After General Petraeus took command of U.S. forces in Iraq, the army and marines started to use SIGINT in innovative ways to locate Iraqi insurgent IED teams before they could detonate their weapons. Since May 2003, insurgents have launched over eighty-one thousand IED attacks on U.S. and allied forces, killing or wounding thousands of U.S. troops. The U.S. military’s efforts to combat the use of IEDs have not been particularly successful; as one senior CENTCOM officer put it, “Hell, we’re getting our ass kicked.”76
From the beginning, Iraqi insurgent IED teams have used spotters equipped with walkie-talkies or cell phones to warn bomb teams when an American convoy is approaching the hidden location of an IED. In order to try to pick up these spotter transmissions, American military convoys in Iraq and patrols in Afghanistan include a Stryker armored vehicle or Humvee with a SIGINT intercept operator who scans the airwaves searching for transmissions from insurgent IED teams targeting the convoy. Since 2005, there have been a growing number of instances where these SIGINT operators, who are sometimes referred to as “convoy riders,” have been able to provide advance warning that their convoy is about to be hit by an IED strike.77
And as time has gone by and American military commanders have increased their understanding of how the insurgents deploy and use their roadside bombs, SIGINT has become increasingly effective in spotting those emplacing the bombs. Beginning in the summer of 2007, the U.S. Army began using convoys as lures to flush out Iraqi insurgent IED teams so that they could be detected and located by SIGINT sensors.78
The results on the battlefield spoke volumes about how valuable the much-improved SIGINT collection and processing effort was to the overall success of the surge. According to one source, SIGINT reporting increased by 200 percent between February 2007 and May 2008, leading to the capture or killing of 600 “high-value” insurgent commanders and the capture of 2,500 Iraqi insurgents and foreign fighters.79Between October 2007 and April 2008, one NSA SIGINT Terminal Guidance Unit was credited with generating intelligence that led to the capture or killing of 300 insurgents and a 25 percent drop in IED attacks inside Iraq.80
What God Hath Wrought
While the security situation in Iraq has improved markedly over the past year and a half, in Afghanistan the resurgent Taliban has made an impressive comeback.
Going into 2007, U.S. and NATO intelligence analysts admitted that the Taliban controlled most of four key provinces in southern Afghanistan— Helmand, Kandahar, Uruzgan, and Zabul—and that U.S. and NATO forces in the region were losing ground against the ten thousand to fifteen thousand well-armed guerrillas they were facing. The increased number and intensity of Taliban attacks in Afghanistan dismayed many senior officials in the U.S. intelligence community. CIA director Michael Hayden admitted that the Taliban “has become more aggressive than in years past” and is attempting “to stymie NATO’s efforts in southern Afghanistan.”81
The major SIGINT problem in Afghanistan is that apart from satellite phones, the Taliban primarily uses ICOM walkie-talkies. NSA’s SIGINT collection resources were long ago overshadowed by low-tech tactical radio intercept gear, such as handheld radio scanners wielded by uncleared Afghan interpreters working for the U.S. Army and detecting enemy surveillance or imminent ambushes of U.S. and NATO forces.82
SIGINT faces daunting challenges because the resurgent Taliban has gone on the offensive throughout the country. The struggle in 2007 to create a secure environment in Helmand Province pitted British forces backed by paratroopers from the U.S. Eighty-second Airborne Division against an enemy force that had reached a high not seen since the U.S. invasion of Afghanistan in 2001.83
Daily attacks on British and Afghan army positions in the Sangin Valley became the norm, and British patrols into the valley routinely made contact with the Taliban shortly after leaving their increasingly isolated firebases. By early summer, the Taliban forces were inching closer to British defensive positions.
In June, U.S. Air Force F-15E fighter-bombers were called in to hit Taliban firing positions around the town of Sangin itself “after intercepting communications chatter revealing their [the Taliban’s] position.”84In early July, a journalist who accompanied British troops assaulting a Taliban stronghold north of San-gin reported that when the troops were attacked by a large enemy force, the unit’s translators “constantly scanned radios, listening in to Taliban conversation, and not an hour went by without the promise of an attack. ‘The British are walking—get ready,’ one intercept said.”85
Still, thanks in part to SIGINT, the Taliban has suffered severe losses. In May 2007, British commandos killed the Taliban’s senior military commander, Mullah Dadullah, a successful operation directly attributable to a systematic effort by British and American SIGINT collectors to track his movements in Hel-mand Province by monitoring his satellite phone calls and those of his brother Mansour, also a senior Taliban field commander.86
But the security situation in Helmand continued to deteriorate as the Taliban became increasingly aggressive in its attacks on understrength British forces, which were largely unable to hold the ground they took from the Taliban. In early December, British and Afghan forces launched an offensive and recaptured the strategically important town of Musa Qa’leh, which had been held by the Taliban since February, but it remained to be seen if it could be held.87
The same thing has been happening virtually everywhere else in southern Afghanistan. The Chora District, in Uruzgan Province, for example, is a longtime Taliban stronghold that has consistently defied the best efforts of the Dutch military to reduce it. Intelligence sources, using a combination of HUMINT and SIGINT, confirm that Chora, like many of the surrounding districts, is for all intents and purposes a Taliban base area and sanctuary, with SIGINT confirming that there was a sizable contingent of foreign fighters, mostly Pakistanis, operating in the area. But SIGINT has also confirmed that most of the Taliban guerrillas in the area are now local villagers who remain militarily active all year round instead of retreating to Pakistan before the onset of winter, as the Taliban has done in the past.88
American SIGINT resources have been used to provide the Dutch with air strikes and surveillance, using radio chatter to pinpoint Taliban positions identified by the intercepts. One U.S. Air Force poststrike report notes, “Insurgent communications chatter ceased after the attack.”89
The military situation in neighboring Kandahar Province, garrisoned by twenty-five hundred Canadian troops, also deteriorated sharply in 2007. By September, the Taliban had retaken all the districts southwest of the city of Kandahar that British and Canadian forces had captured at great cost a year earlier. The inability of the numerically weaker Canadian and Afghan forces to hold on to the territory that they are responsible for led the commander of Canadian forces in Kandahar Province, Brigadier General Guy Laroche, to tell reporters that despite efforts to push out the Taliban, “everything we have done in that regard is not a waste of time, but close to it, I would say.”90
SIGINT has also confirmed that the Taliban has expanded its efforts into other, previously quiet provinces, such as Kunar, in the mountainous northeastern region of Afghanistan. SIGINT has revealed that the Taliban is able to respond rapidly to U.S. and NATO offensives there. During one operation, SIGINT showed that as soon as helicopters deposited U.S. troops on the floor of the Korengal Valley, the Taliban knew they were there and began tracking them. Reporter Sebastian Junger, who accompanied the paratroopers as they moved into the village of Aliabad, recounted, “The platoon radioman has just received word that Taliban gunners are watching us and are about to open fire.
Signals intelligence back at the company headquarters has been listening in on the Taliban field radios. They say the Taliban are waiting for us to leave the village before they shoot.”91
In early November 2007, the Taliban invaded Herat and Farah, in western Afghanistan, both previously quiet provinces that abut the Iranian border. In a mere ten days, Taliban forces captured three districts in Fa
rah without any resistance from the local Afghan police. In neighboring Herat, a series of high-profile attacks on Afghan government forces and police stations signaled that the province had become “active.”92
A sure sign that the military situation in Afghanistan has deteriorated significantly since the beginning of 2007 is the fact that Taliban guerrilla teams are now operating in the provinces surrounding Kabul.93Intercepts reveal a dramatic increase in the volume of known or suspected Taliban radio and satellite phone traffic emanating from Ghazni and Wardak Provinces, south of Kabul, and even from within the capital itself since the spring of 2007.94
94
SIGINT, together with other intelligence sources, shows that the Taliban guerrilla forces are becoming larger, stronger, and more aggressive on the battlefield. Intercepts have shown that despite heavy losses among their senior leadership, the Taliban guerrilla teams inside Afghanistan are now led by a new generation of battle-hardened field commanders who have demonstrated unprecedented tenacity and resilience.
The Taliban now possesses a large and robust communications system connecting senior Taliban commanders in northern Pakistan with their guerrilla forces inside Afghanistan. SIGINT indicates that this system has also been used to coordinate the movement of increasing volumes of supplies and equipment from Pakistan into Afghanistan. SIGINT has also provided ample evidence that the Taliban has largely negated the U.S. Army’s advantage in superior mobility by carefully monitoring the activities taking place at U.S. and NATO bases in southern Afghanistan. At one isolated American firebase in Zabul Province, intercept operators noted that as soon as a patrol left the base’s front gate, there was a spike in Taliban walkie-talkie traffic. “The Americans have just left. They’re coming this way. We will need more reinforcements if they approach any closer,” one intercepted Taliban radio transmission said.95An American soldier serving in Zabul Province wrote a letter home in July 2007 that gives a sense of the problem: “We cannot go anywhere without the [Taliban] being aware of our movements . . . Their early warning is through the villagers who either by cell phone, satellite phone or ICOM radio inform [Taliban] forces of our movements and the make-up of our convoy.”96
More than 5,300 people died in Afghanistan in 2007 as a result of increased Taliban attacks, making it the deadliest year since the U.S. invasion of the country in the fall of 2001.97 The casualty toll for American troops in Afghanistan in 2007 hit 101 dead, a new record surpassing the 93 American troops killed there in 2005. Reports indicate that 87 American troops were killed there in 2006.98
Today, the outlook in Afghanistan is grim. In February 2008, Mike Mc-Connell, now the director of national intelligence, told Congress that contrary to the rosier prognosis coming out of the Pentagon, the Taliban now controlled 10 percent of the country, including most of the Pashtun heartland in southern Afghanistan. Lieutenant General David Barno, who commanded U.S. forces in Afghanistan for twenty-eight months from 2003 to 2005, admitted that the military situation there had deteriorated markedly in recent times, writing in an internal U.S. Army journal that recent developments “in all likelihood do not augur well for the future of our policy goals in Afghanistan.”99
CHAPTER 16
Crisis in the Ranks The Current Status of the National Security Agency
Secret services are the only real measure of a nation’s political health, the only real expression of its subconscious.
—JOHN LE CARRE, TINKAR, TAILOR, SOLDIER, SPY
The Arrival of Keith Alexander
In April 2005, Lieutenant General Mike Hayden stepped down as director of NSA to become the first deputy director of national intelligence. Then, a year later, he became the director of the CIA. Meanwhile, on August 1, 2005, a new director of NSA arrived at Fort Meade. He was fifty-three-year-old Lieutenant General Keith Alexander, who before coming to NSA had been the U.S.
Army’s deputy chief of staff for intelligence since 2003.1
A career army intelligence officer, Alexander was born and raised in Syracuse, New York. He graduated from West Point in 1974, then spent the next twenty years holding a series of increasingly important army intelligence posts. Alexander served as the director of intelligence of CENTCOM at MacDill Air Force Base, in Florida, under General Tommy Franks from 1998 to 2001, directing all intelligence operations relating to the invasion of Afghanistan. He was then promoted to be commander of the U.S. Army Intelligence and Security Command at Fort Belvoir, in Virginia, a position he held from 2001 to 2003.2
Explosion
On December 16, 2005, the lead article in the New York Times, by James Risen and Eric Lichtblau, was titled “Bush Lets U.S. Spy on Callers Without Courts.” The article instantly became a national sensation, revealing the broad outlines of a secret eavesdropping program run by NSA to find al Qaeda operatives, but not many of the specifics. The most explosive aspect of the article was the revelation that for four years NSA had monitored the communications of Americans without obtaining warrants from the Foreign Intelligence Surveillance Court (FISC), which are ordinarily required in order to conduct any form of surveillance inside the United States.3
The article produced a firestorm of controversy, further poisoning the already rancorous political environment in Washington, in which the White House and the Republicans, who controlled Congress, were pitted against the Democratic minority. The revelations were particularly embarrassing to CIA director George Tenet and former NSA director Hayden, who had, in a joint appearance five years earlier before the House intelligence committee, stated in unequivocal terms that NSA did not engage in spying on U.S. citizens. Tenet had told the committee, “We do not collect against US persons unless they are agents of a foreign power . . . We do not target their conversations for collection in the United States unless a Foreign Intelligence Surveillance Act (FISA) warrant has been obtained . . . And we do not target their conversations for collection overseas unless Executive Order 12333 has been followed and the Attorney General has personally approved collection.” Hayden had described earlier news reports that NSA was engaged in monitoring the communications of U.S. citizens as an “urban myth,” and had assured the committee that NSA would assiduously abide by the legal strictures on such activities as contained in 1978’s FISA. A little more than a year later, all of these promises would be secretly broken in the aftermath of 9/114
What We Know
Since that December 2005 New York Times article, further information about the nature and extent of the NSA domestic surveillance program has been slow in coming.
It would appear that there are between ten and twelve programs being run by NSA dealing directly in some fashion with the agency’s warrantless SIGINT efforts, including at least a half-dozen strictly compartmentalized SIGINT collection, processing, analytic, and reporting projects handling different operational aspects of the problem. For example, there is a special unit located within NSA’s Data Acquisition Directorate that is responsible for collecting the vast number of overseas e-mails, personal messaging communications, wire transfers, airplane reservations, and credit card transactions that transit through the United States every day because they are carried over lines owned by American telecommunications companies or Internet service providers. In addition to the five or six compartmented “core” collection and analytic programs, there are another five or six “support” or “rear-end” programs performing research, development, engineering, computer support, and security functions in support of the “front-end” operational units. All of these program units are kept strictly segregated from the NSA SIGINT Directorate’s other foreign intelligence collection efforts.5
The only one of these NSA programs that the Bush administration has publicly acknowledged is the warrantless eavesdropping program, which the White House labeled in 2005 as the Terrorist Surveillance Program (TSP). All other aspects of NSA’s SIGINT collection work that touch on the domestic front have remained unacknowledged. For example, the White House has refused to acknowledge NSA’s paralle
l data-mining program, code-named Stellar Wind, which sifts through vast amounts of electronic data secretly provided by America’s largest telecommunications companies and Internet service providers, looking for signs of terrorist activity at home and abroad.
Intense and unwavering secrecy has been the hallmark of these programs since their inception, and even the number of people at NSA headquarters who know the details of the operations has deliberately been kept to a minimum for security reasons. Each of these programs operates from inside its own special “red seal” work center at Fort Meade, meaning that those NSA employees cleared for these specific programs must pass one at a time through a booth containing a retinal or iris scanner and other biometric sensors before they can get inside their operations center.
Interviews with over a dozen former and current U.S. government officials reveal that the number of people within the U.S. government and intelligence community who knew anything about the NSA programs prior to their disclosure by the New York Times was very small. The men in the White House who managed the NSA effort, Vice President Dick Cheney and his chief legal counsel, David Addington, strictly regulated who within the U.S. government could have access to information about the eavesdropping programs, restricting clearance to just a select few senior government officials in the White House and the Justice Department, all of whom were deemed to be “loyal” by Cheney’s office, and as such, unlikely to question the programs’ legality.6
The Secret Sentry Page 38