Spies for Hire
Page 20
Modern IT skills were badly needed at the DIA after 9/11. Like the rest of the IC, the agency had been very slow in adapting to the rapid changes in the commercial world. To newly hired youth, it also seemed hopelessly behind in technology. Writing in the New York Times Magazine in December 2006, journalist Clive Thompson described the scene when Matthew Burton, a twenty-two-year-old “high-tech geek fluent in Web-page engineering,” arrived at the DIA in January 2003. For Burton, trained in the rapid-fire world of the Internet, the DIA was a “colossal letdown.”
“The spy agencies were saddled with technology that might have seemed cutting edge in 1995,” Thompson wrote. “When [Burton] went onto Intelink—the spy agencies’ secure internal computer network—the search engines were a pale shadow of Google, flooding him with thousands of useless results. If Burton wanted to find an expert to answer a question, the personnel directories were of no help. Worse, instant messaging with colleagues, his favorite way to hack out a problem, was impossible: every three-letter agency—from the Central Intelligence Agency to the National Security Agency to army commands—used different discussion groups and chat applications that couldn’t connect to one another. In a community of secret agents supposedly devoted to quickly amassing information, nobody had even a simple blog—that ubiquitous tool for broadly distributing your thoughts.”32
The DIA’s DIESCON program was designed in part to modernize these antiquated systems. Each team in the DIESCON 3 system has a specific focus. The Booz Allen team, for example, includes ten thousand analysts with Top Secret/Sensitive Compartmented Information (TS/SCI) security clearances, and its consortium includes Accenture, a major outsourcing consultant to government agencies and private corporations, and Attensity, a data analysis company initially funded by In-Q-Tel, the CIA’s venture capital firm. The Booz Allen team works closely on issues related to MASINT for the DIA; another important line of work, according to the Booz Allen BPA Web site, is data mining and link analysis for the CIA, the NSA, and the FBI.
BAE Systems, which captured forty-one orders worth $105 million during the first year of its agreement with the DIA, leads an industry team that specializes in analyzing enemy military forces, providing mapping and 3-D imagery to Pentagon intelligence teams, and preparing finished intelligence on paramilitary forces and insurgent and terrorist organizations operating in Iraq and other countries of interest. BAE’s BPA team includes SAIC, Booz Allen, Intellibridge Corporation, General Dynamics, Advanced Concepts Inc., SpecTal, and forty-one other companies (the last two were acquired in 2007 by L-1 Identity Solutions, the intelligence conglomerate where George Tenet is a director).33
The Lockheed Martin BPA team claims to have the largest cleared workforce in the nation and, according to its DIESCON 3 Web site, provides “exceptional depth to respond to both surge requirements and planned customers tasks.” Its forte seems to be providing large, agency-wide IT systems for the DIA and other agencies. The team includes three of the top U.S. IT firms, Hewlett-Packard, Oracle, and Sun Microsystems, as well as the consulting firm BearingPoint, which helped plan the U.S. occupation of Iraq for the Department of Defense. Another member of the team is The Analysis Corporation, the intelligence contractor run by CIA veteran John Brennan. Northrop Grumman, meanwhile, has put together a powerful combination of companies that have made their way up the federal contracting chain by managing the oversight of other contractors. They manage the DIA’s system for processing bids and awarding contracts. The team includes CACI International, AT&T, ManTech International, and four small, high-tech companies that provide contract analysts to the CIA. A fifth consortium is managed by CSC, one of the NSA’s most important contractors. It manages global information networks and produces and disseminates intelligence products, including specialized expertise in the area of imagery processing and archiving. The CSC team includes CACI International and L-3 MPRI, a subsidiary of L-3 Communications. The last company is one of the largest private armies in the world, and would have at its disposal hundreds of paramilitary officers who would fit in exceedingly well with the DIA’s secret intelligence teams in the Middle East and North Africa.
Contractors are so ubiquitous at the DIA that some employees have dual identifications. At the DIA acquisition conference mentioned earlier, the agency scheduled an afternoon workshop titled Offshore Threats to DoD Networks. It was led by Charles H. Thomas, who was identified as the “Computer Network Operations Program Manager” of the DIA Command and Control Office, Booz Allen Hamilton—as if the DIA and Booz Allen were one and the same.
As they do at the NSA and the CIA, business associations play an important role at the DIA. In mostly classified environments, they sponsor conferences and industry gatherings where green-badgers and agency officials discuss issues like security and future technology. In April 2007, for example, the Armed Forces Communications and Electronics Association sponsored a classified symposium on the DIA called “Intelligence and the Long War.” Only those with the highest clearances were allowed to attend. Speakers represented key players in the privatized Intelligence Community, including the NSA, the DNI, the FBI, the National Counterterrorism Center, and CACI, SAIC, and In-Q-Tel. Herbert Browne, the former naval intelligence officer who retired in 2007 after five years at the helm of the AFCEA board, explained that such conferences are designed to keep defense intelligence officials apprised of the latest technology developed by the private sector for the Intelligence Community. “Our board is absolutely convinced that the very best way to look at intelligence is to have it as part of command and control, computers, communications, intelligence, surveillance, and reconnaissance,” he told me. “We believe it is important to show how an investment in defense could be used to benefit for the Intelligence Community.” He added: “We’re convinced that’s the right role for us, and we think it is what distinguishes us from the more narrow, pure intelligence associations.”34
Many of the same companies integrating intelligence for the U.S. military in Iraq and Afghanistan have found work at the Pentagon’s controversial Counterintelligence Field Activity office. CIFA was launched in 2002 by Rumsfeld’s former deputy, Paul Wolfowitz, to “usher in a revolutionary era of counterintelligence” and “deliver unique, actionable information to DoD decision-makers,” according to a pamphlet published by the agency in 2004.35 Another key official involved in its creation was John Stenbit, a former TRW executive who served under Wolfowitz as assistant secretary of defense for command, control, communications, and intelligence.36
CIFA’s original purpose, according to a Pentagon brochure, was strictly military, and was to gather information and conduct activities “to protect DoD and the nation against espionage, other intelligence activities, sabotage, assassinations, and terrorist activities.”37 From the beginning of its existence, CIFA had extensive authority to conduct domestic counterintelligence. In 2002, for example, a CIFA official was the deputy director of the FBI’s multiagency Foreign Terrorist Tracking Task Force, and other CIFA officials were assigned to more than one hundred regional Joint Terrorism Task Forces, where they served with other personnel from the Pentagon as well as the FBI, state and local police, and the Department of Homeland Security.
CIFA was one part of a series of steps taken by the Pentagon to enhance its domestic spying capabilities after the establishment in 2002 of the Northern Command, or NORTHCOM, in Colorado Springs. NORTHCOM operates major intelligence centers in Colorado and Texas where intelligence from CIFA, the FBI, and other U.S. agencies is “fused” into a larger picture for military and national security officials. By December 2005, NORTHCOM’s centers employed about three hundred analysts, making the command’s intelligence staff larger than those of the State Department’s Bureau of Intelligence and Research and the Department of Homeland Security.38
Much of the information collected by CIFA was amassed in a database called Talon, which stands for Threat and Local Observation Notice. Under a classified order dated July 20, 2005, and reported in the Washingt
on Post by military affairs blogger William Arkin, CIFA was allowed to collect information about U.S. citizens in Talon if there was reason to believe those citizens were connected to international terrorist activities, narcotics traffic, and foreign intelligence organizations and were a “threat” to DoD installations and personnel (“In other words,” Arkin commented, “some military gumshoe or over-zealous commander just has to decide [that] someone is ‘a threat to’ the military”).39 CIFA also obtained information about U.S. persons from the NSA and the DIA.40 As it turned out, however, many of these threatening people were antiwar activists, and the information about them came from monitoring meetings held in churches, libraries, college campuses, and other locations.
Eventually, after Congress raised questions in 2003 about CIFA’s activities, the Pentagon found that about 260 records out of 13, 000, or about 2 percent of the total, improperly contained information related to U.S. persons. “These failures were especially troubling in light of CIFA’s important mission to set the standards while protecting the Constitutional rights of American citizens,” the House Intelligence Committee said in a bipartisan report issued in February 2006.41 In 2007, the Privacy and Civil Liberties Oversight Board established under the 2004 intelligence reform legislation faulted the Pentagon for failing to properly manage the TALON database and for its “improper and unauthorized collection and retention of information on U.S. Persons.”42
Like so many other intelligence programs, CIFA’s spying operation was staffed primarily by contractors. By 2006, the agency had spent more than $1 billion on its operations, with most of that going to outsourced services. The first CIFA contract to come to light was a $6.3 million contract to provide “leading edge information technologies and data harvesting,” awarded in 2003 to MZM Inc., of San Diego.43 That same year, MZM won another contract worth $503, 144 from CIFA to select software to use in geospatial mapping systems.44
CIFA’s contracts with MZM only came to public attention because of a federal investigation into the activities of MZM and former congressman Duke Cunningham, a San Diego Republican. In March 2006, he was sentenced to eight years in prison after being convicted of accepting more than $2 million in bribes from executives with MZM. In return for the bribes, Cunningham used his position on the House appropriations and intelligence committees to win tens of millions of dollars’ worth of contracts for the company at CIFA as well as at the CIA.
MZM was far from alone at CIFA, where at least 70 percent of the budget has been spent on contracts. I’ve found at least eleven other companies holding CIFA contracts. They include large prime contractors such as Lockheed Martin and small, high-tech firms such as White Oak Technologies Inc., of Silver Spring, Maryland. Based on public information, such as press releases, SEC filings, intelligence job listings, and the occasional press report, here is what I found:
Lockheed Martin is contracted to provide counterintelligence analysis for CIFA for jobs that include analyzing data for logical combinations of keywords that might indicate planning for a terrorist attack; estimating current or future threats; and monitoring current intelligence. In 2006, the company was recruiting counterintelligence analysts to work at CIFA to “create and deliver briefings, write reports, and represent Counterintelligence Field Activity,” according to a classified ad it posted on the Internet.45 In a 2004 job posting, Lockheed Martin was seeking “experienced counterintelligence or intelligence analysts” for jobs at CIFA, where they would “conduct research and analysis and draft products; prepare intelligence reports and risk assessments; provide source and operations reviews; and provide CI operations and CI/Antiterrorism investigative support.”46
US Investigations Services, a former subsidiary of the Carlyle Group, provides counterintelligence support to CIFA that is “oriented towards supporting counter-terrorism, technology protection and force protection missions.”47
Analex Inc., a Virginia intelligence contractor owned by the U.K.’s QinetiQ, provides experienced analysts to CIFA, who sift through information “from traditional to non-traditional providers, ranging from unclassified through top secret classification using sophisticated information technologies and systems specifically designed by CIFA analysts.”48
ManTech International provides analytical support to CIFA’s Global Watch Center by monitoring and searching intelligence and law enforcement databases and providing “line analysis, data extraction and other analytical methods to formulate and develop” counterintelligence and law enforcement intelligence products “for senior DoD and other agency officials.”49
Harris Corp., a Florida contractor, provides IT and professional engineering services to CIFA to “support the protection of critical research assets and technologies” of the DoD “from foreign intelligence services, terrorists and various covert or clandestine threats.”50
SRA International Inc., according to its Web site, runs its own service, called the Orion Center for Homeland Security, which provides counterterrorism and counterintelligence “analytical solutions” to CIFA (and the DIA). The center is run by SRA vice president Mike Wagner, a former U.S. Army intelligence officer.51
Other CIFA contractors I could confirm were SAIC’s Homeland Intelligence Solutions group, CACI International, General Dynamics Information Technology, and Intelligence Software Solutions Inc., a contractor based in Colorado Springs. As of August 2006, CIFA had four hundred full-time employees and eight hundred to nine hundred contractors working for it.52 By that time, there were reports that CIFA was going to merge with the Defense Security Service. A DSS spokesperson told me in 2007 that that proposal was “still under consideration.” By that time, however, the entire concept of CIFA was under review.
When Robert Gates took over the Pentagon in 2007, he immediately set about to reduce the Pentagon’s footprint in the spying business.53 During his Senate confirmation hearing, he expressed his “deep unhappiness” about the “dominance of the Defense Department in the intelligence arena,” and shortly thereafter walked into the Pentagon determined to end that dominance. His first act was to find a replacement for Stephen Cambone, who had been Rumsfeld’s undersecretary of defense for intelligence and resigned a few days after his boss and mentor. Cambone’s successor, retired Air Force General James Clapper, spent his career in military intelligence and had directed both the National Geospatial-Intelligence Agency and the Defense Intelligence Agency. He also had a reputation for being strong-willed and independent: in 2004, he’d earned Rumsfeld’s wrath by telling a Senate committee that the NGA’s work would be unaffected if the agency were removed from Pentagon control and placed inside the Office of the Director of National Intelligence. Incensed, Rumsfeld told Clapper that he was “out of line” because the NGA provided “combat support and should be under the Pentagon’s control,” and made sure that Clapper was let go when his term expired in 2005.54* After taking Cambone’s job, Clapper moved quickly to dismantle some of Cambone’s prized programs. In April 2007, after ordering a review of the Counterintelligence Field Activity office, he terminated CIFA’s massive Talon database, which over a period of six years had compiled dossiers on thousands of U.S. citizens (after assessing Talon’s results, Clapper said, he no longer believed that the results merited “continuing the program as currently constituted, particularly in light of its image in Congress and the media”).55 In a move that brought the DNI right into the Pentagon, Gates signed an agreement with Mike McConnell at the ODNI designating Clapper as McConnell’s chief adviser on military intelligence. Slowly, bureaucratic power began to shift back to the DNI and away from the Pentagon.
Gates showed his cards again in May 2007, when he accepted the retirement of General William Boykin, who had overseen the Pentagon’s counterterrorism operations and commanded the Joint Intelligence Operations Centers. Gates replaced him with Major General Richard Zahner, the NSA’s director of signals intelligence.56 This, too, sent a strong message: Boykin had been one of the biggest proponents of dispatching Pentagon intelligence c
ollectors abroad to gather information for future military operations, a practice that Gates and Clapper quietly ended in 2007.57 Now the military’s covert operations would be run by a technocrat skilled in the classified arts of electronic eavesdropping and information sharing. Putting an NSA man loyal to the DNI in Boykin’s place meant, first, no ranting about Muslims following “the devil”; and, second, someone whose loyalties were to the national agencies—the NSA, NGA, and NRO—rather than to the Pentagon.
As Gates and McConnell began to mend relations between their two organizations and stop the corrosive rivalry between the Pentagon and the CIA, the Bush administration’s intelligence policies, and the relations between key national security agencies, began to return to the “normalcy” of earlier, pre-Rumsfeld years, with the civilians (now ensconced in the new DNI) in charge of the intelligence enterprise. For the contractors, however, nothing changed: Gates and Clapper continued to fund the expensive programs in netcentric warfare and information technology started by their predecessors.
One sign of the continuity was the Pentagon’s record spending on secret research and development, which was expected to exceed $17.5 billion in fiscal year 2008—more than the Department of Defense has ever spent on classified R&D, according to the Center for Strategic and Budgetary Assessments, a nonpartisan research group. In the fall of 2007, the military was also seeking nearly $15.5 billion to buy classified weapons and equipment.58 Meanwhile, in June 2007, Clapper initiated an assessment of the Joint Intelligence Operations Centers to find out what “we can do to make JIOCs better and take them to the next level.” The team studying the JIOCs, he said, will also consider whether the centers “need more resources and whether more analysts should be assigned to them.”59 In July, Raytheon participated in Empire Challenge 2007, a joint exercise between the U.S. and British militaries designed in part to test the data sharing capabilities of the Army’s Distributed Common Ground System.60 And in August, the DIA announced its plan, described earlier, to dramatically expand its outsourcing of analysis and collection—a plan the Washington Post said would “set a record in the outsourcing of such functions by the Pentagon’s top spying agency.”61