As a result, GCHQ was given a firm place on the statute books through the Intelligence Services Act of 1994, which stated clearly what the organisation did and greatly strengthened its legal authority. A new oversight body also appeared called the Intelligence and Security Committee, composed of parliamentarians. Although this looked like a Parliamentary Select Committee, it was in fact responsible to the Prime Minister, and lacked many of the powers normally associated with select committees. It reported to Downing Street and its powers were relatively weak. Meanwhile, the real Parliamentary Select Committees with a legitimate interest in intelligence, such as Defence and Foreign Affairs, were finding that government now tended to resist their efforts to probe secret matters. Instead, they were told that intelligence was now the province of the Intelligence and Security Committee. Some have argued that John Major’s experiment with openness was really about reaffirming secrecy.55
Surprisingly, when the Lord Chancellor, Lord Mackay of Clashfern, introduced the Intelligence Services Act in the House of Lords in December 1993, he actually felt that he had to make a case for the continued existence of the British intelligence and security services. He argued that superpower rivalry during the Cold War had offered ‘its own grim version of stability’, and that while the collapse of Communism had reduced one cataclysmic threat, it had also brought many new dangers. He spoke of a ‘rising tide of nationalism and fanaticism, untried alliances, untested groupings, new rivalries and new ambitions’. Rather philosophically, he added: ‘Greed, envy and corruption…are as prevalent as ever.’ Few were inclined to argue. In the ensuing debate, former Cabinet Secretaries and former Prime Ministers held forth, reflecting decades of experience as both managers and customers of the British intelligence community. Jim Callaghan argued that the intelligence services had grown large and powerful during the Cold War, and ‘cost a great deal of money’. He urged that the most urgent task facing the new Intelligence and Security Committee was to review the future of GCHQ, which he described as ‘a full blown bureaucracy’, and added that the new oversight bodies should ‘investigate whether all the functions that GCHQ carries out today are still necessary’. He was not the only one asking this question. With the Cold War over, some were now daring to ask what the future purpose of GCHQ might be.56
24
The New Age of Ubiquitous Computing
Mobile cell phones increased from sixteen million to 741 million…Internet users went from about four million to 361 million.
General Michael Hayden, Director of NSA,
commenting on the 1990s1
In the autumn of 1994, elite counter-drugs forces were searching a compound in an affluent neighbourhood of the Colombian city of Cali, home to some of the world’s major cocaine cartels. This time, instead of finding drugs, they uncovered a large computer centre, with six technicians slaving over an IBM AS400 mainframe around the clock. The presumption was that this had something to do with major underworld financial transactions, so the computer was dismantled and taken to the United States for analysis. In fact, the drug cartel had loaded all the office and home telephone numbers of US diplomats and counter-narcotics agents based in Colombia. They had then added the entire regional telephone log containing the call history of the last two years, purchased illegally from the commercial telephone company in Cali. This was being systematically analysed, using ‘data-mining’ software of the kind now commonly used by intelligence agencies, to identify all the people who had been calling the counter-narcotics officers on a regular basis. The drug barons were engaged in sophisticated sigint to uncover informants in their ranks. Chillingly, a dozen had already been assassinated, and this was the machine that had uncovered them.2
At about the same time, a team from GCHQ were assisting with an investigation into blackouts of the national power grid that had struck Auckland in New Zealand. They proved to be the result of electronic attacks on the country’s electricity distribution network, launched over the internet. Australia’s signals intelligence agency, the DSD, confirmed that intermittent blackouts across Queensland were the result of attacks from the same source. The culprits were a group of hackers called the ‘Anti-Christ Doom Squad’ who were able to move effortlessly across the computer systems of many countries using ‘spoofed’ user names and stolen passwords to hide who they were. Once they gained access to the computers controlling New Zealand’s power supply, they focused on the distribution systems, picking a point where all five main power lines converged before coming into Auckland. By changing the temperature within the sensitive cables they quickly put them out of action. Remarkably, the whole attack was run from a laptop in a drug café in the back streets of Amsterdam. The offenders had then snaked a pathway through host computers in a dozen different countries, and GCHQ thought it was unlikely that it could ever bring a prosecution against them.3
In 1995 GCHQ also found itself investigating cyber attacks on banks in the City of London. Working with the Department of Trade and Industry and the Bank of England, it began to probe crimes which the banks were extremely anxious to hide. Outwardly, they claimed to be secure, but in fact they had paid out millions of pounds to blackmailers who had gained entry to their systems and threatened to wipe their computer databases. GCHQ was hampered by limited cooperation from the banks, which were reluctant to admit the extent to which they had been damaged, for fear of undermining the confidence of investors. Nevertheless, GCHQ was able to identify forty-six attacks that had taken place over a period of two years, including attacks on three British banks and one American investment house. One of the questions GCHQ was asking was how the blackmailers had gained access to ‘hacking’ technologies that had been developed by military scientists.4
Taken together, these computer attacks represented an alarming revolution. The identity of GCHQ had supposedly been ‘modernised’ through the Intelligence Services Act of the previous year. But the language of this legislation was archaic, employing time-worn phrases such as ‘wireless telegraphy’. Moreover, the intelligence agencies were struggling to embrace the new age of personal computing and the internet.5 Of course, GCHQ and NSA had been intimately involved in the development of cutting-edge computing, but the sigint agencies tended to think big. The great prize had always been access to high-grade Soviet cyphers, and for this they needed massive super-computers. The code-breakers had been much less interested in the development of personal computing and the internet. In the 1980s, email had been an eccentric form of communication used mostly by bearded scientists in universities who wanted to chat about quarks and quasars. However, by the 1990s email was rapidly becoming ubiquitous, and global commerce was increasingly dependent on a ‘wired world’ provided by the internet. This in turn led to growing anxiety about the safety of ‘critical national infrastructure’, the ever-growing electronic networks which underpinned not only banking, but also the maintenance of many essential public services.
For GCHQ this was a paradigm shift. Alongside its traditional code-breaking role, Cheltenham was increasingly under pressure to defend the whole underlying electronic system upon which banking, commerce and indeed all the public services that supported national life now depended. GCHQ did not like this, since it resurrected the familiar dilemma of ‘offence versus defence’ in the realm of code-breaking, but in a much more unmanageable form. The dependence of banks and businesses upon ubiquitous networked computers led to a growing demand for widely available computer security and confidential messaging. Yet the very thing that GCHQ and NSA had been battling against for years was the possibility of widely available cyphers and secure communications, since this would undermine the whole business of sigint. Indeed, government was now asking them to advise large swathes of the private sector on the hitherto dark secrets of how to maintain computer security. Even as they did so, they were privately agonising over how to stop the spread of the very same technology.
In the past, NSA and GCHQ had dealt with the demand for encryption from banks and businesses by
forcing IBM, the computer industry leader, to weaken its Data Encryption Standard or ‘DES’, a cypher which protected communications between computers. The idea was that DES should be strong enough to prevent rival commercial companies or hackers from breaking it, but weak enough to allow NSA and GCHQ to read it if they needed to.6 In June 1985 British, French, German and American code-breakers had come together for a secret quadripartite meeting in London about this problem, chaired by GCHQ. They agreed that the Japanese computer industry would be a problem ‘for the foreseeable future’, since it was not party to this collective agreement. GCHQ arranged a division of labour, with each sigint agency tracking the work of particular companies: the British would watch Nokia in Finland, the French were to track the French arms company Thompson-CSF, and the Americans followed Japanese activities. They all agreed that they needed a long-term programme to ‘destabilise’ DES and any successors. As they suspected, by the 1990s DES was looking weak, and demands for stronger encryption by banks and businesses were emerging everywhere.7
In fact, the nemesis of the code-breaking agencies was not large corporations, but a group of maverick scientists. They explicitly set themselves the task of recovering truly private communication for the ordinary citizen after decades of government surveillance. For them the Holy Grail was something they called ‘Public Key Cryptography’. The growing popularity of desktop computers in the 1990s, and their growing processor power, had opened up the possibility of ordinary people creating their own codes of mind-boggling complexity. The problem that confronted these mavericks was key distribution. It was no good being able to send a message secretly halfway around the world if the recipient could not read it. To do this the recipient needed the key to unlock the code, and without the paraphernalia of a government courier system, distributing the key safely and without interception was a problem. However, the mavericks now made a breakthrough. The most common analogy used to explain it is a series of padlocks. The sender, who we will call ‘Alice’, secures her message to her friend ‘Bob’ with a cypher that works like a padlock to which Bob does not have the key. When Bob receives it, instead of trying to open it, he adds a second padlock that depends on a cypher of his own devising, and sends it back to Alice. Alice then removes only her original padlock and sends it back to Bob, by which time it is only secured by Bob’s padlock. Bob can now open the box and read the message. They have communicated securely, yet there has been no key distribution.8
This was a revolutionary breakthrough. The arrival of Public Key Cryptography triggered a veritable war between civil libertarians and the code-breaking agencies. For the mavericks, the possibility of email secrecy and anonymous web activity offered the prize of a return to the golden age of privacy for the citizen. For the sigint agencies, the military and the police this conjured up a world in which criminals, drug dealers and terrorists would be able to avoid the interception of their communications and encrypt what was on their computers. The double irony was that the global telecommunications revolution that had helped to bring all this about was also placing the sigint agencies under growing pressure from their own governments to assist with secure e-commerce. Some time after his retirement, Sir Brian Tovey, a former Director of GCHQ, explained the dilemma:
The question is: how in the world does one reconcile these two? How does one on the one hand assure industry that its communications are confidential and reliable, and how on the other hand is Government under these very carefully defined circumstances to continue to derive important information, be it about drug running, terrorism et cetera, from the interception of communications…?
Either way, the tide of technology and economic activity, one might even say the tide of globalisation, was moving in favour of ever greater security and against the sigint agencies. Taken together with the huge increase in the use of fibre-optic cables to carry telecom traffic, which was hard to tap into, this spelt disaster for GCHQ.9
Just like fibre-optics, Public Key Cryptography appears to have been discovered first by the British. Arguably the most important development in secure communications for several centuries, it was partly invented by James Ellis at GCHQ in the 1970s. However, Ellis’s achievement was so far ahead of its time that neither GCHQ nor NSA could initially see any application for it, since the internet did not then exist. Sean Wyllie, one of GCHQ’s top mathematicians, had raised the issue of Ellis’s invention during a visit to Washington and asked if it had any uses, but it did not seem significant at the time.10 There was some talk of using it to distribute the ‘go-codes’ for nuclear weapons, but that was it. In the 1980s Whitfield Diffie and Martin Hellman, two American computer scientists, discovered Public Key Cryptography quite independently at a time when the development of desktop computers and the internet rendered it a breakthrough development. They immediately recognised its importance, and took it much further, developing ideas such as digital signatures.11 The US government responded by threatening to prosecute them. Martin Hellman recalls: ‘Some of my friends who had worked in the intelligence community even told me that my life could be in danger.’12
In 1993 these matters were brought to a head by a software engineer living in Boulder, Colorado, called Phil Zimmermann. He developed a code-making programme for desktop personal computers called ‘PGP’, which stood for ‘Pretty Good Privacy’, and then gave it away on the internet for free. Zimmermann had developed a quick and easy-to-use version of Public Key Cryptography that retained much of its strength, but greatly simplified its use. Now even the most non-technical computer user enjoyed access to strong cyphers and secure email communications. The American government was horrified, declaring that Zimmermann had effectively ‘exported munitions’, and actually began a public prosecution, hoping to put him in jail. After three years, the case – which became a cause célèbre – collapsed. Zimmermann asserted triumphantly: ‘This technology belongs to everybody.’13
GCHQ had debated the possibility of announcing its own early discovery of Public Key Cryptography as early as 1984. However, even while it pondered this, the controversy over Peter Wright’s Spycatcher memoirs erupted, inflaming Margaret Thatcher’s notorious obsession with secrecy. GCHQ’s senior management, who were also embattled over the trade union issue, took fright and decided to keep quiet. It was more than a decade before GCHQ summoned up the courage to make a public avowal of its remarkable achievements. Cabinet Office approval for a public announcement was finally granted in late December 1997. Tragically, James Ellis, a true hero of sigint who certainly ranks alongside the greats such as Alan Turing, had died just a month earlier, on 25 November 1997. He never received proper recognition within his lifetime.14
Throughout the 1990s, both NSA and GCHQ doggedly fought Public Key Cryptography. The Clinton administration came up with the idea of the so-called ‘Clipper Chip’, a small device in every computer that could be directly accessed by government to bypass any encryption used by the owner. However, it was soon shown that this device was easily disabled. Later, NSA suggested that American computer manufacturers should be permitted to export computers with strong encryption if a spare set of decoding keys was accessible to the government through a trusted third party. The proposals, known as ‘Key Recovery’ or ‘Key Escrow’, were bitterly criticised by privacy advocates. In fact, this scheme was soon rendered unworkable by the export of strong computer encryption from other countries like Switzerland, France, Germany and Belgium. This was a rerun of the European cypher machine problem encountered in the 1960s. The difficulties only increased when mobile phones appeared that also boasted strong encryption, which were quickly purchased by the Chinese government. In the 1990s the communications revolution continually favoured the code-makers, and pushed the code-breakers firmly into second place.15
Keeping up with the internet revolution was proving expensive for the code-breakers. Yet just as GCHQ was faced with these major challenges, its budget was severely cut. In the summer of 1993 the British government began to call for defence cuts fo
llowing the end of the Cold War. The Soviet Union had visibly disintegrated, and the huge arsenals maintained by the West for half a century no longer seemed necessary. When intelligence chiefs tried to justify their budgets, there was no shortage of security problems in the world, but most looked quite small in scale. They included narcotics, money laundering, people trafficking, terrorism, nuclear proliferation and the illegal light weapons trade. There was now more emphasis on economic intelligence. GCHQ was also giving more attention to ‘economic well-being’. Robin Robison, who worked in the Cabinet Office, declared in 1992 that he had seen ‘sack loads’ of economic material making its way from GCHQ to the JIC.16 However, this did not keep the economisers at bay. In late 1993 Sir Michael Quinlan, former Permanent Under-Secretary at the Ministry of Defence, was asked to carry out a ‘Review of Intelligence Requirements and Resources’. This was completed in early 1994, and suggested only some gentle retailoring.17 Quinlan was a great friend of the intelligence services, yet even the modest cut of 3 per cent that he imposed on GCHQ was painful. Cold War icons were wound up, including the long-serving 13 Signals Regiment which had listened to the Soviets along the Inner German Border for four decades.18
GCHQ Page 52