by Brian Toohey
James Glanz, New York Times, 20 November 20131
Intercepting someone else’s private communications or breaking into their computer hard drive is a criminal offence, except when governments to do it. The Australian Signals Directorate (ASD) makes no attempt to hide its enthusiasm for doing so as a member of the ‘Five Eyes’ group, with the most intrusive global surveillance network in history. ASD’s mission statement reads: ‘Reveal their secrets, protect our own’. Its website says it intercepts and decrypts other countries’ communications—called signals intelligence (SIGINT)—while protecting Australia’s own communications. This statement ignores how ASD, in conjunction with the NSA, also intercepts SIGINT emitted by radar and weapons systems that feed into the US war-fighting machine.
ASD’s ability to protect Australian communications is limited. It can’t ensure that the NSA or other governments don’t spy on Australians. The internet’s use of packet-switched global networks means that domestic messages can be routed overseas before reaching their Australian-based recipient. This makes it almost impossible for ASD to protect these messages from interception elsewhere.
Although ASD has improved recently, it has normally refused to answer innocuous media questions despite being a far more powerful intelligence agency than either ASIO or ASIS.2 Nor, according to the NAA, have its predecessors ever lodged any significant documents with it as required by law.
ASD’s roots trace back at least as far as the Allied Central Bureau during World War II, which was staffed by Americans and Australians. After the war, the Chifley Government established the Defence Signals Bureau (DSB), which began operating in 1947. Its name changed to the Defence Signals Division, then Directorate, before becoming ASD in 2013.
There was no doubt about who was calling the shots when Australia and New Zealand were formally accepted in 1956 as members of a British-American SIGINT agreement called UKUSA. An annex to the updated 1956 agreement said DSD had to perform tasks determined by the NSA—in effect it became an NSA subsidiary.3 Initially, US and UK signals intelligence officials decided not to tell elected Australian political leaders about the agreement, which was signed on an agency-to-agency level rather than between governments. Interviews in 1982 with former prime ministers and other ministers confirmed that they were never shown the agreement. Almost none were even told it existed.4 This is only one example of the NSA-orchestrated intercept network considering itself independent of national governments. It continued to supply signals intelligence to New Zealand despite the US government ordering all intelligence links to be severed in 1985 following a row over nuclear ships’ visits.
Although Canada, Norway, Denmark and West Germany were all invited to join UKUSA before Australia and New Zealand, the agreement designates the US as the first party and the four other Anglo-Saxon countries (Australia, Canada, New Zealand, UK) as second parties in what is called the Five Eyes club. The club is not as exclusive as many assume—dozens of other countries are third-party members. The US chooses recipients that give it a political advantage or reciprocal intelligence. Insiders say some of these countries are often given the same intelligence as the Five Eyes members. One group, dubbed Fourteen Eyes, is more formally known as SIGINT Seniors Europe and comprises the Five Eyes countries plus Belgium, France, Germany, Italy, the Netherlands, Norway, Spain, Sweden and Denmark; SIGINT Seniors Pacific comprises Five Eyes plus France, Singapore, India, South Korea and Thailand.5 Another group includes all twenty-four NATO countries. The NSA also has bilateral agreements with Japan, Israel, Finland, Algeria, Tunisia, Saudi Arabia and the United Arab Emirates.6
Hardly anyone in Australia had heard of DSD until the Whitlam Government’s defence minister, Lance Barnard, revealed in parliament on 1 March 1973 that no previous army minister had been told it existed. Yet important DSD facilities (such as its Singapore intercept station) were in the army portfolio. The NSA also installed SIGINT antennas at the US-run North West Cape communications base in Western Australia in 1967 without telling the government.7 Documents leaked to the National Times in 2003 threw new light on what DSD did.8 Few even considered the legality of its behaviour before the Hope RCIS in the mid-1970s. Hope looked at the Overseas Telecommunications Commission’s earlier practice of illegally handing over customers’ messages to DSD. He also examined DSD’s practice of intercepting phone calls in Australia, sometimes when ASIO couldn’t obtain a warrant. In one example, DSD intercepted phone calls made from within Australia by Denis Freney, a leading campaigner for East Timorese independence.9 In response, the Fraser Government confined the warrant system to ASIO while letting it subcontract the job to DSD.10 Today, ASD needs ministerial authorisation to deliberately intercept Australians.
Australia initially relied heavily on military units to collect SIGINT, mainly from wireless transmissions. Over time, DSD employed more civilians, broadened its intercept targets, and exploited the huge volume of communications sent over optical-fibre cables and satellites. As well as high-frequency and direction-finding radio masts, ASD/NSA now has ground stations at Kojarena near Geraldton, Shoal Bay outside Darwin and Pine Gap near Alice Springs that intercept signals sent over commercial communications satellites. Pine Gap is also linked to satellites tasked by the NSA to intercept a huge range of signals.
Shoal Bay provides an example of US business practices. In the mid-1970s the Hughes Space Group built satellites and ground stations for a new Indonesian telecommunications system. It also built a near-identical ground station at Shoal Bay to let DSD/NSA intercept everything sent via the Indonesian satellites. Hughes did not tell its Indonesian customer about this side deal, which compromised the system that country had just bought.
The NSA does not always share relevant intelligence with Australia. For example, it cut off the flow of sensitive SIGINT to the Fraser Government in early February 1979 when the Chinese were preparing a military incursion into Vietnam.11
Another supposed strength of the global network operated by the NSA and ASD and their partners is that it can provide policy-makers with the truth about big issues, such as whether Saddam Hussein’s Iraq possessed weapons of mass destruction (WMDs) in 2003. It failed miserably, and the world is still paying the price.
DSD, in conjunction with the NSA, installed interception equipment in Australian diplomatic premises in Papua New Guinea, Indonesia, Thailand and other countries for a program called Reprieve to intercept local phone calls in those countries.12 After I revealed this in 1983, these target countries objected to hosting diplomatic premises that spied on them. Australia later joined the NSA in a new program called Stateroom to expand these operations to Beijing, New Delhi and other capitals.
China and Russia also collect SIGINT, but they lack access to the many fibre-optic cables and satellite links in the NSA’s global network. ASD has formidable defences, as well as powerful encryption, to stop Russia and China intercepting Australia’s top-secret communications. These communications are inherently safe because they use a separate secure network and data storage facilities that are inaccessible to the rest of Australia’s telecommunications links, including the National Broadband Network (NBN). Nevertheless, in 2012 Prime Minister Julia Gillard announced that she had protected the national security communications system by banning a staff-owned Chinese company, Huawei, from tendering for any part of the NBN.13 Huawei was offering to supply switches and routers for sections of the NBN at a highly competitive price. The ban ignored the fact that hackers will attempt to break into computers regardless of who supplies the routers—the US has no Chinese equipment on its telecommunication system, but overseas hackers often penetrate American computers. In 2018, the government banned Huawei from supplying its 5G mobile system to Australia although it was the most advanced in the world and much cheaper than those of its rivals.14
In 2013 a former NSA contractor, Edward Snowden, transformed the world’s knowledge of the immense scale of US-led interception activities and raised questions about the legal and moral difficult
ies involved. His documents, shared with selected media outlets, showed how the NSA and its partners have reduced traditional secret police, such as the former East German Stasi, to bit players.15 Online news site The Intercept revealed that one NSA system, called XKEYSCORE, utilises over 150 sites around the world to access, sort and analyse staggering amounts of information sent over optical-fibre cables and satellites; this information includes not only emails, chats and web-browsing traffic, but also pictures, documents, voice calls, webcam photos, web searches, advertising analytics traffic, social media traffic, logged keystrokes, username and password pairs, file uploads to online services, and Skype sessions.16 The US population wasn’t exempt: a top-secret court order required one of America’s largest telecoms providers, Verizon, to give all its customers’ telephone records to the NSA on a daily basis, regardless of whether the customers were suspected of wrongdoing.17
Snowden’s documents revealed that ASD had intercepted the mobile phones of Indonesia’s president, Susilo Bambang Yudhoyono, his wife and senior colleagues in 2009.18 The Indonesians strongly objected to this deceitful behaviour by a neighbour who professed to be a friend. Apparently, the spying operation produced nothing of value. Other Snowden documents showed that in 2013 ASD offered to supply the NSA with SIGINT involving an American law firm representing Indonesia in trade disputes with the US, including ‘information covered by attorney–client privilege’.19 There is no public policy rationale for ASD to help the US oppose Indonesia in a commercial law case.
The UK’s Investigatory Powers Tribunal exposed large-scale illegal behaviour in February 2015 when it found that UK–US sharing of bulk intercepts of electronic communications had been unlawful for the previous seven years and that GCHQ had breached human-rights law by accessing emails and phone records intercepted by the NSA. The European Court of Human Rights ruled in 2018 that the UK mass interception program violated the rights of privacy and freedom of expression. The court found that the program ‘is incapable of keeping the interference to what is necessary in a democratic society’.20
Another Snowden memo revealed that UK officials had approved a secret deal in 2007 to allow the NSA to analyse and store phone, internet and email records and IP addresses of British citizens who were not suspected of any wrongdoing. One analysis suggests that ‘three hops’ (friend to friend to friend) from a typical Facebook user could pull the data of more than five million people into the dragnet.21 It’s not publicly known if ASD has a similar arrangement.
Snowden released documents showing that in 2005, ‘The NSA is authorised to spy upon the citizens of America’s closest allies including Britain [and Australia] … The NSA can go it alone if permission is not forthcoming—or if the US chooses not to ask.’22 Given the nature of US money politics, it would be surprising if American firms didn’t receive intelligence about their competitors in Australia and elsewhere.
ASD is so intertwined with its intercept partners in collecting intelligence that it often has no way of knowing whether this information is used for good or evil. Snowden provided documents showing that the US gave Turkey SIGINT identifying the location of Kurdish rebels; this information allowed the rebels to be captured or killed.23 Killing Kurds—who are known to be the most effective fighters against Islamic State terrorists—would not be in Australia’s interests.24 ASD could serve Australian interests with no moral qualms by helping police identify those who make anonymous threats on social media to rape and murder people. It could also improve the ability of the Australian Tax Office (ATO) and the Australian Transaction Reports and Analysis Centre (AUSTRAC) to investigate tax evasion and money laundering.
Taking recklessness to a new extreme, the NSA has developed a huge array of offensive cyber-tools to introduce malware onto computers; this malware can be employed to steal documents, hack into emails, and subtly change data or destroy it. A group called Shadow Brokers is reportedly responsible for stealing some of these malware tools and putting them online, where others have used them for criminal purposes.25 More than embarrassment is at stake: a government agency has lost control of weapons it developed, and these weapons are now causing serious damage to corporations and individuals. Imagine the equivalent of US fighter planes being used to damage property across America and its allies. The danger is real. Media around the world reported in 2017 that ransomware allegedly stolen from the NSA infected tens of thousands of computers in 100 countries around the globe, disrupting the UK health system, Russian banks, Spain’s Telefónica, and police departments in the US.26
WikiLeaks made a valuable contribution when it revealed on 7 March 2017 that the CIA had lost control of its global covert hacking program, including its arsenal of ‘weaponised’ malware.27 The documents showed the extraordinary scale of the CIA’s attacks against a wide range of products and operating systems, including Apple’s iPhone, Google’s Android and Microsoft’s Windows. In its series called Vault 7, WikiLeaks said the CIA had undermined the Obama administration’s undertaking that the intelligence agencies would tell manufacturers promptly about any serious vulnerabilities discovered in their products. It said vulnerabilities not disclosed to the manufacturers placed huge swathes of the population and critical infrastructure at risk to foreign intelligence or cyber criminals who could utilise the vulnerabilities. Similar outcomes are now possible in Australia due to the encryption laws introduced in December 2018, which allow intelligence and police agencies to build weaknesses into tech companies’ systems.
Far from denying the authenticity of the USA’s weaponised malware documents, the Trump administration said it was investigating CIA contractors as the probable source of the leaks.28 It said nothing about addressing the problem of telling the technology companies how to overcome the vulnerabilities, let alone stopping the ClA or the NSA from creating malware that can sabotage many of the advantages cyber-technology delivers to humanity.
6
THE USES AND ABUSES OF INTELLIGENCE
‘Through the seven and a half years in which I was prime minister, I can’t recall a single decision of government that was significantly influenced or altered as a result of defence signals intelligence.’
Malcolm Fraser1
Daniel Ellsberg, who exposed the US government’s lies about the Vietnam War by leaking the Pentagon Papers, had access to numerous classified documents while he was a high-ranking Defense official. He later told an interviewer that he warned Henry Kissinger about the traps awaiting him when Kissinger became Nixon’s main security and foreign policy adviser in 1969, saying, ‘Henry, you are about to receive a whole slew of clearances, maybe 15 or 20 higher than top secret. After you read all this intelligence … you will think that others who don’t [have it] are fools.’2 He said he told Kissinger the information was often inaccurate and omitted much of relevance: ‘In the meantime, you’ll become incapable of learning from most people in the world, no matter how much experience or knowledge they may have of their particular area.’ Ellsberg then likened secrecy to ‘the potion Circe used to turn men into swine’. Kissinger thanked him and promptly embraced secrecy.
Ellsberg’s warning has lost none of its force. Today, many politicians, think-tank analysts and journalists seem to believe in the infallibility of the secretive bodies who turn raw information into a processed commodity called intelligence. Too often, the more accurate description for what they produce is propaganda, designed to shape government policies and public opinion. At its most useful, accurate intelligence and other information can help reduce tensions by showing two rivals that neither is a threat to the other. At its worst, governments can falsely claim they have intelligence that justifies aggression and wasteful national security spending, and helps demonise foreign political leaders.
Intelligence, even if accurate, is not automatically valuable. After retiring, former Australian PM Malcolm Fraser wrote, as quoted above, that during the seven-and-a-half years in which he was prime minister, he couldn’t ‘recall a single decision of government
that was significantly influenced or altered as a result of defence signals intelligence’.3 Alan Wrigley, a former deputy Defence Department head in charge of strategic policy, told a conference in 1993 that none of the massive volume of intelligence material that had crossed his desk over a ten-year period ‘was of any significant value to policy-makers’.4 Gareth Evans said that in his thirteen years in Cabinet ‘very little of any of the stuff that was … gleaned [by ASIO or ASIS] added much value to our understanding of what was going on let alone vital to our security interests’.5
On other occasions, secret agencies don’t supply crucial intelligence. For example, the Five Eyes signals intelligence club failed to give New Zealand prior warning about the French secret service operatives who blew up the Greenpeace ship Rainbow Warrior in Auckland Harbour in February 1985.6 It also failed to respond to the threat posed by an Australian white supremacist who murdered 50 people in Christchurch in March 2019 after posting increasingly menacing messages online. As explained previously, Australia and New Zealand are part of NSA’s global surveillance network that intercepts, analyses and stores almost all communications by phone, radio or the internet. There were ample opportunities to put the killer on watchlists and later alert Christchurch police closer to the attack. Shortly after the massacre, the head of ASD, Mike Burgess, gave a speech boasting about how his agency had countered the online activities of Islamic extremists in the Middle East.7 Simpler action could have prevented the March 2019 massacre.
Burgess also announced in his speech that he would be recruiting ‘many hundreds’ of hackers for offensive cyber operations, sometimes involving the destruction of computer systems. This is an act of aggression, little different to a missile attack, and a long way from the DSD’s earlier role of simply intercepting communications. Careful outside examination should be given to every proposed hacking operation before it is approved.