Justice and NSA had butted heads in the past over allegations that NSA had collected information that they believed to be in the gray areas of NSA’s legal charter. A few years earlier, attorney general Griffin Bell had stalked the corridors of NSA looking for Gandy to express his strong opinions about certain activities that he believed Gandy was involved in. So although FBI liked Gandy, their bosses at Justice sometimes did not.
It would later emerge that Gandy was not the only senior intelligence officer to take note of the parochialism and turf fighting that made mounting a serious effort against the Soviet technical espionage threat impossible.
Robert Gates, who was deputy director of CIA and eventually became CIA director, then secretary of defense, summarized the chaotic state of affairs in a memo to then CIA director Casey about problems with an interagency group, which included DOD, NSA, CIA, and the State Department, whose charter was to coordinate countermeasures against foreign intelligence technical threats.6
SECRET
28 April 1986
MEMORANDUM FOR: Director of Central Intelligence
FROM: Deputy Director of Central Intelligence
SUBJECT: Security and Countermeasures: Improving the SIG Process (S) [denotes SECRET]
1. We are under heavy pressure from the Senate Select Committee and the NSC Staff to make improvements in the security, counterintelligence and security countermeasures arenas. They and others believe that these issues do not receive nearly enough attention of senior managers in government, including the Intelligence Community, and that those efforts that do exist are disconnected and proceed in isolation. They also believe that somehow shortcomings in these areas contributed to the rash of spies in the last year or so. They may be right. (S)
2. As a result of my examination of this problem, I believe their concerns, particularly in the security countermeasures arenas, are reasonably well founded; in addition, you and I perceive problems that others do not.
—Specifically, the division of labor between the Security Committee and the IG/Countermeasures is totally ambiguous. Essentially, there are two groups charged with responsibility for the same problems. Where there is not inaction, there is paralysis as a result of bureaucratic tugs of war and parochial viewpoints.
—The Security Committee has 10 subcommittees and half a dozen or so working groups all involving people at the working level. As noted above, parochialism dominates in this area (more so than in any area I have ever seen).
—Moreover, there is little contact or coordination among the committees—that is, across security disciplines (computer security, personnel security, physical security, etc.)
—The leadership of the Security Committee is competent but not very aggressive and lacking a charter to attack some of the more difficult problems.
—Simultaneously, the leadership of the IG/CM is weak and provides little leadership or coordination.
—A variety of ad hoc groups have sprung up, some from within the Intelligence Community, others at the instigation of the NSC Staff or others, to try and work around these problems. Mary Lawton’s group on personnel security is an excellent example.
—The relationship between organizations in the Intelligence Community or the SIG and non-intelligence organizations (such as NTISSC) is ambiguous, and as a result there is little contact, consultation or coordination.
—There is no Intelligence Community organization to identify and act upon leaks. (S)
3. In sum, the bureaucratic underbrush has grown so high it is straining efforts in the security/countermeasures area to address some of the problems we face. There is a lack of coordination and sharing of information, a prevalence of bureaucratic turf fighting, and a general passivity in the entire structure. (S)
4. By contrast, all are in agreement that there has been significant progress in the counterintelligence arena, particularly in the 16/31 chaired by Judge Webster [FBI director]. He has provided effective leadership and as Director of FBI and a member of the SIG has the clout to make things move. In addition, there is now a group of people leading the counterintelligence effort in the various agencies—especially in CIA and in NSA—who are much more willing to collaborate with their colleagues. In short, this is an area that I think is working reasonably well. (S)
5. I suggest the following changes in structure and procedure to address some of the problems above:
—First, abolish the Security Committee and restructure its activities under the auspices of the SIG.
—Second, split the IG for Countermeasures into one that deals with physical and personnel security and another that deals with technical surveillance countermeasures, COMSEC, etc.
—Third, consolidate the various committees and subcommittees under SECOM into five or six broader committees operating under the auspices of the appropriate 16 for Countermeasures. These committees should be chaired by a senior line manager from the agency that has the largest equity involved in the subject (or the best expertise) and the membership of each committee should be comprised of, again, senior line managers from agencies that have a useful role to play. The key is to involve senior line managers who can make commitments for and deliver their agencies so that the committee structure is not just a staff undertaking.
Fourth, restructure the Intelligence Community Staff elements involved in these issues to create a Counterintelligence and Security Countermeasures Staff that would provide staff support to the three IG’s, house the Unauthorized Disclosure Analysis Center, and the analytical capability to continue to perform such ad hoc responsibilities as you assign as well as the Annual Hostile Threat Assessment. This Staff will have the additional responsibility of ensuring not only support for each of the committees under the two Countermeasure 16’s but also that the results of each committee’s work are shared with the other committees and that there is a continuing consultation and coordination among the various disciplines. This will require a far more aggressive staff chief and staff than has been the case in the past.
Fifth, the Chairman of NTISSC should be a member of the SIG to ensure that issues on telecommunications and computer security going beyond the Intelligence Community are coordinated with efforts being taken within the Community. (S)
Recommendation.
1. That you [CIA director William Casey] approve the above measures.
2. That you sign the attached memorandum forwarding these proposals and associated organization chart to SIG principals for their consideration.
3. That we schedule a SIG for the end of this week to get these recommendations blessed.
4. That within a day or two of the SIG the new structure be implemented.
Attachment: As Stated (S)
SECRET
Two of Gate’s most noteworthy comments in the memo that echoed Charles’s frustration were:
“Where there is not inaction, there is paralysis as a result of bureaucratic tugs of war and parochial viewpoints.…” Parochialism dominates in this area (more so than in any area that I have ever seen).
And the kicker: “There is no intelligence community organization to identify and act upon leaks.”
So Gandy, filling out his chart in 1983, was merely anticipating Gates’s memo, not the first—or last—time that people at the working level discovered problems long before leaders at the very top did.
After sketching the gray line between Moscow Station and CIA headquarters, Gandy’s fingers began to cramp with all the drawing, so he put down the pencil.
Surveying his work, he decided there was no point to continuing. The political landscape that he had just sketched was one in which no one, from top to bottom, could afford to show weakness, lest a determined opponent attack them in that weak spot. And no one could afford to cooperate with him.
State couldn’t admit any security problems because it would give DOD, through its henchman NSA, carte blanche to uncover still more problems and further sabotage diplomatic efforts with the Soviets. CIA headquarters couldn’t admit t
hey needed NSA’s help because that would put them at a disadvantage in their eternal struggle for supremacy with FBI and NSA in matters of overseas counterintelligence and technical countermeasures. DS&T had to issue the Band-Aid report to prove they were on top of things to the ever-critical DO.
And if Gandy were honest with himself, NSA was not pure as the driven snow either. Historically, NSA had pushed against CIA to increase its own power and prestige. Then there were the reports that NSA was withholding intelligence from CIA in order to get credit with the president for big scores. Gandy didn’t know if these reports were true, but, well, senior executives usually got where they were at NSA, as elsewhere, by being competitive. You couldn’t expect competitive people not to compete, could you?
A deep, bone-numbing fatigue settled over Gandy. This stuff was way above his pay grade, involving death struggles between heavyweights like Weinberger, Casey, and Shultz.
Attempting to recruit allies was pointless in a city where every new ally came with one or more new enemies.
He thought about crumpling up the paper he now came to think of as the who-hates-whom chart, but he thought better of it. Might come in handy down the road. In this town, you never knew.
Turning off the light in his work shed, Gandy went to his living room to relax in front of a Baltimore Orioles game. Opening up his favorite soft drink, Diet Coke, and taking a sip, he was grateful that real baseball was a lot more understandable, and rewarding, than the hardball played in D.C.
8. A Trip to the Oval Office
French Embassy, Moscow, January 1983
One of several teleprinters that transmitted highly classified diplomatic communications to and from the embassy jammed, prompting the code clerk who operated the printer to call in a repairman. The teleprinter was part of the Myosotis system of French diplomatic communication, named after the Myosotis flower for reasons known only to the French.
Opening up the machine and probing it carefully, the repair technician discovered several nonstandard components, which, upon closer inspection, seemed to have no obvious function in printing documents. This puzzling find led the technician to suspect that he had stumbled upon implants from a foreign intelligence service, so he proceeded no further with his repairs and immediately informed his superiors of the anomalies he had discovered.
When the printer was put into the secure diplomatic pouch and sent back to Paris for closer inspection at the French counterintelligence service, the Direction de la Surveillance du Territoire (DST), engineers there made a troubling discovery: a stealthy optical device connected to the printer’s data bus was wirelessly transmitting all messages sent to or from the printer.
Further investigation revealed that the teleprinter had also been fitted with RF remote control circuits, which would cause the optical device to generate burst transmissions, exfiltrating stored message traffic in extremely hard-to-detect, ultrabrief transmissions.1
French intelligence was astonished at the technical sophistication of the implants. The teleprinters had been installed in the embassy in 1976 and 1977, when optical communication devices (which use technology similar to modern TV infrared remote controls) were just becoming widely available. Ultracompact digital memory to store messages for later burst transmission was also considered high-tech in 1976.
Most troubling of all, DST realized that even state-of-the-art TSCM could not detect the optical burst transmissions, because the teleprinter implants radiated infrared energy rather than RF signals that conventional TSCM gear sensed.
If the teleprinter had not jammed, the French never would have discovered that someone, almost certainly KGB, was collecting ultraclassified cable traffic between Paris and Moscow.
The teleprinter implant discovery raised many troubling questions. First, how many of the embassy’s printers had been compromised? A quick follow-up survey established that every one of them sported optical implants.
Second, how had the KGB gotten their hands on the teleprinters to modify them? An investigation revealed that the Soviets had almost certainly hijacked the modified printers during shipment from Paris to Moscow. KGB defector Victor Sheymov later said that the KGB had a special facility at Sheremetyevo International Airport for “inspecting” such equipment and a “factory” in Moscow for quickly installing implants.
Finally, how were the optical transmissions escaping the embassy where Soviet infrared receivers could pick them up? The rooms where the teleprinters operated had painted-over windows that blocked all light. Was infrared energy somehow leaking out through gaps in the room?
Embassy employees had been known to scratch small holes in black-painted security windows so that they could see what the weather was like outside. Was IR energy getting out through such a hole? Or did the optical devices transmit ultrashort bursts when the door to the teleprinter room opened so that receivers elsewhere in the embassy could pick them up and relay them to a nearby KGB listening post?
Was it conceivable that optical energy could escape the embassy through unpainted windows in the embassy when code room doors were opened? Even if there were no windows across from the room where the teleprinter operated, infrared signals could bounce off embassy hallways, turning corners and eventually finding a window where the signals could escape to the outside world. (Point a TV remote at your forehead instead of the TV and observe that you can change channels with IR energy bounced off your head.)
If the French found the answer to how the IR signals made their way to the KGB, they never revealed it. But the KGB would probably not have gone to the trouble and expense of installing the devices if they weren’t able to receive data from their optical implants.
Indeed, Victor Makarov, who worked in the KGB’s Sixteenth Chief Directorate (SIGINT) from 1980 to 1986, confirmed that the KGB was reading all French diplomatic traffic during that time period.2
French president François Mitterrand was outraged when informed of the KGB operation and, even though he was a left-leaning socialist, retaliated by expelling forty-seven Russian diplomats, most of them undercover KGB officers, from France.3
The French knew exactly which Soviets to PNG, because they had their own asset inside Russian intelligence, Colonel Vladimir Vetrov (codenamed Farewell) of the KGB’s T group, who named individual KGB officers to DST.4
When the Soviet ambassador to France protested the expulsions, a French official showed him KGB classified material provided by Vetrov, proving that the expelled diplomats were indeed spies. (Incidentally, the French official who revealed Vetrov’s “product” to the Soviets probably doomed Vetrov, because KGB counterintelligence used the material in the leak to trace it back to its source. Colonel Vetrov, who was already serving twelve years for murder, was then tried and executed for treason.)5
Normally, the French, like any nation that had been compromised by a foreign intelligence service, would keep a discovery such as the teleprinter implants to themselves. Not only was such a KGB penetration highly embarrassing, but allies, such as other members of NATO, might not trust the French with sensitive information if they knew how insecure French communication channels were.
However, in order to embarrass the Soviets, and to deter them from future espionage, French officials leaked information to the French press about KGB successes, along with detailed descriptions gathered from Colonel Vetrov about Soviet efforts to steal technology from France and other Western powers. The French press ran with the scandalous stories, stoking anti-Soviet sentiment.
Possibly because the Franco-Russian espionage spat played out in the press, the French government decided there was little harm in sharing the teleprinter find with allies. And sharing such information with allies, such as America, might induce those same allies to return the favor if and when they found their own clever KGB implants. So in mid-1983, a French general who had served with Lincoln Faurer at NATO when the NSA director was stationed in Europe sent a note to Faurer describing the teleprinter discovery and inviting him to send experts
to France to study it. Faurer in turn called Gandy and asked that he send someone from R9 across the pond to conduct a detailed examination and to report back on the implant and its implications for U.S. communications security. Gandy got in touch with one of his top deputies, who promptly got on a plane to France.
Linthicum, Maryland, February 1983
Gandy sat at his desk at NSA’s Friendship Annex, near Baltimore-Washington International Airport, reading and rereading the report that his deputy, an engineer whom we’ll call Brad, had prepared describing the teleprinter implant after his inspection in Paris. The report was well organized, thorough, and troubling. The KGB had, in addition to an optical device, fitted the teleprinter with a cleverly disguised power line exfiltration system that relayed messages typed on the teleprinter through the Moscow power grid directly to KGB listeners. Such a “belt and suspenders” approach was typical KGB tradecraft, ensuring that if one exfiltration method failed due to adversary countermeasures, such as power line filters or efficient optical blockers, a backup system could do the job.
From his two trips to Moscow, Gandy had become familiar with State Department TSCM methods, and he doubted they would be able to find such a device if the KGB had gotten it into the embassy.
That meant that a sophisticated implant like the one found by the French might, at that very moment, be relaying classified information to the Soviets. Maybe that was what those mysterious clicks he had heard on both trips to Moscow represented.
While he was considering what to do about the threat posed by the teleprinter device, Walt Deeley, one of NSA’s deputy directors, strode into his office unannounced.
Although Gandy did not report to Walt, the deputy director was a couple of notches higher in the NSA management chain, reporting directly to Lieutenant General Faurer. So Gandy was not surprised that Walt had felt no need to schedule the visit in advance or to knock before entering.
The Spy in Moscow Station Page 16