NSA Takes Over Internet Security from DHS
by emptywheel
That's not exactly what this article says--but it's close. The NSA--our nation's most effective spy agency--is going to adopt major new duties in policing our public internets.
In a major shift, the National Security Agency is drawing up plans for a new domestic assignment: helping protect government and private communications networks from cyberattacks and infiltration by terrorists and hackers, according to current and former intelligence officials.
[snip]
The plan calls for the NSA to work with the Department of Homeland Security and other federal agencies to monitor such networks to prevent unauthorized intrusion, according to those with knowledge of what is known internally as the "Cyber Initiative." [my emphasis]
Note the sources and level of classification and the implications of this move.
Details of the project are highly classified.
[snip]
Current and former intelligence officials, including several NSA veterans, warned that the agency's venture into domestic computer and communications networks -- even if limited to protecting them -- could raise new privacy concerns.
[snip]
"If you're going to do cybersecurity, you have to spy on Americans to secure Americans," said a former government official familiar with NSA operations. "It would be a very major step."
[snip]
A former senior NSA official said the difference between monitoring networks in order to defend them and monitoring them to collect intelligence is very small.
The former officials spoke on condition of anonymity to protect relationships with intelligence agencies. [my emphasis]
I'm guessing George Bush is going to be at least as pissed about this story getting out as he was pissed about the hospital confrontation story getting out. They're planning to spy on Americans, this is a big new deal, and they're not actually telling us about it.
The article provides some details about the scope of the program. The article mentions networks running our power grid, nuclear plants, and smart cards that run building and computer security. Now to be fair, security of these networks is a real issue. As the article points out, a serious hack attack could bring down the electrical grid. As someone who remembers what it's like for a whole region to lose power for just 3 days, it would be really devastating if it were more sustained or widely dispersed. And as the article also points out, the Chinese can already hack at will, which means we're pretty vulnerable for a country pretending to be an uncontested superpower.
I suspect one of the reasons for involving the NSA is to put the efforts to guard against hacking under the same power of obligation as we do spying. Bush has already been through about 5 or 6 cybersecurity czars: Richard Clarke from 2001 to 2003, Howard Schmidt for just three months after that, Rand Beers for a month, Amit Yoran from later in 2003 to 2004, I'm missing one from 2004 to 2005, it went vacant for a year, then Greg Garcia for the last year. One after another one quits because Bush won't force private companies to cooperate, which makes cybersecurity difficult if not pointless. Yoran is quoted in this article as describing that as the problem with US cybersecurity.
Among the main challenges, he said, is that the Homeland Security Department has been given responsibility for the problem but lacks the authority and expertise to compel other agencies and the private sector to follow its lead.
The NSA has the expertise and the authority--particularly with the amended FISA--to compel communications companies to work with it. And don't forget that there's that broad-ranging definition in the amended FISA of targets "relating" to foreign intelligence--as cybersecurity could be understood to include.
Gorman gives one more hint about the direction of this program.
The new cybersecurity effort aims to build, in part, on an existing NSA program, code-named Turbulence, which has had a troubled start, the senior intelligence official said.
Turbulence is a program that has already caused headaches, both because of the creative funding used for it (hiding it from Congressional oversight) and its disorganization.
Dubbed 'Turbulence,' the NSA's ambitious effort is part bloodhound and part attack dog. It attempts to continuously troll cyberspace to sniff out threats from terrorists and others, then rapidly tip off analysts who can mobilize defenses. With the potential to be a powerful anti-terror weapon, it has become NSA Director Lt. Gen. Keith B. Alexander's top priority.
With annual costs approaching $500 million, Turbulence is so secret that its existence has never been revealed publicly. Inside the agency, Turbulence's most sensitive activities are sequestered behind passwords known to few.
Turbulence also appears to be aptly named. Delays, technical problems and what critics call a vague game plan have sparked rising skepticism inside the agency and in Congress. Even Alexander has been growing increasingly impatient, former NSA officials said.
Early tests of the Turbulence technology 'are not going very well,' said a former top NSA official who maintains contact with agency colleagues. 'They have had trouble with the delivery.'
Meanwhile, lawmakers have been angered by the NSA's method of funding Turbulence, which more than a year into its existence does not appear anywhere in the agency's budget, according to current and former officials. The NSA, they said, has funneled money from older, largely defunct programs into new ones that are part of Turbulence while breaking up the initiative into smaller programs - limiting Congress' oversight.
With Democrats in control of Congress, Turbulence is expected to come under greater scrutiny.
[snip]
Turbulence includes nine core programs, with intriguing names such as Turmoil, Tutelage and Traffic Thief. Among their goals: mapping social networks based on intercepted communications, embedding technology on networks to collect data, and searching for patterns across hundreds of NSA databases.
Put two and two together, and it appears that this is an effort to use the NSA's ability to compel cooperation to apply it to the search for domestic hacking, using social networks and databases. I can see why that would raise privacy concerns.
As I read it, the practical implications of this are unreviewable and uncontestable executive branch power to collect any information from any online private computer, without warrant, follow whoever logs in to any computer or Internet site, gather data on any subsidiary links or social networks, all at will. Coupled with the evisceration of habeas corpus, we now have a state the Stasi could only dream of, whereby any citizen can be disappeared at will by the executive branch based on whatever standard the executive branch chooses to apply.
Posted by: Pachacutec | September 22, 2007 at 14:51
And it seems like a backchannel way of getting the NSA the ability to spy domestically. First it was going to be child predators, now it's hacking.
Posted by: emptywheel | September 22, 2007 at 14:58
Oh, and one more thing. SAIC had the contract to the predecessor to Turbulence. They don't say who's got the contract for this. So you've got off-books budgeting, presumably contracted, and who knows what kind of oversight.
Posted by: emptywheel | September 22, 2007 at 14:59
EW - maybe this is related to the sudden net neutrality flip flop and effort to quash?
Pach - I have been saying for a long time that the ultimate aim of "Teh Program" was to collect up everything, on everyone, everywhere, on every device, all the time. I never thought they really abolished the Total Information Awareness effort; clearly they didn't and have, in fact, been hiding it and pumping it full of steroids. Maybe this will be enough to wake up some of the fold like a tortilla Democrats on the spy power issues at stake right now. If history is any guide, I doubt it. It is truly time to force and demand any Presidential candidate to take firm and clear stands on these Constitutional privacy issues.
Posted by: bmaz | September 22, 2007 at 15:02
Did I miss something or is this the reason for the need to immunize the telcos?
Posted by: JohnJ | September 22, 2007 at 15:05
bmaz
I should say I'm always better served being skeptical of Isikoff's reporting. From what I've heard there are some inaccuracies in it about the floppiness of Dems.
Nevertheless, I think it's only partly related. This effort may not need as much assistance from the telecoms as the warrantless wiretap program. Though it'd be interesting to see if these are intersecting projects. When your project is being run out of NSA, and you're deliberately hiding budget and therefore oversight, anything's possible.
Posted by: emptywheel | September 22, 2007 at 15:18
"interesting to see if these are intersecting projects". Precisely. For starters, the telcoms are likely the biggest winners (biggest may not be a big enough word here) if net neutrality is struck down. Now the Administration is suddenly going to bat against net neutrality. Perhaps that is one of the elements of the bargain the Telcos have made with the Administration in order to assist in "Teh Program".
Posted by: bmaz | September 22, 2007 at 15:30
I assume BushCo is not exempted from the government's prying eyes and ears once it is out of office?
We know BushCo likes to spy on US citizens, but for an administration allergic to oversight when it is doing the Public's business, this current push for total information awareness about private (that includes 'Republican', you Republicans!) business is odd--assuming they are planning to return to the private sector after losing the controls of power in the next presidential election.
What gives? What is the end game for this anti-constitutional government? The planned destruction of America? (as opposed to merely effecting its demise by stupidity?), an attempt at the unification of the Americas into a supercontinent? (North, Central and South). Run by multinational corporations? Why? Beats me.
Posted by: pdaly | September 22, 2007 at 15:49
You are all a bunch of paranoids.
They just want to help us to collect our $25 million when we forward money to widows of Nigerian Government Officials.
Posted by: drational | September 22, 2007 at 16:10
I hate to pee in the soup, but the NSA has had at least a passing involvement in critical infrastructure protection that predates 9/11 by years. Ten years ago, largely because I was in the right place at the right time, I had a consulting gig from a major defense contractor and thence through several government agencies and ultimately to an ad hoc operation called the President's Council for Critical Infrastructure Protection (PCCIP). One of those agencies was the NSA. My little piece involved the monitoring and control infrastructure of electric utilities, but the PCCIP's scope covered the whole gamut of critical infrastructure besides electric utilities: gas; telecommunications; railroads; highways; water & sewer; and of course the internet. This last was unquestionably a major element of their concern and in fact that was the primary involvement of the defense contractor I was reporting to, as well as the guy from the NSA. I've lost touch with what's going on in that area during the five plus years of my semi-retirement, but I doubt that the NSA has walked very far away from it.
One thing I do know, however, is that power industry system operations has become more exposed to attack from the internet than it was back then. The culprit is deregulation. Prior to the mid-1990s the monitoring, control and modeling computers in the Control Center (this is the NASA-like room with computers on desks and animated wall displays that make the TV news whenever there's a wide-spread power outage) were almost never connected in real time to the company's business computer systems. But with deregulation and the resultant restructuring of the industry and the companies within it, real-time operational data became a critical element for running many aspects of the business. Hence, the energy management systems, as they're called, have to be hooked in to the corporate networks. They also have to be connected to the EMSs of other, neighboring utilities, the new layer of "independent system operators", and external data providers such as weather services (for load forecasting). Sure there are firewalls and other safeguards in place, but as we all know there's a never ending cat and mouse game between the good guys and the bad ones.
In one sense that PCCIP gig was a joke. By the time all the paperwork had cleared the bureaucratic hurdles within the organizations of the contractors and agencies up the food chain, the final report had already been drafted.
Posted by: Minnesotachuck | September 22, 2007 at 16:13
Since its practical inception 60 or so years ago, US Intelligence has firmly come down on the side of "technical means" vs "people power" (or Humint for the cognescenti). The reason behind this is simple: it's the expertise we have.
The money the US has poured down this "technical means" rathole dwarfs by many thousands of times that which funds Humint. And any new trick "technical means" pony that shows up, gets a ride at the rodeo.
Which brings me to my main point wrt to Marcy's fine post detailing such "technical means" cuties as Turbulence.
Marcy mentions one aspect of Turbulence and its conjoined sub-programs as "mapping social networks". Ya'll might of heard mention recently wrt to FISA stuff, how NSA and the other Intel Topguns are besides themselves to go after "community of interests" linkages. That is just another way of saying "mapping social networks".
Just what do these folks mean by "community of interests" linkages? Here's a tracking example:
Pakistani "Target"--->Target's phone calls--->Taxicab driver in Islamabad--->Taxicab driver's phone calls--->Taxicab driver's Aunt Suli in Peshawar--->Aunt Suli's phone calls--->Aunt Suli's podiatrist in Peshawar--->Podiatrist's phone calls--->Podiatrist's brother in Detroit--->Brother's Falafel cafe in Dearborn--->Falafel cafe's phone calls--->Sister Mary of St. Vitus' Dance Parish in Hamtramck--->Sister Mary's order for a dozen falafels to go, but easy on the garlic.
As you can see, this "community of interests" mapping thingee has more than a few...ahemmm..."difficulties"...ahemmm in it's execution.
And after the NSA spends a few kazillion dollars on all that neato computer hardware and "slick as shite" software, what the poor friggin' NSA human analyst who has to look at the result finds at the end of the day, is a feckin' spaghetti factory.
The moral of the story? That the NSA is a con-artist's wet dream.
Everything, but every-feckin'-thing in the universe is connected. You know, kinda like 6 degrees of separation ad absurdum.
And one can tie the string between number of the points, but no matter how much reducio you might be doing, a finding of a causal relationship may be just chance. And small chance at that!
And as last we knew, Mary of St. Vitus' Dance Parish in Hamtramck was under full 24x7 elint, comint and humint surveillance by alternating "Go Teams" of FBI, ATF, HomeSec and the Texas Rangers (huh?).
The falafels, by the way, were...ahemmm...dynamite!
Posted by: Mad Dogs | September 22, 2007 at 16:14
A delicious well cooked falafel does not need to be explosive , thank you . It's all in the end product .
Posted by: lunylegume | September 22, 2007 at 16:52
Falafel? Was Bill O'Reilly involved in this?
Posted by: bmaz | September 22, 2007 at 17:03
The timeframe a decade ago, whitepapers were still warning that the IP paradigm might be incapable of sustaining so many nodes. In our time, electricCos are finally arriving at their vision of rolling out internet over 20kV wires, ?or? is is simply lastMile? ElectricCos want to actualize that internet plan. There is a natural affinity among utils and the government worldwide; dereg happens in the name of egalitarian democracy and colloidally dissociated but mutually interactive nodes, if you will; then the fantasy goes the way of all toothless gremlins and expires only to the chagrin of voters and legislators who see somehow southernBell became ATT who bought all the european IBM datanets when those became obsolete and you have two customer service numbers on your bill both ATT but one actually Ameritech or PacTelesis, I am glad I am out of that business; fun, it was. But in the early 2006 copa jostling over the waning 109th congress' desire for a politically charged issue, I regarded the polemics as all "convergent" in the metadata parsing machines. And useful tools for many things. Sara Taylor discovered that in her prescient way early, and received the reward of a Rove protege employment. Congress is going to chafe about ad ware but members will need it to help their mailers target just the perfect constituency. Yet, before Google admitted after a court action it had relinquished searchStrings, other major providers did, and admitted they had. I am of the impression still that that opinion which was a part win for Google, pretty much provided a roadmap of where the bench feels is the judicious zone to draw the bounds. It is true, though, that probably it would take as many minders, algorithm readers and writers, as their are communities of interest to sift the seine fine. It provides challenges to those in that specialized kind of work.
Posted by: JohnLopresti | September 22, 2007 at 17:38
After further consideration, I wanted to apologize to Marcy and any other reader for my "cynical humor" style in commenting about what is a very serious step beyond the pale by this Administration into "1984".
Yes, the US Government does at times go way, way overboard with Rube Goldberg technologies.
And yes, NSA may find some meaningful relationships with their efforts at "community of interests" linking.
But it is also true that the US Government has more than a tendency to find a lot of "false positives".
Richard Jewel of the Atlanta Olympic Bombing is just but one example. Another might be that poor defense attorney in the Pacific Northwest who got incarcerated incommunicado as a terrorism suspect because the FBI screwed up on a fingerprint identification. It was only coincidence that he was involved in defending some Islamic folks and their issues.
I'm guessing that Mikey McConnell et al can and will make the point that there must be some goodies in that ocean of data they want to collect and massage.
I can even sympathize with the Intel grunts doing the heavy lifting that it is probably true that some goodies do exist in there.
But that does not and I should hope, will not, ever justify a replacement of our constitutional rights in order to catch the bad folks.
The pipe-dream of a breed of intellectually-challenged law enforcement types has always been: "If we could only listen in to every conversation...if we could only watch every movement...if we could only read every mind, we could stop all crime."
That fantasy cannot become the American public's reality. I hope our Congresscritters have the common sense to understand this, and shoot it down with the disdain it deserves.
Given the spineless kowtowing we recently seen in Congress, I'm not hopeful, and even a bit more than fearful.
Posted by: Mad Dogs | September 22, 2007 at 17:41
In my layman's opinion, the Baltimore Sun article would read with much more Zing if the program were changed from "Turbulence" to "Flatulence".
Before you write that my idea stinks, go back and read the article again, with my suggested substitution. I maintain that it is actually a far better label for a silent, secretive, but possibly deadly (SBD) program that is inducing headaches, and, to quote Emptywheel, represents a "backchannel way of getting the NSA the ability to spy domestically".
Posted by: casual observer | September 22, 2007 at 17:48
Well, well, well, this is fascinating. The Baltimore Sun is the NSA's hometown newspaper. The major source for this story is a "senior intelligence official". Three things are directly attributed to him alone:
1. Two thousand people could be assigned to the program initially.
2. The program will require a revision of the agency's charter.
3. The program builds on Turbulence which had a troubled start.
Things that probably came from him and confirmed by others are:
1. NSA is drawing up the plan.
2. McConnell is coordinating and DHS is leading the effort.
What conclusions should we draw from this? There is an NSA insider who is upset with what's happening at his agency. He's making an indirect accusation that McConnell is allowing the NSA to break its prime directive (don't spy on Americans inside the country). Not to mention that they are using the notoriously corrupt and incompetent DHS as a front. He's practically begging Congress to investigate. Revising the NSA charter requires legislation. Bringing up Turbulence suggests there are funding irregularities needing Congressional oversight. Two thousand people from multiple agencies says lots of committees have jurisdiction. Mentioning McConnell says Congress should wonder if what they know about this stuff is as reliable as the other things McConnell has been saying lately.
Posted by: William Ockham | September 22, 2007 at 18:10
I said: The pipe-dream of a breed of intellectually-challenged law enforcement types has always been: "If we could only listen in to every conversation...if we could only watch every movement...if we could only read every mind, we could stop all crime."
And then was reading a comment about this very post of Marcy's over at FDL, and voila! Wouldn't you know good ol' Mikey Chertoff is smokin' that self-same pipe:
From the WaPo in the article "Collecting of Details on Travelers Documented" at http://www.washingtonpost.com/wp-dyn/content/article/2007/09/21/AR2007092102347.html?hpid=topnews
Jeebus Mikey! You must be readin' my mind!
Posted by: Mad Dogs | September 22, 2007 at 18:12
WO- Bingo. And no reason to wonder about McConnell's veracity; he has none.
Posted by: bmaz | September 22, 2007 at 18:17
well this is a dodge if i ever saw one.
you got people complaining about the nsa spying on americans?
the bush admin has a fix for that.
the nsa is not spying. they are insuring the security of our telecommunications "backbone".
which may, of course, necessitate lots of "listening in". but spying is not the intention of the new program.
damn, i feel better already knowing that.
life is really just a matter of how you articulate a problem a problem, isn't it.
Posted by: orionATL | September 22, 2007 at 18:34
and as Minnesota chuck and e'wheel's quote indicate,
there is even historical precedent; we've been doing "network security" for more than a decade.
"the program formerly know as spying" was really just "network security" all along.
what's not to like?
Posted by: orionATL | September 22, 2007 at 18:46
The joy in Ann Arbor must be palpable! Perhaps the news of Lloyd Carr's demise have been greatly exaggerated. Big Blue goes to 2 and 2.
Posted by: bmaz | September 22, 2007 at 18:56
Lately, I swear these posts are a hell of a lot scarier to me than any yellow or red level of terrorism. Every day I come to this site and practically "shite" my pants.
Daily, I shake my head in disbelief. It's so hard to swallow, and yet, the facts are there, that we have sunk into fascism. And it's like we are this mix of pre and post robot stepford wives. Some of know it. Some of us think it might be true. Some of us think it isn't happening and worst yet, some carry the water for the administration believing that "it's all in our own best interest."
I hope we never forget that this is why public education is key. We have to raise up a country smart enough to see it coming. I still don't think enough of us, understand what is happening. I don't think enough people see and understand the big picture. It's a hell of a lot scarier than anything that Bin Laden could do to us.
Posted by: katie Jensen | September 22, 2007 at 18:59
I'm curious about what Richard Clarke might tell us about all of this. Especially since he has been chatty for some time about fighting terrorism. But we all remember that back in the summer of 01 when everybody was ignoring him he started getting paranoid about cyberterrorism, probably just to blow off steam in his downtime since he seems to have been the only guy anywhere near the White House who was worried bin Laden. And then about 3 or 4 days after 9/11 when they started planning to invade Iraq, they let Clarke take his crazy "work ethic" and look at cyberterrorism for a few months and eventually there was a Frontline documentary spelling out potential disasters, just a little WoTerror digestif. Kind of curious how the timeline for the seemingly wacky TIA and nascent TSP bumps into Clarke's tenure noted above by ew.
Posted by: zhiv | September 22, 2007 at 20:44
Don't know about Clarke, but ex-supposed CIA BinLaden guy Michael Scheuer was on Bill Maher Friday night and man has he jumped the shark and gone off the deep end. I always thought he was a bit goofy, but jeebus.
Posted by: bmaz | September 22, 2007 at 21:07