“Apalachee” is the code name for the U.N. offices in New York. “Magothy” is the American surveillance label for the EU Embassy in Washington. Two months before, MacAskill only mentioned that the NSA had blueprints for the U.N.’s 31st floor offices. Poitras includes them in her report. Interestingly, the two consulates are not monitored domestically. They are surveilled by NSA analysts and technicians in Brussels. The spying is made easier by both embassies being linked through a VPN, which affords the NSA certain technological advantages. One NSA employee reported, “If we lose access to one site, we can immediately regain it by riding the VPN to the other side and punching a whole (sic) out. We have done this several times when we got locked out of Magothy.” NSA technicians have also decrypted the U.N.’s internal video teleconferencing system using Blarney. In a three-week period, the number of decrypted messages went from 12 to 458. The documents cited in the report correspond with signed orders for diplomatic espionage by then-U.S. secretary of state Hillary Clinton. Frighteningly, the 2009 directive included the surveillance of biometrics. Biometric spying uses highly advanced technology to catalog a person’s physiological characteristics. This includes facial, voice and retinal recognition.
Poitras goes on to mention that the International Atomic Energy Agency in Vienna is surveilled by American intelligence, Blarney produces 11,000 pieces of data a year, before citing two previously unknown program names: “Dancingoasis” and “Rampart-T.” The latter has been in operation since 1991 and its objective is “penetration of hard targets at or near the leadership level” or, in laymen’s terms, it is being used to spy on 20 different world leaders. Like Lithium, little is known about Dancingoasis.
As with her August 5 exposé, “Mass Data: Transfers from Germany Aid US Surveillance,” Poitras provides enough new information for a reader to connect the dots. In “Apalachee” she notes that the NSA monitors U.S. offices from abroad. In “Mass Data,” she relays that the NSA abides by the surveillance laws of the nation in which it is stationed. She makes a point to reiterate it is legal for intelligence agencies to eavesdrop on foreign communications in “How the NSA Targets Germany and Europe” on July 1. Echoing the purported American practice of extraordinary rendition, wherein authorities transport a suspected criminal to a foreign country whose criminal justice laws are more lenient so harsher interrogation techniques can be used, Poitras’ note forces the question of whether the NSA is surveilling its own country from abroad so that it may legally spy on its citizens.
Two days later Süddeutsche Zeitung and NGB added to the international conspiracy with “British Officials Have Far-Reaching Access to Internet and Telephone Communications.”82 Like Poitras’ article, the German new sources continue where they had previously left off, “Britain Draws from German Internet.” Having revealed that the international fiber-optic line TAT-14 was tapped by GCHQ, the German media goes on to report that other primary distribution cables are under British surveillance: Atlantic Crossing 1, Circe North, Circe South, Flag Atlantic-1, Flag Europa-Asia, Sea-Me-We 3 and Sea-Me-We4, Solas, UK France 3, UK Netherlands-14, Ulysses, Yellow and the Pan European Crossing. For German readers, the new concern was Sea-Me-We 3 and AC-1, which rest on native soil. More alarmingly, the German portion of Sea-Me-We 3 is owned by Telekom which, predictably, denied any knowledge of its communications being watched. Interestingly, one of the communications providers previously implicated in the English spying conspiracy, British Telecommunications, is reported to have designed some of GCHQ’s surveillance hardware and software.
Though GCHQ had probably issued a report by this time to the NSA about what had been found in Miranda’s possession, there was no proof there was not more. The intelligence community continued to investigate. By August 29 it felt confident enough to announce it was getting closer to answers of how Snowden managed to acquire the monumental amount of data that even he didn’t have the authority to access. An anonymous former U.S. official who was familiar with the investigation relayed to NBS News, “Every day, they [intelligence officials] are learning how brilliant he [Snowden] was. This is why you don’t hire brilliant people for jobs like this. You hire smart people. Brilliant people get you in trouble.”83 Senator Feinstein had told reporters in late June she’d been informed Snowden had stolen approximately 200 documents.84 Two months later, after the number had risen to 20,000, then skyrocketed to 58,000, the NSA admitted it was still unable to determine exactly what the whistleblower had pilfered. But the agency had discovered one method he’d used. Snowden had learned his lesson from his first futile attempts to access highly classified files when he was with the CIA and Dell. Instead of trying to steal them himself, he stole them as someone else: Snowden had gained access by borrowing other NSA employees’ identities. As a system administrator, he had the ability to create and modify user accounts. The whistleblower cherry-picked who he wanted to be and with what level clearance. The ongoing forensic investigation revealed he had used other personnel’s accounts when they were on vacation or called in sick so as not to arouse suspicion. It also saved him the trouble of having to remove his electronic footprint afterward. The anonymous source stated, “The damage, on a scale of 1 to 10, is a 12.”85 By December, the NSA would admit to 60 Minutes that the actual number of stolen items was closer to 1.7 million.86
The discovery provided enough pieces of the puzzle to gain a glimpse of Snowden’s methodology. He would tell former CIA analyst Ray McGovern on October 9 the laptops he had been seen with in Hong Kong were “diversions”87 or decoys. The computers were not empty, but they did not contain all the stolen documentation. Snowden could not risk having all the data confiscated. He knew if he were apprehended, he would be searched. The laptops had to house something incriminating, otherwise security would continue looking. He was aware it would take time for forensics to discover his identity theft, and by providing the authorities with something substantial, he could be tried and sentenced before they found the full contents of his lifted catalog. Therefore he had created and initiated the timed contact release program for his encrypted passwords before he left America in case he was apprehended before he met Greenwald and Poitras. He undoubtedly told them—should he be caught—to withhold reporting until after his trial. There was no worry of China draining the contents of his laptops because they contained little or nothing of consequence. As noted, by the time he landed in Russia, he didn’t have a single classified file in his possession.
August 29 was also a day for disclosures. The Australian news source The Age and The Washington Post published a total of four reports in less than 24 hours.
It was inevitable more information would come to light about the other Three Eyes—Australia, New Zealand and Canada—and their respective roles in collaboratively monitoring the world. Süddeutsche Zeitung passed along regionally applicable disclosures to an Australian journalist named Philip Dorling. A trained historian, Dorling became a political staffer in 1996 after working in the Australian Department of Foreign Affairs and Trade. He remained in politics and government until 2008. As with Poitras and Greenwald, Dorling had already earned his whistleblowing badge. Police raided his home in 2000 upon suspicion he had leaked information to the press about East Timor, a country occupying half an island in Southeast Asia.88 Dorling became a journalist and got raided again in 2008 after he published an article which contained excerpts from a classified brief intended for the Australian minister of defense.89 He was the sole Australian journalist to get direct access to the WikiLeaks “Cablegate” release in late 2010. Cablegate was the leak of 251,287 cables between the White House and numerous diplomatic missions around the world. He writes for The Age and The Sydney Morning Herald,90 subsidiary publications of Fairfax Media.
“Australian spies in global deal to tap undersea cables”91 expounds upon Süddeutsche Zeitung’s report on GCHQ’s commandeering multiple fiber-optic lines. Dorling states the Australian Signals Directorate is working alongside British government, the NSA, as well as Singap
ore intelligence in order to surveil undersea cables connecting Australia, Asia and the Middle East. One of the tapped communication lines is one of world’s largest, the previously mentioned Sea-Me-We 3.
An accompanying slide shows Sea-Me-We 3 runs across the entire eastern hemisphere and connects to Germany, Belgium, Britain, France, Portugal, Morocco, Italy, Greece, Turkey, Cyprus, Egypt, Saudi Arabia, Djibouti, Oman, the United Arab Emirates, Pakistan, India, Sri Lanka, Myanmar, Thailand, Malaysia, Indonesia, Singapore, Australia, Brunei, Vietnam, the Philippines, Macau, Hong Kong, China, Taiwan and Japan. The data following through a portion of the cable is freely surrendered to federal intelligence—not by a private provider—but by its administrator, SingTel, a company owned by the Singaporean government and the country’s Defense Ministry. Singapore authorities “cooperate” with the Australian Signals Directorate which, in turn, hands over the information to GCHQ. Because Australia’s only connection to the cable runs through Singapore, GCHQ is able to monitor “much of Australia’s telecommunications and internet traffic with Europe” through Sea-Me-We 3.
“NSA paying U.S. companies for access to communications networks”92 arrived on August 29. It is the first in a series of seven nearly consecutive reports by Gellman, complete with an interactive slideshow. The article explores how the intelligence community intended to account for its $52.6 billion “Black Budget” from the latter half of 2012 through the beginning of 2013. The information was derived from Clapper’s leaked FY 2013 Congressional Budget Justification report.93 Though the numbers are overwhelming, they do not include the funding for military intelligence gathering.
Clapper spends the first two pages of the 178-page report bemoaning prior budget cuts. The first action item under “Signals Intelligence” is “[ … ] bolstering our support for clandestine SIGINT capabilities to collect against high priority targets, including foreign leadership targets.” The director of national intelligence proceeds to ignore that millions of what he had already been given in previous years went to non-terroristrelated industrial, political and economic espionage as he acridly announces “[ … ] we will continue to house some of the IC [intelligence community] workforce in older and less capable facilities that may not meet current antiterrorism/force protection requirements [ … ].” It is unclear whether Clapper is stating these personnel will be in physical danger or obligated to use outdated surveillance equipment that does not abide by current law. The first item of concern under “Investments” is not the protection of American citizens but “[p]rioritizing our requirements [ … ] to produce a budget that meets customer needs [ … ].” As revealed in previous disclosures, the “customer” is corporate partnerships and other nations who have contracted NSA’s services. Under “Mission Focused Science & Technology,” Clapper wants biometrics to continue to be funded and further developed.
The report proceeds to list anticipated operational expenses. The individual budgets for the data-mining programs alone are massive. Blarney cost $65.96 million, Fairview $94.74 million, Stormbrew $46.04 million and Oakstar’s tab was $9.41 million. The remaining $61.85 million goes unaccounted.
The report reveals that “Corporate Partner Access” data is expected to cost $278 million. Yet this fund is clearly for clandestine domestic partnerships. A separate line is allotted for “Foreign Partner Access,” which is a comparative bargain at $56.6 million. The 500 percent difference shows where the NSA’s surveillance priorities lie. Partnership money pays for data as well as the corporations’ “network and circuit leases, equipment hardware and software maintenance, secure network connectivity, and covert site leases.” At over 80 companies worldwide, the average payout is almost $4.1 million per contracted business.94
Paul Kouroupas, a former Global Crossing security officer, is paraphrased by Gellman. Kouroupas stated that some companies receive the payment with open arms and willfully sign government contracts. Doing so is not only convenient but lucrative. These businesses realize they would draw less revenue if they were to merely charge for individual court orders. Gellman summarizes attorney Albert Gidari, who reported that firms also enter into agreements with Washington to defer the legal cost of having each FISC order reviewed. As witnessed by Yahoo and Facebook’s grievances, he added that the U.S. government uses the Machiavellian tactic of dragging its feet when it comes to reimbursing those who insist on receiving individual orders. This gives companies even more incentive to sign on the dotted line.
The next article, “U.S. spy network’s successes, failures and objectives detailed in ‘black budget’ summary”95 reveals that the U.S. intelligence community consists of 107,035 employees and its largest department is the CIA. Its budget was $14.7 billion. The NSA’s spending allotment was $10.8 billion.96 Gellman relays, “The surge in resources for the [CIA is] funded secret prisons [i.e., rendition camps or “black sites”], a controversial interrogation program, the deployment of lethal drones and a huge expansion of its counterterrorism center.” One-fifth of intelligence workers—21,575—are CIA. Of its total budget, $68.6 million went to “creating and maintaining ‘cover’” for overseas operatives to present themselves as peaceful diplomats. Though Clapper wanted more money for biometrics, monumental advances in this state-of-the-art technology had taken place since Clinton’s 2009 directive. The CIA was using drones to conduct physiological espionage in the Middle East. U.S. intelligence could now identify a person from thousands of feet in the air.
Depending on a reader’s perspective, Gellman’s next topic can be viewed as either an objective or a failure. Ironically, the people who are paid to be suspicious were growing paranoid of one another. The NSA had started to worry about “potential insider compromise of sensitive information.” The agency intended to reinvestigate 4,000 of its civilian employees. It wanted to review “high-risk, high-gain applicants and contractors” or the anti-establishment, anti-authoritarian computer geniuses the agency couldn’t function without. It knew that a cultural and philosophical divide dwells within the current generation of analysts. As former NSA inspector general Joel F. Brenner remarked, “There were lots of discussions at NSA and in the intelligence community in general about the acculturation process. They were aware that they were bringing in young people who had to adjust to the culture—and who would change the culture.”97 This generational antagonism was evident in the crowd’s response to Alexander during the Black Hat conference in Las Vegas. But the reception could have been a lot worse. The General had been advised not to represent the intelligence community at the DefCon conference which took place the same week. As a security conference, the Black Hat convention attracted professional technicians and would be more accepting of government authority figures. DefCon was a hacker meeting.98 The NSA knew it needed to recruit from both groups but had difficulty trusting Generation X’s IT wizards. The disproportionate rate of pay to education, even for analysts holding college degrees, is offered in an attempt to quell the inherent discontent. Most lawyers and psychologists fail to earn what Snowden did at BAH. Many doctors and surgeons are below the whistleblower’s pay grade when he worked for Dell.99 The NSA also worried about double agents infiltrating the agency. Gellman goes into greater detail about this facet of the Black Budget in a later exposé.
Shifting gears once more, Gellman relays, like Germany, Washington views Israel as both a surveillance partner and target because the country “has a history of espionage attempts against the United States.” Iran, China and Russia’s systems are admitted to have strong spy defenses, but the greatest surveillance stronghold is North Korea. There are “critical gaps” in intelligence on North Korea. The NSA knows “virtually nothing” about its leader, Kim Jong-un. Other intelligence omissions include concise knowledge of Lebanon’s Hezbollah movement and China’s aircraft capabilities.
The third installment in the Black Budget series is “To hunt Osama bin Laden, satellites watched over Abbottabad, Pakistan, and Navy SEALs.”100 The article tells how the al-Qaeda leader was found.
With the aid of 387 high-resolution and infrared images gathered during the previous month, the commando raid that discovered and killed bin Laden had been directed by satellites. Using metadata then cell phone GPS, the Navy SEALs were led to where bin Laden was hiding in Abbottabad. Eight hours later, DNA confirmed his identity. The determination was made after having covertly obtained blood samples from those around the terrorist. The lab results verified his immediate circle consisted of relatives. The CIA had recruited a Pakistani doctor, Shakil Afridi, whose cover was that of a public health worker distributing vaccinations. Afridi was later convicted and sentenced to 33 years for crimes against the State. The sentence has since been overturned but is set for retrial.
Gellman returned on August 30 to present, “U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show.”101 It is a companion article to Greenwald’s June 7 cyberattack directive report. It reveals Obama’s order was not an exercise in hypothetical espionage. It followed a year in which Operation “GENIE” produced over 200 U.S.led cyberattacks.
It costs American taxpayers $652 million for intelligence workers to infiltrate foreign networks and computers. Once in, they insert malicious software or “malware,” so analysts can remotely control “thousands of machines.” An anonymous official is quoted as saying the NSA’s agenda is to “[ … ] pry open the window somewhere and leave it so when you come back the owner doesn’t know it’s unlocked, but you can get back in when you want to.” Gellman reports the ultimate goal is to infect millions of systems. GENIE includes a program code-named “Turbine” which monitors all of its spyware bugs. It has the capability to run “potentially millions of implants.” As Snowden did, the implants are designed to ensure no electronic footprint is left behind. System logs are automatically modified or deleted after a hack has taken place.
The Edward Snowden Affair Page 27
