GCHQ
Page 55
Immediately after 9/11, GCHQ doubled the size of its counter-terrorism team. However, the attacks underlined the weakness of the sigint agencies. Over the past decade, not only had they lost the battle over Public Key Encryption, but they were collecting more data than they could remotely process. NSA and GCHQ possessed phenomenal computing power, but it was being outstripped by the scale of the global communications revolution. Moreover, while only a small number of people were using publicly available encryption, many more were being careful about their communications. Interception was no longer secret, and monitoring was widely reported in the press. Groups like al Qaeda had become aware that they were vulnerable to eavesdropping. Warlords, terrorists and criminals were starting to engage in opaque conversations, placing an even greater strain on the analysts, since intercepted messages were increasingly filled with the verbal equivalent of nods and winks which required a highly trained ear to deduce their meaning. Some of the nods and winks were in Pashtu, Farsi and other obscure languages. NSA and GCHQ were having to run fast to stand still.10
Language had been a major challenge for the sigint agencies for a decade. In the early 1990s the war in Bosnia had required GCHQ to make a significant investment of effort in the Balkans. By the late 1990s this was paying dividends, and policy-makers complimented Cheltenham on the ‘flexible and in-depth service’ it provided during Britain’s involvement in Kosovo.11 In 1999, when NATO air forces launched a massive air offensive against the Serbs, almost all the bombing targets were pinpointed by sigint provided by GCHQ and NSA.12 The former Yugoslavia had remained a subject of constant interest to British policy-makers for an entire decade, but it was now common for target countries to change rapidly, and GCHQ conceded that it was experiencing difficulties in recruiting personnel who were familiar with rarer languages. Although there were people in Britain with the required skills, many did not meet the residency requirement necessary to pass security vetting.13
The 9/11 Commission that investigated the attacks on the World Trade Center and the Pentagon examined how much al Qaeda knew about the fact that it was being listened to by the sigint agencies. It specifically pointed to a Washington Times article in 1998 which, it claimed, resulted in bin Laden deciding to cease making calls from a portable satellite phone. Others have argued that the bombarding of his encampment with Cruise missiles only a few days before the article appeared might also have sent the message that he needed to be a little more careful with his communications. What is certain is that NSA had charts on its walls that showed how mobile-phone chatter and email volumes amongst terrorists dropped off markedly after each reference to interception in the international press. In fact, NSA had only itself to blame, since it had enjoyed showing off to visiting politicians at its Fort Meade headquarters by playing tapes of bin Laden talking to his mother on his satellite phone.14 The agency has since made an active effort to educate media correspondents on this issue.15
Because of the extreme caution terrorists now employed when using communications, GCHQ and NSA were sometimes reduced to ‘traffic analysis’, examining patterns of calls in order to deduce the groups they sketched out. Sigint rarely revealed plans or plots, but it could identify terrorist networks. Increasingly sophisticated software, often using neural network computers, was able to dredge useful data from something as simple as a list of numbers that had been called from a particular phone—often known as a call log. GCHQ also began to notice a regular phenomenon. In the week before 9/11, and also before the Bali bombing and the suicide attacks in Riyadh in early 2003, there was a surge in ‘electronic chatter’, followed by a period of silence before each attack. Some groups were clearly aware that GCHQ’s computers were programmed to sniff email traffic for key words. For example, emails from the kidnappers of the American journalist Daniel Pearl, who was murdered by his captors in early 2002, contained deliberately misspelled words, such as ‘Amreeka’, ‘Terrarism’ and ‘Pakstan’, designed to avoid alerting the authorities.16 Nevertheless, good communications security discipline is difficult, and one slip by the terrorists could give away a key player.17
Terrorists and drug dealers alike had also learned to change their mobile phones and sim cards frequently, as often as once every three days. The sigint agencies responded by using recorded ‘voice prints’, which allowed them to search volumes of traffic for people who ‘sounded like’ the suspects. The British were apparently the first to provide an authentic recording of bin Laden’s voice, which was then used in this way.18 The technique also revealed the location of Ramzi Binalshibh, a senior al Qaeda operative who was caught in Pakistan in September 2002. It appears that a sample of his voice, taken from an al-Jazeera television interview, was used to conduct a computer search against vast volumes of telephone traffic collected by satellite. Exactly a year after the 9/11 attacks, on the morning of Wednesday, 11 September 2002, the Pakistani intelligence service, ISI, surrounded a four-storey block of flats in Karachi. Their initial assault surprised five men who had returned to bed in one of the apartments after early-morning prayers. While they were being taken out at gunpoint, sympathisers in the adjacent apartment threw a grenade at the intelligence officers. A gun battle developed, and those inside hurled more grenades at the authorities.19 Terrified neighbours called the local police, who were unaware of the super-secret activities of the ISI. In the ensuing confusion twenty policemen were injured, many by friendly fire.20 Ramzi Binalshibh was among those captured.
In the spring of 2003 an intercepted email led to the arrest of Khalid Sheikh Mohammed, who was very close to bin Laden, and had been a key figure in the planning of the 9/11 attacks.21 He was arrested at a house in Rawalpindi in a joint operation by ISI and the CIA’s paramilitary force, the Special Activities Division,22 and taken to one of the CIA’s secret prisons in northern Poland, where the US government has confirmed that he was repeatedly subjected to ‘simulated drowning’, or ‘waterboarding’. Some of the information extracted from him related to Britain. Dame Eliza Manningham-Buller, the Director General of MI5, has commented:
When he was in detention in 2003, place unknown, he provided [the pseudonyms of] six individuals…who were involved in AQ activities in or against the UK. The Americans gave us this information…These included high-profile terrorists—an illustration of the huge amount of significant information that came from one man in detention in an unknown place.23
Interception had led to the capture of key suspects and informants. Thereafter, however, their handling left much to be desired. Cruelty and incompetence stood in for what should have been a sophisticated and patient in-depth interrogation. For example, Khalid Sheikh Mohammed was mostly questioned by a CIA officer who had never previously conducted an interrogation, and who did not speak Arabic.24
During 2002, both the British public and the security agencies remained convinced that Islamic terrorism was something that happened abroad.25 However, in February 2003 the mood darkened following a warning of an imminent attack on Heathrow provided by GCHQ. At 6 o’clock on the morning of Tuesday, 11 February, Tony Blair authorised the deployment of 1,500 armed police and troops at the airport, together with light tanks from the Household Cavalry. A Nimrod MR2 reconnaissance aircraft patrolled the skies overhead to provide an immediate communications link-up for the forces. GCHQ had picked up information of an imminent ‘spectacular’ by extremists in London, involving a plan to smuggle Russian-made shoulder-launched Sam-7 surface-to-air missiles into the country, with the intention of bringing down an airliner. Almost immediately this was conflated by some journalists with government efforts to prepare public opinion for war with Iraq. John Reid, the Defence Secretary, reacted angrily to these suggestions, and insisted that the Heathrow plot was real: ‘This is not a game. This is about a threat of the nature that massacred thousands of people in New York.’26
By 2003, counter-terrorism represented GCHQ’s single largest allocation of effort. Moreover, the agency decided to increase its counter-terrorism activity by half
as much again in 2004—05. Inevitably, this meant cuts elsewhere. It was decided to decrease collection in most geographical areas, and even to reduce the attention given to the proliferation of nuclear weapons. The only area that remained untouched was serious crime. Languages remained a problem at every level of sigint, whether at Cheltenham or on the front line, where, typically, exotic-language skills were required for the crews of Nimrod R1s flying sigint missions over Afghanistan. GCHQ established a specialist office in which staff (particularly linguists) who could not be granted high-level clearance could still do useful translation work. However, the Nimrod crews were often 50 per cent short of the ideal complement of linguists.27
Even while GCHQ was in the middle of a high-tempo counter-terrorist campaign, it was confronted with the distracting issue of Iraq. Political leaders in London and Washington were keen to highlight the country’s reluctance to comply with UN resolutions requiring it to disarm. They now wanted to use secret intelligence for public education. For years Britain had insisted that intelligence from MI5, SIS and GCHQ was deadly secret. Suddenly, the Cabinet Office now decided that intelligence material should be disseminated to the general public in two dossiers. The first, produced on 24 September 2002, claimed to reveal the Iraqi President Saddam Hussein’s continued nuclear, chemical and biological weapons activity. The second, released on 3 February 2003, dealt with Saddam’s security agencies and the persecution of his people. The idea of war with Iraq was highly controversial, since the country appeared to have little connection with 9/11 or the current concerns about al Qaeda, and the unprecedented step of placing intelligence in the public domain to support the case for war raised a political storm. Journalists accused the Prime Minister’s Press Secretary, Alastair Campbell, of undue influence in the intelligence process, and Campbell reacted angrily. Downing Street and the BBC then engaged in a prolonged sparring match throughout early 2003. For GCHQ, the dossier issues were relatively peripheral, since most of the intelligence Britain had gathered on Iraq’s weapons came from human agents or defectors held by allied countries.28
However, if GCHQ thought it was comfortably out of the firing line on Iraq, it was wrong. At this point Blair had persuaded George Bush, rather against the President’s judgement, to seek a second resolution in the UN Security Council, in the hope of strengthening the case for war. On Sunday, 2 March, the Observer revealed a highly sensitive memo from NSA to GCHQ asking for an accelerated eavesdropping campaign against the non-permanent members of the Security Council, such as Chile and Mexico. This was intended to permit greater diplomatic pressure to be applied to these smaller countries, whose votes were critical in the American effort to build support for military action against Iraq. The publication of this message caused an international furore. Sent by Frank Koza, a mid-level manager at NSA, it not only revealed the monitoring of allies and neutral nations, but also seemed to suggest the gerrymandering of votes in the hallowed councils of the United Nations. Unusually, the Observer printed it in full on its front page:
To: [Recipients withheld]
From: FRANK KOZA, Def Chief of Staff (Regional Targets)
CIV/NSA
Sent on Jan 31 2003 0:16
Subject: Reflections of Iraq Debate/Votes at UN-RT Actions + Potential for Related Contributions
Importance: HIGH
Top Secret//COMINT//X1
All,
As you’ve likely heard by now, the Agency is mounting a surge particularly directed at the UN Security Council (UNSC) members (minus US and GBR of course) for insights as to how the membership is reacting to the on-going debate RE: Iraq, plans to vote on any related resolutions, what related policies/negotiating positions they may be considering, alliances/dependencies, etc—the whole gamut of information that could give US policymakers an edge in obtaining results favorable to US goals or to head off surprises. In RT [Radio Traffic], that means a QRC [Quick Reaction Capability] surge effort to revive/create efforts against UNSC members Angola, Cameroon, Chile, Bulgaria and Guinea, as well as extra focus on Pakistan UN matters.
We’ve also asked ALL RT topi’s [Radio Traffic—Targets of Primary Interest teams] to emphasize and make sure they pay attention to existing non-UNSC member UN-related and domestic comms for anything useful related to the UNSC deliberations/debates/votes. We have a lot of special UN-related diplomatic coverage (various UN delegations) from countries not sitting on the UNSC right now that could contribute related perspectives/insights/whatever. We recognize that we can’t afford to ignore this possible source.
We’d appreciate your support in getting the word to your analysts who might have similar, more in-direct access to valuable information from accesses in your product lines. I suspect that you’ll be hearing more along these lines in formal channels—especially as this effort will probably peak (at least for this specific focus) in the middle of next week, following the SecState’s presentation to the UNSC.
Thanks for your help.29
The countries identified for increased targeting were members of a group called the ‘Middle Six’ on the Security Council, which was looking for a compromise solution. Their votes were being eagerly sought by both pro-war and anti-war factions. Pakistan and Bulgaria were thought to favour the United States, although it was by no means certain, while the rest were undecided. Nine votes were needed in the fifteen-member Security Council to approve a second resolution authorising military action against Iraq. Blair needed this resolution badly, but it was thought to be a close-run thing.30
The international atmosphere was febrile. Sigint was being publicly discussed everywhere. Intelligence experts were not surprised by the leaked Koza message, observing that listening in on the United Nations was routine. Indeed, in 1945 the United States had pressed for the UN headquarters to be in New York precisely in order to make eavesdropping easier.31 However, the memo did a great deal of diplomatic damage to the British and American positions.32 During early March Tony Blair was becoming increasingly frantic about securing a majority vote in the Security Council, since he felt his position as Prime Minister might depend on it.33 In Chile, the public had long been sensitive to reports of ‘dirty tricks’ by intelligence agencies because of the alleged CIA coup that installed the dictator General Augusto Pinochet in 1973.34 President Ricardo Lagos telephoned Blair on Sunday, 2 March, within hours of the Observer story appearing, and then twice again on the following Wednesday. The country’s Foreign Minister, Soledad Alvear, fired a series of awkward questions about GCHQ at his opposite number in Britain, Jack Straw.35
The Mexican government was no less angry, and there were heated telephone calls to Downing Street. Months later the Mexicans were still pursuing the matter with Straw. The Mexican Foreign Minister wrote to him in December 2003, pressing him again on whether GCHQ was still spying on its friends in the United Nations. Aguilar Zinser, who had been Mexican Ambassador to the United Nations at the time, later explained that in the week before what was expected to be a second resolution, the diplomats from the ‘Group of Six’ were in fact working on their own secret plans for a compromise solution which they hoped would avert war. ‘Only the people in the room knew what the document said,’ recalls Zinser. He added that the surprising thing was the very rapid nature of the American response to the proposal. The meeting putting it together took place in the evening, and Zinser received a call from US diplomats early the next morning. He told them the group was looking for a compromise. The Americans’ response was: ‘Do not attempt it.’ In the end it was the French who pulled the plug on the possibility of a second UN resolution. On 10 March President Jacques Chirac announced that France would use its veto in the Security Council to block any such move, resulting in public acrimony between Paris and Washington. Few realised that war was now only ten days away.36
Although the French and German governments were strongly opposed to war with Iraq, their own intelligence services insisted that the country had an active weapons of mass destruction (WMD) programme. The fact that
the respected German BND loudly asserted this, even though Chancellor Gerhard Schröder was opposed to war, convinced many independent observers that there must be some hard evidence of Iraqi WMD. The French DGSE was also telling President Chirac that Iraq had WMD. However, the sagacious Chirac made his own assessments, and believed that the Western intelligence services were deluded. In January 2003 he visited Hans Blix, the head of the UN Monitoring, Inspection and Verification Commission, who had been searching Iraq for evidence of WMD for many years. Blix recalls that by then his team ‘had begun to have some doubts’, although, by and large, even he still thought Iraq was hiding some weapons. By contrast, Chirac was highly suspicious, and ‘was among the first who doubted the intelligence reports’. He understood how the Western intelligence agencies worked, continually bringing their specialists together and developing a collective outlook that is often called ‘groupthink’. Chirac put it rather well, asserting that the intelligence agencies had tended to ‘intoxicate each other’.37
The leaked message to GCHQ reverberated for a long time. One of the challenges that had faced the Observer, before publishing it, had been verifying it as genuine. The world’s top experts on sigint were certain that it was the real thing. James Bamford noted that words such as ‘surge’ and ‘product lines’ were NSA ‘lingo’, while Matthew Aid revealed that the purported author, Frank Koza, was indeed a senior operational manager at NSA.38 They did not have to wait long for confirmation. A few days after the story was published, Katharine Gun, a twenty-eight-year-old Mandarin linguist at GCHQ, walked into the Cheltenham headquarters and told her supervisor, ‘The leaker is me.’ This was a surprise for GCHQ managers, who had never had a serious ‘whistleblower’. SIS had struggled to silence its own whistleblower, Richard Tomlinson, in the 1990s, even arranging a dream job for him with a Formula One racing team in the hope of keeping him quiet. MI5 had pursued another whistleblower, the eccentric David Shayler, through the courts, and had tried to prevent its own former Director General, Stella Rimington, from publishing her memoirs. However, Cheltenham somehow never quite thought it would happen to them.39