Sunday, February 17, 2002

Lew Rockwell.com

Report on a
James Bamford Talk at Berkeley

James Bamford is the author of The Puzzle Palace and Body of Secrets, books about the National Security Agency. He is visiting Berkeley in the School of Public Policy, and gave a talk entitled "Intelligence Failures that Led to the September 11th Attacks."

He was introduced by the Dean of the School, who explained that the school has a new emphasis on information technology and public policy. The Dean explained that while it is generally true that "Those who know don’t speak, and those who speak don’t know," James Bamford is the exception. The Dean said that Bamford was working on a new book A Killing Sleep: Anatomy of America’s Greatest Intelligence Failure, a description of what happened prior to Sept. 11.

Bamford started by providing lots of background. He was fresh out of law school and didn’t want to practice law, so he had the idea of writing about the most secret agency in the US Government, the National Security Agency (NSA). This led to the now twenty year-old book, The Puzzle Palace. NSA eventually found out that he was writing, and tried very hard to stop him. NSA twice arranged to have him criminally prosecuted for revealing secrets, but he was able to show that he had used material in the public domain. Bamford explained that he had become an expert in using the Freedom of Information Act (FOIA) to get a lot of information. It’s not so easy, because the FOIA doesn’t apply to the NSA since the NSA almost doesn’t exist. It was not created by Congress, but by a memorandum. When he wrote his first book, the rule was that once a document was declassified, it could not subsequently be reclassified (sort of a no ex post facto idea). According to Bamford, Reagan changed those rules, allowing and in fact doing a lot of reclassification, Clinton didn’t change the Reagan rule but didn’t do reclassification, and the current Bush administration has adopted the Reagan rules.

NSA was created after WWII from the code breaking activity that had proceeded during the war. At the time it was created, no one but a couple of people even knew it had been created. NSA stands for no such agency, or never say anything, or after Puzzle Palace, not secret anymore. To illustrate how secret NSA is, after Puzzle Palace was published, Bamford went on a book tour. At one point he was scheduled onto a PBS show where the other guest was Sen. Bill Bradley. Prior to the show, the Senator asked Bamford why he was on the show, and he explained that he had written a book on the NSA. Bradley asked him what that was, and Bamford explained. Then Bradley went on the show to explain his ideas for the economy, or whatever, and then the interview switched to Bamford. Bamford explained that the NSA was a secret agency. The interviewer said "How secret?" And, naturally, Bamford did not pass on the opportunity to say that it was so secret that not even Sen. Bradley knew about it. Bradley was not pleased.

Years later, having worked on television news shows, Bamford did a second NSA book. It also took three years. His first idea was to go to NSA and ask for a tour, interviews, and documents. They were not accommodating, to say the least. "Enemy of the state." "Not in your interest to proceed." However, eventually NSA turned around, and eventually provided him with access to lots of information, although they never provided documents. Again, FOIA came through.

Bamford explained that he was amazed by some of the material he was able to get. For example, he found a detailed 1962 plan to invade Cuba. In the wake of the failed Bay of Pigs invasion, the US was embarrassed and wanted to dump Castro some other way. The idea was to have the US Armed Forces invade Cuba, deposed and kill the leadership, and establish a new government. Basically do to Cuba what we just did to Afghanistan, Bamford explained. However, there was a problem. The US needed a pretext to invade. Unfortunately for the invasion plan, we didn’t know of anything that Castro was doing to the US besides sitting there being decidedly Communist. So, a pretext had to be created. The plan Bamford found, through FOIA, sent a chill down his back. The US would arranged to have Americans shot on the streets of US cities, we would set off bombs in crowded areas of US cities, and there was a detailed plan to blow up a commercial airliner over Cuba. This plan was approved, in 1962, by every member of the Joint Chiefs, including the chairman. [If this is true, the plan was never executed.]

About NSA: it is 38,000 people, 50 buildings, on a campus in Maryland, in suburban Washington DC. The have the most powerful computers in the world, 1.6 million tapes in their tape library [tapes?]. Basically they do signals intelligence, listening to phone calls, faxes, email, and any sort of communication. To do this they have extensive facilities all around the world. One technique that Bamford mentioned was how they capture microwave signals. Microwave, unlike high frequency signals [HF are actually lower frequency than microwave, in case you care], do not bounce off the ionosphere and travel in a straight line. Towers must be line of sight from each other. So how’s the NSA going to listen to this? Answer is that some of the radiation goes past the receiving station, and continues in its straight line out into space. The NSA has satellites out there to grab the signals. [Bamford described the satellites as geosynchronous, but that wouldn’t work.] NSA also makes and breaks codes. The big nasty secret within NSA is that in the forty years or more that NSA spent billions of dollars on breaking the Soviet codes, they made no progress. No important Soviet code was ever broken by the NSA, or by anyone.

NSA has a whole bunch of listening posts around the world. There’s one in England. Each post captures about two million messages per hour. They cull out the interesting ones in many ways – limiting prefixes, etc. The Soviets had a listening post in Cuba for forty years (they are only just now dismantling it) and they knew how to filter out the interesting stuff. For example, any phone call to prefix 456 in the DC area code was a call to the White House, any call to 688 is a call to NSA.

So what about NSA’s involvement in Sept. 11. Some have compared the failure to the "failure" at Pearl Harbor. Actually, Pearl Harbor was quite a success for the predecessor agencies to NSA. The US had managed to completely break the key Japanese codes (Purple), and the German codes (Enigma) were also broken. In the case of Pearl Harbor, the US signals people picked up the key message to the Japanese embassy in Washington, decoded it (it said something like break off relations and destroy all your crypto equipment) well in advance of the attack. The message did not say where an attack would come, so the US sent the message to everyone saying "Japanese attack expected." The weather was wrong over the Pacific so the usual HF path did not work. Instead the message was sent to Honolulu via Western Union, where it arrived a few hours after the attack.

In contrast, NSA did nothing to help prior to Sept. 11. No monitoring of Osama Bin Laden (OBL) was done. The hijackers of the plane that would up hitting the Pentagon lived in Laurel, MD, the same town that NSA was in. When the hijackers drove from Laurel down US 1 toward Dulles, the traffic in the other direction was mostly NSA employees on their way to work. Rather embarrassing to the NSA, in fact a disaster of major proportions. Realize that the primary goal of NSA, the justification for the billions of dollars per year of our citizens money spent by the NSA, is simply to prevent a surprise attack. Yet the US and NSA was caught totally unprepared. Bush was reading to first graders in Sarasota, the head of NSA was having breakfast in downtown Washington.

OBL moved his operations from the Sudan to Afghanistan. The infrastructure there was insufficient for OBL’s needs, so he contacted an intermediary in London who in turn arranged for a student in the US to buy a satellite phone. The phone was mailed to London, the service activated there, and the phone mailed to OBL. It was an Inmarsat phone. So NSA has a billion dollars, they figured this out and got good eavesdropping on OBL. NSA was very proud of this, and would show off their abilities to distinguished guests at NSA. They would laugh as he called his mother and talked to her. Unfortunately, OBL seemed to sense something, because he never used the satphone for operational material. Just used it for calls home. But this is still useful: at least we know where he is, because the phone radiates, and that radiation can be tracked. And we took advantage of that: Clinton called for reprisals against OBL after the embassy bombings in E. Africa, and we sent missiles to a training base in Afghanistan that we knew about because of the satphone. Unfortunately, two bad things resulted: one, OBL was not there when the missiles arrived, and two, OBL, no dummy, stopped using the satphone when he realized it was being used to track him. The NSA never heard from him again. Never. NSA went deaf.

NSA had other problems: only one or two (at the most) NSA people can speak an Afghan language. And there were lots of other structural problems at NSA. To understand this, understand that until ten years ago, NSA had essentially a single mission: track the Soviets. NSA knew about Russian missiles and submarines. They looked for the missiles, and set up very advanced equipment that could provide early warning if a Soviet missile were launched. To illustrate this capability, recall that a few months ago an Israeli plane was shot down on its way from Israel to Russia. The US immediately announced that a missile had shot down the plane. The guys who did the deed denied it initially, but soon it came out that the US was right. These are your NSA tax dollars at work. That’s what we do, but that’s the wrong thing if you are worried about terrorists. Ten years after the end of the cold war, the NSA still has the wrong technology in the wrong places.

Technology has shifted under NSA’s feet. For example, we could intercept Russian communications. They used HF, and we had huge antennae that could catch the stuff as it bounced around the world We had antennas, some called Elephant Cages, that were a half mile wide, to intercept Russian HF signals. Unfortunately, no one but the Russians used this.

Another technology used by potential adversaries was satellite. The use of satellites for phone conversations declined dramatically in the last ten years as other technologies (cable, fiber) replace satellite which had too much delay (40,000 miles up and back) and was too expensive. That was too bad for NSA because satellites are easy to eavesdrop on, fiber is tough. Actually, NSA can tap fiber (no mean achievement) but the fiber is underground or under the ocean, making it difficult to get to. Too bad for NSA.

After the cold war, NSA’s budget was cut by a third and targets increased. There were targets in Africa, in the Balkans, in North Korea. NSA continued to miss opportunities: NSA completely missed the atomic tests in India. NSA completely missed the bombing of the Cole. In both cases the US was surprised.. The bombing of the African embassies was missed. Once you know the track record, it is no surprise that NSA completely missed Sept. 11. It’s what you’d expect.

Language skills continue as a problem. The US was involved in Haiti, the NSA had one Creole speaker.

The other "intelligence" agency that might have helped with Sept 11 is the Central Intelligence Agency (CIA). CIA missed Sept 11 completely too. This not much of a surprise. CIA itself does not collect much information, instead CIA specializes in analysis. What intelligence they do gather is done in a peculiar way. The CIA has "case officers." They are assigned to embassies around the world, typically as "cultural attaches." Their job is to enlist spies from the area. They pay the spies to report back to them periodically and tell them what’s going on. This is called "human intelligence" (humint) in contrast to the material that the NSA gathers. Unfortunately, humint is very unreliable. You’ll read that the "CIA needs more case officers." For example, this point is made in a recent book on the CIA by Robert Baer ("See No Evil: The True Story of a Ground Soldier in the CIA's War on Terrorism"). Bamford disagrees with this message, and in fact has recently published a review of the Baer book where he pans it. Bamford gives an example of how crummy humint is: Recently the TV show 60 Minutes had found a guy who knew all about something [can’t remember, maybe about how the terrorists operate]. Before putting him on the air, 60 Minutes wanted to confirm that this source was legit, so they retained Robert Baer to check him out (Baer had left the CIA). Baer certified him as a good source. Only later did we learn that everything was made up…the source just wanted his 15 minutes of fame. As we said, human sources are no good, and Baer is no better than anyone at detecting the good ones.

A major justification for the CIAs modus operandi is that they can’t get their own people into various organizations. "They’re all clan based, you have to have been born there…., " the CIA argues. Let me ask one question: how did a Marin county high school student get inside El Qaeda in less than two years, learning major pieces of intelligence, meeting with OBL, etc.? CIA couldn’t do that?

Questions followed. Q: What about the Internet? A: That's another technology they missed. OBL used email. OBL did not use encryption of any sort on any communication. The best breakthrough in the whole intelligence gathering surrounding Sept 11 was by the New York Times, who spent $1100 for a computer owned by one of the El Qaeda guys. The disk was encrypted, but by a cheap encryption that the NYT broke easily, to find lots of info about Al Qaeda plans. Another major failure of the CIA and NSA.

Q: Will NSA try to limit encryption? A: Yes, they'll try to place new limits on encryption. And Clipper and key escrow will make a comeback. And lots of other nonsense.

Q: Can we stop surprise attacks? A: No. We cannot avoid these kind of attacks. We have to somehow explain to people that this is just one of the hazards of life, like 50,000 Americans dying of colon cancer, or 50,000 Americans dying in car accidents every year. The government cannot bring itself to say the truth, that terrorism is just one of the risks of life.

Q: What's your relationship with NSA? A: On the day the second book was published, NSA held a book signing at NSA HQ. I teach a class at NSA. The Defense Intelligence Agency used my first book as a textbook.

Q: What about the NSC. A: The National Security Council mostly has nothing to do with NSA. Technically the NSA reports to the head of the NSC, but besides some basic rules of engagement, there's no link. The difference between them is remarkable: we've all heard of Condaleeza Rice, but who's heard of the head of NSA, Gen. Mike Hayden?

Q: What about misinformation? A: It's a big problem. The FBI spy Robert Hanssen worked closely with the NSA. Everything he knew about NSA's progress or lack thereof was probably provided to the Russians. Also, the Russians were provided with the names of all the CIA sources in Russia. NET: the Russians knew everything we knew. Thus, we have to assume that everything we got from the Russians or our spies was actually misinformation. Or not. A "wilderness of mirrors."

Q: How does NSA work? A: Heavy use of polygraphs. Mandatory exams every five years, plus random use of polygraphs, for every employee. NSA has more PhDs in mathematics than any other organization in the western world. NSA has a mental health unit for those who can't deal with the secrecy and complexities of codes.

Q: Aren't most rules on government secrecy just ways to protect those in power from looking like fools? A: Yes, pretty much. Best solution to this is a diligent journalistic force (a free press) but today's press is actually getting worse. Before Sept. 11 all the coverage was on Gary Condit and on shark attacks, in spite of the fact that there are fewer shark attacks every year. Sells papers.

Q: What should we do? A: Put national privacy at the same level as national security. Support privacy groups.


February 11, 2002

No comments: