Snowden therefore was highly desirable for Booz Allen from an economic point of view. Even though he had no prior experience as an infrastructure analyst, and he had been detected being untruthful about his degree in computer sciences, he not only had a SCI security clearance but was willing to take a cut in pay. In keeping with the Booz Allen business plan, such a recruit provided another cog in its profit machine.
Not only had the NSA outsourced much of its computer operations to private companies, but the Clinton administration in 1996 had privatized background checks for government employees requiring security clearances. The idea, backed by Vice President Al Gore, was to reduce the size of the federal government by outsourcing investigating the backgrounds of millions of government applicants for jobs. The task had previously been performed by the FBI, but it was assumed that a profit-making business could do it faster and more efficiently. The private company named U.S. Investigations Services was purchased in 2007 for $1.5 billion by Providence Equity Partners, a rapidly expanding investment firm founded in 1989 by graduates of Duke, Brown University, and the Harvard Business School. So like Booz Allen, USIS was backed by a hedge fund determined to make money by systematically cutting the cost of a service previously carried out by the government.
But such outsourcing had drawbacks. For one thing, unlike the FBI, USIS lacked the investigative clout to gain entry to certain government agencies. A Congressional review found that the privacy act permits disclosure of government agency records to the private firm if they are part of a “routine use of the records,” but intelligence agencies did not consider all such requests to be “routine.” For example, when it did the background check on Snowden in 2011, it could not get access to his CIA file. The “derog” in his file might have set off alarm bells, as might the fear that he had been threatened by an internal investigation over his alleged computer tampering in 2009. The FBI might have learned this about Snowden if it had done his background check.
The lack of adequate oversight was another problem. USIS closed cases and cleared applicants without completing an adequate investigation. According to a U.S. government suit filed in 2014, USIS had prematurely closed over 665,000 investigations in order to get paid for them more quickly. Because the more cases it completed each month, the more money it received from the government, the lawsuit alleged that USIS employees often “flushed” or ended cases before completing a full investigation to meet corporate-imposed quotas for getting bonuses. One employee, in an e-mail cited in the government’s complaint, said they “flushed everything like a dead goldfish.” As a result, some information specialists entering the NSA through the back door of outside contractors were not fully vetted. (On August 20, 2015, USIS agreed to forfeit $30 million in fees to settle the lawsuit.)
USIS was also open to sophisticated hacking attacks by outsiders. In August 2014, the Department of Homeland Security’s counterintelligence unit discovered such a massive and persistent breach in USIS that it shut down its entire exchange of data with it. The intrusion into USIS records in this case was attributed to hackers in China most likely linked to the Chinese intelligence service. Such massive intrusions dated back to 2011. USIS’s lack of security in its website left a gaping hole through which outside parties, including Chinese and Russian hackers, could learn both the identity and the background information of specialists applying for jobs at the NSA.
These private companies also did not sufficiently protect the personal data of their independent contractors working at the NSA. The hackers’ group Anonymous took credit for the successful 2011 attack on the Booz Allen Hamilton servers. It also cracked the algorithms used to protect employees. It next injected so-called Trojan horse viruses and other malicious codes into Booz Allen servers that allowed it future entry. If amateur hackers such as Anonymous could break into the computers of the NSA’s largest contractor, so could adversaries’ state espionage services with far more advanced hacking tools. From these sites, China or Russia could obtain all the job applications and personal résumés submitted to contractors such as Booz Allen. It could then compile a list of the best candidates to do its bidding.
These deficiencies in the private sector were compounded by the failure of security in the government’s own Office of Personnel Management. It used a computer system called e-QIP in which intelligence employees, including outside contractors, updated their computerized records to maintain or upgrade their security clearances. For example, Snowden updated his clearance in 2011. To do so, these employees constantly updated their financial and personal information. As it turned out, there was a major hole in the e-QIP system. It has repeatedly been hacked by unknown parties since 2010. In 2015, the U.S. government told Congress that China was most likely responsible, but Russia and other nations with sophisticated cyber services could have also participated in the hacking. In any case, the records of over nineteen million employees, including intelligence workers, became available to a hostile intelligence service. This breach would allow hostile services to obtain a great deal of information about independent contractors working at the NSA. They could then use this data to follow the movements of any of these intelligence workers they deemed of interest.
Despite all the potential flaws in it, the outsourcing system continued in place. It even featured a revolving door through which Booz Allen hired retiring executives from the intelligence services, such as the former NSA director Michael McConnell; James Woolsey, a former director of the CIA; and the retired general James Clapper, who later served as director of national intelligence.
The cozy relationship between the private firms and the NSA notwithstanding, the NSA leadership operated as if it were unaware that outsourcing could create a security problem. As far back as 2005 General Hayden, then the departing head of the NSA, had been warned of one such vulnerability in a memorandum written by a counterintelligence officer at the NSA. Like the earlier 1996 report by the threat officer, this memorandum noted the NSA had ceded responsibility for managing its secret systems to outsiders and warned that the NSA’s reliance on them to manage its computers had opened a back door into the NSA. In addition, it warned that once an outside contractor managed to slip in through this back door, he could easily jump from one outsourcer to another. This was what Snowden did when he moved from Dell to Booz Allen Hamilton in 2013.
Despite its security flaws, outsourcing seemed to provide a number of advantages to the NSA. For one thing, it provided a means for circumventing the budget restrictions imposed by Congress on hiring new employees. In addition, because private companies had less rigid hiring standards, it greatly expanded the pool of young system administrators by tapping into computer cultures that would be antagonistic to working directly for the government. Finally, it drew less on NSA resources. Because these information technologists were only temporary employees, they were not entitled to military pensions, paid medical leave, and other benefits. It was a system that effectively replaced military careerists with freelancers.
The irony of the situation was that the NSA had surrounded its front doors with rings of barbed wire, closed-circuit cameras, and armed guards, but for reasons of economy, bureaucratic restrictions, and convenience it had left the back door of outsourcing open to temporary employees of private companies, even though it might take some time for them to gain entry to its inner sanctum.
“It was not a question of if but when one of the contractors would go rogue,” the former NSA executive who wrote the 2015 memorandum told me. Snowden answered that question in 2013. Even more extraordinary than the theft itself was the reaction to it by the NSA. It turned out that there was no cost of failure levied against the outside contractor Booz Allen, which had employed Snowden when he bypassed its security regime to steal the keys to the kingdom. Booz Allen had not reported “red flags” concerning Snowden’s attempt to get secrets to which he was not privy and his absence from work for six days. Nor was Snowden the last Booz Allen contractor to compromise NSA secrets. On August
27, 2016, the FBI arrested Harold Thomas Martin, who worked on a Booz Allen contract at an NSA facility, for stealing secret NSA documents. Even so, the NSA did not penalize Booz Allen. Instead, its revenues and profits from government contracts markedly increased between 2013 and 2016.
Despite these breaches the NSA did not alter its reliance on private contractors. The back door to the NSA remained wide open. Outsourcing to private companies has become an all but irreplaceable part of the intelligence system in America, Snowden’s actions, and the risk of future similar actions, notwithstanding.
CHAPTER 21
The Russians Are Coming
The collapse of the Soviet Union was a major geopolitical disaster of the century.
—VLADIMIR PUTIN
IN THE FIRST INVASION of a European country since the end of the Cold War, Russian military forces moved into the Crimea and other parts of eastern Ukraine in February and March 2014. Unlike with previous Russian troop movements, such as those into Poland, Hungary, Czechoslovakia, and East Germany during the Cold War, the weeklong massing of Russian elite troops and sophisticated equipment for the move into Ukraine almost totally evaded detection by the NSA’s surveillance. Never before had the NSA’s multibillion-dollar armada of sensors and other apparatus for intercepting signals missed such a massive military operation. According to a report in The Wall Street Journal that cited Pentagon sources, Russian units had managed to hide all electronic traces of their elaborate preparations. If so, after more than half a century of attempted penetrations, Russia had apparently found a means of stymieing the interception capabilities of the NSA.
Putin had firm ideas about restoring Russia’s power in the post–Cold War era. A formidable KGB officer before he became president of the Russian Federation in 2000, he made no secret that his goal was to prevent the United States from obtaining what he termed “global hegemony.” His logic was clear. He judged the breakup of the Soviet Union in 1991 to be, as he put it, “a geopolitical disaster.” He argued that the breakup had provided the United States with the means to become the singular dominant power in the world.
He sought to prevent that outcome by moving aggressively to redress this loss of Russian power. He upgraded Russia’s nuclear force, modernized Russia’s elite military units, and greatly strengthened Russia’s relations with China. The last measure was essential because China was Russia’s principal ally in opposing the extension of American dominance. Yet there was still an immense gap between them and the United States in communications intelligence.
Since the breakup of the Soviet Union, the NSA had continued to build up its technological capabilities, while Russia teetered on the edge of collapse in the early 1990s. But as previously mentioned, the NSA’s legal mandate had been limited by Congress to foreign interceptions (at least prior to 9/11). As a result, it was required to separate out domestic from foreign surveillance, a massive process that not only was time-consuming but could generate dissidence within the ranks of American intelligence. It also could not legally use its surveillance machinery to monitor the telephones and Internet activities of the tens of thousands of civilian contractors who ran its computer networks—at least not unless the FBI began an investigation into them.
Here the Russian intelligence services had a clear advantage. They had a lawful mandate to intercept any and all domestic communications. In fact, a compulsory surveillance system called by its Russian acronym SORM had been incorporated into Russian law in 1995. It requires the FSB and seven other Russian security agencies to monitor all forms of domestic communications including telephones (SORM-1), e-mails and other Internet activity (SORM-2), and computer data storage of billing information (SORM-3). Not only did Russia run a nationwide system of Internet filtering in 2013, but it required its telecommunication companies to furnish it with worldwide data.
The NSA also had to deal with many peripheral issues other than the activities of Russia and China. It was charged with monitoring nuclear proliferation in Iran, Pakistan, and North Korea, potential jihadist threats everywhere in the world, and much else. The Russian foreign intelligence service, the SVR, could put its limited resources to work on redressing the gap with its main enemy: the United States.
Nevertheless, Putin had to reckon with the reality in 2013 that Russia could not compete with the NSA in the business of intercepting communications. And if the NSA could listen in on all the internal activities of its spy agencies and security regime, the ability of Putin to use covert means to achieve his other global ambitions would be impaired. In the cold peace that replaced the Cold War, Russia had little hope of realizing these ambitions unless it could weaken the NSA’s iron-tight grip on global communications intelligence. One way to remedy the imbalance between Russian intelligence and the NSA was via espionage. Here the SVR would be the instrument, and the immediate objective would be to acquire the NSA’s lists of its sources in Russia. If successful, it would be a game changer.
Such an ambitious penetration of the NSA, to be sure, was a tall order for Russian intelligence. Most of its moles recruited in the NSA by the KGB had been code clerks, guards, translators, and low-level analysts. They provided documents about the NSA’s cipher breaking, but they lacked access to the lists of the NSA’s sources and methods. These meager results did not inhibit Russian efforts. For six decades, ever since the inception of the NSA in 1952, the Russian intelligence service had engaged in a covert war with the NSA.
The Russian intelligence service is, as far as is known, the only intelligence service in the world that ever succeeded in penetrating the NSA. A number of NSA employees also defected to Moscow. The history of this venerable enterprise is instructive.
The first two defectors in the NSA’s history were William Martin and Bernon Mitchell. They were mathematicians working on the NSA’s decryption machines who went to Moscow via Cuba in 1960. The Russian intelligence service, then called the KGB, went to great lengths to get propaganda value from their defections. It even organized a ninety-minute press conference for them on September 6, 1960, at the Hall of Journalists and invited all the foreign correspondents in Moscow. Before television cameras, the defectors denounced the NSA’s activities. Martin told how the NSA breached international laws by spying on Germany, Britain, and other NATO allies. Mitchell, for his part, suggested that the NSA’s practice of breaking international laws could ignite a nuclear war. Indeed, he justified their joint defection to Russia in heroic whistle-blowing terms, saying, “We would attempt to crawl to the moon if we thought it would lessen the threat of an atomic war.” The NSA review of the case, however, assessed that little damage had been done, because the NSA quickly changed the codes they had compromised. It noted, “The Communist spymasters would undoubtedly have preferred Martin and Mitchell to remain in place as moles, since their information was dated as of the moment they left NSA.”
The next NSA defector was Victor Norris Hamilton, a translator and analyst at the NSA. He arrived in Moscow in 1962, and like Mitchell and Martin he claimed the status of a whistle-blower. This time, the KGB provided a newspaper platform. Writing in the Russian newspaper Izvestia, Hamilton revealed the extent of U.S. spying on its allies in the Middle East.
None of these three 1960s defectors revealed what, if any, NSA secret documents they had compromised. Nor did any of them ever return to the United States. Martin changed his name to Vladimir Sokolodsky, married a Russian woman, and died in Mexico City on January 17, 1987. Mitchell vanished from sight and was reported to have died in St. Petersburg on November 12, 2001. Hamilton, after telling Russian authorities stories about hearing voices in his head because of an NSA device implanted in his brain, was consigned to Special Psychiatric Hospital No. 5 outside Moscow.
There were also KGB spies in the NSA who were caught or died before they could defect. One of them was Sergeant Jack Dunlap. He was found dead of carbon monoxide poisoning in his garage on July 23, 1963. Although there was no suicide note, his death was ruled an apparent suicide. NSA cla
ssified documents were later discovered in his house. After that, NSA investigators unraveled his decade-long career as a KGB mole. Dunlap had been recruited by the KGB in Turkey in 1952. The standard KGB tool kit for recruitment was called MICE. It stood for Money, Ideology, Compromise, and Ego. The KGB used the first element, money, to compromise Dunlap. After he was compromised, it exploited him by getting him to steal NSA secrets. He had access to such secrets because he became the personal driver to Major General Garrison Coverdale, the chief of staff of the NSA. After Coverdale retired, he became the driver for his successor, General Thomas Watlington. These positions afforded him a security clearance and, even more important, a “no inspection” status for the commanding general’s cars that he drove. This perk allowed him to leave the base with secret documents, have them photocopied by his KGB case officer, and then return them to the files at the NSA base before anyone else knew they were missing. He also used, likely at the suggestion of the KGB case officers, his “no inspection” perk to offer other NSA employees a way of earning money. He would smuggle off the base any items of government property that they took. Once he had compromised them through thefts, he was in a position to ask them for intelligence favors. This NSA ring could not be fully investigated because of his untimely death. Other than the packets of undelivered NSA documents found in his home, the investigation was never able to assess the total extent of the KGB penetration of NSA secrets. (Angleton suspected Dunlap was murdered by the KGB in what he termed a surreptitiously assisted death, to prevent Dunlap from talking to investigators.)
How America Lost Its Secrets Page 24
