Category Archives: Spying

Germany: : Das unterwanderte Land (The Infiltrated Country)

I’ve been working for a couple of months on an investigation of the totality of U.S. intelligence in Germany, out today in Stern magazine.  English translation coming soon.

Stern 31 October 2013

NSA Tailored Access Operations

Found a little more about Tailored Access Operations (TAO), the Computer Network Exploitation/Computer Network Attack (CNE/CNA) operation of NSA, long known, but mentioned in the Washington Post article last week revealing the National Intelligence Budget.  The Post describes TAO as “surreptitiously installing spyware and tracking devices on targeted computers and mobile-phone networks.”  I think that description is too broad.

Tailored Access Operations, or sometimes called Defense Tailored Access Operations, is part of the S3 Data Aquisition, or the Signal Intelligence Directorate.  It is made up of six subordinate elements (branches):

  • S321:  Remote Operations Center (ROC)
  • S323: Data Network Technologies (DNT)
  • S324: Telecommunication Network Technologies (TNT)
  • S325: Mission Infrastructure Technologies (MIT)
  • S327: Requirements & Targeting (R&T)
  • S328: Access Technologies Operations (ATO)

The Remote Operations Center is the primary CNE operation of the U.S. government to gain access and intelligence from computer networks in direct support to cyber security & network warfare missions.  It is made up of the following divisions:

  • NOC: Network Ops Center
  • ORD: Operational Readiness Division (Training)
  • IOD: Interactive Ops Division
  • POD: Production Ops Division
  • AOD: Access Operations Division

The Network Warfare Team (NWT) provides liaison between the military and TAO.

Two tool development organizations are also subordinate to TAO:

  • TNT- Telecommunications Network Technologies
  • DNT- Data Network Technologies.

Fusion Centers and the Homeland: Shouldn’t Somebody Say Something?

“Homeland security begins with hometown security, and fusion centers play a vital role in keeping communities safe all across America,” homeland security commandant Janet Napolitano said at the government-sponsored National Fusion Center Training Event held in Phoenix, Arizona last week.

Amid controversy over the federal government’s spending on lavish conferences (hence the rapid deployment of the name training event), Napolitano’s obsession with making all of America snitches under her See Something, Say Something campaign, continued controversy over ICE’s secure communities program, and even speculation that the former Arizona governor will step down if Obama wins a second term, no one actually paid attention to the Secretary’s central message.

The “war” on terror, the one over there that was supposed to have been a magnet for terrorists so that American itself would be safe, shows no sign of either ultimate success or conclusion, and it is turning these United States into an even greater battlefield.

Napolitano even says that the threat of home-grown terrorism is “increasing,” and she anchors federal government strategy to turn state-level fusion centers as increasingly essential links between local law enforcement and the Washington intelligence machine.

Secretary of Homeland Security Janet Napolitano, looking stern. Source: AP

I know that Napolitano’s piece of this forever war is the homeland, but who would have thought that eleven years after 9/11, some federal government official could stand up before 600 state and local government intelligence officers cheering them on, and it’s a non-story?

To be fair to the locals, fusion centers represent not just threat early warning; they are also federal support at a time when police budgets are declining, they are a seat at the information table, and they are a new and exotic career pursuit, one that promises the big times.  Under the rubric of “all hazards” most fusion centers admittedly focus more on everyday crime.”  But the funding, and the push, is all about terrorism, and the justification, is that there are an abundance of terrorists in our midst.

Terrorists are “not just those coming from abroad we’re concerned about, it’s those that are U.S. citizens – that are home grown, that are right here,” Napolitano declares.

“It can be people who are right here and who we don’t have much knowledge about,” Napolitano said.

Not knowing much about them of course means information collection, Internet stalking, surveillance, even reconnaissance drones at the local level.

Ron Brooks, chairman of the Criminal Intelligence Coordinating Council and a San Francisco-area fusion center official told the Arizona Republic: “We’re worried about the al-Qaida attack, the self-radicalized homegrown extremism attack, the far-right violence, but we’re also worried about everyday crime that impacts our community.”

Brooks says a lot of work needs to be done to educate people about what to look for in their search for the home-grown.  “There are times when we get suspicious activity reported to us by law enforcement or the public, and it really is about how someone is dressing or talking or worshiping, and we push that back and say, ‘That’s not appropriate’…” he says.

But fear not, civil liberties and privacy is all being taken care of: as Napolitano says, there’s an organization at homeland security responsible for it.

And See Something, Say Something is working, according to Napolitano, because the campaign has recently expanded to include partnerships with sports teams, sports leagues, transportation agencies and colleges and universities.  Hooray!

Putting aside my view that there shouldn’t even be something called homeland security – it’s just law enforcement at home, not national security – is Napolitano right that homeland security begins with hometown security?  Are the states even intended to be so intimately involved in national security in the first place?  Isn’t that the fundamental role of the federal government?  The United States has transformed, and we are less secure, and what’s the news?  How much money some agency spends on conferences or the fact that sports leagues are now part of the homeland security reserves…

Catching Insiders Who Threaten the Army

Saw this Army poster and couldn’t help but post it.

How inane, and obvious to the point of almost comical and counterproductive.  You think it might be referring to service members who are Muslims?

New Terrorism Guidelines Represent Further Triumph of Lawyering and an Independent IC

“U.S. eases restrictions on keeping citizens’ data,” The Washington Post broke last night.

“U.S. Relaxes Limits on Use of Data in Terror Analysis,” now says The New York Times.

“U.S. Agencies Allowed to Keep Residents’ Data for Five Years,” says Bloomberg.

“Government Now Allowed to Store Info on Innocent Americans,” says Antiwar.com.

Let the game of telephone begin: liberties stolen; privacy over.

Yesterday, the Director of National Intelligence and Attorney General released what they call “updated guidelines designed to allow NCTC to obtain and more effectively analyze certain data in the government’s possession to better address terrorism-related threats.”

The “Guidelines for Access, Retention, Use, and Dissemination by the National Counter-terrorism Center (NCTC) of Information in Datasets Containing Non-Terrorism Information,” the DNI and Justice Department say in their press release, allow the NCTC to “better protect the nation and its allies from terrorist attacks” while “at the same time protecting privacy and civil liberties.”

The updated Guidelines, the government says, “do not provide any new authorities for the U.S. Government to collect information.”

I received a copy of the new guidelines from the DNI press office at 7:53 PM last night, but I note that the 32 page document is not readily available (as of 9 AM the day after the release) on either the DNI or Attorney General’s websites.

I don’t think there’s a conspiracy here, but I do think if you read the actual document and aren’t familiar with existing guidelines and the ifs, ands, and buts of government regulations, you could easily come away concerned.

And thus constitutes the divide, the divide between Washington and the rest of the nation, between the national security imperative and the colloquial understanding of liberty as practiced by the rest of the country.  The usual suspects of the civil liberties industry (and I don’t mean to disparage them) and the anti-government set (from gun-toters to olive-branchers) will decry; talking heads promoting public slumber will counsel calm; the media will muddle.

Meanwhile the government’s lawyers will satisfy themselves and reassure – as they did in their tortured legal justification sanctioning the summary assassination of an American citizen – that it’s all in accordance with applicable laws.  If you’ve got nothing to hide, what’s the problem?, the agents of idiocy will bellow.

The NCTC, the actual document says, “shall not access, acquire, retain, use, or disseminate United States person information solely for the purpose of monitoring activities protected by the First Amendment or monitoring the lawful exercise of other rights secured by the Constitution or other laws of the United States.”

Any information received must be reviewed to ensure that it is terrorist-related, the guideline says, that is, “based on the knowledge and experience of counterterrorism analysts as well as the facts and practical considerations of everyday life.”

It’s all pretty straightforward, except that these rules only apply to the National Counter-terrorism Center.  And they leave open possibilities – indeed the likelihood – that the national security establishment will over-reach, that an overzealous someone will bend and stretch the rules and their intent, heck, that this has already been done, is already being done, which is why new Guidelines were required.

The NCTC, the Guidelines say, receives its information from federal, state, local governments and “other sources,” “other entities,” “data providers,” none of whom are named.  Any abuses, in other words, will take place elsewhere.

As long as Washington is lost in its terror war, as long as the intelligence community remains beyond accountability, as long as lawyers justify anything as legal, what is already happening in America will continue to happen.  It isn’t a government conspiracy; it’s an American erosion occurring because we haven’t figure out yet either how to deal with the abundance of information the government feels justified to collect and analyze and we haven’t figured out how to deal with the basic criminal threat that terrorism represents.

Those Chinese! Stealing Our Secrets…

Posted on Indeed.com as of March 17, 2012:

Reverse Engineer (TS/SCI Clearance)
Siege Technologies, LLC – Manchester, NH 03101

Siege Technologies is actively looking for cleared engineers and researchers who have expertise in reverse engineering binary software and vulnerability and/or malware analysis. Particular areas of expertise of interest include x86 or Motorola assembly, IDA Pro and other reverse engineering tools (Hex-rays/SoftICE/Ollydbg/etc.), fuzzing, protocol dissection and grammar construction, malware deconstruction, assembly and kernel level software development/experimentation on Windows or embedded platforms and familiarity dealing with complex systems and/or algorithms.

Qualifications

Qualified applicants for this position should include a Bachelors degree in Computer Science/Engineering or a related field (or equivalent experience) and an active security clearance. Successful candidates will possess a strong understanding in one or more of the following areas: Operating system fundamentals, including interrupts, threading, virtual memory, device drivers; knowledge and understanding of operating system/kernel internals including stack/heap design and memory layout and management, device drivers, file system/application formats, reverse engineering, modification of existing binaries, and low level software development.

The Enemy Nation of Non-Joiners

This week, in case you missed it, the federal government announced the creation of yet another citizen war reserve organization.  FEMA Corps will be a unit of 1,600 from AmeriCorps’ National Civilian Community Corps who are solely devoted to FEMA disaster response and recovery.  On the surface, it sounds great.  But the surface is way too glossy.

Ever since the Presidential Task Force on Citizen Preparedness in the War on Terrorism, established by George W. Bush just weeks after 9/11; and Operation TIPS (Terrorism Information Prevention System) established in 2002 and then scaled back the same year, the federal government has been struggling with the question of public involvement and mobilization in the war on terror.

In the ways of bureaucracy, every agency of the Department of Homeland Security, and every other department – from the Department of Agriculture to the FBI have jumped on the bandwagon, and more than two dozen “public-private” partnerships have been created since 9/11.  The NSA has its network of research affiliates in the private sectors coding to its specifications to enhance cyber security against outsiders.  The Director of National Intelligence even opened its own Office of Private Sector Partnerships in 2009.  These are not contracts or contractors, though money does flow from the federal government and the cumulative effort I’m sure is a pretty penny from our pockets.

These are volunteer organizations, voluntary efforts, that is, if you think that standing up and singing the national anthem at a public event is optional.

I’ve already written about “whole-of-society” efforts by Northern Command (NORTHCOM) to do its version of nation building on the homeland battlefield and I’m trying to wrap my head around what this boundless effort means.  There are, of course, the standard concerns of privacy, civil liberties, and even the hopeless Washington preoccupation with ‘fraud, waste, and abuse’ (which I liken to the medical establishment’s declaring war on microbes), but somewhere I fear there is also a fundamental reordering of American society, one that places too much emphasis on national security and one that puts too much power into the hands of the federal government.

But most important, in enlisting certain segments of society, people of a certain predilection, many others are left behind.  As a commenter said yesterday in response to my blog, the missions and capabilities of organizations become “predestined” by their very structure.  So after the people who are predisposed to  be volunteer firemen, after the businesses that are part of the so-called critical infrastructure cluster under the government umbrella, after ‘good Muslims’ or the civic-minded sign up, the enemy becomes who’s left.  Well, at least who’s left is the universe of dots to search for.

Nowhere is this more obvious than the Obama administration’s weird attachment to its  “If You See Something, Say Something™” campaign, which is the citizen-participation counterpart of the Nationwide Suspicious Activity Reporting Initiative.

On some level, this is just a case of a bunch of Boy Scouts and A-students cleaning up and trying to do better than their predecessors – in other words, cleaning up the paperwork for the same ugly effort and then repackaging it as reformed.  But there is also a problem of asking Boy Scouts to run a killing machine.

In the case of See Something, Say Something, the Department of Homeland Security (DHS) goes out of its way to assure that it “respects civil rights or civil liberties by emphasizing behavior, rather than appearance, in identifying suspicious activity.”  That’s part of the smokescreen of accepting the banality of evil.

So, if you see something that doesn’t have anything to do with race, ethnicity, national origin, religious affiliation, beliefs, thoughts, ideas, expressions, associations, or speech, unless it has to do with terrorism – and I’m not joking, that what the DHS says – report it.

Sound kind of hopeless?  How is someone supposed to figure out the differences?  They aren’t; you can’t.  So you either better enlist in the army of common sense or else we’ll make a note of the fact that you didn’t.