2005 and early 2006, the NSA transitioned away from [Trailblazer] to [Turbulence], another corporate architecture solution for Signals Intelligence collection.

[snip]

Just as importantly, by 2007, the timeframe of the charges in this case, there was no imminent harm faced by the defendant, because [Trailblazer] had incorporated elements of [ThinThread], and also because NSA had transitioned away from [Trailblazer] to [Turbulence].

[snip]

The defendant’s actions had no impact in the debate regarding the efficacy of [Trailblazer and ThinThread], because NSA had begun transitioning to [Turbulence] by 2006. Put simply, the debate was over.

There’s a lot going on in this passage. Obviously, the government is trying to claim that since Drake was allegedly collecting information for Gorman in 2007, he couldn’t claim he was whistleblowing.

Mind you he was not claiming he was whistleblowing, in the legal sense. He was only trying to get the IG materials to prove that’s why he collected three of the documents he’s accused of willingly keeping; basically, he’s arguing that if he overlooked three documents out of 5 boxes worth originally collected for the IG–and did not retain the really classified materials–that he basically just overlooked the three documents, rather than willfully retained them.

And the government is playing funny with dates. After all, they say Drake served as a source for Gorman from February 27, 2006, to November 28, 2007. The key story about ThinThread Drake served as a source for was dated May 18, 2006. And one of the charges accuses Drake of obstruction for shredding other documents. So not only is the 2007 date bogus because it igonores debates ongoing in 2006, but the government suggests that either Drake would be guilty for illegally retaining information, or obstructing an investigation. Moreover, Drake maintains he inadvertently included the three IG-related documents in the several boxes of unclassified materials, so the fact the debate was over is pointless.

Moreover, the successor to Trailblazer, Turbulence, was suffering from the same management problems Trailblazer had, as the defense notes just after citing the IG Report. The government wants to pretend the shift from Trailblazer to Turbulence ended the complaints about management problems, but it didn’t.

But then there’s the way the government portrays the IG complaint: efficacy. As I laid out the other day, there are four ways, Gorman’s sources claim, that ThinThread was better than Trailblazer:

The program the NSA rejected, called ThinThread, was developed to handle greater volumes of information, partly in expectation of threats surrounding the millennium celebrations. Sources say it bundled together four cutting-edge surveillance tools. ThinThread would have:

* Used more sophisticated methods of sorting through massive phone and e-mail data to identify suspect communications.

* Identified U.S. phone numbers and other communications data and encrypted them to ensure caller privacy.

* Employed an automated auditing system to monitor how analysts handled the information, in order to prevent misuse and improve efficiency.

* Analyzed the data to identify relationships between callers and chronicle their contacts. Only when evidence of a potential threat had been developed would analysts be able to request decryption of the records.

In other words, privacy was just one of three ways ThinThread was better than Trailblazer, according to Gorman’s sources.

But that’s not the aspect the government seems to address. That is, the government seems to be saying that, because Turbulence adopted some of the approaches of ThinThread that made it more efficient at analysis, Drake can’t complain. The suggestion is (though we can’t know because of the secrecy) privacy is not, like efficacy, an adequate reason to blow the whistle. Neither privacy, nor the Constitution.

And that’s interesting for two more reasons. First, because the government references a notebook of documents Drake provided that had nothing to do with the IG Report.

There was, for example, a notebook of documents provided by the defendant, many of which had nothing to do with the IG’s audit, but this notebook was destroyed before the case began, and after the IG completed its audit.

Is it playing games with the scope of the audit? That is, did Drake provide materials on privacy, which the IG didn’t include within the scope of its report? If so, the IG’s destruction of the notebook, in violation of DOD’s document retention policy, is all the more interesting.

Then, finally, the debates about privacy continued into 2007 and 2008. In August 2007, specifically, Mike McConnell nixed a Democratic version of the Protect America Act because it required the government to tell FISA judges what the plan for minimizing US person data is and allowed the judges to review for compliance. Debates on how to fix PAA continued throughout the fall and into the following year, with Russ Feingold and Sheldon Whitehouse both trying to make real improvements on the minimization requirements.

The government seems to want to say that Drake’s privacy concerns aren’t a valid whistleblowing concern. Because, I guess, government officials aren’t allowed to whistleblow about citizens’ rights.

Thomas Drake Complained about Michael Hayden Spending $1B to Do What $3M Could Do

/in /by

Thomas Drake, the NSA whistleblower, was on 60 Minutes this evening. I’ll have more to say about his appearance and case going forward, but I just wanted to highlight a critical detail revealed by 60 Minutes: the relative cost of Trailblazer–the SAIC implemented program Michael Hayden championed–and ThinThread–the program Drake and others claim was more effective and had privacy protections.

One of them was Lieutenant General Michael Hayden, the head of the agency: he wanted to transform the agency and launched a massive modernization program, code named: “Trailblazer.” It was supposed to do what Thin Thread did, and more.

Trailblazer would be the NSA’s biggest project. Hayden’s philosophy was to let private industry do the job. Enormous deals were signed with defense contractors. [Bill] Binney’s Thin Thread program cost $3 million; Trailblazer would run more than $1 billion and take years to develop.

“Do you have any idea why General Hayden decided to go with Trailblazer as opposed to Thin Thread, which already existed?” Pelley asked.

“I believe he was convinced by others that going with a large-scale, industrial strength solution was the approach that NSA needed to take. You can’t really understand why they would make that kind of a decision without understanding the culture of NSA,” Drake said.

Asked to elaborate, Drake said, “Careers are built on projects and programs. The bigger, the better their career.” [my emphasis]

So Drake was complaining about a program that cost 300 times as much as the one he championed (ultimately, Trailblazer cost $1.2 billion, so actually 400 times as much). It’s not an apples-to-apples comparison. Trailblazer, according to a government filing, worked across more platforms. ThinThread, according to a Siobhan Gorman story, had additional functionality, including privacy protections.

But still, Drake complained about a program that did what ThinThread did–at 300 to 400 times the cost.

As one of the other NSA employees who whistleblew about Trailblazer, J. Kirk Wiebe, explains,

“How does a man see 9/11 happened, know that some part of it is due to corruption and mismanagement and sleep at night. How does a man do that? He obviously couldn’t,” Wiebe told Pelley.

Yet the government wants to put Drake in jail for 35 years because he tried to make sure incompetence that led to 9/11 doesn’t continue.

Putting “Really Mushy” Functions in a Department that Refuses to Be Audited

/in /by

Noah Shachtman points to NextGov’s unsuccessful attempt to define how much DOD plans to spend on cybersecurity next year. DOD or its components have offered three different versions:

  • DOD’s mid-February report it would spend $2.3 billion
  • Air Force’s mid-February report it, by itself, would spend $4.6 billion
  • DOD’s March 23 revised report it would spend $3.2 billion

Part of the problem, as Shachtman explains in the NextGov piece, is that the definition of what counts as cybersecurity is not yet well defined.

“All of this stuff is still really mushy,” Shachtman said. Further obscuring visibility into the budget is the fact that some cybersecurity funding is classified at Defense components such as the NSA. Meanwhile, Cyber Command presents a new spending variable, he noted.

“Exactly where the NSA ends and the Cyber Command ends is a very open question,” Shachtman said. “How the Cyber Command is supposed to interact with the services is still being worked out.” He predicted it will take years to untangle the process of budgeting for federal computer security.

While you’re trying to get your head around how the Air Force has a bigger budget than the whole DOD for cybersecurity, remember a couple of things.

First, both the Air Force and DOD generally have stated policies of not telling Congress about Special Access Programs (in the case of Air Force) or clandestine cyberops. So to the extent that this mushy budget is mixed in with cyberops (as distinct from cybersecurity), there’s a decent chance Congress isn’t seeing all of it.

But even if Congress decided to look, to the extent that NSA (or CyberCommand, which General Keith Alexander also commands) has a hand in it, Congress is almost guaranteed to be unable to track it closely. That’s because NSA books can’t be audited and apparently NSA doesn’t intend to fix those problems.

Now all of would be pretty funny except that, insofar as the government can’t distinguish between legitimate cybersecurity (you know, preventing hackers and leakers from using thumb drives to upload malware and download entire databases) and cyberwar financially, there’s a decent chance they can’t do so organizationally either.

Or to put it in more tangible terms, HB Gary’s past governmental work has been about cybersecurity–assessing malware and finding intrusions. But they’ve been proposing collecting information about citizens’ First Amendment activity to use to target those citizens. And the Air Force–that entity with a cybersecurity budget bigger than all of DOD’s cybersecurity budget–is the service that was engaging cybersecurity firms to develop persona management software.

But aside from that, why should we be worried that such dangerous entities are organizationally such a clusterfuck?

How the “Most Transparent Administration Ever” Worsens Transparency with Transparency Effort

/in /by

The Director of National Intelligence has floated a “shockingly bad” proposal on how much review GAO will be permitted within the intelligence community. According to Steven Aftergood, because the proposal defines the intelligence community broadly, it might result in the loss of GAO review in agencies like DOD and State.

The Director of National Intelligence has prepared a draft intelligence directive on access by the Government Accountability Office (GAO) to intelligence information, but it is “shockingly bad,” a congressional official said.

[snip]

The first draft of the new directive is said to reserve maximum discretion to the DNI, and to offer little practical assurance that GAO will get access to the information it needs.So, for example, the definition of intelligence information that may be withheld from GAO extends broadly to law enforcement, military and intelligence information related to national security.  GAO access is to be denied whenever it concerns information regarding “intelligence budgets or funding, or personnel information that… may reveal intelligence strategy, capabilities, or operations.”

“In other words, GAO cannot look at anything that involves money or people,” the congressional official told Secrecy News.  “Combine that with the sweeping, open-ended definition of intelligence and large chunks of the federal government suddenly vanish from [GAO] oversight– DOD, FBI, DHS, State Department, etc.”

Aftergood points out what I did several weeks ago: the intelligence agencies generally (with the exception of NRO), and NSA in particular, have completely ineffective accounting systems.

But when the Committee looked at NSA’s books in 2009, they were still a complete clusterfuck.

The NSA‘s annual financial report was the exception, in that it showed no apparent improvement. In particular, the Committee was concerned about the failed implementation of NSA‘s new financial system. An NSA Inspector General report found that this system was put into operation before it was adequately tested and that operators were not properly trained to use it. The NSA also made $7 million in duplicative invoice payments, and the agency could not successfully reconcile its financial books at the end of fiscal year 2008. Further, a July 2008 Army Finance Command report, referenced by the NSA IG, found that the NSA‘s accounting system was in violation of public laws, Treasury Department financial manuals, and DoD regulations, and was inconsistent with the Federal Managers Financial Integrity Act.

After SSCI cracked heads, the NSA claimed it had fixed the problems in June 2009. Only they hadn’t.

NSA’s Clusterfuck Financial Management

/in /by

I’m reading through the Senate Select Committee on Intelligence’s report on what it did last Congress. Among a number of interesting details, the report describes really really bad accounting at the National Security Agency (NSA).

The report describes how the Intelligence Authorization Bill of 2002 required that our big intelligence agencies produce auditable financial statements by 2005. Most agencies at least showed improvement; the National Reconnaissance Office (NRO) actually fixed its books so they were auditable. But when the Committee looked at NSA’s books in 2009, they were still a complete clusterfuck.

The NSA‘s annual financial report was the exception, in that it showed no apparent improvement. In particular, the Committee was concerned about the failed implementation of NSA‘s new financial system. An NSA Inspector General report found that this system was put into operation before it was adequately tested and that operators were not properly trained to use it. The NSA also made $7 million in duplicative invoice payments, and the agency could not successfully reconcile its financial books at the end of fiscal year 2008. Further, a July 2008 Army Finance Command report, referenced by the NSA IG, found that the NSA‘s accounting system was in violation of public laws, Treasury Department financial manuals, and DoD regulations, and was inconsistent with the Federal Managers Financial Integrity Act.

After SSCI cracked heads, the NSA claimed it had fixed the problems in June 2009. Only they hadn’t.

In June 2009, the Director of NSA wrote to the Chairman and Vice Chairman, claiming that the NSA was now ―fully compliant with the laws, regulations, and manuals referenced in the U.S. Army Finance Command report and the Federal Financial Managers Integrity Act. The NSA Director‘s letter also stated that the NSA had been able to reconcile its fiscal year 2008 financial records. In July 2009, the Chairman and Vice Chairman wrote to the Secretary of Defense concerning the NSA Director‘s letter. They stated that in light of the NSA‘s past difficulties in producing auditable financial statements, the Committee believed the progress claimed by the NSA should be independently confirmed by the DoD Inspector General. Specifically, the letter requested that the DoD IG conduct a form and content review of the NSA‘s fiscal year 2009 financial statements to determine whether they were supported by reliable and accounting data and supporting information.

The Committee received the results of the DoD IG‘s review in November 2009, which was very critical of NSA‘s claims. Overall, the IG found that the NSA‘s financial statements were not adequately supported by reliable accounting data and supporting information. An even more disturbing finding was that the NSA‘s ―remediation plans do not fully address audit impediments. Specific findings included an inability to reconcile critical general ledger balances, failure to perform required accounting processes, and inconsistencies between the information contained in the notes to the financial statements and the information provided to the IG. The IG‘s findings raised serious questions about the assertions made by the NSA Director in his June 2009 letter and the support he is receiving from the administrative staff involved.

The report doesn’t actually say whether NSA has since fixed its auditing systems such that someone can actually tell whether the telecoms paid to spy on us are paid what they are supposed to be paid. So the most up-to-date information the report provides is that in late 2009, the NSA wasn’t really planning to fix the things that made it difficult to audit its books.

Along the way, some lucky telecoms (or other contractors) got paid twice. Or maybe got paid for stuff that is not on the books, who knows?

Now, $7 million is small potatoes in the great pot of money the NSA doles out to contractors. It’s not like they lost $9 billion in cash, like some other entities at DOD.

But at the same time as SSCI was discovering how bad NSA’s book-keeping practices were, they were overseeing the assignment to NSA of our Cyber Command. Keith Alexander, the guy who oversaw this book-keeping clusterfuck, is now in charge of even more secret contracts to people who spy on activities that might sweep up Americans.

Call me crazy, but NSA’s apparently inability or unwillingness to fix its book-keeping seems rather ripe for abuse.

Senior Officials Wave Their SIGINT Around

/in /by

You’ve probably already read this story detailing how Hosni Mubarak used his 18 day delay in resigning to rob the Egyptian people. While the whole thing is worth a read, I wanted to point out how a senior Western intelligence official makes a point of revealing that we’ve been aware of conversations among Mubarak’s thieving family members.

But a senior Western intelligence source claimed that Mubarak had begun moving his fortune in recent weeks.

We’re aware of some urgent conversations within the Mubarak family about how to save these assets,” said the source, “And we think their financial advisers have moved some of the money around. If he had real money in Zurich, it may be gone by now.” [my emphasis]

The reference to “urgent conversations” seems to suggest they were actually listening in on them. (It also raises the question of why we didn’t try to stop Mubarak from stealing the money, but I think we know the answer to that question.)

That’s similar to the way another senior official–this one identified as American–brags to CNN about the satellites we’re using to collect intelligence in Egypt. (h/t Tim Shorrock)

As the Obama administration reacted, Washington was using a variety of intelligence assets to see what was happening in Cairo and other Egyptian cities, CNN has learned.

The U.S. military and intelligence community are using “national technical means” in the sky over Egypt to gather information about the demonstrations and the deployment of Egyptian security forces.

The phrase “national technical means” is used by the U.S. government to generally refer to the use of reconnaissance satellites to gather imagery or signals intelligence.

A senior U.S. official with direct knowledge of the operation confirmed the intelligence-gathering but declined to be identified because of the sensitive nature of the matter.

The official declined to say to what extent the Egyptian government is aware of the activity. The official would not say specifically which intelligence-gathering elements were being used but indicated that operations were being conducted in a manner that would not be visible to the Egyptian populace.

The official said the decision to use intelligence-gathering assets came in part after violence erupted in the early days of the Cairo demonstrations. [my emphasis]

Now, it should surprise no one to know that the US has been collecting signals intelligence from Egypt. We would be focusing on Egypt anyway because of our Israeli and counterterrorism interests. And SIGINT will undoubtedly be more important as our relationship with Omar Suleiman shifts along with his position in the government. But normally it’s considered polite not to admit to using SIGINT so blatantly.

What seems to be a key intent of these public admissions of our spying is to disclose to whom we were listening–Mubarak’s family (and presumably other top officials)–and why we shifted our normal focus away from counterterrorism targets–because of Egyptian security forces had used violence against protesters.

In other words, this seems to be a message to top officials in Egypt–both Mubarak and our partners in Egypt’s military–that we’ve shifted our gaze away from counterterrorism and onto the government itself.

I thought we weren’t supposed to tell the people we were eavesdropping on that we were doing so?

Colombia Refuses to “Look Forward”

/in /by

In Colombia, apparently, you get arrested when you oversee illegal domestic wiretapping.

Colombia’s Prosecutor General ordered the arrest of Jorge Noguera, a former director of Colombia’s state intelligence agency DAS, for the his alleged involvement in the illegal spying on government opponents.

Noguera, who was director of the DAS between 2002 and 2006, is suspected of having set up the illegal activities of the DAS that included wiretapping supreme court magistrates, journalists, human rights organizations and opposition politicians.

Imagine if Michael Hayden (who oversaw the NSA when Cheney set up his illegal wiretap program) or John Brennan (who was in charge of the departments that chose whom to target with the system) got arrested for their role in the program?

Hell, imagine if Cheney himself were arrested (President Alvaro Uribe’s Chief of Staff is reportedly one target of this investigation)?

Pretty crazy, isn’t it, imagining what it would be like to live in a country with a functioning rule of law … like Colombia?