Dark Territory
Page 15
In his next posting, as executive assistant to General John Shalikashvili, chairman of the Joint Chiefs of Staff, Abizaid once accompanied his boss on a trip to Moscow. Figuring their quarters were bugged, the staff set up little tents so they could discuss official business away from Russian eavesdropping. Later, in Bosnia, as assistant commander of the 1st Armored Division, Abizaid learned that the CIA was flying unmanned reconnaissance planes over Sarajevo—and he was aware of the worry, among U.S. intelligence officials on the ground, that the Russians might seize control of a plane by hacking its communications link.
By 2001, when Abizaid was promoted to director of the Joint Staff in the Pentagon, the plans and programs for cyber security and cyber warfare were in full bloom. His job placed him in the thick of squabbles and machinations among and within the services, so he knew well the tensions between operators and spies throughout the cyber realm. In the event of war, the operators, mainly in the military services, wanted to use the intelligence gleaned from cyber; the spies, mainly in the NSA and CIA, saw the intelligence as vital for its own sake and feared that using it would mean losing it—the enemy would know that we’d been hacking into their networks, so they’d change their codes or erect new barriers. Abizaid understood this tension—it was a natural element in military politics—but he was, at heart, an operator. He took the guided tour of Fort Meade, was impressed with the wonders that the NSA could accomplish, and thought it would be crazy to deny their fruits to American soldiers in battle.
In the lead-up to the invasion of Iraq, Abizaid, who was by now the deputy head of Central Command, flew to Space Command headquarters in Colorado Springs, home of Joint Task Force-Computer Network Operations, which would theoretically lead cyber offense and defense in wartime. He was appalled by how bureaucratically difficult it would be to muster any kind of cyber offensive campaign: for one thing, the tools of cyber attack and cyber espionage were so shrouded in secrecy that few military commanders even knew they existed.
Abizaid asked Major General James D. Bryan, the head of the joint task force, how he would go about getting intelligence from al Qaeda’s computers into the hands of American soldiers in Afghanistan. Bryan traced the circuitous chain of command, from Space Command to a bevy of generals in the Pentagon, up to the deputy secretary of defense, then the secretary of defense, over to the National Security Council in the White House, and finally to the president. By the time the request cleared all these hurdles, the soldiers’ need for the intel would probably have passed; the war itself might be over.
Bush ordered the invasion of Iraq on March 19. Three weeks later, after a remarkably swift armored assault up through the desert from Kuwait, Baghdad fell. On May Day, three weeks after the toppling, President Bush stood on the deck of the USS Abraham Lincoln, beneath a banner reading “Mission Accomplished,” and declared that major combat operations were over. But later that month, the American proconsul, L. Paul Bremer, issued two directives, disbanding the Iraqi army and barring Baathist party members from power. The orders alienated the Sunni population so fiercely that, by the time Abizaid took over as CentCom commander, an insurgency was taking form, raging against both the new Shiite-led Iraqi government and its American protectors.
Abizaid heard about the vast reams of intelligence coming out of Iraq—communications intercepts, GPS data from insurgents’ cell phones, photo imagery of Sunni jihadists flowing in from the Syrian border—but nobody was piecing the elements together, much less incorporating them into a military plan. Abizaid wanted to get inside those intercepts and send the insurgents false messages, directing them to a certain location, where U.S. special-ops forces would be lying in wait to kill them. But he needed cooperation from NSA and CIA to weave this intel together, and he needed authorization from political higher-ups to use it as an offensive tool. At the moment, he had neither.
The permanent bureaucracies at Langley and Fort Meade didn’t want to cooperate: they knew that the world was watching—including the Russians and the Chinese—and they didn’t want to waste their best intelligence-gathering techniques on a war that many of them regarded as less than vital. Meanwhile, Secretary of Defense Donald Rumsfeld wouldn’t acknowledge that there was an insurgency. (Rumsfeld was old enough to know, from Vietnam days, that defeating an insurgency required a counterinsurgency strategy, which in turn would leave tens of thousands of U.S. troops in Iraq for years, maybe decades—whereas he just wanted to get in, get out, and move on to oust the next tyrant standing in the way of America’s post–Cold War dominance.)
Out of frustration, Abizaid turned to a one-star general named Keith Alexander. The two had graduated from West Point a year apart—Abizaid in the class of 1973, Alexander in ’74—and they’d met again briefly, almost twenty years later, during battalion-command training in Italy. Now Alexander was in charge of the Army Intelligence and Security Command, at Fort Belvoir, Virginia, the land forces’ own SIGINT center, with eleven thousand surveillance officers deployed worldwide—a mini-NSA all its own, but geared explicitly to Army missions. Maybe Alexander could help Abizaid put an operational slant on intelligence data.
He’d come to the right man. Alexander was something of a technical wizard. Back at West Point, he worked on computers in the electrical engineering and physics departments. In the early 1980s, at the Naval Postgraduate School, in Monterey, California, he built his own computer and developed a program that taught Army personnel how to make the transition from handwritten index cards to automated databases. Soon after graduating, he was assigned to the Army Intelligence Center, at Fort Huachuca, Arizona, where he spent his first weekend memorizing the technical specifications for all the Army’s computers, then prepared a master plan for all intelligence and electronic-warfare data systems. In the run-up to Operation Desert Storm, the first Gulf War of 1991, Alexander led a team in the 1st Armored Division, at Fort Hood, Texas, wiring together a series of computers so that they could process data more efficiently. Rather than relying on printouts and manual indexing, the analysts and war planners back in the Pentagon could access data that was stored and sorted to their needs.
Before assuming his present command at Fort Belvoir, Alexander had been Central Command’s chief intelligence officer. He told Abizaid about the spate of technical advances on the boards, most remarkably tools that could intercept signals from the chips in cell phones, either directly or through the switching nodes in the cellular network, allowing SIGINT teams to track the location and movements of Taliban fighters in Pakistan’s northwest frontier or the insurgents in Iraq—even if their phones were turned off. This was a new weapon in the cyber arsenal; no one had yet exploited its possibilities, much less devised the procedures for one agency to share the intelligence feed with other agencies or with commanders in the field. Abizaid was keen to get this sharing process going.
Although CentCom oversaw American military operations in Iraq, Afghanistan, and their neighboring countries, its headquarters were in Tampa, Florida, so Abizaid made frequent trips to Washington. By August, one month into his tenure as its commander, intelligence on insurgents was flowing into Langley and Fort Meade. He could see the “ratlines” of foreign jihadists crossing into Iraq from Syria; he read transcripts of their phone conversations, which were correlated with maps of their precise locations. He wanted to give American soldiers access to this intel, so they could use it on the battlefield.
By this time, Keith Alexander had been promoted to the Army’s deputy chief of staff for intelligence, inside the Pentagon, so he and Abizaid collaborated on the substantive issues and the bureaucratic politics. They found an ideal enabler in General Stanley McChrystal, head of the Joint Special Operations Command. If this new cache of intelligence made its way to the troops in the field, the shadow soldiers of JSOC would be the first troops to get and use it; and McChrystal, a soldier of spooky intensity, was keen to make that happen. All three worked their angles in the Pentagon and the intelligence community, but the main obstacle was Rumsfel
d, who still refused to regard the Iraqi rebels as insurgents.
Finally, in January 2004, Abizaid arranged a meeting with President Bush and made the case for launching cyber offensive operations against the insurgents. Bush told his national security adviser, Condoleezza Rice, to put the subject on the agenda for the next NSC meeting. When it came up several days later, the deputies from the intelligence agencies knocked it down with the age-old argument: the intercepts were providing excellent information on the insurgents; attacking the source of the information would alert them (and other potential foes who might be watching) that they were being hacked, prompting them to change their codes or toss their cell phones, resulting in a major intelligence loss.
Meanwhile, the Iraqi insurgents were growing stronger, America was losing the war, and Bush was losing patience. Numbed by the resistance to new approaches and doubting that an outside army could make things right in Iraq anyway, Abizaid moved toward the view that, rather than redoubling its efforts, the United States should start getting out.
But then things started to change. Rumsfeld, disenchanted with all the top Army generals, passed over the standing candidates for the vacated post of Army chief of staff and, instead, summoned General Peter Schoomaker out of retirement.
Schoomaker had spent most of his career in Special Forces, another smack in the face of regular Army. (General Norman Schwarzkopf, the hero of Desert Storm, had spoken for many of his peers when he scoffed at Special Forces as out-of-control “snake eaters.”) McChrystal, who had long known and admired Schoomaker, told him about the ideas that he, Abizaid, and Alexander had been trying to push through. The new chief found them appealing but understood that they needed an advocate high up in the intelligence community. At the start of 2005, Mike Hayden was nearing the end of an unusually long six-year tenure as director of the NSA. Schoomaker urged Rumsfeld to replace him with Alexander.
Seventeen years had passed since an Army officer had run the NSA; in its fifty-three-year history, just three of its directors had been Army generals, compared with seven Air Force generals and five Navy admirals. The pattern had reflected, and stiffened, the agency’s resistance to sharing intelligence with field commanders of “small wars,” who tended to be Army officers. Now the United States was fighting a small war, which the sitting president considered a big deal; the Army, as usual, was taking the brunt of the casualties, and Alexander planned to use his new post to help turn the fighting around.
McChrystal had already made breakthroughs in weaving together the disparate strands of intelligence. He’d assumed command of JSOC in September 2003. That same month, Rumsfeld signed an executive order authorizing JSOC to take military action against al Qaeda anywhere in the world without prior approval of the president or notification of Congress. But McChrystal found himself unable to do much with this infusion of great power: the Pentagon chiefs were cut off from the combatant commands; the combatant commands were cut off from the intelligence agencies. McChrystal saw al Qaeda as a network, each cell’s powers enhanced by its ties with other cells; it would take a network to fight a network, and McChrystal set out to build his own. He reached out to the CIA, the services’ separate intelligence bureaus, the National Geospatial-Intelligence Agency, the intel officers at CentCom. He prodded them into agreements to share data and imagery from satellites, drones, cell phone intercepts, and landline wiretaps. (When the Bush administration rebuilt the Iraqi phone system after Saddam’s ouster, the CIA and NSA were let in to attach some devices.) But to make this happen—to fuse all this information into a coherent database and to transform it into an offensive weapon—he also needed the analytical tools and surveillance technology of the NSA.
That’s where Alexander came in.
* * *
As Keith Alexander took over Fort Meade, on August 1, 2005, his predecessor, Mike Hayden, stepped down, seething with suspicion.
A few years earlier, when Alexander was running the Army Intelligence and Security Command at Fort Belvoir, the two men had clashed in a dragged-out struggle for turf and power, leaving Hayden with a bitter taste, a shudder of distrust, about every aspect and activity of the new man in charge.
From the moment Alexander assumed command at Fort Belvoir, he was determined to transform the place from an administrative center—narrowly charged with providing signals intelligence to Army units, subordinate to both the Army chief of staff and the NSA director—into a peer command, engaged in operations, specifically in the war on terror.
In his earlier post as CentCom’s intelligence chief, Alexander had helped develop new analytic tools that processed massive quantities of data and parsed them for patterns and connections. He thought the technique—tracing telephone and email links (A was talking to B, who was talking to C, and on and on)—could help track down terrorists and unravel their networks. And it could serve as Alexander’s entrée to the intelligence world’s upper echelon.
But he needed to feed his software with data—and the place that had the data was the NSA. He asked Hayden to share it; Hayden turned him down. The databases were the agency’s crown jewels, the product of decades of investments in collection technology, computers, and human capital. But Hayden’s resistance wasn’t just a matter of turf protection. For years, other rival intelligence agencies had sought access to Fort Meade’s databases, in order to run some experiment or pursue an agenda of their own. But SIGINT analysis was an esoteric specialty; raw data could sire erroneous, even dangerous, conclusions if placed in untrained hands. And what Alexander wanted to do with the data—“traffic analysis,” as NSA hands called it—was particularly prone to this tendency. Coincidences weren’t proof of causation; a shared point of contact—say, a phone number that a few suspicious people happened to call—wasn’t proof of a network, much less a conspiracy.
Fort Belvoir had a particularly flaky record of pushing precisely these sorts of flimsy connections. In 1999, two years before Alexander arrived, his predecessor, Major General Robert Noonan, had set up a special office called the Land Information Warfare Activity, soon changed to the Information Dominance Center. One of its experiments was to see whether a computer program could automatically detect patterns in data on the Internet—specifically, patterns indicating foreign penetration into American research and development programs.
Art Money, the assistant secretary of defense for command, control, communications, and intelligence, had funded the experiment, and, when it was finished, he and John Hamre, the deputy secretary of defense, went to Belvoir for a briefing. Noonan displayed a vast scroll of images and charts, showing President Clinton, former secretary of defense William Perry, and Microsoft CEO Bill Gates posing with Chinese officials: the inference seemed to be that China had infiltrated the highest ranks of American government and industry.
Hamre was outraged, especially since the briefing had already been shown to a few Republicans in Congress. Noonan tried to defend the program, saying that it wasn’t meant as an intelligence analysis but rather as a sort of science-fair project, showing the technology’s possibilities. Hamre wasn’t amused; he shut the project down.
The architect of the project was Belvoir’s chief technology adviser, a civilian engineer named James Heath. Intense, self-confident, and extremely introverted (when he talked with colleagues, he didn’t look down at their shoes, he looked down at his own shoes), Heath was fanatical about the potential of tracking connections in big data—specifically what would later be called “metadata.”
Hamre’s slam might have meant the end of some careers, but Heath stayed on and, when Alexander took command of Fort Belvoir in early 2001, his fortunes revived. The two had known each other since the mid-1990s, when Alexander commanded the 525th Military Intelligence Brigade at Fort Bragg, North Carolina, and Heath was his science adviser. They were working on “data visualization” software even then, and Alexander was impressed with Heath’s acumen and single-mindedness. Heath’s workmates, even the friendly ones, referred to him as Alexander’
s “mad scientist.”
One of Mike Hayden’s concerns about Alexander’s request for raw NSA data was that Heath would be the one running the data. This was another reason why Hayden denied the request.
But Alexander fought back. Soft-spoken, charming, even humorous in an awkward way that cloaked his aggressive ambition, he mounted a major lobbying campaign to get the data. He told anyone and everyone with any power or influence, especially on Capitol Hill and in the Pentagon, that he and his team at Fort Belvoir had developed powerful software for tracking down terrorists in a transformative way but that Michael Hayden was blocking progress and withholding data for parochial reasons.
Of course, Hayden had his own contacts, and he started to hear reports of this Army two-star’s machinations. One of his sources even told him that Alexander was knocking on doors at the Justice Department, asking about the ways of the Foreign Intelligence Surveillance Court, which authorized warrants for intercepts of suspected agents and spies inside U.S. borders. This was NSA territory, and no one else had any business—legally, politically, or otherwise—sniffing around it.
Hayden started referring to Alexander as “the Nike swoosh,” after the sneaker brand’s logo (a fleet, curved line), which carried the slogan “Just do it”—a fitting summary, he thought, of Alexander’s MO.
But Alexander won over Rumsfeld, who didn’t much like Hayden and was well disposed to the argument that the NSA was too slow. Hayden read the handwriting on the wall and, in June 2001, worked out an arrangement to share certain databases with Fort Belvoir. The mutual distrust persisted: Alexander suspected that Hayden wasn’t giving him all the good data; Hayden suspected that Alexander wasn’t stripping the data of personal information about Americans who would unavoidably get caught up in the surveillance, as the law required.I In the end, the analytical tools that Alexander and Heath had so touted neither turned up new angles nor unveiled any terrorists. Hayden and Alexander both failed to detect signs of the September 11 attack.