Dark Territory (40 page)
Authors: Fred Kaplan
“poorly communicated mission”:
NSA/CSS,
External Team Report: A Management Review for the Director, NSA
, Oct. 22, 1999,
http://fas.org/irp/nsa/106handbk.pdf
; and interviews.
“is a misaligned organization”:
NSA/CSS, “New Enterprise Team (NETeam) Recommendations: The Director's Work Plan for Change,” Oct. 1, 1999,
http://cryptome.org/nsa-reorg-net.htm
.
On November 15, he inaugurated:
Seymour M. Hersh, “The Intelligence Gap,”
The New Yorker
, Dec. 6, 1999; and interviews.
The NSA's main computer system crashed:
“US Intelligence Computer Crashes for Nearly 3 Days,”
CNN.com
, Jan. 29, 2000,
http://edition.cnn.com/2000/US/01/29/nsa.computer/
; and interviews.
He called the new program Trailblazer:
NSA Press Release, “National Security Agency Awards Concept Studies for Trailblazer,” April 2, 2001,
https://www.nsa.gov/public_info/press_room/2001/trailblazer.shtml
; Alice Lipowicz,
“Trailblazer Loses Its Way,”
Washington Technology
, Sept. 10, 2005,
https://washingtontechnology.com/articles/2005/09/10/trailblazer-loses-its-way.aspx
.
SAIC was particularly intertwined:
Siobhan Gorman, “Little-Known Contractor Has Close Ties with Staff of NSA,”
Baltimore Sun
, Jan. 29, 2006,
http://articles.baltimoresun.com/2006-01-29/news/0601290158_1_saic-information-technology-intelligence-experts
; “Search Top Secret America's Database of Private Spooks,”
Wired
, July 19, 2010,
http://www.wired.com/2010/07/search-through-top-secret-americas-network-of-private-spooks/
.
In the coming years, TAO's ranks would swell:
“Inside TAO: Documents Reveal Top NSA Hacking Unit,”
Der Spiegel
, Dec. 29, 2013,
http://www.spiegel.de/international/world/the-nsa-uses-powerful-toolbox-in-effort-to-spy-on-global-networks-a-940969.html
.
These devicesâtheir workings:
Matthew M. Aid, “Inside the NSA's Ultra-Secret China Hacking Group,”
Foreign Policy
, June 10, 2013.
One device, called LoudAuto:
The names of these programs come from a fifty-eight-page TAO catalogue of tools and techniques, among the many documents leaked by former NSA contractor Edward Snowden. No U.S. newspaper or magazine reprinted the list (the reporters and editors working the story considered it genuinely damaging to national security), but
Der Spiegel
did, in its entirety (Jacob Appelbaum, Judith Horchert, and Christian Stöcker, “Shopping for Spy Gear: Catalog Advertises NSA Toolbox,” Dec. 29, 2013), and computer security analyst Bruce Schneier subsequently reprinted each item, one day at a time, on his blog.
As hackers and spies discovered vulnerabilities:
“Inside TAO.”
In the ensuing decade, private companies:
For more on zero-day exploits, see Neal Ungerleider, “How Spies, Hackers, and the Government Bolster a Booming Software Exploit Market,”
Fast Company
, May 1, 2013; Nicole Perlroth and David E. Sanger, “Nations Buying as Hackers Sell Flaws in Computer Code,”
New York Times
, July 13, 2013; Kim Zetter,
Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
(New York: Crown, 2014). Specific stories come from interviews.
During the first few months of Bush's term:
Richard A. Clarke,
Against All Enemies
(New York: Free Press, 2004); Steve Coll,
Ghost Wars: The Secret History of the CIA, Afghanistan, and Bin Laden, from the Soviet Invasion to September 10, 2001
(New York: Penguin, 2004), 435.
On the day of the 9/11 attacks:
Robin Wright, “Top Focus Before 9/11 Wasn't on Terrorism,”
Washington Post
, April 1, 2004.
Rice let him draft:
Executive Order 13226âPresident's Council of Advisors on Science and Technology, Sept. 30, 2001,
http://www.gpo.gov/fdsys/pkg/WCPD-2001-10-08/pdf/WCPD-2001-10-08-Pg1399.pdf
; background, town halls, etc. come from interviews.
As it turned out, the final draft:
President George W. Bush,
The National Strategy to Secure Cyberspace
, Feb. 2003,
https://www.us-cert.gov/sites/default/files/publications/cyberspace_strategy.pdf
.
CHAPTER 9: CYBER WARS
When General John Abizaid:
For more on Abizaid and the Iraq War, see Fred Kaplan,
The Insurgents: David Petraeus and the Plot to Change the American Way of War
(New York: Simon & Schuster, 2013), esp. 182; the rest of this section comes from interviews.
Meanwhile, Secretary of Defense Donald Rumsfeld:
See ibid., Ch. 4.
Seventeen years had passed:
https://www.nsa.gov/about/leadership/former_directors.shtml
.
That same month, Rumsfeld signed:
Dana Priest and William Arkin,
Top Secret America: The Rise of the New American Security State
(New York: Little, Brown, 2011), 236.
A few years earlier, when Alexander:
The section on the Alexander-Hayden feud and James Heath's experiment at Fort Belvoir comes from interviews. Some material on Heath also comes from Shane Harris, “The Cowboy of the NSA,”
Foreign Policy
, Sept. 2013; and Shane Harris,
The Watchers: The Rise of America's Surveillance State
(New York: Penguin, 2010), 99, 135. Some have reported that Alexander designed the Information Dominance Center's command post to look like the captain's deck on
Star Trek
, but in fact it was set up not by Alexander or even by Noonan, but rather by Noonan's predecessor, Major General John Thomas. (Ryan Gallagher, “Inside the U.S. Army's Secretive
Star Trek
Surveillance Lair,”
Slate
, Sept. 18, 2013,
http://www.slate.com/blogs/future_tense/2013/09/18/surveilliance_and_spying_does_the_army_have_a_star_trek_lair.html
; and interviews.)
But Alexander won over Rumsfeld:
Most of this comes from interviews, but the transfer of data in June 2001 is also noted in Keith Alexander, classified testimony before House Permanent Select Committee on Intelligence, Nov. 14, 2001, reprinted in U.S. Army Intelligence and Security Command,
Annual Command History, Fiscal Year 2001,
Sept. 30, 2002 (declassified through Freedom of Information Act).
Ironically, while complaining:
For details on Stellar Wind, see Barton Gellman, “U.S. Surveillance Architecture Includes Collection of Revealing Internet, Phone Metadata,”
Washington Post
, June 15, 2013, and, attached on the
Post
website, the top secret draft of an inspector general's report on the program,
http://apps.washingtonpost.com/g/page/world/national-security-agency-inspector-general-draft-report/277/
.
Trailblazer had consumed $1.2 billion:
Siobhan Gorman, “System Error,”
Baltimore Sun
, Jan. 29, 2006,
http://articles.baltimoresun.com/2006-01-29/news/0601280286_1_intelligence-experts-11-intelligence-trailblazer
; Alice Lipowicz, “Trailblazer Loses Its Way,”
Washington Technology
, Sept. 10, 2005,
http://washingtontechnology.com/articles/2005/09/10/trailblazer-loses-its-way.aspx
; and interviews.
Turbulence consisted of nine smaller systems:
Robert Sesek, “Unraveling NSA's Turbulence Programs,” Sept. 15, 2014,
https://robert.sesek.com/2014/9/unraveling_nsa_s_turbulence_programs.html
; and interviews.
RTRG got under way:
This comes mainly from interviews, but also from Bob Woodward,
Obama's Wars
(New York: Simon & Schuster, 2010), 10; Ellen Nakashima and Joby Warrick, “For NSA Chief, Terrorist Threat Drives Passion to âCollect It All,'â”
Washington Post
, July 14, 2013; Shane Harris,
@War: The Rise of the Military-Internet Complex
(New York: Houghton Mifflin Harcourt, 2014), Ch. 2.
In 2007 alone, these sorts of operations:
“General Keith Alexander Reveals Cybersecurity Strategies and the Need to Secure the Infrastructure,” Gartner Security and Risk Management Summit, June 23â26, 2014,
http://blogs.gartner.com/security-summit/announcements/general-keith-alexander-reveals-cybersecurity-strategies-and-the-need-to-secure-the-infrastructure/
; and interviews.
The effect was not decisive:
For more on this point, see Kaplan,
The Insurgents
, esp. Ch. 19.
On September 6:
David A. Fulghum, “Why Syria's Air Defenses Failed to Detect Israelis,”
Aviation Week & Space Technology
, Nov. 12, 2013; Erich Follath and Holger Stark, “The Story of âOperation Orchard': How Israel Destroyed Syria's Al Kibar Nuclear Reactor,”
Der Spiegel
, Nov. 2, 2009,
http://www.spiegel.de/international/world/the-story-of-operation-orchard-how-israel-destroyed-syria-s-al-kibar-nuclear-reactor-a-658663.html
; Richard A. Clarke and Robert A. Knake,
Cyber War
(New York: HarperCollins, 2010), 1â8; Robin Wright, “N. Koreans Taped at Syrian Reactor,”
Washington Post
, April 24, 2008; “CIA Footage in Full,” BBC News, April 24, 2008,
http://news.bbc.co.uk/2/hi/7366235.stm
; and interviews.
They did so with a computer program called Suter:
Fulghum, “Why Syria's Air Defenses Failed to Detect Israelis”; and interviews. There was some controversy over whether the target was really a nuclear reactor, but in retrospect the evidence seems indisputable. Among other things, the International Atomic Energy Agency found, in soil samples it collected around the bombed reactor, “a significant number of anthropogenic natural uranium particles (i.e., produced as a result of chemical processing).” (Follath and Stark, “The Story of âOperation Orchard.'â”)
Four and a half months earlier:
“War in the Fifth Domain,”
The Economist
, July 1, 2010,
http://www.economist.com/node/16478792
; Andreas Schmidt, “The Estonian Cyberattacks,” in Jason Healey, ed.,
A Fierce Domain
, 174â93; Clarke and Knake,
Cyber War
, 12â16.
On August 1, 2008, Ossetian separatists:
U.S. Cyber Consequences Unit,
Overview by the US-CCU of the Cyber Campaign Against Georgia in August of 2008
(Aug. 2009),
http://www.registan.net/wp-content/uploads/2009/08/US-CCU-Georgia-Cyber-Campaign-Overview.pdf
; Andreas Hagen, “The Russo-Georgian War, 2008,” in Healey, ed.,
A Fierce Domain
, 194â204; Government of Georgia, Ministry of Foreign Affairs,
Russian Invasion of Georgia: Russian Cyberwar on Georgia
(Nov. 10, 2008),
http://www.mfa.gov.ge/files/556_10535_798405_Annex87_CyberAttacks.pdf
.
On March 4, 2007, the Department of Energy:
The background of the test comes from interviews. See also “Mouse Click Could Plunge City into Darkness, Experts Say,” CNN, Sept. 27, 2007,
http://www.cnn.com/2007/US/09/27/power.at.risk/index.html
; Kim Zetter,
Countdown to Zero Day: Stuxnet and the Launch of the World's First Digital Weapon
(New York: Crown, 2014), Ch. 9.
Almost instantly, the generator shook:
For the video, see
https://www.youtube.com/watch?v=fJyWngDco3g
.
In 2000, a disgruntled former worker:
Zetter,
Countdown to Zero Day
, 135ff.
CHAPTER 10: BUCKSHOT YANKEE
When the position was created:
Fred Kaplan, “The Professional,”
New York Times Magazine
, Feb. 10, 2008.
So McConnell's briefing:
The date of the meeting comes from “NSC 05/16/2007-Cyber Terror” folder, NSC Meetings series, National Security Council-Records and Access Management Collection, George W. Bush Presidential Library (folder obtained through Freedom of Information Act). The substance of the meeting (which was not declassified) comes from interviews.
Bush quickly got the idea:
This is based on interviews, though it's also covered in Shane Harris,
@War: The Rise of the Military-Internet Complex
(New York: Houghton Mifflin Harcourt, 2014), Ch. 2.
But the task proved unwieldy:
William Jackson, “DHS Coming Up Short on Einstein Deployment,”
GCN
, May 13, 2003,
http://gcn.com/articles/2013/05/13/dhs-einstein-deployment.aspx
; and interviews.
On January 9, 2008:
President George W. Bush, National Security Presidential Directive (NSPD) 54, “Cyber Security Policy,” Jan. 8, 2008,
http://www.fas.org/irp/offdocs/nspd/nspd-54.pdf
. The background comes from interviews.
Meanwhile, Homeland Security upgraded Einstein:
Steven M. Bellovin et al., “Can It Really Work? Problems with Extending Einstein 3 to Critical Infrastructure,”
Harvard National Security Journal
, Vol. 3, Jan. 2011,
http://harvardnsj.org/wp-content/uploads/2012/01/Vol.-3_Bellovin_Bradner_Diffie_Landau_Rexford.pdf
; and interviews.
Alexander put out the word:
Alexander cited the “Maginot Line” analogy many times; see for instance, “Defenses Against Hackers Are Like the âMaginot Line,' NSA Chief Says,” Blog,
WSJ Tech
, Jan. 13, 2012,
http://blogs.wsj.com/digits/2012/01/13/u-s-business-defenses-against-hackers-are-like-the-maginot-line-nsa-chief-says/
; and interviews.
