Blog Archives

The National Geospatial-Intelligence Agency (NGA): Washington’s Little Known Spy Agency

Yahoo Secretly Scanned Customer Emails for U.S. Intelligence

NSA Participated In Worst Abuses of the Iraq War, Spied on the UN, Assisted with Torture and Assassinations

PRISM: The NSA’s Data Collection Surveillance Program

The NSA Has Been Using An Algorithm To Decide Who Gets Killed With Drone Strikes

NSA Spying Targeted Israel, Caught Congressional Conversations

“Angst” Against Encryption: National Security and the Surveillance State. The Global Crackdown

Top NSA Whistleblower: Only “AFTER the Attack and People Die, They Do The Right Thing. This Should Make It Obvious What Route To Take”

Orwellian Justice Upholds NSA Spying on Americans: Court of Appeals Upholds Unconstitutional Mass Surveillance

Why We Can’t Trust the NSA (And Why That’s a Crisis)

NSA affair creates tensions between Berlin and Washington

The NSA’s Technotyranny: One Nation Under Surveillance

NSA Spying and the Patriot Act: Americans Don’t Trust the Government

US Appeals Court Strikes Down Bulk NSA Phone Spying on Americans

The Computers are Listening

IT Independence is National Security

NSA and Facebook Work Together

Glenn Greenwald vs Former GCHQ Director David Omand on ISC Surveillance Report

Video – Newsnight

The Intelligence and Security Committee of the UK Parliament (ISC) issued a lengthy report on the surveillance practices of GCHQ. Invoking the now-standard Orwellian tactic of claiming that “bulk collection” is not “mass surveillance,” the Committee predictably cleared GCHQ of illegality, but it did announce that it has “serious concerns” over the agency’s lack of transparency and oversight.

Posted March 14, 2015

http://www.informationclearinghouse.info/article41228.htm

The NSA Has Taken Over the Internet Backbone. We’re Suing to Get it Back

Moscow-Based Security Firm Reveals What May Be the Biggest NSA “Backdoor Exploit” Ever

The Future of Freedom: Interview with NSA Whistleblower William Binney

How Many of These Secret Surveillance Programs Do you Know About?

Internal NSA reports detail violation of laws, internal regulations

NSA tapping vast majority of cell phone networks worldwide

By Thomas Gaist

5 December 2014

Electronic surveillance programs run by the US National Security Agency have compromised the great majority of the world’s cell phone networks, according to newly released NSA documents leaked by Edward Snowden and published on The Intercept.

The NSA’s operation AURORAGOLD, exposed by the new Snowdendocuments, has already established an institutional and technological framework through which the spy agency can achieve direct access to all data traversing the world’s cellular networks.

Run by at least two secret NSA spy units, referred to in the documents as the Wireless Portfolio Management Office and the Target Technology Trends Center, AURORAGOLD encompasses a range of surveillance and electronic infiltration activities against cell phone networks on every continent.

The agency had established some level of electronic surveillance presence within 701 of the estimated 985 global cell phone networks as early as May 2012, the leaked documents reveal.

The main purposes of AURORAGOLD, the slides in the documents indicate, are:

* to “maintain data about international GSM/UMTS [cell phone] networks”

* to “forecast the evolution” of global cellular networks in support of the agency’s “imperative to Know the Future”

* to develop intelligence on and surveillance operations against “GSM/UMTS infrastructure,” “voice data convergence,” “technology migration,” and “technology deployments”

As part of AURORAGOLD, the slides show that NSA agents engage in:

* installing electronic backdoors in encryption systems deployed to protect cell phone networks

* gathering intelligence on and predicting the future development of cell phone security systems

* cracking new encryption technologies before they have even been deployed on live cellular networks

Information gathered by AURORAGOLD is widely shared within the intelligence agencies of the US and its allies, the slides show.

“Coincident beneficiaries of this mission are, among others, other NSA SIGDEV elements, protocol exploitation elements, and Five-Eyes Partner SIGDEV organizations,” one slide states. The Five Eyes network is comprised of the United States, Canada, Britain, Australia and New Zealand.

The leaked slides include a color-coded map showing that the NSA has tapped into 100 percent of existing cellular networks in numerous countries, including the majority of countries in Africa, as well as Mexico, Saudi Arabia, the Philippines, Venezuela, Poland and Indonesia.

The NSA has tapped a large majority of cell phone networks in China, Russia, Turkey, Iran and Spain, the map shows, and is running cellular network surveillance operations inside the US, the UK, Australia, New Zealand, Germany and France.

Making clear that the NSA is seeking to establish a regime of total information awareness even in relation to its corporate partners, one slide reads, “We monitor the industry” and demands “visibility into changing standards and practices for: Roaming, Signaling, Billing, Interoperability.”

The agency systematically spied on the content of emails sent from more than 1,000 email accounts run by key offices within the global telecommunications network.

One of the NSA’s main targets was a British-based global trade group called the GSM Association, which maintains ties to hundreds of telecommunications and tech companies around the world. NSA operations against GSM sought to intercept “IR.21 documents” passed between companies via GSM. The IR.21 documents contain information about cell phone networks that the NSA uses to penetrate their security systems.

The NSA and its British counterpart GCHQ worked together to crack the so-called “A 5/3” encryption algorithm as part of a program called WOLFRAMITE, the documents show.

The documents also shed light on the role of NSA in supporting the geopolitical machinations of US imperialism. One document shows that the NSA received orders to hack Libyan cellphone networks from the Pentagon’s Africa Command (AFRICOM) in March 2011.

“AFRICOM IKD-OPS requires information concerning the SMS Gateway domains for: Libyana mobile (libyans.ly) and Al Madar Al Jadid (almadar.ly),” one slide reads.

A slide boasting of the agency’s “Notable Successes” claims that the NSA has achieved “IR 21 collection from 67 high-priority networks,” including “recent IR 21s from Egypt,” and “IR 21 collection related to a possible new Chinese network.”

The latest documents make a mockery of the countless lies advanced by the Obama administration and the intelligence establishment in defense of the US government’s warrantless surveillance programs.

Rather than being limited to telephone metadata, or to “foreign intelligence” threats, the NSA’s surveillance machine has direct access to the bulk of cell phone traffic worldwide, including traffic that is supposedly protected by encryption.

Responding to the latest revelations, NSA spokeswoman Vanee Vines reassured the public that the spy agency “collects only those communications that it is authorized by law.”

In a sense, it is true that the surveillance programs have been “authorized by law.”

With the emergence of the Foreign Intelligence Surveillance Court in 1978, a secret surveillance judiciary has was established that presides over the development of a panoply of unconstitutional spying operations by the US intelligence establishment.

This process has complete support from the Republican and Democratic parties in Congress and the last several presidential administrations, which have adopted a series of executive orders authorizing mass surveillance.

The entire US government, including the Congress, has endorsed practices which clearly violate the Fourth Amendment to the US Bill of Rights. It is the military and intelligence agencies that call the shots in Washington, in alliance with Wall Street, not Senators, congressmen and even presidents, who serve as willing accomplices.

Defending the worldwide cell network tapping programs, NSA spokesperson Vines argued that the use by “terrorists” of cellular networks justifies total access by the US agency to global cellular data. “Terrorists, weapons proliferators, and other foreign targets often rely on the same means of communication as ordinary people,” Vines said.

These words express the fact that as far as the NSA is concerned, Internet and telephone users have no democratic rights. Under the pretext of spying on “terrorists” lurking in every corner of the globe, the NSA is aggressively pursuing its openly stated objectives: “Collect it All; Process it All; Exploit it All; Partner it All; Sniff it All; Know it All.”

Terrorists also breath the same air, drink the same water, eat the same food and travel the same roads as ordinary people. Apparently this brings every necessity of human life under the jurisdiction of the US military-intelligence apparatus.

The favorite arguments of right-wing dictatorships are now continually invoked by the leaders of the US bourgeois state. The NSA spokesperson’s comments are a textbook application of the authoritarian legal theories developed by Nazi jurists, which call for the executive power to free itself from all legal constraints in response to a “state of emergency.”

The Obama administration has fully embraced authoritarian legal doctrine that the government the government can spy arbitrarily on any target that its agents select.

http://www.wsws.org/en/articles/2014/12/05/cell-d05.html

How the NSA Hacks Cellphone Networks Worldwide

Global Research, December 04, 2014

cellphone21In March 2011, two weeks before the Western intervention in Libya, a secret message was delivered to the National Security Agency. An intelligence unit within the U.S. military’s Africa Command needed help to hack into Libya’s cellphone networks and monitor text messages.

For the NSA, the task was easy. The agency had already obtained technical information about the cellphone carriers’ internal systems by spying on documents sent among company employees, and these details would provide the perfect blueprint to help the military break into the networks.

The NSA’s assistance in the Libya operation, however, was not an isolated case. It was part of a much larger surveillance program—global in its scope and ramifications—targeted not just at hostile countries.

According to documents contained in the archive of material provided toThe Intercept by whistleblower Edward Snowden, the NSA has spied on hundreds of companies and organizations internationally, including in countries closely allied to the United States, in an effort to find security weaknesses in cellphone technology that it can exploit for surveillance.

The documents also reveal how the NSA plans to secretly introduce new flaws into communication systems so that they can be tapped into—a controversial tactic that security experts say could be exposing the general population to criminal hackers.

Codenamed AURORAGOLD, the covert operation has monitored the content of messages sent and received by more than 1,200 email accounts associated with major cellphone network operators, intercepting confidential company planning papers that help the NSA hack into phone networks.

One high-profile surveillance target is the GSM Association, an influential U.K.-headquartered trade group that works closely with large U.S.-based firms including Microsoft, Facebook, AT&T, and Cisco, and is currently being funded by the U.S. government to develop privacy-enhancing technologies.

Karsten Nohl, a leading cellphone security expert and cryptographer who was consulted by The Intercept about details contained in the AURORAGOLD documents, said that the broad scope of information swept up in the operation appears aimed at ensuring virtually every cellphone network in the world is NSA accessible.

THE OPERATION APPEARS AIMED AT ENSURING VIRTUALLY EVERY CELLPHONE NETWORK IN THE WORLD IS NSA ACCESSIBLE.

“Collecting an inventory [like this] on world networks has big ramifications,” Nohl said, because it allows the NSA to track and circumvent upgrades in encryption technology used by cellphone companies to shield calls and texts from eavesdropping. Evidence that the agency has deliberately plotted to weaken the security of communication infrastructure, he added, was particularly alarming.

“Even if you love the NSA and you say you have nothing to hide, you should be against a policy that introduces security vulnerabilities,” Nohl said, “because once NSA introduces a weakness, a vulnerability, it’s not only the NSA that can exploit it.”

NSA spokeswoman Vanee’ Vines told The Intercept in a statement that the agency “works to identify and report on the communications of valid foreign targets” to anticipate threats to the United States and its allies.

Vines said: “NSA collects only those communications that it is authorized by law to collect in response to valid foreign intelligence and counterintelligence requirements—regardless of the technical means used by foreign targets, or the means by which those targets attempt to hide their communications.”

Network coverage

The AURORAGOLD operation is carried out by specialist NSA surveillance units whose existence has not been publicly disclosed: the Wireless Portfolio Management Office, which defines and carries out the NSA’s strategy for exploiting wireless communications, and the Target Technology Trends Center, which monitors the development of new communication technology to ensure that the NSA isn’t blindsided by innovations that could evade its surveillance reach. The center’s logo is a picture of the Earth overshadowed by a large telescope; its motto is “Predict – Plan – Prevent.”

The NSA documents reveal that, as of May 2012, the agency had collected technical information on about 70 percent of cellphone networks worldwide—701 of an estimated 985—and was maintaining a list of 1,201 email “selectors” used to intercept internal company details from employees. (“Selector” is an agency term for a unique identifier like an email address or phone number.) From November 2011 to April 2012, between 363 and 1,354 selectors were “tasked” by the NSA for surveillance each month as part of AURORAGOLD, according to the documents. The secret operation appears to have been active since at least 2010.The information collected from the companies is passed onto NSA “signals development” teams that focus on infiltrating communication networks. It is also shared with other U.S. Intelligence Community agencies and with the NSA’s counterparts in countries that are part of the so-called “Five Eyes” surveillance alliance—the United Kingdom, Canada, Australia, and New Zealand.

Aside from mentions of a handful of operators in Libya, China, and Iran, names of the targeted companies are not disclosed in the NSA’s documents. However, a top-secret world map featured in a June 2012 presentation on AURORAGOLD suggests that the NSA has some degree of “network coverage” in almost all countries on every continent, including in the United States and in closely allied countries such as the United Kingdom, Australia, New Zealand, Germany, and France.

map

One of the prime targets monitored under the AURORAGOLD program is the London-headquartered trade group, the GSM Association, or the GSMA, which represents the interests of more than 800 major cellphone, software, and internet companies from 220 countries.

The GSMA’s members include U.S.-based companies such as Verizon, AT&T, Sprint, Microsoft, Facebook, Intel, Cisco, and Oracle, as well as large international firms including Sony, Nokia, Samsung, Ericsson, and Vodafone.

The trade organization brings together its members for regular meetings at which new technologies and policies are discussed among various “working groups.” The Snowden files reveal that the NSA specifically targeted the GSMA’s working groups for surveillance.

Claire Cranton, a spokeswoman for the GSMA, said that the group would not respond to details uncovered by The Intercept until its lawyers had studied the documents related to the spying.

“If there is something there that is illegal then they will take it up with the police,” Cranton said.

By covertly monitoring GSMA working groups in a bid to identify and exploit security vulnerabilities, the NSA has placed itself into direct conflict with the mission of the National Institute for Standards and Technology, or NIST, the U.S. government agency responsible for recommending cybersecurity standards in the United States. NIST recently handed out a grant of more than $800,000 to GSMA so that the organization could research ways to address “security and privacy challenges” faced by users of mobile devices.

The revelation that the trade group has been targeted for surveillance may reignite deep-seated tensions between NIST and NSA that came to the fore following earlier Snowden disclosures. Last year, NIST was forced to urge people not to use an encryption standard it had previously approved after it emerged NSA had apparently covertly worked to deliberately weaken it.

Jennifer Huergo, a NIST spokewoman, told The Intercept that the agency was “not aware of any activities by NSA related to the GSMA.” Huergo said that NIST would continue to work towards “bringing industry together with privacy and consumer advocates to jointly create a robust marketplace of more secure, easy-to-use, privacy-enhancing solutions.”

gstreetview2 GSMA headquarters in London (above)

Encryption attack

The NSA focuses on intercepting obscure but important technical documents circulated among the GSMA’s members known as “IR.21s.”

Most cellphone network operators share IR.21 documents among each other as part of agreements that allow their customers to connect to foreign networks when they are “roaming” overseas on a vacation or a business trip. An IR.21, according to the NSA documents, contains information “necessary for targeting and exploitation.”

The details in the IR.21s serve as a “warning mechanism” that flag new technology used by network operators, the NSA’s documents state. This allows the agency to identify security vulnerabilities in the latest communication systems that can be exploited, and helps efforts to introduce new vulnerabilities “where they do not yet exist.”

The IR.21s also contain details about the encryption used by cellphone companies to protect the privacy of their customers’ communications as they are transmitted across networks. These details are highly sought after by the NSA, as they can aid its efforts to crack the encryption and eavesdrop on conversations.

Last year, the Washington Post reported that the NSA had already managed to break the most commonly used cellphone encryption algorithm in the world, known as A5/1. But the information collected under AURORAGOLD allows the agency to focus on circumventing newer and stronger versions of A5 cellphone encryption, such as A5/3.

The documents note that the agency intercepts information from cellphone operators about “the type of A5 cipher algorithm version” they use, and monitors the development of new algorithms in order to find ways to bypass the encryption.

In 2009, the British surveillance agency Government Communications Headquarters conducted a similar effort to subvert phone encryption under a project called OPULANT PUP, using powerful computers to perform a “crypt attack” to penetrate the A5/3 algorithm, secret memos reveal. By 2011, GCHQ was collaborating with the NSA on another operation, calledWOLFRAMITE, to attack A5/3 encryption. (GCHQ declined to comment for this story, other than to say that it operates within legal parameters.)

The extensive attempts to attack cellphone encryption have been replicated across the Five Eyes surveillance alliance. Australia’s top spy agency, for instance, infiltrated an Indonesian cellphone company and stole nearly 1.8 million encryption keys used to protect communications, the New York Times reported in February.

The NSA’s documents show that it focuses on collecting details about virtually all technical standards used by cellphone operators, and the agency’s efforts to stay ahead of the technology curve occasionally yield significant results. In early 2010, for instance, its operatives had alreadyfound ways to penetrate a variant of the newest “fourth generation” smartphone-era technology for surveillance, years before it became widely adopted by millions of people in dozens of countries.

The NSA says that its efforts are targeted at terrorists, weapons proliferators, and other foreign targets, not “ordinary people.” But the methods used by the agency and its partners to gain access to cellphone communications risk significant blowback.

According to Mikko Hypponen, a security expert at Finland-based F-Secure, criminal hackers and foreign government adversaries could be among the inadvertent beneficiaries of any security vulnerabilities or encryption weaknesses inserted by the NSA into communication systems using data collected by the AURORAGOLD project.

“If there are vulnerabilities on those systems known to the NSA that are not being patched on purpose, it’s quite likely they are being misused by completely other kinds of attackers,” said Hypponen. “When they start to introduce new vulnerabilities, it affects everybody who uses that technology; it makes all of us less secure.”

“IT AFFECTS EVERYBODY WHO USES THAT TECHNOLOGY; IT MAKES ALL OF US LESS SECURE.”

In December, a surveillance review panel convened by President Obama concluded that the NSA should not “in any way subvert, undermine, weaken, or make vulnerable generally available commercial software.” The panel also recommended that the NSA should notify companies if it discovers previously unknown security vulnerabilities in their software or systems—known as “zero days” because developers have been given zero days to fix them—except in rare cases involving “high priority intelligence collection.”

In April, White House officials confirmed that Obama had ordered NSA to disclose vulnerabilities it finds, though qualified that with a loophole allowing the flaws to be secretly exploited so long as there is deemed to be “a clear national security or law enforcement” use.

Vines, the NSA spokeswoman, told The Intercept that the agency was committed to ensuring an “open, interoperable, and secure global internet.”

“NSA deeply values these principles and takes great care to honor them in the performance of its lawful foreign-intelligence mission,” Vines said.

She declined to discuss the tactics used as part of AURORAGOLD, or comment on whether the operation remains active.

———

Documents published with this article:

———

Photo: Cell tower: Justin Sullivan/Getty Images; GSMA headquarters: Google Maps

New documents detail NSA surveillance of Yahoo

By Thomas Gaist

13 September 2014

A trove of some 1,500 documents released Thursday by Yahoo Inc. shed new light on the US government’s warrantless electronic data mining programs, which have targeted Yahoo users for years.

The documents cover 2008 rulings by the Foreign Intelligence Surveillance Court (FISC) and the Foreign Intelligence Surveillance Court Review (FISCR), a secret appeals court established to review FISC decisions. Large sections of the documents will remain “sealed and classified,” according to a top Yahoo official.

Rejecting Yahoo’s challenges to the warrantless surveillance, the FISC ruled in 2008 that “there is a foreign intelligence exception” to Fourth Amendment protections against warrantless spying, the documents show. The court held that provisions in the Protect America Act (PAA) of 2007 authorized the NSA to conduct warrantless surveillance of the communications of American citizens.

Reviewing the ruling in August of 2008, the FISC-R affirmed that warrantless electronic surveillance does not violate the Fourth Amendment as long as it is carried out for “foreign intelligence” purposes. The FISC-R cited previous US Supreme Court decisions, saying they had authorized the US government to ignore Fourth Amendment protections under exceptional conditions of “special needs,” such as those arising from the “global war on terrorism.”

In a statement published Thursday in response to the Yahoo releases, Director of National Intelligence (DNI) James Clapper defended the FISC rulings, arguing that provisions in the PAA empowered the NSA to spy on targets “reasonably believed” to possess “foreign intelligence information.”

DNI Clapper bluntly asserted that “incidental collection” of data from US persons associated with such operations does not violate the Fourth Amendment, even if the targets are located in the US.

“Any incidental acquisition of the communications of non-targeted persons located in the United States and of non-targeted US persons, wherever they may be located, is also reasonable under the Fourth Amendment,” Clapper wrote.

Behind the convoluted pseudo-legal rationales promulgated by the intelligence bureaucracy and secret surveillance courts—including “incidental collection,” “special needs,” and “foreign intelligence exceptions,” etc.—the underlying reality is that the US government spies on whoever it wants, collects as much data from as many sources as possible, and does so in direct violation of core democratic rights protected by the US Constitution. As the NSA’s own documents make clear, the agency is guided by a maximalist “collection posture” defined by six main principles: “Collect it All; Process it All; Exploit it All; Partner it All; Sniff it All; Know it All.”

The US government began developing its mass warrantless surveillance techniques years before the passage of the surveillance legislation—the PAA of 2007 and the FISA Amendments Act of 2008—cited by the FISC in defense of the spying. Starting in 2005, the US launched the so-called Real Time Regional Gateway (RTRG) program, which sought to collect and analyze all electronic communications produced inside Iraq.

RTRG became the model for PRISM, the NSA’s primary data mining program. Yahoo, Google, Facebook, AOL, Apple, Microsoft, Skype, YouTube, and other major tech and communications companies were revealed as active collaborators in the PRISM program by the 2013 Snowden leaks.

According to one of the NSA slides leaked by Snowden, “98 percent of PRISM production is based on Yahoo, Google and Microsoft.” Another slide described PRISM as “the number one source of raw intelligence used for NSA analytic reports,” saying that it collects 91 percent of Internet data acquired in the course of NSA operations.

Under PRISM, NSA analysts can access every type of data hosted by these companies, including email, chat, webcams, web-based telephones, social media data, and numerous other forms. NSA agents can spy on these communications in real time and troll through user archives at will.

In its official statement released Thursday, Yahoo sought to portray itself as a principled opponent of the warrantless surveillance.

“We refused to comply with what we viewed as unconstitutional and overbroad surveillance and challenged the US Government’s authority … we had to fight every step of the way to challenge the US government’s surveillance efforts,” Yahoo general counsel Ron Bell wrote.

Such claims, made in one form or another by all the major tech firms involved, are part of a public relations campaign mounted by the corporations to conceal their close relations with the US government and its surveillance apparatus. Despite their posturing, Yahoo and the other tech giants have transferred huge amounts of data to the government for a period spanning years and actively facilitated government efforts to penetrate their information systems.

Relations between the NSA and Microsoft highlight this contradiction between the companies’ rhetorical and legal maneuvers, on the one hand, and their actual actions when it comes to customers’ data.

Like Yahoo, Microsoft has challenged US government surveillance powers in court, yet it has simultaneously worked together with the NSA to enable the agency to defeat the company’s own encryption systems, and to grant the FBI and NSA direct access to the SkyDrive file-hosting service used by more than 250 million people worldwide. Microsoft’s acquisition of Skype massively accelerated NSA efforts to spy on the communications platform’s hundreds of millions of users, Snowden-leaked documents show.

http://www.wsws.org/en/articles/2014/09/13/yaho-s13.html

The NSA’s New Partner in Spying: Saudi Arabia’s Brutal State Police

Whistleblower: NSA Stores 80% of all Phone Calls, Not Just Metadata – Full Audio

Spying on Innocents

High-Level NSA Official: the NSA Has Become “J. Edgar Hoover On Super Steroids”

Snowden documents show NSA spied on prominent Muslim-Americans

The Latest Snowden Leak Is Devastating to NSA Defenders

How NSA Can Secretly Aid Criminal Cases

Glenn Greenwald: How the NSA Tampers With US-made Internet Routers

The Worldwide Surveillance Machine: Leaked NSA Documents expose Agency’s Sophisticated Malware Arsenal

By Thomas Gaist

Global Research, March 14, 2014

nsaIn an article published Wednesday by the Intercept, “How the NSA Plans to Infect ‘Millions’ of Computers with Malware,” Glenn Greenwald and Ryan Gallagher made public yet more revelations—based on documents provided to them by Edward Snowden—about US National Security Agency surveillance operations.

The latest documents show that the NSA has escalated its “active” surveillance operations exponentially during the past decade. In contrast to passive surveillance, active surveillance methods involve intervening directly against targeted machines using a sophisticated arsenal of malware for a range of surveillance-related purposes. According to the Intercept, the NSA’s malware efforts have already infected at least 85,000 to 100,000 computers.

The leaked documents detail various aspects of a worldwide surveillance machine that is increasingly automated.

The growth of spying operations has encouraged the agency to automate aspects of its work. The NSA presentation states, “One of the greatest challenges for active SIGINT/attack is scale,” and adds, “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture.)”

A program codenamed TURBINE, which has been operating since at least the summer of 2010, automated aspects of the process of malware deployment by NSA hackers. The Interceptdescribed the program as “a major tactical shift within the NSA that was expected to have a profound impact—allowing the agency to push forward into a new frontier of surveillance operations.” One NSA document leaked to the Intercept conceived TURBINE as a means to “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”

The intelligence “Black Budget” leaked by Snowden listed TURBINE as a main component of the NSA project “Owning the Net.”

The NSA leaks characterize TURBINE as: “A new intelligent command and control capability designed to manage a very large number of covert implants for active SIGINT and active Attack that reside on the GENIE covert infrastructure (for endpoint data extraction). It will increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”

Malware tools deployed by the NSA and operating increasingly on an automated basis under TURBINE, include:

UNITEDRAKE—takes control over computers through plug-ins

CAPTIVATEDAUDIENCE—takes control of computer microphones and records users’ conversations

GUMFISH—accesses computer webcams to take photos of those nearby

FOGGYBOTTOM—records users’ browsing histories and collects login information including passwords for email accounts

SALVAGERABBIT—extracts data from removable flash drives once they are linked to a targeted machine

HAMMERCHANT and HAMMERSTEIN—carries out “exploitation attacks” against Virtual Private Network (VPN) systems, track phone calls sent via Skype

QUANTUMSKY—blocks targeted computers from accessing web sites

QUANTUMCOPPER – corrupts files downloaded by targeted computers

WILLOWVIXEN—sends spam messages with malicious links containing “back-door implants”

QUANTUMHAND—uses fake Facebook server to “shoot” malware packets at target

SECONDDATE—modifies content of communications between servers and clients in real time, redirects browsers to NSA servers codenamed FOXACID, said by NSA docs to have “mass exploitation potential for clients passing through network choke points”

VALIDATOR—downloads and uploads data to and from targeted computers

The NSA also launches malware attacks against systems administrators of telecommunications providers. This practice enables the NSA to spy on all communications being handled by a given provider.

“Sys admins are a means to an end” wrote an NSA operative in an internal message titled, “I hunt sys admins,” the documents show.

TURBINE operations are coordinated with a global network of surveillance “sensors,” codenamed TURMOIL, set up by the NSA around the world. This network finds targets by identifying data “selectors” including email and IP addresses, usernames, etc.

The documents leaked to the Intercept show that the other major powers which make up the “Five Eyes” global surveillance alliance—the UK, Canada, New Zealand, and Australia—have been involved in the use of malware implants. As part of its TURMOIL network, the NSA runs a joint eavesdropping base with the Government Communications Headquarters (GCHQ) in Britain, called the Menwith Hill satellite eavesdropping base.

The latest documents also revealed that GCHQ has been targeting systems administrators at Belgacom, known as “Operation Socialist,” since at least 2010.

In the wake of Snowden’s exposure of the mass surveillance, a propaganda offensive was initiated by the ruling elite, claiming that the spying was “narrowly targeted” against highly specific, imminent terrorist threats. These arguments have been thoroughly discredited. As the most recent leaks show, the US and its allies are carrying out aggressive surveillance and cyberwarfare operations against their own populations and targets around the world.

The implementation of “active” surveillance practices reflects the drive of the state to accumulate as much information on as many people as possible, in preparation for state repression against the mass struggles now developing in the international working class. This political agenda is propelling the continuous expansion and automation of the spying machinery.

http://www.globalresearch.ca/the-worldwide-surveillance-machine-leaked-nsa-documents-expose-agencys-sophisticated-malware-arsenal/5373433

Leaked NSA documents expose agency’s sophisticated malware arsenal

By Thomas Gaist 

14 March 2014

In an article published Wednesday by the Intercept, “How the NSA Plans to Infect ‘Millions’ of Computers with Malware,” Glenn Greenwald and Ryan Gallagher made public yet more revelations—based on documents provided to them by Edward Snowden—about US National Security Agency surveillance operations.

The latest documents show that the NSA has escalated its “active” surveillance operations exponentially during the past decade. In contrast to passive surveillance, active surveillance methods involve intervening directly against targeted machines using a sophisticated arsenal of malware for a range of surveillance-related purposes. According to the Intercept, the NSA’s malware efforts have already infected at least 85,000 to 100,000 computers.

The leaked documents detail various aspects of a worldwide surveillance machine that is increasingly automated.

The growth of spying operations has encouraged the agency to automate aspects of its work. The NSA presentation states, “One of the greatest challenges for active SIGINT/attack is scale,” and adds, “Human ‘drivers’ limit ability for large-scale exploitation (humans tend to operate within their own environment, not taking into account the bigger picture.)”

A program codenamed TURBINE, which has been operating since at least the summer of 2010, automated aspects of the process of malware deployment by NSA hackers. The Intercept described the program as “a major tactical shift within the NSA that was expected to have a profound impact—allowing the agency to push forward into a new frontier of surveillance operations.” One NSA document leaked to the Interceptconceived TURBINE as a means to “increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”

The intelligence “Black Budget” leaked by Snowden listed TURBINE as a main component of the NSA project “Owning the Net.”

The NSA leaks characterize TURBINE as: “A new intelligent command and control capability designed to manage a very large number of covert implants for active SIGINT and active Attack that reside on the GENIE covert infrastructure (for endpoint data extraction). It will increase the current capability to deploy and manage hundreds of Computer Network Exploitation (CNE) and Computer Network Attack (CNA) implants to potentially millions of implants.”

Malware tools deployed by the NSA and operating increasingly on an automated basis under TURBINE, include:

UNITEDRAKE—takes control over computers through plug-ins

CAPTIVATEDAUDIENCE—takes control of computer microphones and records users’ conversations

GUMFISH—accesses computer webcams to take photos of those nearby

FOGGYBOTTOM—records users’ browsing histories and collects login information including passwords for email accounts

SALVAGERABBIT—extracts data from removable flash drives once they are linked to a targeted machine

HAMMERCHANT and HAMMERSTEIN—carries out “exploitation attacks” against Virtual Private Network (VPN) systems, track phone calls sent via Skype

QUANTUMSKY—blocks targeted computers from accessing web sites

QUANTUMCOPPER – corrupts files downloaded by targeted computers

WILLOWVIXEN—sends spam messages with malicious links containing “back-door implants”

QUANTUMHAND—uses fake Facebook server to “shoot” malware packets at target

SECONDDATE—modifies content of communications between servers and clients in real time, redirects browsers to NSA servers codenamed FOXACID, said by NSA docs to have “mass exploitation potential for clients passing through network choke points”

VALIDATOR—downloads and uploads data to and from targeted computers

The NSA also launches malware attacks against systems administrators of telecommunications providers. This practice enables the NSA to spy on all communications being handled by a given provider.

“Sys admins are a means to an end” wrote an NSA operative in an internal message titled, “I hunt sys admins,” the documents show.

TURBINE operations are coordinated with a global network of surveillance “sensors,” codenamed TURMOIL, set up by the NSA around the world. This network finds targets by identifying data “selectors” including email and IP addresses, usernames, etc.

The documents leaked to the Intercept show that the other major powers which make up the “Five Eyes” global surveillance alliance—the UK, Canada, New Zealand, and Australia—have been involved in the use of malware implants. As part of its TURMOIL network, the NSA runs a joint eavesdropping base with the Government Communications Headquarters (GCHQ) in Britain, called the Menwith Hill satellite eavesdropping base.

The latest documents also revealed that GCHQ has been targeting systems administrators at Belgacom, known as “Operation Socialist,” since at least 2010.

In the wake of Snowden’s exposure of the mass surveillance, a propaganda offensive was initiated by the ruling elite, claiming that the spying was “narrowly targeted” against highly specific, imminent terrorist threats. These arguments have been thoroughly discredited. As the most recent leaks show, the US and its allies are carrying out aggressive surveillance and cyberwarfare operations against their own populations and targets around the world.

The implementation of “active” surveillance practices reflects the drive of the state to accumulate as much information on as many people as possible, in preparation for state repression against the mass struggles now developing in the international working class. This political agenda is propelling the continuous expansion and automation of the spying machinery.

http://www.wsws.org/en/articles/2014/03/14/malw-m14.html

Leaked documents detail NSA surveillance operations against WikiLeaks

By Thomas Gaist 

19 February 2014

Documents from whistleblower Edward Snowden show that the US National Security Agency and British GCHQ have carried out political surveillance operations targeting WikiLeaks, its founder Julian Assange and readers of the whistle-blowing web site. In addition to the US and Britain, the operations also involved the other members “of the “Five Eyes” allied countries (New Zealand, Australia and Canada).

The documents were posted by Glenn Greenwald and Ryan Gallagher on the Intercept in an extensive expose titled “Snowden Documents Reveal Covert Surveillance and Pressure Tactics Aimed at WikiLeaks and Its Supporters.” Among other things, they show that the agency has collected IP addresses of computers visiting the WikiLeaks site, considered classifying WikiLeaks as “a malicious foreign actor,” and placed Assange on an NSA “manhunting” list that included alleged Al Qaeda terrorists.

The leaked documents have further exposed as lies the claims of the Obama administration that the NSA police-state apparatus is directed against “terrorists.” In reality, the NSA is using its illegal and secret access to the internet backbone to monitor the internet activity of its political adversaries and anyone considered a threat to the interests of the American ruling class.

The government of the UK has played a major role in the targeting of the web site. The leaked documents contained information about a GCHQ program called ANTICRISIS GIRL. The program is revealed in a Power Point slide prepared by the British spy agency for the 2012 SIGDEV Conference, an annual symposium held by the surveillance bureaucracies of the major powers. Under ANTICRISIS GIRL, GCHQ has been collecting IP addresses of individual computers that visit the WikiLeaks site, allowing them to identify and surveil individuals who access WikiLeaks.

As the Intercept wrote, “GCHQ used its surveillance system to secretly monitor visitors to a WikiLeaks site. By exploiting its ability to tap into the fiber-optic cables that make up the backbone of the Internet, the agency confided to allies in 2012, it was able to collect the IP addresses of visitors in real time, as well as the search terms that visitors used to reach the site from search engines like Google.”

“Illustrating how far afield the NSA deviates from its self-proclaimed focus on terrorism and national security,” the Intercept wrote, “the documents reveal that the agency considered using its sweeping surveillance system against Pirate Bay, which has been accused of facilitating copyright violations. The agency also approved surveillance of the foreign ‘branches’ of hacktivist groups, mentioning Anonymous by name.”

It must be assumed that by tapping into Internet cables operated by powerful telecommunications companies, the US government and its allies are able to monitor virtually all Internet activity.

Claims that surveillance does not target Americans have also been further discredited by the leak. One entry from the leaked NSA documents states that it is “Okay to go after foreign servers which US people use also” saying that surveillance operators should “try to minimize” the number of American users swept up in their electronic dragnet. When data from a US user is improperly captured, the documents state, this is “nothing to worry about.”

The US government has carried out a coordinated campaign against WikiLeaks in particular, beginning with the release of the Afghanistan War Logs in July of 2010.

An NSA file titled “Manhunting Timeline” from 2010 described the maneuvers of the US as it sought to coordinate an “international effort to focus the legal element of national power upon non-state actor Assange, and the human network that supports WikiLeaks.” In August 2010, the US government pressed 10 other countries to level criminal charges against Assange, describing him as “founder of the rogue WikiLeaks internet website and responsible for the unauthorized publication of over 70,000 classified documents covering the war in Afghanistan.”

For publishing documents that exposed the war crimes of the US ruling class, Assange is now listed in this gruesomely named file, which is filled with high priority enemies of the state. The “Manhunting Timeline,” according to the Intercept, “details, on a country-by-country basis, efforts by the US government and its allies to locate, prosecute, capture or kill alleged terrorists, drug traffickers, Palestinian leaders and others.”

Baltasar Garzón, a Spanish jurist who represents WikiLeaks, said, “These documents demonstrate that the political persecution of WikiLeaks is very much alive. The paradox is that Julian Assange and the WikiLeaks organization are being treated as a threat instead of what they are: a journalist and a media organization that are exercising their fundamental right to receive and impart information in its original form, free from omission and censorship, free from partisan interests, free from economic or political pressure.”

The leaks show that the NSA has proposed listing of Assange as a “malicious foreign agent,” a move which the Intercept said “would have allowed the group to be targeted with extensive electronic surveillance—without the need to exclude US persons from surveillance searches.”

Assange is currently trapped in the Ecuadorian embassy in London. He faces the danger of being extradited to Sweden on trumped-up sex charges. An NBC report earlier this month documented the use of sex scandals and other dirty tricks to undermine targets.

ANTICRISIS GIRL is one component of Britain’s surveillance efforts. The Global Telecoms Exploitation (GTE), which plays a role in ANTICRISIS, is also involved in the expansive data mining program TEMPORA. TEMPORA collects data from the backbone of the internet, enabling the surveillance agencies to access vast amounts of private information.

As the Intercept wrote about GTE and its role within GCHQ, “Operating in the United Kingdom and from secret British eavesdropping bases in Cyprus and other countries, GCHQ conducts what it refers to as ‘passive’ surveillance—indiscriminately intercepting massive amounts of data from Internet cables, phone networks and satellites. The GTE unit focuses on developing ‘pioneering collection capabilities’ to exploit the stream of data gathered from the Internet.”

In response to the leaks, WikiLeaks founder Julian Assange posted a statement online, saying that the intelligence agencies were operating above the law.

“News that the NSA planned these operations at the level of its Office of the General Counsel is especially troubling,” Assange said. “The NSA and its UK accomplices show no respect for the rule of law.”

Gus Hosein, head of the human rights organization Privacy International, similarly cited the documents as evidence of the collapse of the rule of law. “We may be tempted to see GCHQ as a rogue agency, ungoverned in its use of unprecedented powers generated by new technologies. But GCHQ’s actions are authorized by [government] ministers. The fact that ministers are ordering the monitoring of political interests of Internet users shows a systemic failure in the rule of law.”

http://www.wsws.org/en/articles/2014/02/19/wiki-f19.html

Today We Fight Back Against Mass Surveillance

By By Adi Kamdar

February 11, 2014 “Information Clearing House – “EFF” –  Since June, ongoing revelations about the NSA’s activities have shown us the expanding scope of government surveillance. Today is the day people around the world are demanding an end to mass spying.

A broad coalition of organizations, companies, and individuals are loudly voicing their stance against unwarranted mass spying—over 6,000 websites have joined together today to demand reform. EFF stands by millions of users—represented by groups like Demand Progress, ACLU, PEN, and Access as well as companies like Google, Twitter, Mozilla, and reddit—to reform governmental collection of innocent users’ information.

Over the past few years, we’ve seen the Internet as a political force make waves in Washington. From our defeat of the Internet censorship bill SOPA to our battles over CISPA, TPP, and patent reform, history has shown that we can activate our networks to beat back legislation that threatens our ability to connect, as well as champion bills that will further our rights online.

We can win this. We can stop mass spying. With public opinion polls on our side, unprecedented pressure from presidential panels and oversight boards, and millions of people speaking out around the world, we’ve got a chance now to change surveillance policy for good.

Last year, we were presented with a new opportunity—an opportunity in the form of leaks that showed us the truth about deeply invasive surveillance programs around the world. This is the year we make good on that opportunity. Let’s ensure that sacrifices made by whistleblowers and risks taken by brave journalists were not done in vain.

Join us in fighting back. We’ve laid out below how you can speak out against mass spying.

In the US? Call Congress today.

Dial 202-552-0505 or click here to enter your phone number and have our call tool connect you

Privacy Info: This telephone calling service is operated by Twilio and will connect you to your representatives. Information about your call, including your phone number and the time and length of your call, will be collected by Twilio and subject to Twilio’s privacy policy.

Calling Congress takes just five minutes and is the most effective action you can take right now to let your elected officials know that mass surveillance must end.

Here’s what you should say:

I’d like Senator/Representative __ to support and co-sponsor H.R. 3361/S. 1599, the USA Freedom Act. I would also like you to oppose S. 1631, the so-called FISA Improvements Act. Moreover, I’d like you to work to prevent the NSA from undermining encryption standards and to protect the privacy rights of non-Americans.

Outside the US? Take action now.

Mass spying affects all of us worldwide. Demand an end to mass surveillance by signing the 13 Principles petition.

More ways to get involved

After you have called Congress or signed the 13 Principles, share this action widely.

Join me in demanding an end to illegal mass surveillance. Take action now:

https://thedaywefightback.org/?r=eff%20#StoptheNSA

On your social network of choice, be sure to use the hashtag #StoptheNSA.

There are also a handful of in-person events occurring around the world—protests, discussions, cryptoparties, and more. Don’t see one in your area? It’s not too late to throw one together today.

Today we fight back

This fight is more important than ever. Our world has radically changed since last June, when newspapers started reporting on mass spying based on documents revealed by Edward Snowden. Today, it is widely known that the international spy agencies collect users’ phone callsemailsaddress booksbuddy listscalling recordsonline video game chatsfinancial documentsbrowsing historytext messages, and calendar data. We also know that the security agencies have hacked deep into the backbone of the Internet and disrupted international encryption standards. These activities compromise the confidence and safety of countless people, organizations, and companies.

The President’s NSA review group has demanded expansive reforms to NSA surveillance programs. The Congressionally mandated Privacy and Civil Liberties Oversight Board has condemned NSA surveillance programs as illegal. And recent polls have shown that a majority of Americans oppose governmental mass collection of phone and Internet data.

It’s time to turn this momentum into action. Call Congress today, or if you’re abroad, make your voice heard.

http://www.informationclearinghouse.info/article37615.htm

NSA “Exploiting” U.S. Citizens Online Porn Viewing Habits: James Bamford

Video

“Everyone’s a Target: How America Lost Control of the National Security Agency”

Posted February 10, 2014

 Clip

http://www.informationclearinghouse.info/article37602.htm

‘We Track ’Em, You Whack ’Em.’ The NSA’s Secret Role in the U.S. Assassination Program

By Jeremy Scahill and Glenn Greenwald

February 10, 2014 “Information Clearing House – “The Intercept” – The National Security Agency is using complex analysis of electronic surveillance, rather than human intelligence, as the primary method to locate targets for lethal drone strikes – an unreliable tactic that results in the deaths of innocent or unidentified people.

According to a former drone operator for the military’s Joint Special Operations Command (JSOC) who also worked with the NSA, the agency often identifies targets based on controversial metadata analysis and cell-phone tracking technologies. Rather than confirming a target’s identity with operatives or informants on the ground, the CIA or the U.S. military then orders a strike based on the activity and location of the mobile phone a person is believed to be using.

The drone operator, who agreed to discuss the top-secret programs on the condition of anonymity, was a member of JSOC’s High Value Targeting task force, which is charged with identifying, capturing or killing terrorist suspects in Yemen, Somalia, Afghanistan and elsewhere.

His account is bolstered by top-secret NSA documents previously provided by whistleblower Edward Snowden. It is also supported by a former drone sensor operator with the U.S. Air Force, Brandon Bryant, who has become an outspoken critic of the lethal operations in which he was directly involved in Iraq, Afghanistan and Yemen.

In one tactic, the NSA “geolocates” the SIM card or handset of a suspected terrorist’s mobile phone, enabling the CIA and U.S. military to conduct night raids and drone strikes to kill or capture the individual in possession of the device.

The former JSOC drone operator is adamant that the technology has been responsible for taking out terrorists and networks of people facilitating improvised explosive device attacks against U.S. forces in Afghanistan. But he also states that innocent people have “absolutely” been killed as a result of the NSA’s increasing reliance on the surveillance tactic.

One problem, he explains, is that targets are increasingly aware of the NSA’s reliance on geolocating, and have moved to thwart the tactic. Some have as many as 16 different SIM cards associated with their identity within the High Value Target system. Others, unaware that their mobile phone is being targeted, lend their phone, with the SIM card in it, to friends, children, spouses and family members.

Some top Taliban leaders, knowing of the NSA’s targeting method, have purposely and randomly distributed SIM cards among their units in order to elude their trackers. “They would do things like go to meetings, take all their SIM cards out, put them in a bag, mix them up, and everybody gets a different SIM card when they leave,” the former drone operator says. “That’s how they confuse us.”

As a result, even when the agency correctly identifies and targets a SIM card belonging to a terror suspect, the phone may actually be carried by someone else, who is then killed in a strike. According to the former drone operator, the geolocation cells at the NSA that run the tracking program – known as Geo Cell –sometimes facilitate strikes without knowing whether the individual in possession of a tracked cell phone or SIM card is in fact the intended target of the strike.

“Once the bomb lands or a night raid happens, you know that phone is there,” he says. “But we don’t know who’s behind it, who’s holding it. It’s of course assumed that the phone belongs to a human being who is nefarious and considered an ‘unlawful enemy combatant.’ This is where it gets very shady.”

The former drone operator also says that he personally participated in drone strikes where the identity of the target was known, but other unknown people nearby were also killed.

“They might have been terrorists,” he says. “Or they could have been family members who have nothing to do with the target’s activities.”

What’s more, he adds, the NSA often locates drone targets by analyzing the activity of a SIM card, rather than the actual content of the calls. Based on his experience, he has come to believe that the drone program amounts to little more than death by unreliable metadata.

“People get hung up that there’s a targeted list of people,” he says. “It’s really like we’re targeting a cell phone. We’re not going after people – we’re going after their phones, in the hopes that the person on the other end of that missile is the bad guy.”

The Obama administration has repeatedly insisted that its operations kill terrorists with the utmost precision.

In his speech at the National Defense University last May, President Obama declared that “before any strike is taken, there must be near-certainty that no civilians will be killed or injured – the highest standard we can set.” He added that, “by narrowly targeting our action against those who want to kill us and not the people they hide among, we are choosing the course of action least likely to result in the loss of innocent life.”

But the increased reliance on phone tracking and other fallible surveillance tactics suggests that the opposite is true. The Bureau of Investigative Journalism, which uses a conservative methodology to track drone strikes, estimates that at least 273 civilians in Pakistan, Yemen and Somalia have been killed by unmanned aerial assaults under the Obama administration. A recent study conducted by a U.S. military adviser found that, during a single year in Afghanistan – where the majority of drone strikes have taken place – unmanned vehicles were 10 times more likely than conventional aircraft to cause civilian casualties.

The NSA declined to respond to questions for this article. Caitlin Hayden, a spokesperson for the National Security Council, also refused to discuss “the type of operational detail that, in our view, should not be published.”

In describing the administration’s policy on targeted killings, Hayden would not say whether strikes are ever ordered without the use of human intelligence. She emphasized that “our assessments are not based on a single piece of information. We gather and scrutinize information from a variety of sources and methods before we draw conclusions.”

Hayden felt free, however, to note the role that human intelligence plays after a deadly strike occurs. “After any use of targeted lethal force, when there are indications that civilian deaths may have occurred, intelligence analysts draw on a large body of information – including human intelligence, signals intelligence, media reports, and surveillance footage – to help us make informed determinations about whether civilians were in fact killed or injured.”

The government does not appear to apply the same standard of care in selecting whom to target for assassination. The former JSOC drone operator estimates that the overwhelming majority of high-value target operations he worked on in Afghanistan relied on signals intelligence, known as SIGINT, based on the NSA’s phone-tracking technology.

“Everything they turned into a kinetic strike or a night raid was almost 90 percent that,” he says. “You could tell, because you’d go back to the mission reports and it will say ‘this mission was triggered by SIGINT,’ which means it was triggered by a geolocation cell.”

In July, the Washington Post relied exclusively on former senior U.S. intelligence officials and anonymous sources to herald the NSA’s claims about its effectiveness at geolocating terror suspects.

Within the NSA, the paper reported, “A motto quickly caught on at Geo Cell: ‘We Track ’Em, You Whack ’Em.’”

But the Post article included virtually no skepticism about the NSA’s claims, and no discussion at all about how the unreliability of the agency’s targeting methods results in the killing of innocents.

In fact, as the former JSOC drone operator recounts, tracking people by metadata and then killing them by SIM card is inherently flawed. The NSA “will develop a pattern,” he says, “where they understand that this is what this person’s voice sounds like, this is who his friends are, this is who his commander is, this is who his subordinates are. And they put them into a matrix. But it’s not always correct. There’s a lot of human error in that.”

The JSOC operator’s account is supported by another insider who was directly involved in the drone program. Brandon Bryant spent six years as a “stick monkey” – a drone sensor operator who controls the “eyes” of the U.S. military’s unmanned aerial vehicles. By the time he left the Air Force in 2011, Bryant’s squadron, which included a small crew of veteran drone operators, had been credited with killing 1,626 “enemies” in action.

Bryant says he has come forward because he is tormented by the loss of civilian life he believes that he and his squadron may have caused. Today he is committed to informing the public about lethal flaws in the U.S. drone program.

Bryant describes the program as highly compartmentalized: Drone operators taking shots at targets on the ground have little idea where the intelligence is coming from.

“I don’t know who we worked with,” Bryant says. “We were never privy to that sort of information. If the NSA did work with us, like, I have no clue.”

During the course of his career, Bryant says, many targets of U.S. drone strikes evolved their tactics, particularly in the handling of cell phones. “They’ve gotten really smart now and they don’t make the same mistakes as they used to,” he says. “They’d get rid of the SIM card and they’d get a new phone, or they’d put the SIM card in the new phone.”

As the former JSOC drone operator describes – and as classified documents obtained from Snowden confirm – the NSA doesn’t just locate the cell phones of terror suspects by intercepting communications from cell phone towers and Internet service providers. The agency also equips drones and other aircraft with devices known as “virtual base-tower transceivers” – creating, in effect, a fake cell phone tower that can force a targeted person’s device to lock onto the NSA’s receiver without their knowledge.

That, in turn, allows the military to track the cell phone to within 30 feet of its actual location, feeding the real-time data to teams of drone operators who conduct missile strikes or facilitate night raids.

The NSA geolocation system used by JSOC is known by the code name GILGAMESH. Under the program, a specially constructed device is attached to the drone. As the drone circles, the device locates the SIM card or handset that the military believes is used by the target.

DT 1

Relying on this method, says the former JSOC drone operator, means that the “wrong people” could be killed due to metadata errors, particularly in Yemen, Pakistan and Somalia. “We don’t have people on the ground – we don’t have the same forces, informants, or information coming in from those areas – as we do where we have a strong foothold, like we do in Afghanistan. I would say that it’s even more likely that mistakes are made in places such as Yemen or Somalia, and especially Pakistan.”

As of May 2013, according to the former drone operator, President Obama had cleared 16 people in Yemen and five in Somalia for targeting in strikes. Before a strike is green-lit, he says, there must be at least two sources of intelligence. The problem is that both of those sources often involve NSA-supplied data, rather than human intelligence (HUMINT).

As the former drone operator explains, the process of tracking and ultimately killing a targeted person is known within the military as F3: Find, Fix, Finish. “Since there’s almost zero HUMINT operations in Yemen – at least involving JSOC – every one of their strikes relies on signals and imagery for confirmation: signals being the cell phone lock, which is the ‘find’ and imagery being the ‘unblinking eye’ which is the ‘fix.’” The “finish” is the strike itself.

“JSOC acknowledges that it would be completely helpless without the NSA conducting mass surveillance on an industrial level,” the former drone operator says. “That is what creates those baseball cards you hear about,” featuring potential targets for drone strikes or raids.

President Obama signs authorizations for “hits” that remain valid for 60 days. If a target cannot be located within that period, it must be reviewed and renewed. According to the former drone operator, it can take 18 months or longer to move from intelligence gathering to getting approval to actually carrying out a strike in Yemen. “What that tells me,” he says, “is that commanders, once given the authorization needed to strike, are more likely to strike when they see an opportunity – even if there’s a high chance of civilians being killed, too – because in their mind they might never get the chance to strike that target again.”

While drones are not the only method used to kill targets, they have become so prolific that they are now a standard part of U.S. military culture. Remotely piloted Reaper and Predator vehicles are often given nicknames. Among those used in Afghanistan, says the former JSOC drone operator, were “Lightning” and “Sky Raider.”

The latter drone, he adds, was also referred to as “Sky Raper,” for a simple reason – “because it killed a lot of people.” When operators were assigned to “Sky Raper,” he adds, it meant that “somebody was going to die. It was always set to the most high-priority missions.”

In addition to the GILGAMESH system used by JSOC, the CIA uses a similar NSA platform known as SHENANIGANS. The operation – previously undisclosed – utilizes a pod on aircraft that vacuums up massive amounts of data from any wireless routers, computers, smart phones or other electronic devices that are within range.

One top-secret NSA document provided by Snowden is written by a SHENANIGANS operator who documents his March 2012 deployment to Oman, where the CIA has established a drone base. The operator describes how, from almost four miles in the air, he searched for communications devices believed to be used by Al Qaeda in the Arabian Peninsula in neighboring Yemen.The mission was code named VICTORYDANCE.

“The VICTORYDANCE mission was a great experience,” the operator writes. “It was truly a joint interagency effort between CIA and NSA. Flights and targets were coordinated with both CIAers and NSAers. The mission lasted 6 months, during which 43 flights were flown.”

VICTORYDANCE, he adds, “mapped the Wi-Fi fingerprint of nearly every major town in Yemen.”

DT 5

DT 6

The NSA has played an increasingly central role in drone killings over the past five years. In one top-secret NSA document from 2010, the head of the agency’s Strategic Planning and Policy Division of the Counterterrorism Mission Management Center recounts the history of the NSA’s involvement in Yemen. Shortly before President Obama took office, the document reveals, the agency began to “shift analytic resources to focus on Yemen.”

In 2008, the NSA had only three analysts dedicated to Al Qaeda in the Arabian Peninsula in Yemen. By the fall of 2009, it had 45 analysts, and the agency was producing “high quality” signal intelligence for the CIA and JSOC.

In December 2009, utilizing the NSA’s metadata collection programs, the Obama administration dramatically escalated U.S. drone and cruise missile strikes in Yemen.

The first strike in the country known to be authorized by Obama targeted an alleged Al Qaeda camp in the southern village of al-Majala.

The strike, which included the use of cluster bombs, resulted in the deaths of 14 women and 21 children. It is not clear whether the strike was based on metadata collection; the White House has never publicly explained the strike or the source of the faulty intelligence that led to the civilian fatalities.

Another top-secret NSA document confirms that the agency “played a key supporting role” in the drone strike in September 2011 that killed U.S. citizen Anwar al-Awlaki, as well as another American, Samir Khan. According to the 2013 Congressional Budget Justification, “The CIA tracked [Awlaki] for three weeks before a joint operation with the U.S. military killed” the two Americans in Yemen, along with two other people.

When Brandon Bryant left his Air Force squadron in April 2011, the unit was aiding JSOC in its hunt for the American-born cleric. The CIA took the lead in the hunt for Awlaki after JSOC tried and failed to kill him in the spring of 2011.

DT 4

According to Bryant, the NSA’s expanded role in Yemen has only added to what he sees as the risk of fatal errors already evident in CIA operations. “They’re very non-discriminate with how they do things, as far as you can see their actions over in Pakistan and the devastation that they’ve had there,” Bryant says about the CIA. “It feels like they tried to bring those same tactics they used over in Pakistan down to Yemen. It’s a repeat of tactical thinking, instead of intelligent thinking.”

Those within the system understand that the government’s targeting tactics are fundamentally flawed. According to the former JSOC drone operator, instructors who oversee GILGAMESH training emphasize: “‘This isn’t a science. This is an art.’ It’s kind of a way of saying that it’s not perfect.”

Yet the tracking “pods” mounted on the bottom of drones have facilitated thousands of “capture or kill” operations in Afghanistan, Iraq, Yemen, Somalia and Pakistan since September 11. One top-secret NSA document provided by Snowden notes that by 2009, “for the first time in the history of the U.S. Air Force, more pilots were trained to fly drones … than conventional fighter aircraft,” leading to a “‘tipping point’ in U.S. military combat behavior in resorting to air strikes in areas of undeclared wars,” such as Yemen and Pakistan.

The document continues: “Did you ever think you would see the day when the U.S. would be conducting combat operations in a country equipped with nuclear weapons without a boot on the ground or a pilot in the air?”

Even NSA operatives seem to recognize how profoundly the agency’s tracking technology deviates from standard operating methods of war.

One NSA document from 2005 poses this question: “What resembles ‘LITTLE BOY’ (one of the atomic bombs dropped on Japan during World War II) and as LITTLE BOY did, represents the dawn of a new era (at least in SIGINT and precision geolocation)?”

Its reply: “If you answered a pod mounted on an Unmanned Aerial Vehicle (UAV) that is currently flying in support of the Global War on Terrorism, you would be correct.”

DT 3

Another document boasts that geolocation technology has “cued and compressed numerous ‘kill chains’ (i.e. all of the steps taken to find, track, target, and engage the enemy), resulting in untold numbers of enemy killed and captured in Afghanistan as well as the saving of U.S. and Coalition lives.”

The former JSOC drone operator, however, remains highly disturbed by the unreliability of such methods. Like other whistleblowers, including Edward Snowden and Chelsea Manning, he says that his efforts to alert his superiors to the problems were brushed off. “The system continues to work because, like most things in the military, the people who use it trust it unconditionally,” he says.

When he would raise objections about intelligence that was “rushed” or “inaccurate” or “outright wrong,” he adds, “the most common response I would get was ‘JSOC wouldn’t spend millions and millions of dollars, and man hours, to go after someone if they weren’t certain that they were the right person.’ There is a saying at the NSA: ‘SIGINT never lies.’ It may be true that SIGINT never lies, but it’s subject to human error.”

The government’s assassination program is actually constructed, he adds, to avoid self-correction. “They make rushed decisions and are often wrong in their assessments. They jump to conclusions and there is no going back to correct mistakes.” Because there is an ever-increasing demand for more targets to be added to the kill list, he says, the mentality is “just keep feeding the beast.”

For Bryant, the killing of Awlaki – followed two weeks later by the killing of his 16-year-old son, Abdulrahman al Awlaki, also an American citizen – motivated him to speak out. Last October, Bryant appeared before a panel of experts at the United Nations – including the UN’s special rapporteur on human rights and counterterrorism, Ben Emmerson, who is currently conducting an investigation into civilians killed by drone strikes.

Dressed in hiking boots and brown cargo pants, Bryant called for “independent investigations” into the Obama administration’s drone program. “At the end of our pledge of allegiance, we say ‘with liberty and justice for all,’” he told the panel. “I believe that should be applied to not only American citizens, but everyone that we interact with as well, to put them on an equal level and to treat them with respect.”

Unlike those who oversee the drone program, Bryant also took personal responsibility for his actions in the killing of Awlaki. “I was a drone operator for six years, active duty for six years in the U.S. Air Force, and I was party to the violations of constitutional rights of an American citizen who should have been tried under a jury,” he said. “And because I violated that constitutional right, I became an enemy of the American people.”

Bryant later told The Intercept, “I had to get out because we were told that the president wanted Awlaki dead. And I wanted him dead. I was told that he was a traitor to our country…. I didn’t really understand that our Constitution covers people, American citizens, who have betrayed our country. They still deserve a trial.”

The killing of Awlaki and his son still haunt Bryant. The younger Awlaki, Abdulrahman, had run away from home to try to find his dad, whom he had not seen in three years. But his father was killed before Abdulrahman could locate him. Abdulrahman was then killed in a separate strike two weeks later as he ate dinner with his teenage cousin and some friends. The White House has never explained the strike.

“I don’t think there’s any day that goes by when I don’t think about those two, to be honest,” Bryant says. “The kid doesn’t seem like someone who would be a suicide bomber or want to die or something like that. He honestly seems like a kid who missed his dad and went there to go see his dad.”

Last May, President Obama acknowledged that “the necessary secrecy” involved in lethal strikes “can end up shielding our government from the public scrutiny that a troop deployment invites. It can also lead a president and his team to view drone strikes as a cure-all for terrorism.”

But that, says the former JSOC operator, is precisely what has happened. Given how much the government now relies on drone strikes – and given how many of those strikes are now dependent on metadata rather than human intelligence – the operator warns that political officials may view the geolocation program as more dependable than it really is.

“I don’t know whether or not President Obama would be comfortable approving the drone strikes if he knew the potential for mistakes that are there,” he says. “All he knows is what he’s told.”

Whether or not Obama is fully aware of the errors built into the program of targeted assassination, he and his top advisors have repeatedly made clear that the president himself directly oversees the drone operation and takes full responsibility for it. Obama once reportedly told his aides that it “turns out I’m really good at killing people.”

The president added, “Didn’t know that was gonna be a strong suit of mine.”

Jeremy Scahill is an investigative reporter, war correspondent and author of the international bestselling books Dirty Wars: The World Is a Battlefield and Blackwater: The Rise of the World’s Most Powerful Mercenary Army. He has reported from Afghanistan, Iraq, Somalia, Yemen, Nigeria, the former Yugoslavia and elsewhere across the globe. Scahill has served as the National Security Correspondent for The Nation Magazine and Democracy Now!.

Glenn Greenwald is a journalist, constitutional lawyer, commentator, and author of three New York Times best-selling books on politics and law. His fifth book, No Place to Hide, about the U.S. surveillance state and his experiences reporting on the Snowden documents around the world, will be released in April 2014. Prior to his collaboration with Pierre Omidyar, Glenn’s column was featured at Guardian US and Salon.

Ryan Devereaux contributed to this article.

© 2014 First Look Productions, Inc. All rights reserved

Note: – The image embedded in this article did not appear in the original item.

http://www.informationclearinghouse.info/article37603.htm

Tech company “transparency reports” reveal massive NSA spying

By Thomas Gaist 

5 February 2014

Major US telecommunications companies released figures this week showing that the National Security Agency has requested data relating to tens of thousands of customer accounts in just the first half of last year. The release of the “transparency reports” was part of an agreement reached with the Obama administration allowing limited disclosures of information about the massive police-state spying apparatus.

The accounts spied on were targeted as part of the NSA’s PRISM surveillance program, which has been in operation since 2007. Using PRISM, the spy agency obtains orders from the Foreign Intelligence Surveillance Court to require telecommunications companies to turn over information. PRISM came to the attention of the public as a result of documents provided by NSA whistle-blower Edward Snowden.

Slides released by Snowden show that PRISM collects email, chat (voice and video), video, photos, stored data, file transfers, video conference data, notifications of target activity and online social networking details from a range of providers including Microsoft, Google, Yahoo, Facebook, PalTalk, YouTube, Skype, AOL, and Apple.

Yahoo said it turned over information on between 30,000 and 30,999 accounts between January and June 2013. Facebook reported 5,000-5,999 requests. Microsoft reported 15,000 to 15,999, and Google reported 9,000-9,999. The figures released by the company show a steady increase over the past several years.

These figures cover only a small aspect of the convoluted network of spy programs. The information released is subject to a six-month delay imposed by the government on all disclosures of data requests.

Despite claims to be increasing transparency, there is in fact very little information included in the reports aside from aggregate figures. The fact that the information reveals spying on the order of tens of thousands—as opposed to the hundreds of millions of records obtained through other programs—is also aimed at downplaying the extent of the unconstitutional intrusion into the privacy of citizens and non-citizens alike.

Emma Woollacott, writing for Forbes, noted that “the transparency reports do little to improve knowledge of just how much data is being accessed by the NSA. They’ve been described as a tech company PR stunt—but, in fact, they are far more of a PR coup for the government. Permission to release these figures means the government looks more open, a set of comparatively small numbers captures the headlines and attention is diverted away from other types of snooping.”

For their part, the tech companies view surveillance as a public relations problem. They have never sought an end to the surveillance, and in fact cooperate closely with the state to facilitate bulk data collection. They are sowing the illusion that measures are being implemented to protect privacy and transparency, while continuing to facilitate spying operations against the population.

Leaks from Snowden last summer exposed the intimate relations between Microsoft and the NSA and the Federal Bureau of Investigation. Microsoft has actively facilitated the penetration of its own encryption mechanisms, allowing the spy agencies to monitor communications from Outlook, Hotmail, Messenger, and SkyDrive users.

In addition to sending specific data requests to the telecoms, the NSA taps into the fiber optic cables that carry the majority of the of the world’s communications data. Through a combination of these and other methods, the NSA snoops at will upon the vast majority of data produced worldwide.

The Obama administration has proposed minor measures to provide a fig-leaf of reform while in fact further institutionalizing the programs. One proposal would transfer bulk phone record databases from direct control by the NSA to the telecommunication companies themselves, which would give the NSA access when requested.

Professor Geoffrey Stone, who participated in the Obama administration’s hand-picked spying review board, told Politico, “We were pleased with that [the possible transfer of bulk data to a third party].”

According to Politico, “Stone said that, after receiving the surveillance group’s report, Obama spent a month meeting ‘with many of the same people we had met with at great length, members of the intelligence community, members of the intelligence committees from Congress largely on one side of the picture.’”

“And instead of our report being truly understood as a middle ground, based upon taking into account all those perspectives on both sides of the spectrum, I think the White House got moved by thinking of our report as a liberal report,” Stone said, referring to initial criticisms of the panel’s conclusion.

In other words, Obama spent a month consulting with the officials running the surveillance state, and consultations reassured the president that the token reforms proposed in the report would not substantially disrupt the mass spying operations.

http://www.wsws.org/en/articles/2014/02/05/nsad-f05.html

%d bloggers like this: