Body of Secrets: Anatomy of the Ultra-Secret National Security Agency (73 page)

Read Body of Secrets: Anatomy of the Ultra-Secret National Security Agency Online

Authors: James Bamford

Tags: #United States, #20th Century, #History

BOOK: Body of Secrets: Anatomy of the Ultra-Secret National Security Agency
3.64Mb size Format: txt, pdf, ePub

The
memorandum then laid out a series of questions the intercept operators and
analysts should ask themselves, among which were the following: "Will you
get the information through a database?" "Who is the target? What is
his/her status as a U.S. person?" "What is the foreign intelligence
purpose?" "What do you reasonably expect to get from the proposed
electronic surveillance and what is the basis of that belief?"

The memorandum
also established a number of guidelines. "If your focus is a foreign
target and you incidentally have a U.S. person on one side of the
communications," it said, "the foreign intelligence may be reported
as long as you focus on the foreign aspect and minimize out the U.S. side. The
U.S. information must be replaced with a generic term unless it meets [certain
other] criteria. ... If someone requests U.S. person information you must have
them contact P022 [NSA's Special Product Control Branch]."

Officials
anticipated that analysts would make heavy use of what one document referred to
as NSA's "raw traffic storage systems which contain identities of U.S.
persons." As a result, analysts were cautioned, "Do your research
before you get on the system and try to anticipate what type of information you
will get back when you type in your query."

As tight
as the laws, regulations, and internal guidelines governing the NSA are, a few
potential loopholes exist. Although NSA takes great pains to eliminate the names
of U.S. persons in the reports it sends out, any customer (for instance, CIA or
DIA) can obtain the names simply by faxing a request to NSA. The request must
offer a reason and state that the name "is necessary to understand the
foreign intelligence or assess its importance." In case such a request is
received, NSA keeps the names in its database for up to a year. And the agency
will not disclose how often names are released through this backdoor procedure.

"Americans
were never listed" in reports, said one of NSA's customers. "It would
say 'U.S. Person.' Also for the Brits. If you [the customer] needed the name
you could make a request—there's an office called U.S. Identities, and you [the
customer] could call them [the U.S. Identities Office] up and send them a
letter and say, I need to know who that guy is. They [U.S. Identities] could
tell you, if you . . . sent them a letter explaining why. You would tell them
the transmittal number, serial number. It didn't make any difference if the
U.S. person was in the U.S. or overseas. As long as you give them a reasonable
explanation as to why you needed it. And then they [NSA] call you back and they
say, 'Hi, we're calling about your letter, serial number so and so,' and they
[NSA] would say, 'Here's the name and here's the control number,' so they'd
[NSA] have a tracking number."

"If
the [Sigint] report goes out to twenty people, not all twenty people get the
identity," said a senior intelligence official involved in Sigint.
"Maybe only five people will come in and ask for it. The five people who
come in and ask for it have to ask for it in writing, and they have to
demonstrate they need it for their official duties and that it's necessary to
understand the foreign intelligence or assess its importance. If they don't, we
don't give it to them. If they do, then they get the identity of the U.S.
person, but there's a record that that has happened."

Although
USSID 18 directs that "communications identified as domestic
communications shall be promptly destroyed," there is an exception:
"Domestic communications that are reasonably believed to contain foreign
intelligence information shall be disseminated to the Federal Bureau of
Investigation (including United States person identities) for possible further
dissemination by the Federal Bureau of Investigation in accordance with its
minimization procedures."

Also,
international and foreign communications between two Americans can be retained
and distributed at the discretion of the director of NSA, providing that he
determines that the intercept contains "significant foreign intelligence
or possible evidence of a crime." U.S. Attorney General Janet Reno
approved these revised guidelines on July 1, 1997.

While the
federal government allows a number of exceptions to its privacy constraints
when it comes to average Americans, no exceptions are permitted concerning the
government's own communications. If an intercept operator inadvertently picks
up a conversation one party to which is a U.S. official, the tape must be
destroyed immediately—even if the official is talking to one of NSA's key
targets.

For
Americans, the greatest danger of NSA is its involvement with law enforcement.
During the Nixon years, NSA was used to secretly target antiwar protesters and
others in disfavor with the White House. Today, among NSA's key targets areas
are the "transnational" threats: narcotics trafficking, terrorism,
international organized crime, weapons proliferation, and illicit trade
practices. "The primary purpose of the collection activity," says one
NSA document, "will be the production of foreign intelligence information
on the foreign aspects of international narcotics trafficking. No collection
for law enforcement purposes or in support of law enforcement operations is
authorized. All collection must be designed to satisfy national Sigint
requirements. Information pertaining to the international narcotics trafficking
activities targeted for collection will be forwarded to NSA for analysis and
reporting."

"If
the Sigint business can tell the president, 'When you're dealing with this guy,
you're effectively dealing with the XYZ cartel,' " said one senior
intelligence official involved in Sigint, "that's pretty good information
for the president to know."

One of
those most opposed to NSA involvement in law enforcement is the agency's former
top lawyer, Stewart A. Baker. "When I was at the National Security
Agency," he said, "we used to joke about the predictable stages traversed
by prosecutors who sought intelligence reports in connection with big
investigations. The first reaction was open-mouthed wonder at what the
intelligence agencies were able to collect. That was followed by an
enthusiastic assumption that vast quantities of useful data must lie in our
files. Next came the grinding review of individual documents and the growing
realization that the reports were prepared for other purposes and so were
unlikely to contain much of relevance to the investigator's specific concerns.
Last came ennui, and a gritted-teeth plod through the reports, mostly to avoid
a later charge that the examination was incomplete."

NSA's
major push into law enforcement came with the fall of the Berlin Wall and the
collapse of communism. "Because the Soviet Union was no longer a
threat," said Baker, "some of the resources devoted to extracting its
secrets could be turned to other tasks, to other foreign targets. But some of
those foreign targets had a domestic tinge. As topics like international narcotics
trafficking, terrorism, alien smuggling, and Russian organized crime rose in
priority for the intelligence community, it became harder to distinguish
between targets of law enforcement and those of national security."

Soon,
common centers were formed for counterdrug, counterterrorism,
counterproliferation, and counter-international-organized-crime activities.
They were populated by both law enforcement and intelligence personnel, again
dangerously mixing the two areas. "Few foresaw any danger in nibbling a
bit at the principle that intelligence and law enforcement must remain separate
undertakings," said Baker. "Today the risk to civil liberties is
largely theoretical. However theoretical [those] risks . . . may be, they
cannot be ignored. . . . One of my office's jobs at the agency was to review
requests for intelligence from drug enforcement agencies. In some cases, we
suspected they were trying to shortcut constitutional or statutory limits, and
their requests were denied. But I have no illusions that our objections would
have prevailed if a different message had been coming from the leaders of the
agency and the government."

In the
end, the question of whether NSA is secretly abusing its enormous powers comes
down to trust. " 'Trust us' is the NSA's implicit message," said
David Ignatius of the
Washington. Post
"Trust us to distinguish
between the good guys and the bad guys, and to use our powerful surveillance
tools for the good of humankind. As an American and a trusting soul, I want to
extend that confidence to General Hayden and his beleaguered colleagues. The
United States needs an NSA that can shed its threadbare old clothes—and, when
necessary, can crack the codes and monitor the conversations of people who
could get us all killed. But it is unrealistic to expect the rest of the world
to be enthusiastic. People will be glad when the NSA bags that biological
terrorist as he's about to deliver the anthrax bomb—even those dyspeptic
European parliamentarians. But don't expect them to give the global policeman
much help along the way—or to stop demanding the same privacy rights that
Americans have."

 

On a
Monday evening in January, everything suddenly went quiet. NSA's brain,
overworked, had a sudden seizure, a blackout. Its ears continued to hear,
pulling in the millions of messages an hour, but its mind could no longer
think.

Three
miles away in his stately brick home on Butler Avenue, NSA Director Michael
Hayden, an Air Force lieutenant general, had just finished his dinner and was
watching television when his secure STU-III phone rang. The entire system had
crashed, he was told. It was January 24, 2000.

While it
was 7:00 P.M. at NSA, it was midnight deep within the computers, which operate
on Greenwich Mean Time. For some reason, at that moment a piece of software malfunctioned,
setting off a systemwide shutdown. "It was the whole net by which we move,
use, abuse, process—everything we do with information here at Fort Meade went
down," said Hayden. "Everything on the Fort Meade campus went down.
Everything."

The
director ordered an emergency response. Computer scientists, electrical
engineers, mathematicians, anyone who could shed light on the problem was told
to report in. " 'What do I tell the workforce?' " Hayden said he
thought. "I called [Director of Corporate Communications] Bill [Marshall]
in here and I said, 'Bill, I need a concept; we need to communicate this to the
workforce. What should we do?'" Marshall suggested a town meeting.
"And that's exactly what we did." Taking to the stage in the Friedman
Auditorium, Hayden warned everyone not to say a word about the crash. "I said
the fact that we're down is an operational secret," Hayden recalled.
"Our adversaries cannot know that our intelligence capabilities have been
crippled."

On the
second floor of the Tordella Supercomputer Facility, scientists pulled apart
spaghettilike mazes of multicolored wires, covered desks and floors with
unwieldy schematics and wiring diagrams, and probed, inch by inch, the
computer's nervous system.

To Hayden,
the crash came as a shock—especially because only three weeks earlier, on New
Year's Day 2000, he had successfully dodged the Y2K bullet. But for nearly a
decade, pressured by ever-increasing demand and overuse, NSA's brain had been
heading for a stroke. The first signs appeared in the early 1990s, when it
became obvious that the agency's massive system for processing, storing, and
distributing Sigint—codenamed Universe—had become technologically outdated.
Universe required 130 people to administer, took up 20,000 square feet of floor
space, and ate up enormous amounts in operations and maintenance costs.

In an effort
to replace Universe before it crashed, a new system was developed in 1993 that
used standard workstations, servers, and supercomputers. Codenamed Normalizer,
the new system took up 15,000 fewer square feet of floor space, saved $300,000
a year in costs, and cut the number of people needed to operate it to just ten.
But as the system became smaller, the demands placed on it grew exponentially.
Delivery time for processed Sigint, for example, was shrunk from more than an
hour to only ten minutes. Given such pressures, an electronic aneurysm was
inevitable—and the most vulnerable time was millennium eve. In addition to
performing its normal hefty workload, the agency's computer system would also
have to figure out that switching from 99 to 00 meant moving ahead to 2000, not
behind to 1900.

In the
weeks leading up to the new century, Hayden ordered that contingency plans be
developed "to maintain continuity of operations of our critical
intelligence mission" in case of a massive crash. His predecessor, Lieutenant
General Kenneth A. Minihan, had called the Y2K problem "the El Nino of the
digital age." In August 1998 he said, "As each day passes we are
coming closer to the date of one of the largest technological and managerial
challenges ever faced by our workforce."

As early
as October 1996, the agency had set up the Millennium Program Management
Office, later named the Year 2000 Oversight Office. NSA also began demanding
that, as a prerequisite of doing business with the agency, vendors state in
writing that their products contained no Y2K problems. Charged with coming up
with a solution was Ronald Kemper, NSA's chief information officer. Desperate
for staff who could help repair the millennium bug, the agency implemented an
"Emergency 911" operation to quickly find and recruit people with
critical knowledge of some of the older and more obscure computer languages.
Incentives were offered. General Minihan promised money bonuses and time off.

Other books

Bard's Oath by Joanne Bertin
Leave the Grave Green by Deborah Crombie
Origin by Dani Worth
Night Soldiers by Alan Furst
Cinder by Jessica Sorensen
A Poisoned Season by Tasha Alexander