The CIA's New Black Bag Is Digital
When the NSA can't break into your computer, these guys break into your
house.
BY MATTHEW M. AID | JULY 17, 2013
http://www.foreignpolicy.com/articles/2013/07/16/the_cias_new_black_bag_is_digital_nsa_cooperation?page=full
During a coffee break at an intelligence conference held in The Netherlands
a few years back, a senior Scandinavian counterterrorism official regaled me
with a story. One of his service's surveillance teams was conducting routine
monitoring of a senior militant leader when they suddenly noticed through
their high-powered surveillance cameras two men breaking into the militant's
apartment. The target was at Friday evening prayers at the local mosque. But
rather than ransack the apartment and steal the computer equipment and other
valuables while he was away -- as any right-minded burglar would normally
have done -- one of the men pulled out a disk and loaded some programs onto
the resident's laptop computer while the other man kept watch at the window.
The whole operation took less than two minutes, then the two trespassers
fled the way they came, leaving no trace that they had ever been there.
It did not take long for the official to determine that the two men were, in
fact, Central Intelligence Agency (CIA) operatives conducting what is known
in the U.S. intelligence community as either a "black bag job" or a
"surreptitious entry" operation. Back in the Cold War, such a mission might
have involved cracking safes, stealing code books, or photographing the
settings on cipher machines. Today, this kind of break-in is known inside
the CIA and National Security Agency as an "off-net operation," a
clandestine human intelligence mission whose specific purpose is to
surreptitiously gain access to the computer systems and email accounts of
targets of high interest to America's spies. As we've learned in recent
weeks, the National Security Agency's ability to electronically eavesdrop
from afar is massive. But it is not infinite. There are times when the
agency cannot gain access to the computers or gadgets they'd like to listen
in on. And so they call in the CIA's black bag crew for help.
The CIA's clandestine service is now conducting these sorts of black bag
operations on behalf of the NSA, but at a tempo not seen since the height of
the Cold War. Moreover, these missions, as well as a series of parallel
signals intelligence (SIGINT) collection operations conducted by the CIA's
Office of Technical Collection, have proven to be instrumental in
facilitating and improving the NSA's SIGINT collection efforts in the years
since the 9/11 terrorist attacks.
Over the past decade specially-trained CIA clandestine operators have
mounted over one hundred extremely sensitive black bag jobs designed to
penetrate foreign government and military communications and computer
systems, as well as the computer systems of some of the world's largest
foreign multinational corporations. Spyware software has been secretly
planted in computer servers; secure telephone lines have been bugged; fiber
optic cables, data switching centers and telephone exchanges have been
tapped; and computer backup tapes and disks have been stolen or
surreptitiously copied in these operations.
In other words, the CIA has become instrumental in setting up the shadowy
surveillance dragnet that has now been thrown into public view. Sources
within the U.S. intelligence community confirm that since 9/11, CIA
clandestine operations have given the NSA access to a number of new and
critically important targets around the world, especially in China and
elsewhere in East Asia, as well as the Middle East, the Near East, and South
Asia. (I'm not aware of any such operations here on U.S. soil.) In one
particularly significant operation conducted a few years back in a
strife-ridden South Asian nation, a team of CIA technical operations
officers installed a sophisticated tap on a switching center servicing
several fiber-optic cable trunk lines, which has allowed NSA to intercept in
real time some of the most sensitive internal communications traffic by that
country's general staff and top military commanders for the past several
years. In another more recent case, CIA case officers broke into a home in
Western Europe and surreptitiously loaded Agency-developed spyware into the
personal computer of a man suspected of being a major recruiter for
individuals wishing to fight with the militant group al-Nusra Front in
Syria, allowing CIA operatives to read all of his email traffic and monitor
his Skype calls on his computer.
The fact that the NSA and CIA now work so closely together is fascinating on
a number of levels. But it's particularly remarkable accomplishment, given
the fact that the two agencies until fairly recently hated each others'
guts.
Ingenues and TBARs
As detailed in my history of the NSA, The Secret Sentry, the CIA and NSA had
what could best be described as a contentious relationship during the Cold
War era. Some NSA veterans still refer to their colleagues at the CIA as
'TBARs,' which stands for 'Those Bastards Across the River,' with the river
in question being the Potomac. Perhaps reflecting their higher level of
educational accomplishment, CIA officers have an even more lurid series of
monikers for their NSA colleagues at Fort Meade, most of which cannot be
repeated in polite company because of recurring references to fecal matter.
One retired CIA official described his NSA counterparts as "a bunch of damn
ingenues." Another CIA veteran perhaps put it best when he described the
Cold War relationship amongst and between his agency and the NSA as "the
best of enemies."
The historical antagonism between the two agencies started at the top. Allen
W. Dulles, who was the director of the CIA from 1953 to 1961, disliked NSA
director General Ralph Canine so intensely that he deliberately kept the NSA
in the dark about a number of the agency's high-profile SIGINT projects,
like the celebrated Berlin Tunnel cable tapping operation in the mid-1950s.
The late Richard M. Helms, who was director of the CIA from 1966 to 1973,
told me over drinks at the Army-Navy Club in downtown Washington, D.C. only
half jokingly that during his thirty-plus years in the U.S. intelligence
community, his relations with the KGB were, in his words, "warmer and more
collegial" than with the NSA. William E. Colby, who served as Director of
Central Intelligence from 1973-1976, had the same problem. Colby was so
frustrated by his inability to assert any degree of control over the NSA
that he told a congressional committee that "I think it is clear I do not
have command authority over the [NSA]." And the animus between CIA director
Admiral Stansfield Turner (CIA director from 1977-1981) and his counterpart
at the NSA, Admiral Bobby Ray Inman, was so intense that they could only
communicate through intermediaries.
But the 9/11 terrorist attacks changed the operational dynamic between these
two agencies, perhaps forever. In the thirteen years since the 9/11
terrorist attacks, the NSA and CIA have largely, but not completely, moved
past the Cold War animus. In addition, both agencies have become
increasingly dependent on one another for the success of their respective
intelligence operations, leading to what can best be described as an
increasingly close symbiotic relationship between these two titans of the
U.S. intelligence community.
While the increasingly intimate relationship between the NSA and CIA is not
a secret, the specific nature and extent of the work that each agency does
for the other is deemed to be extremely sensitive, especially since many of
these operations are directed against friends and allies of the United
States. For example, the Special Collection Service (SCS), the secretive
joint CIA-NSA clandestine SIGINT organization based in Beltsville, Maryland,
now operates more than 65 listening posts inside U.S. embassies and
consulates around the world. While recent media reports have focused on the
presence of SCS listening posts in certain Latin America capitals,
intelligence sources confirm that most of the organization's resources have
been focused over the past decade on the Middle East, South Asia, and East
Asia. For example, virtually every U.S. embassy in the Middle East now hosts
a SCS SIGINT station that monitors, twenty-four hours a day, the complete
spectrum of electronic communications traffic within a one hundred mile
radius of the embassy site. The biggest problem that the SCS currently faces
is that it has no presence in some of the U.S. intelligence community's top
targets, such as Iran and North Korea, because the U.S. government has no
diplomatic relations with these countries.
At the same time, SIGINT coming from the NSA has become a crucial means
whereby the CIA can not only validate the intelligence it gets from its
oftentimes unreliable agents, but SIGINT has been, and remains the lynchpin
underlying the success over the past nine years of the CIA's secret unmanned
drone strikes in Pakistan, Yemen and elsewhere around the world.
But the biggest changes have occurred in the CIA's human intelligence
(HUMINT) collection efforts on behalf of NSA. Over the past decade, foreign
government telecommunications and computer systems have become one of the
most important targeting priorities of the CIA's National Clandestine
Service (NCS), which since the spring of this year has been headed by one of
the agency's veteran Africa and Middle East hands. The previous director,
Michael J. Sulick, is widely credited with making HUMINT collection against
foreign computer and telecommunications systems one of the service's top
priority targets after he rose to the top of the NCS in September 2007.
Today, a cadre of several hundred CIA NCS case officers, known as Technical
Operations Officers, have been recruited and trained to work exclusively on
penetrating foreign communications and computer systems targets so that NSA
can gain access to the information stored on or transmitted by these
systems. Several dozen of these officers now work fulltime in several
offices at NSA headquarters at Fort George G. Meade, something which would
have been inconceivable prior to 9/11.
CIA operatives have also intensified their efforts to recruit IT specialists
and computer systems operators employed by foreign government ministries,
major military command headquarters staffs, big foreign multinational
corporations, and important international non-governmental organizations.
Since 9/11, the NCS has also developed a variety of so-called "black boxes"
which can quickly crack computer passwords, bypass commercially-available
computer security software systems, and clone cellular telephones -- all
without leaving a trace. To use one rudimentary example, computer users
oftentimes forget to erase default accounts and passwords when installing a
system, or incorrectly set protections on computer network servers or e-mail
accounts. This is a vulnerability which operatives now routinely exploit.
For many countries in the world, especially in the developing world, CIA
operatives can now relatively easily obtain telephone metadata records, such
as details of all long distance or international telephone calls, through
secret liaison arrangements with local security services and police
agencies.
America's European allies are a different story. While the connections
between the NSA and, for example, the British signals intelligence service
GCHQ are well-documented, the CIA has a harder time obtaining personal
information of British citizens. The same is true in Germany, Scandinavia
and the Netherlands, which have also been most reluctant to share this sort
of data with the CIA. But the French intelligence and security services have
continued to share this sort of data with the CIA, particularly in
counterterrorism operations.
U.S. intelligence officials are generally comfortable with the new
collaboration. Those I have spoken to over the past three weeks have only
one major concern. The fear is that details of these operations, including
the identities of the targets covered by these operations, currently reside
in the four laptops reportedly held by Edward Snowden, who has spent the
past three weeks in the transit lounge at Sheremetyevo Airport outside
Moscow waiting for his fate to be decided. Officials at both the CIA and NSA
know that the public disclosure of these operations would cause incalculable
damage to U.S. intelligence operations abroad as well as massive
embarrassment to the U.S. government. If anyone wonders why the U.S.
government wants to get its hands on Edward Snowden and his computers so
badly, this is an important reason why.
==========================================
(F)AIR USE NOTICE: All original content and/or articles and graphics in this
message are copyrighted, unless specifically noted otherwise. All rights to
these copyrighted items are reserved. Articles and graphics have been placed
within for educational and discussion purposes only, in compliance with
"Fair Use" criteria established in Section 107 of the Copyright Act of 1976.
The principle of "Fair Use" was established as law by Section 107 of The
Copyright Act of 1976. "Fair Use" legally eliminates the need to obtain
permission or pay royalties for the use of previously copyrighted materials
if the purposes of display include "criticism, comment, news reporting,
teaching, scholarship, and research." Section 107 establishes four criteria
for determining whether the use of a work in any particular case qualifies
as a "fair use". A work used does not necessarily have to satisfy all four
criteria to qualify as an instance of "fair use". Rather, "fair use" is
determined by the overall extent to which the cited work does or does not
substantially satisfy the criteria in their totality. If you wish to use
copyrighted material for purposes of your own that go beyond 'fair use,' you
must obtain permission from the copyright owner. For more information go to:
http://www.law.cornell.edu/uscode/17/107.shtml
THIS DOCUMENT MAY CONTAIN COPYRIGHTED MATERIAL. COPYING AND DISSEMINATION IS
PROHIBITED WITHOUT PERMISSION OF THE COPYRIGHT OWNERS.
Posts
No comments:
Post a Comment