When tougher targets called for bespoke tools, TAO collection managers turned to their elite unit, the Remote Operations Center (ROC). “The Rock” employed some of the most talented hackers on the planet. In a culture that loved its puns, they were “ROC stars.” The then FBI director, Robert Mueller, once told me that intelligence agencies lured those men and women away from Silicon Valley with a matchless offer. Come test yourself against the world’s toughest adversaries. Feel free to invent cracking tools that would land you in prison if you were dumb enough to try them at home. Snowden was not immune to that temptation. “To a lot of people, that’s really exciting,” he said. “Because you’re hacking. These are criminal acts” in the outside world. Snowden aced the TAO exam, sat for an interview, and landed an offer. The former NSA director Mike McConnell later alleged that Snowden passed only because he broke into the test computer and stole the answers. If true, some former government hackers joked, that would have been an outstanding qualification for TAO. Snowden, offended, said he earned his score. “Let’s look at it this way,” he told me, comparing the challenge to what he did with Heartbeat. “If a guy can, by himself, bridge every network in the IC without those agencies pitching a fit and ingest it all into an NSA website, he can probably pass a test designed for 18 year old Navy recruits without cheating.”
Unexpectedly, Snowden turned down the TAO job. He had his eye on a contract at Booz Allen, which supplied “infrastructure analysts” to the NSA Threat Operations Center. Snowden became one of them, transferring out of the Kunia Tunnel to a big open-plan workspace in the Rochefort building nearby. The agency’s public relations team had unveiled the shiny new facility with pride, photographing it with a double rainbow overhead. (Inevitably, some denizens insisted on calling it the Roach Fort nonetheless.) No longer would Snowden administer networks for other people to use. He began to work with some of the NSA’s most restricted tools himself.
Part of his new mission was to spot, thwart, and report foreign hackers, with a special focus on China. He reverse engineered incoming digital weapons, known as intrusion sets, and traced the attacks to their sources. Contractors like Snowden could lawfully engage in what the NSA calls “computer network defense,” but offensive operations were out of bounds. Network warfare, or “computer network attack,” operated under a military chain of command. The boundaries were real, but somewhat soft in practice. The other side’s machines and networks were the “infrastructure” in Snowden’s title, and he had license to poke around as long as he did not break anything. When he learned enough to establish culpability, or found barriers he could not slip past nondestructively, he could propose targets for more aggressive collection or counterattack.
“I’m much more interested in the operational planning side,” Snowden told me, explaining why he turned down TAO. “That’s what an infrastructure analyst is. We look at the [foreign hackers’] operations. . . . Where are they coming from, what are the tool sets they’re using, how are they attacking us? Follow them back home, and then we plan the operation for how to get into their network and hack them back. And that sounded a lot more cool to me. I was actually really good at it.” He laughed a bit ruefully and shook his head. “I didn’t do it for very long at all,” he said. In another life, he would have liked to stay and work his way up. He spent only two months at NTOC before flying to Hong Kong.
Shortly after going public, Snowden told the South China Morning Post that he had sought out the contract at Booz for its access to NSA documents that he wanted to expose. He declined to repeat or explain that statement to me, alluding only to “a split focus” in that final assignment. It is clear, in any case, that NTOC broadened his classified horizons yet again. The new position granted him what the NSA calls “dual authorities,” a set of combined credentials that few other jobs required. The agency at that time encompassed two principal directorates, Information Assurance and Signals Intelligence. One defended U.S. government secrets. The other stole foreign secrets. Each had its own arsenal of classified legal powers, and each had its own limits. Defenders could look inside (some) U.S. communications networks for evidence of foreign intrusion. Attackers could spy overseas under the president’s Executive Order 12333 and use domestically based collection from PRISM and Upstream.
Snowden’s new professional home, an organization chartered in 2005, gave him access to both sets of tools. “The idea was that NTOC analysts would have the dual authorities to look at defensive data and SIGINT data, at the same time,” said a former employee there. “I could and did, in one workday, help advise on the cleanup of a state-sponsored hacker attack and try to direct SIGINT collection to trace said attack. . . . The main innovation for NTOC policy-wise was the integration of the dual authorities in individual analysts.”
In April 2013, the NSA flew Snowden to its Fort Meade headquarters to meet with the NTOC chain of command and compare notes with Maryland-based colleagues on the China beat. While he was there he sat through the required training on the proper use of his new surveillance authorities. Much of it came in the form of self-paced online instruction. One required course, OVSC 1400, introduced an animated helper named Ned NTOC, a classified counterpart to the Clippy character in Microsoft Office. “Ned NTOC will be your trusty guide and appears throughout the course to help you know, understand, and navigate through the legal and policy jungle,” the syllabus explained cheerfully.
Suppose, one quiz asked him, you detect a malware attack on a Defense Department network. The malware is attached to a message sent by the University of Maryland email server, ordinarily out of bounds as an NSA target. “You believe it is a BYZANTINEHADES actor,” the question states—that is, a Chinese government hacker. “You want to task the U MD mail server IP address.” Is that okay? In other words, is Snowden allowed to spy on the machine that handles all outgoing email from a large U.S. campus? It was a multiple-choice question. One incorrect answer was “never.” Also incorrect: ask superiors for an “equities review.” There were two approved answers. He could lawfully target the university server as long as he used a search term that included “a known malicious signature.” If he did not have that, he had to do his best to structure a query “to get only the malicious cyber activity.” The second path left a lot more room for error. It was all but certain to ingest innocent messages from professors and students, but Snowden would not get in trouble as long as he did not grab those communications on purpose. Optionally, the training course said, “you may want to check” the query with a senior analyst or NSA lawyer. This was a classified rule, compartmented as “special intelligence,” unknown and undebated in public. Snowden recognized the intent to limit intrusion into university life. The procedure still took him aback. Even a new analyst had a great deal of power.
Additional training that week qualified Snowden to dip into a special category of content intercepted inside the United States. This surveillance, “with the assistance of an electronic communication service provider,” took place under a classified interpretation of Section 702 of the FISA Amendments Act of 2008. Some of the content belonged to U.S. citizens, companies, and green card holders, all entitled to Fourth Amendment protection. That stuff went into a close-hold data repository. Information drawn from it had to be specially marked.
THIS INFORMATION IS DERIVED FROM FAA COLLECTION
THIS INFORMATION IS PROVIDED FOR INTELLIGENCE PURPOSES IN AN EFFORT TO DEVELOP POTENTIAL LEADS. IT CANNOT BE USED IN AFFIDAVITS, COURT PROCEEDINGS OR SUBPOENAS, OR FOR OTHER LEGAL OR JUDICIAL PURPOSES.
Snowden was now cleared for the FISA compartment. He was not limited to reading old intercepts in storage. He could “task,” or assign, new surveillance targets. The training taught him how to use the check boxes and drop-down menus of the NSA’s Unified Targeting Tool and a newer one called XKEYSCORE. He soon discovered that the NTOC position allowed him access to still another database of domestic communications traffic. This one was managed exclusively by th
e FBI. Operating under the cover name CAPTAINCRUNCH, the FBI secretly owned and monitored network servers designed to attract foreign hackers.
In his first filmed interview, Snowden told the world that “any analyst at any time can target anyone.” He added, “I, sitting at my desk, certainly had the authorities to wiretap anyone, from you or your accountant, to a federal judge, to even the president.” U.S. government officials heaped scorn on that claim, flatly denying that Snowden could do any such thing.
The government denials rested on lawyerly language that sounded like English but was not, quite. No one authorized Snowden, they said, to spy on whomever he liked. Snowden meant something else by “authorities.” He used the word, in fact, as intelligence officials ordinarily used it themselves. The legal basis for a wiretap depended on where, how, by whom, and for what purpose it took place. Each of the legal foundations was called an authority. Because of his new job and training, Snowden had a status that permitted him access to several of those—offensive and defensive, domestic and foreign. He could see and manipulate data intercepted overseas (under presidential authority) and at home (under the judicial and congressional authority of FISA). Those authorities were embedded in his digital identity certificate.
I tried repeatedly to unpack the government denials. Robert Litt, general counsel of the Office of the Director of National Intelligence, was a frequent sparring partner. He spoke precisely, as befits a lawyer, and dodged my questions, as befits a man on public relations cleanup duty. Was he prepared to deny that Snowden could pull up the XKEYSCORE interface and type “selectors,” or search terms, for new collection and access to content already stored? Litt declined to say one way or another. When I explained why Snowden could not have done his job at NTOC without such access, Litt said he did not have the technical knowledge to reply. (I asked him to check and did not hear back.) Questions about Snowden’s qualifications for access to the FISA repository produced much the same result.
What government officials really meant, I think, was that Snowden could not have gotten away with spying on any old accountant or judge, still less the president. In some restricted systems, such as PRISM, search terms required a supervisor’s approval in advance. In others, auditors were supposed to conduct after-the-fact reviews. On most systems an analyst had to specify a purpose, a factual predicate, and a legal basis for any surveillance of an email address or other selector. These were point-and-click exercises, but the NSA took them seriously. On the other hand, the NSA worked with at least tens of millions of selectors in a given year. Most of the auditors had full-time jobs, reviewing other people’s searches as a second or third assignment. Snowden might well have been busted if he spied clumsily on obviously baseless targets. He was not a clumsy man. A clever analyst, bent on abuse, might disguise his purposes well enough to survive routine review. It would be bold, in light of other events, to claim that auditors would surely have caught Snowden if he put a toe over the line.
In one of my visits to Moscow, I put it to Snowden that a man of his methodical bent would reserve the most dangerous intrusions for last. He waved off the question. Several hours later, long after dark, with plates and utensils piled up from three room service orders, he returned to the subject.
“Your presumption was that you would do the least risky things in the beginning and the most risky things in the end,” he said. “And that just makes sense. You don’t want to be caught in an operation because you took too many chances too soon. It’s got to be at the very end. Because you want to minimize your period of exposure, your period of risk.”
* * *
—
On May 19, 2013, Snowden boarded a flight to Tokyo with four laptop computers in his carry-on bag. He changed planes there and arrived the next day in Hong Kong. “I really didn’t have a plan” after that, he told me much later. “That was where my script ran out.”
THREE
HOMECOMING
Late Sunday night, May 19, 2013, I placed a call to Edgewater, Maryland. Jeff Leen, sounding groggy, picked up his phone at home. Leen ran the investigative unit of the Washington Post. He had probably quarterbacked more prizewinning work than anyone in American journalism. Seven Pulitzers? Something like that. Most of the editors I knew best had moved on. Leen, he was a lifer. He had hung in through three publishers, three executive editors, and a long, dispiriting decline in newsroom resources. The new top editor, Marty Baron, brought a sterling reputation from the Boston Globe, but we had not met. I needed an introduction, the sooner the better. Leen and I had worked closely on a grueling series about Vice President Dick Cheney in 2007. I trusted him. I did not trust the phone, and I did not want to say much without a lawyer. That made for an awkward conversation.
“I’m calling for an unusual favor,” I said. “I need a private meeting with Marty Baron right away. The subject is sensitive. It has to be in person. I don’t know who else to ask.”
“A meeting? About what?”
“It’s a story. A big one. He will not think I’m wasting his time.”
“Okay. What’s the story?”
“It’s related to national security. That’s all I can really say.”
“I get that it’s sensitive. Just a general idea,” Leen replied.
“I’m sorry, I can’t.”
Silence. Might as well say the rest of it.
“I know this doesn’t help, Jeff, but I’m going to need a fast decision from the Post. There’s a document I expect to receive any day now, and the source may take it somewhere else after seventy-two hours.”
An edge of grievance crept into his voice. “You’ve got to be kidding, Bart. Give me something to work with.”
“I know it sounds a little crazy. I wish I could say more.”
Silence again. This was not going well. Belatedly, it occurred to me how much Leen’s position had changed. My request would have been just as peculiar five years before, but back then Leen had the credit to carry it. Len Downie, the editor, had enough history with Leen to take his word. Now there was a new boss, less than six months in the job, and Leen had nothing in the bank.
“Look, I’ve only sat down twice with Marty myself,” he said. “I can’t just walk into his office and tell him he has to meet some guy who used to work here and I have no idea what it’s about.”
I decided to overlook the way he pronounced “some guy.”
“Tell him I’m a drama queen. Tell him whatever you want. Jeff, this is a really big deal. We’ll all regret it if I wind up somewhere else.”
“It doesn’t work that way, Bart,” he said. “I can’t take it to Marty like this. Call me when you can say what’s going on.”
We hung up, both disgruntled. I tried not to fault him. I had to sound half unglued. Two minutes later the phone rang, Leen on caller ID.
“You caught me off guard,” he said. “I mean, out of the blue like that on a Sunday night, you have to admit it’s pretty unusual. I’ve thought some more. I’ll see if I can make it happen. Just please tell me this is going to be worth it.”
“It will, I promise. Listen, I meant to say before, Marty is going to want to bring the lawyers. Also, my old building pass can’t be good anymore. Can you escort me in from the side entrance? I’ll circle around through accounting and up the stairs. I don’t want to be seen in the newsroom.”
“Christ, Bart,” Leen grumbled, but it was too late for protest. In for a dime, in for the drama. Years later he told me he called back because he heard “a faint note of fear” in my voice. “I remember when I got off the phone, I thought, ‘If Bart Gellman is afraid of something, that makes me afraid.’ This must be really huge.”
Leen delivered. Baron would see me Thursday, his first day back in town. I could preview the conversation Wednesday with Baron’s number two, the managing editor, Kevin Merida. Yes, the lawyers would be there.
Fine. Merida was one of the good guys.
/>
* * *
—
I never told the Post how close I came to taking the story elsewhere. I had left three years before with a bad taste in my mouth. The newsroom had been a magnificent place to grow up, full of mentors and colleagues who leveled up my game. Just listening in on the next desk was a master class. Don Oberdorfer excavated foreign policy news in a soothing murmur, probing so gently that his sources might not notice how deep he dug. Ann Devroy’s theatrical mockery slapped politicians off their scripts. “Earth to Newt!” she sang out one day, scoffing at the Speaker of the House. Most of an hour later, when I passed her desk again, she still had Gingrich talking. Once I teamed up with her for an interview with National Security Adviser Anthony Lake. She cut off his first reply, maybe two minutes after we took a couch in his White House corner office. “If you’re just going to give us the usual bullshit, Tony, let’s move on to something else,” she said. He obeyed.
The Post cycled me through one great assignment after another: courthouse, Pentagon, Middle East, State Department, then a decade on long-term projects. No one ever asked me to pull a punch, and the owners protected the newsroom at their own peril. During a trip to Egypt in 1997, I read Katharine Graham’s memoir with a lump in my throat. Everyone remembered Watergate, but her crucible as publisher came with the Pentagon Papers story of 1971. The Nixon administration tried to suppress a classified history of the Vietnam War, successfully halting publication by the New York Times. The attorney general threatened personally to bring criminal charges if the Post took up the story. Graham’s lawyer pressed her to relent, warning that she risked losing the company. Graham hired a new lawyer and published. The Times and the Post fought the case to the Supreme Court and won. Those were not some mythic old days, though they long preceded me. They were the lived experience of the newsroom for decades afterward. A company culture like that allowed me to shrug off threats to rescind my credentials and incidents of senior official telephone rage, including a memorably profane call from the Israeli prime minister Benjamin Netanyahu. I borrowed courage from the Post, sometimes past the point of common sense, when I crossed a sketchy checkpoint in Somalia or drove through Hezbollah-controlled terrain in Lebanon. I was no Keith Richburg or Anthony Shadid, who routinely braved far greater dangers, but if I fell into trouble, I knew the paper would spare no effort to extract me.
Dark Mirror Page 10