by Shane Harris
[>] The agency’s elite hacker unit: Craig Whitlock and Barton Gellman, “To Hunt Osama bin Laden, Satellites Watched over Abbottabad, Pakistan, and Navy SEALs,” Washington Post, August 29, 2013, http://articles.washingtonpost.com/2013-08-29/world/41712137_1_laden-s-osama-bin-laden.
3. Building the Cyber Army
[>] The army got in: Author interview with former military intelligence officer.
[>] His old patron Dick Cheney informed: The author conducted a series of interviews with McConnell in his office in 2009.
[>] Just over a month later: The list of companies subject to Prism surveillance comes from an NSA presentation disclosed by the former contractor Edward Snowden, first published by the Washington Post and the Guardian, and subsequently republished by numerous journalistic organizations. Details about Prism surveillance also come from author interviews with current and former intelligence officials.
[>] After Senator Barack Obama won: McConnell interview.
[>] Later, in a private meeting with Bush: See David Sanger, Confront and Conceal: Obama’s Secret Wars and Surprising Use of American Power (New York: Crown, 2012).
[>] To find out, on May 7, 2010: Accounts of the Schriever Wargame 2010, and the lessons the military learned, come from three sources: author interview with Lieutenant General Michael Basla, the air force’s chief for information dominance and its chief information officer; High Frontier: The Journal for Space and Cyberspace Professionals 7, no. 1, which was entirely devoted to describing and analyzing the game, http://www.afspc.af.mil/shared/media/document/AFD-101116-028.pdf; and Robert S. Dudney, “Hard Lessons at the Schriever Wargame,” Air Force Magazine 94, no. 2 (February 2011), http://www.airforcemag.com/MagazineArchive/Pages/2011/February%202011/0211wargame.aspx.
[>] But privately, some intelligence officials: Author interviews with government officials, industry experts, and business executives. Those interviewed about China’s cyber capabilities included Tim Bennett, former president of the Cyber Security Industry Alliance, a leading trade group; Stephen Spoonamore, former CEO of Cybrinth, a cyber security firm with government and corporate clients; and Joel Brenner, head of counterintelligence under the director of national intelligence. See Shane Harris, “China’s Cyber-Militia,” National Journal, May 31, 2008, http://www.nationaljournal.com/magazine/china-s-cyber-militia-20080531.
[>] “The hacker was probably”: Author interview.
[>] It was six years after lawmakers’: Author interviews with congressional staff and investigators, as well as a confidential briefing prepared by security experts in the House of Representatives, obtained by the author. See Shane Harris, “Hacking the Hill,” National Journal, December 20, 2008, http://www.nationaljournal.com/magazine/hacking-the-hill-20081220.
[>] The US Chamber of Commerce: US Chamber of Commerce officials made many comments to this effect. See http://www.pcworld.com/article/260267/senate_delays_maybe_kills_cybersecurity_bill.html.
[>] And the separate directive, known as PDD-20: A list of Obama’s presidential decision directives can be found on the website of the Federation of American Scientists, http://www.fas.org/irp/offdocs/ppd/.PDD-20, which pertains to cyber operations of the military, was leaked by the former NSA contractor Edward Snowden and published in its entirety in June 2013.
[>] “There aren’t enough”: Major General John Davis, speech at the Armed Forces Communications and Electronics Association (AFCEA) International Cyber Symposium, Baltimore Convention Center, June 25, 2013, http://www.dvidshub.net/video/294716/mg-davis-afcea#.UpSILmQ6Ve6#ixzz2lkc87oRy.
[>] An NSA unit known as: Scott Shane, “No Morsel Too Minuscule for All-Consuming N.S.A.,” New York Times, November 2, 2013, http://www.nytimes.com/2013/11/03/world/no-morsel-too-minuscule-for-all-consuming-nsa.html.
[>] In a remarkable shift: See Chairman of the Joint Chiefs of Staff, Joint Targeting, Joint Publication 3-60, January 31, 2013, http://cfr.org/content/publications/attachments/Joint_Chiefs_of_Staff-Joint_Targeting_31_January_2013.pdf.
[>] The attack is launched: Lieutenant General Herbert Carlisle, then the air force’s deputy chief of staff for operations, told a 2012 defense conference in Washington about the Chinese tactics. See David Fulghum, “China, US Chase Air-to-Air Cyberweapon,” Aviation Week, March 9, 2012.
[>] “There is a tremendous amount”: Dune Lawrence and Michael Riley, “A Chinese Hacker’s Identity Unmasked,” Bloomberg Businessweek, February 14, 2013, http://www.businessweek.com/articles/2013-02-14/a-chinese-hackers-identity-unmasked.
[>] “There aren’t enough”: Davis speech.
[>] “Universities don’t want to touch”: Jason Koebler, “NSA Built Stuxnet, but Real Trick Is Building Crew of Hackers,” US News & World Report, June 8, 2012, http://www.usnews.com/news/articles/2012/06/08/nsa-built-stuxnet-but-real-trick-is-building-crew-of-hackers.
4. The Internet Is a Battlefield
[>] The agency’s best-trained: For more on TAO, see the work of intelligence historian and journalist Matthew Aid, who has written extensively about the unit, including “The NSA’s New Code Breakers,” Foreign Policy, October 16, 2013, http://www.foreignpolicy.com/articles/2013/10/15/the_nsa_s_new_codebreakers?page=0%2C1#sthash.jyc1d12P.dpbs.
[>] Edward Snowden told Chinese journalists: Lana Lam, “NSA Targeted China’s Tsinghua University in Extensive Hacking Attacks, Says Snowden,” South China Morning Post, June 22, 2013, http://www.scmp.com/news/china/article/1266892/exclusive-nsa-targeted-chinas-tsinghua-university-extensive-hacking?page=all.
[>] According to one international study: QS World University Rankings, 2013, http://www.topuniversities.com/university-rankings/university-subject-rankings/2013/computer-science-and-information-systems.
[>] That year they also were recognized: Matthew Aid, Secret Sentry: The Untold History of the National Security Agency (New York: Bloomsbury Press, 2009), http://www.amazon.com/The-Secret-Sentry-National-Security/dp/B003L1ZX4S.
[>] Matthew Aid writes: Matthew Aid, “Inside the NSA’s Ultra-Secret China Hacking Group,” Foreign Policy, October 15, 2013, http://www.foreignpolicy.com/articles/2013/06/10/inside_the_nsa_s_ultra_secret_china_hacking_group. Matthew Aid, “Inside the NSA’s Ultra-Secret China Hacking Group,” Foreign Policy, October 15, 2013, http://www.foreignpolicy.com/articles/2013/06/10/inside_the_nsa_s_ultra_secret_china_hacking_group.
[>] In the second half of 2009: This account was provided by a former employee at the Hawaii center who worked on the operation.
[>] In a top-secret summary: The Flatliquid operation was first reported by Der Spiegel, based on documents provided by former NSA contractor Edward Snowden. See Jens Glüsing et al., “Fresh Leak on US Spying: NSA Accessed Mexican President’s Email,” Spiegel Online, International edition, October 20, 2013, http://www.spiegel.de/international/world/nsa-hacked-e-mail-account-of-mexican-president-a-928817.html.
[>] Several dozen clandestine: Matthew Aid, “The CIA’s New Black Bag Is Digital,” Foreign Policy, August 18, 2013, http://www.foreignpolicy.com/articles/2013/07/16/the_cias_new_black_bag_is_digital_nsa_cooperation#sthash.XUr4mt5h.dpbs.
[>] The CIA has also set up: Barton Gellman and Ellen Nakashima, “US Spy Agencies Mounted 231 Offensive Cyber-Operations in 2011, Documents Show,” Washington Post, August 30, 2013, http://articles.washingtonpost.com/2013-08-30/world/41620705_1_computer-worm-former-u-s-officials-obama-administration.
[>] But other data was: See Siobhan Gorman, Adam Entous, and Andrew Dowell, “Technology Emboldened the NSA,” Wall Street Journal, June 9, 2013, http://online.wsj.com/news/articles/SB10001424127887323495604578535290627442964; and Noah Shachtman, “Inside DARPA’s Secret Afghan Spy Machine,” Danger Room, Wired, July 21, 2011, http://www.wired.com/dangerroom/2011/07/darpas-secret-spy-machine/.
[>] The airman, a linguist: John Reed, “An Enlisted Airman Deciphered al-Qaeda’s ‘Conference Call’ of Doom,” Foreign Policy, September 18, 2013.
[>] The conference call was conducted: Eli Lake and Josh Rogin, “US Intercepted al-Q
aeda’s ‘Legion of Doom’ Conference Call,” Daily Beast, August 7, 2013, http://www.thedailybeast.com/articles/2013/08/07/al-qaeda-conference-call-intercepted-by-u-s-officials-sparked-alerts.html; and Eli Lake, “Courier Led US to al-Qaeda Internet Conference,” Daily Beast, August 20, 2013, http://www.thedailybeast.com/articles/2013/08/20/exclusive-courier-led-u-s-to-al-qaeda-internet-conference.html.
[>] After he returned from Iraq: Author interview with Bob Stasio, October 14, 2013.
5. The Enemy Among Us
[>] Alexander informed”: Siobhan Gorman, “Costly NSA Initiative Has a Shaky Takeoff,” Baltimore Sun, February 11, 2007, http://articles.baltimoresun.com/2007-02-11/news/0702110034_1_turbulence-cyberspace-nsa.
[>] So it was hardly surprising: For details on the NSA’s operations against Tor, see Shane Harris and John Hudson, “Not Even the NSA Can Crack the State Department’s Favorite Anonymous Network,” Foreign Policy, October 7, 2013, http://thecable.foreignpolicy.com/posts/2013/10/04/not_even_the_nsa_can_crack_the_state_departments_online_anonymity_tool#sthash.1H45fNxT.dpbs; Barton Gellman, Craig Timberg, and Steven Rich, “Secret NSA Documents Show Campaign Against Tor Encrypted Network,” Washington Post, October 4, 2013, http://articles.washingtonpost.com/2013-10-04/world/42704326_1_nsa-officials-national-security-agency-edward-snowden; and James Ball, Bruce Schneir, and Glenn Greenwald, “NSA and GCHQ Target Tor Network That Protects Anonymity of Web Users,” Guardian, October 4, 2013, http://www.theguardian.com/world/2013/oct/04/nsa-gchq-attack-tor-network-encryption.
[>] The hackers also considered trying: The presentation can be found at http://www.theguardian.com/world/interactive/2013/oct/04/tor-stinks-nsa-presentation-document.
[>] Under a secret program called: Author interviews with technology company employees and experts. Also see classified budget documents published by the New York Times, which provide further detail about the project, http://www.nytimes.com/interactive/2013/09/05/us/documents-reveal-nsa-campaign-against-encryption.html?ref=us.
[>] Working in conjunction with the FBI: Glenn Greenwald et al., “Microsoft Handed the NSA Access to Encrypted Messages,” Guardian, July 11, 2013, http://www.theguardian.com/world/2013/jul/11/microsoft-nsa-collaboration-user-data.
[>] But behind the scenes: See Nicole Perlroth, Jeff Larson, and Scott Shane, “NSA Able to Foil Basic Safeguards of Privacy on the Web,” New York Times, September 5, 2013, http://www.nytimes.com/2013/09/06/us/nsa-foils-much-internet-encryption.html?pagewanted=all.
[>] The noted computer security expert Bruce Schneier: Bruce Schneier, “Did NSA Put a Secret Backdoor in New Encryption Standard?” Wired, November 15, 2007, http://www.wired.com/politics/security/commentary/securitymatters/2007/11/securitymatters_1115.
[>] The NSA then cited: Joseph Menn, “Secret Contract Tied NSA and Security Industry Pioneer,” Reuters, http://mobile.reuters.com/article/idUSBRE9BJ1C220131220?irpc=932.
[>] Neuberger called NIST: The full audio version of the Neuberger interview is at http://www.lawfareblog.com/2013/12/lawfare-podcast-episode-55-inside-nsa-part-iv-we-speak-with-anne-neuberger-the-woman-on-front-lines-of-nsas-relations-with-industry/.
[>] “NIST publicly proposed”: EPIC’s findings are summarized at http://epic.org/crypto/dss/new_nist_nsa_revelations.html.
[>] In 1997, according to: Cryptolog: Journal of Technical Health 23, no. 1 (Spring 1997), http://cryptome.org/2013/03/nsa-cyber-think.pdf.
[>] This gray market is: Information about the zero day gray market comes from author interviews with current and former US officials, as well as technical experts, including Chris Soghoian, principal technologist and senior policy analyst with the ACLU Speech, Privacy and Technology Project. Public documents and news articles provided additional information.
[>] For instance, in 2005: Tadayoshi Kohno, Andre Broido, and k. c. claffy, “Remote Physical Device Fingerprinting,” http://www.caida.org/publications/papers/2005/fingerprinting/KohnoBroidoClaffy05-devicefingerprinting.pdf.
[>] A year after the paper was published: Steven J. Murdoch, “Hot or Not: Revealing Hidden Services by Their Clock Skew,” http://www.cl.cam.ac.uk/~sjm217/papers/ccs06hotornot.pdf. See also Quinn Norton, “Computer Warming a Privacy Risk,” Wired, December 29, 2006, http://www.wired.com/science/discoveries/news/2006/12/72375.
[>] “We don’t sell weapons”: Joseph Menn, “US Cyberwar Strategy Stokes Fear of Blowback,” Reuters, May 10, 2013, http://www.reuters.com/article/2013/05/10/us-usa-cyberweapons-specialreport-idUSBRE9490EL20130510.
[>] In 2013 the NSA had a budget: Barton Gellman and Ellen Nakashima, “US Spy Agencies Mounted 231 Offensive Cyber-Operations in 2011, Documents Show,” Washington Post, August 30, 2013, http://articles.washingtonpost.com/2013-08-30/world/41620705_1_computer-worm-former-u-s-officials-obama-administration.
[>] “Graduates of the program become”: “About the Program,” Systems and Network Interdisciplinary Program, http://www.nsa.gov/careers/_files/SNIP.pdf.
[>] The company itself has been the target: John Markoff, “Cyber Attack on Google Said to Hit Password System,” New York Times, April 19, 2010.
6. The Mercenaries
[>] “Bonesaw is the ability to map”: Aram Roston, “Nathaniel Fick, Former CNAS Chief, to Head Cyber Targeting Firm,” C4ISR Journal, January–February 2013, http://www.defensenews.com/article/20130115/C4ISR01/301150007/Nathaniel-Fick-Former-CNAS-Chief-Heads-Cyber-Targeting-Firm.
[>] Internal documents show: Michael Riley and Ashlee Vance, “Cyber Weapons: The New Arms Race,” Bloomberg Businessweek, July 20, 2011, http://www.businessweek.com/magazine/cyber-weapons-the-new-arms-race-07212011.html#p4.
[>] “Eventually we need to enable”: Andy Greenberg, “Founder of Stealthy Security Firm Endgame to Lawmakers: Let US Companies ‘Hack Back,’” Forbes, September 20, 2013, http://www.forbes.com/sites/andygreenberg/2013/09/20/founder-of-stealthy-security-firm-endgame-to-lawmakers-let-u-s-companies-hack-back/.
[>] “If you believe that wars”: Joseph Menn, “US Cyberwar Strategy Stokes Fear of Blowback,” Reuters, May 10, 2013, http://www.reuters.com/article/2013/05/10/us-usa-cyberweapons-specialreport-idUSBRE9490EL20130510.
[>] One prominent player: Information about CrowdStrike’s techniques is based on author interviews with Steve Chabinksy, the company’s general counsel and a former senior FBI official, conducted in July and August 2013. Additional information comes from the company’s website.
[>] But in an interview in 2013: John Seabrook, “Network Insecurity: Are We Losing the Battle Against Cyber Crime?” New Yorker, May 20, 2013.
[>] The firm Gamma: Jennifer Valentino-Devries, “Surveillance Company Says It Sent Fake iTunes, Flash Updates,” Wall Street Journal, November 21, 2011, http://blogs.wsj.com/digits/2011/11/21/surveillance-company-says-it-sent-fake-itunes-flash-updates-documents-show/.
[>] Security researchers also claim: Vernon Silver, “Cyber Attacks on Activists Traced to FinFisher Spyware of Gamma,” Bloomberg.com, July 25, 2012, http://www.bloomberg.com/news/2012-07-25/cyber-attacks-on-activists-traced-to-finfisher-spyware-of-gamma.html.
[>] Mansoor had inadvertently: Vernon Silver, “Spyware Leaves Trail to Beaten Activist Through Microsoft Flaw,” Bloomberg.com, October 12, 2012, http://www.bloomberg.com/news/2012-10-10/spyware-leaves-trail-to-beaten-activist-through-microsoft-flaw.html.
[>] Hacking Team had any knowledge: Adrianne Jeffries, “Meet Hacking Team, the Company That Helps the Police Hack You,” The Verge, September 13, 2013, http://www.theverge.com/2013/9/13/4723610/meet-hacking-team-the-company-that-helps-police-hack-into-computers.
[>] In the fall of 2010: Shane Harris, “Killer App: Have a Bunch of Silicon Valley Geeks at Palantir Technologies Figured Out How to Stop Terrorists?” Washingtonian, January 31, 2012, http://www.washingtonian.com/articles/people/killer-app/.
[>] The company claimed that: Sindhu Sundar, “LabMD Says Gov’t Funded the Data Breach at Probe’s Center,” Law360, http://www.law360.com/articles/488953/labmd-says-gov-t-funded-the-data-breach-at-probe-s-center.<
br />
[>] According to court documents: The court document can be read at https://www.courtlistener.com/ca11/5cG6/labmd-inc-v-tiversa-inc/?q=%22computer+fraud+and+abuse+act%22&refine=new&sort=dateFiled+desc.
[>] “It is illegal”: Author interview.
[>] In June 2013, Microsoft joined: Jim Finkle, “Microsoft, FBI Take Aim at Global Cyber Crime Ring,” Reuters, June 5, 2013, http://www.reuters.com/article/2013/06/05/net-us-citadel-botnet-idUSBRE9541KO20130605.
[>] The company’s lawyers had used novel: Jennifer Warnick, “Digital Detectives: Inside Microsoft’s Headquarters for the Fight Against Cybercrime” Microsoft/Stories, http://www.microsoft.com/en-us/news/stories/cybercrime/index.html.
[>] A survey of 181 attendees: nCirle, Black Hat Survey, BusinessWire, July 2012, http://www.businesswire.com/news/home/20120726006045/en/Black-Hat-Survey-36-Information-Security-Professionals#.UtMp8WRDtYo.
[>] Rick Howard: Author interview, August 2013.
7. Cops Become Spies
[>] It’s called the Data Intercept Technology Unit: Information about the unit comes from author interviews with current and former law enforcement officials, technology industry representatives, and legal experts, conducted in November 2013, as well as information on FBI websites. For more on Magic Lantern, see Bob Sullivan, “FBI Software Cracks Encryption Wall,” MSNBC, November 20, 2001, http://www.nbcnews.com/id/3341694/ns/technology_and_science-security/t/fbi-software-cracks-encryption-wall/#.UsWEOmRDtYo. See also Ted Bridis, “FBI Develops Eavesdropping Tools,” Associated Press, November 21, 2001, http://globalresearch.ca/articles/BRI111A.html.
[>] “The bureau tends”: Author interview, October 2013.
[>] The number of counterterrorism agents: G. W. Shulz, “FBI Agents Dedicated to Terror Doubled in Eight Years,” Center for Investigative Reporting, April 26, 2010, http://cironline.org/blog/post/fbi-agents-dedicated-terror-doubled-eight-years-671.