The NSA Hearing, by the Numbers BY KIM ZETTER

Standard

From: http://www.wired.com/threatlevel/2013/06/nsa-hearing-by-the-numbers/

The NSA Hearing, by the Numbers
BY KIM ZETTER
06.18.13
3:00 PM

Director of the National Security Agency (NSA), Gen. Keith B. Alexander, testifies about NSA surveillance before the Senate Appropriations Committee on Capitol Hill. Photo: Charles Dharapak/AP

 

A federal hearing today on NSA surveillance programs leaked by former NSA contractor Edward Snowden produced some interesting numbers about the scope of the data collections and other issues. We’ve produced a roundup below of some of the interesting stats and intelligence gleaned from the discussion.

The hearing, before Congress’s Select Committee on Intelligence, included NSA Director, General Keith Alexander; Deputy Attorney General James Cole; Deputy Director of the FBI Sean Joyce; and General Counsel Robert Litt, from the Office of the Director of National Intelligence General Counsel.

1) NSA Only Uses Section 215 of Patriot Act to Obtain Phone records. NSA Director Keith Alexander, responding to questions about the kinds of business records the agency obtains using this power granted by the Patriot Act, said that the agency only uses it to obtain phone records from companies. This would seem to contradict a recent Wall Street Journal story, which disclosed that the agency was collecting credit card transactions. But Alexander’s statement doesn’t rule out that the FBI is collecting credit card transactions and providing data pertaining to foreign intelligence cases to the NSA. The vast majority of business records requests under Section 215 are done by the FBI and other federal agencies, not the NSA.

2) Phone Records Obtained by NSA under Section 215 Are Destroyed After 5 Years. ODNI General Counsel Robert Litt asserted that the records are not kept indefinitely. Nor are they used for general data mining and pattern analysis, according to Alexander. He stated that the records are only used to perform individual “queries” against specific phone numbers. Presumably this means that pattern analysis likely would be done on those targeted phone numbers that are under investigation in order to ascertain any and all phone numbers that have communicated with the targeted number.

3) Only 22 People at NSA Can Authorize Queries of Phone Records Database. This number includes 20 analysts and two supervisors. Among the 22 people who can authorize such queries of the phone records database are Gen. Alexander himself and Litt.

4) Records/Data Obtained under 215 and Section 702 of FISA Thwarted 50 Potential Terrorist Plots. NSA Director Alexander and FBI Deputy Director Sean Joyce said that at least 50 cases they investigated used data obtained under the two surveillance programs that Snowden exposed. Section 702 of FISA can cover real-time emails and chats, IP addresses and other data. Asked by Rep. Jim Himes (D-Connecticut), how many of these 50 episodes “would have occurred but for your ability to use 702″ (or “How essential are these authorizations to stopping these attacks?”), Alexander said that he believed that in at least half of these cases, the data obtained under Section 702 of FISA was “critical.” He said that of the cases involving the use of phone records obtained under Section 215 of the Patriot Act, a little more than 10 of these cases involved some kind of “domestic nexus” — meaning they involved a U.S. citizen overseas or in the U.S. The vast majority of these cases “had a contribution from the business records requests.”

5) Snowden Worked for the NSA for 15 Months at Time of Leaks. Although it’s been reported that Snowden had only been working for defense contractor Booz Allen Hamilton for three months at the time of the leaks, and had only been stationed at the NSA’s Hawaii facility a few weeks prior to leaking, Alexander noted that Snowden had actually been working for the NSA under a different contractor during the 12 months prior to moving to Booz Allen Hamilton, which would have given him more time to scope out the network and determine which data he wanted to take.

6) NSA Plans to Institute a Two-Person Rule to Govern Activities of SysAdmins This would presumably involve requiring a shadow for every sysadmin to ensure that no one operator can download the kind of data Snowden obtained without authorization from another operator, or change auditing and logging instructions on the system to hide their tracks. Alexander noted that Snowden, as a systems administrator, had great authority to access parts of the network that are not accessible to regular analysts. The sysadmin also has the ability to set the auditing conditions on a portion of the network. “This is a huge problem,” Alexander said. “We’re coming up with a two-person rule to make sure we have a way to block” someone from taking information out of the system. “This is a work in progress,” he said.

7) NSA Has About 1,000 SysAdmins Worldwide. Alexander said the NSA has about 1,000 system administrators that have, in certain sections, the level of authority comparable to what Snowden had to access data. This number seems small, and Alexander said they were working on trying to get a more exact figure, but he noted that the majority of these system administrators were contract workers.

Finally, something else of note that Alexander said in the hearing today. The NSA apparently doesn’t yet know how Snowden obtained access to the court order that authorized Verizon to hand over the phone records of millions of American customers. He noted that to access the kind of data collected under the program required special “certificates” or keys to gain access to areas where the data was stored. Certificates and keys can refer to digital access to walled-off areas of data on a server, but Alexander also seemed to imply that Snowden would have needed physical access to a room where the data was stored.

“To get to any data like business records under 215, that’s in controlled area,” Alexander said. “You need specific certificates to get in to that. I’m not aware that Snowden had any certificates to get into that.” He later noted that by “certificates” he meant keys, meaning presumably electronic door access keys.

“In this case, what the system administrator had access to is what we’ll call the public web forums that NSA operates, and these are the things that talk about how we do our business, not necessarily what’s being collected as a results of that,” Alexander said. “Nor does it necessarily give them the insights that the training and the other issues that training and certification process and accreditation that our folks go through to actually do this. So those are in separate programs and require other certificates to get into.”

When asked if this meant Snowden did not have the certificates necessary to leave that public forum, Alexander replied, “So each set of data that we would have, and in this case let’s say the business records, FISA, you have to have specific certificates … because this is a cordoned off, so that would be extremely difficult for him to. . . he’d have to get up to NSA and get into that room to do. Others require certificates for you to be working in this area to have that. He would have to get one of those certificates to actually enter that area…. In other words, it’s a key.”

Following the hearing, reporters in the room cornered Alexander for further explanation about this, during which Alexander reportedly said that the NSA believes Snowden obtained access to the court order while he was undergoing orientation and training at the NSA’s headquarters at Ft. Meade.

“The FISA warrant was on a web server that he had access to as an analyst coming into the Threat Operations Center,” Alexander told Politico. “It was in a special classified section that as he was getting his training he went to.”

668 total views, 1 views today

NSA Contractor Outs Himself as Source of Surveillance Documents

Standard

From: http://www.wired.com/threatlevel/2013/06/nsa-leaker-outs-himself/

NSA contractor and former CIA technical employee Edward Snowden announced today that he was the source for documents published about the NSA’s secret surveillance programs. Image courtesy of the Guardian

 

Edward Snowden, a former computer security administrator for the CIA and current contractor for the NSA, has outed himself as the source of a string of explosive documents describing NSA surveillance activities against U.S. citizens and foreign targets.

The 29-year-old, who now works for the defense contractor Booz Allen Hamilton on projects for the NSA in Hawaii, revealed himself as the source of documents provided to the Guardian and Washington Post about the NSA’s collection of phone records belonging to millions of Americans as well as a surveillance program called PRISM that targets the internet communications and activities of foreign targets.

Snowden made the revelations in a lengthy story and video published by the Guardian today.

“I have no intention of hiding who I am because I know I have done nothing wrong,” Snowden said in the interview, conducted last Thursday in Hong Kong where he was in hiding at the time the leaks were published. He added, “I am not afraid, because this is the choice I’ve made.”

He identified himself as an infrastructure analyst for the NSA in Hawaii, earning $200,000 a year, but has worked as a contractor for the NSA for four years on behalf of various contract firms.

He worked previously as a systems engineer and administrator, a senior advisor for the CIA and a telecommunications information systems officer and described his growing distress over the years as his exposure to the government’s surveillance activities grew.

In a note that he wrote to accompany the first documents he gave the papers, he said, “I understand that I will be made to suffer for my actions,” but “I will be satisfied if the federation of secret law, unequal pardon and irresistible executive powers that rule the world that I love are revealed even for an instant.”

He also said that he didn’t want media attention for leaking but wanted the spotlight focused instead on the broad surveillance the U.S. government was doing.

“I know the media likes to personalize political debates, and I know the government will demonize me,” he said in the interview. “I really want the focus to be on these documents and the debate which I hope this will trigger among citizens around the globe about what kind of world we want to live in…. My sole motive is to inform the public as to that which is done in their name and that which is done against them.”

Snowden said he was willing to sacrifice his career and the stable life he had made with his girlfriend in Hawaii “because I can’t in good conscience allow the US government to destroy privacy, internet freedom and basic liberties for people around the world with this massive surveillance machine they’re secretly building.”

He said he assumed the government would accuse him of violating the Espionage Act and aiding enemies but this didn’t concern him. The Guardian said the only time he became emotional during interviews was when he pondered the impact this would have on his family, many of whom work for the U.S. government.

“The only thing I fear is the harmful effects on my family, who I won’t be able to help any more. That’s what keeps me up at night,” he told the paper.

Booz Allen Hamilton released a statement confirming that Snowden worked for them but said he had been an employee “for less than 3 months.”

“News reports that this individual has claimed to have leaked classified information are shocking, and if accurate, this action represents a grave violation of the code of conduct and core values of our firm,” the company wrote. “We will work closely with our clients and authorities in their investigation of this matter.”

The revelation came after the Director of National Intelligence James. R. Clapper announced yesterday that the NSA had begun an investigation into the leaking of the documents.

Prior to Snowden coming forward, House Intelligence Committee Chairman Mike Rogers (R-Michigan) had criticized the leaker and Guardian journalist Glenn Greenwald for publishing information about programs they failed to understand.

“He doesn’t have a clue how this thing works; nether did the person who released just enough information to literally be dangerous,” Rogers said, adding, “I absolutely think [the leaker] should be prosecuted.”

Snowden’s extensive technical background proves the assertion about his knowledge wrong.

Nonetheless, both the Guardian and the Washington Post were criticized for errors in the explosive stories they broke last week regarding the government’s surveillance — errors they attributed to the documents that Snowden provided and to information that Snowden himself gave them about the nature of the surveillance.

The Guardian led on Wednesday with the revelation that the NSA had obtained a court order to collect the phone records of millions of Verizon customers in the U.S. for a three-month period beginning in April. Senator Dianne Feinstein later acknowledged that the order was actually a re-issue for an ongoing collection order that was renewed repeatedly every three months.

The following day, both the Post and the Guardian published stories claiming that the NSA had direct access into the servers of nine internet companies, including Google, Yahoo and Facebook, and were collecting large volumes of data with the cooperation of these firms, including email and audio and video traffic as well as documents.

Both papers had to step back from that allegation, however, after the internet companies strongly denied that the NSA had direct connections to their servers or that they provided any data that was not targeted and part of a court order.

The Post and Guardian made the false accusations based on a 41-slide PowerPoint presentation that Snowden provided the papers and on assertions from Snowden himself. In a revised story, the Postdeleted mention that the NSA has direct access to company servers but said the system allows analysts to query data through equipment that is housed at company controlled locations.

Snowden first began thinking about leaking back in 2009 when he was stationed in Geneva, Switzerland, for the CIA.

His route to the CIA was circuitous. Snowden never matriculated from high school, but in 2003, he enlisted in the US army and began a training for Special Forces. He got discharged, however, after breaking both of his legs.

After this, he got a job as a security guard for one of the NSA’s covert facilities at the University of Maryland.
He followed that with a job in IT security for the CIA. In 2007, the CIA stationed him with diplomatic cover in Geneva for a computer security job that gave him clearance and access to a wide array of classified documents.

Like Bradley Manning before him, it was that access to documents and his time spent around colleagues that led him to begin questioning the government’s activities.

“Much of what I saw in Geneva really disillusioned me about how my government functions and what its impact is in the world,” he says. “I realized that I was part of something that was doing far more harm than good.”

He thought about exposing government secrets at the time, but didn’t because CIA secrets are mostly about people and he didn’t want to endanger anyone. He also thought the election of Barack Obama in 2008 would change things.

In 2009 he left the CIA for a job with a private contractor and got assigned to an NSA facility at a military base in Japan.

The next three years broadened his education of the NSA’s surveillance activities and increased his disillusionment and dissatisfaction with the NSA.

“[T]hey are intent on making every conversation and every form of behavior in the world known to them,” he told the Guardian, and said agency posed an “existential threat to democracy.”

“The government has granted itself power it is not entitled to. There is no public oversight. The result is people like myself have the latitude to go further than they are allowed to,” he said.

Snowden contrasted himself to Bradley Manning, the former Army intelligence analyst who went on trial last week for leaking more than a million documents to WikiLeaks, saying that contrary to Manning he “carefully evaluated every single document I disclosed to ensure that each was legitimately in the public interest” and withheld ones that did not fit that goal.

“There are all sorts of documents that would have made a big impact that I didn’t turn over, because harming people isn’t my goal. Transparency is.”

He also said he purposely chose to give the documents to journalists whose judgment he trusted about what should be public and what should remain concealed.

Asked how he felt after watching the public’s reaction to the disclosures over the last few days, he said, “I think the sense of outrage that has been expressed is justified. It has given me hope that, no matter what happens to me, the outcome will be positive for America.

“I do not expect to see home again, though that is what I want.”

500 total views, 1 views today

The Jester Strikes Hacker Takes Aim At Nations Helping Snowden

Standard

From: http://securityphresh.com/security-news.php?sp_url=http%3A%2F%2Fwww.topix.com%2Ftech%2Fcomputer-security%2F2013%2F07%2Fthe-jester-strikes-hacker-takes-aim-at-nations-helping-snowden%3Ffromrss%3D1

The Jester, who specializes in taking down anti-American websites, says hell go after any country that helps NSA leaker Edward Snowden.

526 total views, 1 views today

The NSA’s Favorite Weasel Word To Pretend It’s Claiming It Doesn’t Spy On Americans – Mike Masnick

Standard

Well, well. In the aftermath of the revelations that the NSA is getting records of every phone call from Verizon, followed up by the news that most of the biggest tech companies are supposedly giving direct access to the NSA, the intelligence community is responding the same way it always does: with weasel words. First up, you can see Director of National Intelligence James Clapper’s statement about the spying, which we’ll be discussing again in a bit.

But, a bunch of folks have been reasonably pointing out that Clapper appears to have lied to Congress. Of course, it’s not like this wasn’t easily called. Two years ago, we wrote about Clapper’s answers to Senators Wyden and Udall, which we pointed out was a ridiculous answer that was clearly sidestepping the real questions. However, looking over that letter again now, and having become a bit more familiar with the weasel words the NSA likes to use, it’s easy to look at Clapper’s statement and explain why he can “stand by it” while the clear implication of it was the opposite of what he meant.

You asked whether communications of Americans have been collected… Section 702 of the FAA [FISA Amendments Act] explicitly prohibits the intentional targeting of persons reasonably believed to be located in the United States or United States persons located abroad. The Intelligence Community has put in place a variety of procedures, which have been approved by the FISA Court as required by law, to ensure that only persons reasonably believed to be located outside the United States are targeted and to prevent the intentional acquisition of any communications as to which the sender and all intended recipients are known to be located in the United States. Guidelines are also required by law to ensure compliance with other limitations on FAA collection, including the requirement that a U.S. person may not be intentionally targeted under section 702. If it is discovered that a target has entered the U.S. or is a U.S. person, he or she is promptly detargeted and reports are made as appropriate to the Department of Justice (DOJ), the Office of the Director of National Intelligence (ODNI) and the FISA Court. Moreover, when communications from persons located in the United States are collected because they are communicating with a lawful target, the privacy and civil liberty rights of U.S. persons are protected through the careful implementation of the procedures required under the FAA to ’minimize the acquisition and retention, and prohibit the dissemination“ of information about U.S. persons.’”
Most people would read this to be him saying that they do not spy on Americans. And that’s obviously what he’s trying to imply. But that’s not what he’s actually saying. He’s using the NSA’s favorite weasel word: “target.” Now, most people assume that means one of the people on the call must be outside the US. But, you could — if you were devious intelligence official trying to mislead Congress and the American public (hypothetically) — interpret the word “target” to mean “if we, in general are ‘targeting’ foreign threats, no matter what they might be like, and this information we’re collecting might help in that process, then we can snarf up this data.”

In other words, most people think that “target” would mean one of the people on the phone. But, the NSA means “this overall investigation is about targeting foreign threats, so we can take whatever data we want because the goal is to stop foreign threats with it — and therefore our mandate not to spy on Americans doesn’t apply.”

So, it shouldn’t be particularly surprising to see that the administration’s “response” to this is to highlight, yet again, that this only “targets” non-US persons:
Information collected through a U.S. government surveillance program that taps into the servers of internet companies targets only non-U.S. persons living outside the United States, a senior administration official said on Thursday.

The U.S. law that allows the collection of data under this program does not allow the targeting of any U.S. citizen or of any person located in the United States, the official said, speaking on condition of anonymity.
Right, but whether or not they’re “targeting” a person, is separate from whether or not they’re spying on the data of Americans. As long as it’s all part of a process that “targets” non-US persons, they can claim that they’re playing by the rules.

Given that, however, I don’t see how Clapper can reasonably standby the following statements:
Wyden: Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?

Clapper: No sir.

Wyden: It does not?

Clapper: Not wittingly. There are cases where they could, inadvertently perhaps, collect—but not wittingly.
Clapper is insisting that he didn’t lie in his comments, but he then pretends that he was only talking about email:
What I said was, the NSA does not voyeuristically pore through U.S. citizens’ e-mails. I stand by that.
Except, that’s not what he was asked, nor was it what he said. He was specifically asked if the NSA collects any type of data at all, and he said no. Up above, he was using weasel words, but here it looks like he was flat out lying directly to Congress. Usually, Congress doesn’t like that.

582 total views, no views today