Tag Archives: NSA Files

Drone Strikes: How to Deal with Surgically Implanted Explosive Devices

Menwith Hill  a Royal Air Force station near Harrogate, North Yorkshire, England has been described as the largest electronic monitoring station in the world.

The documents, provided to the Guardian by NSA whistleblower Edward Snowden and reported in partnership with the New York Times, discuss how a joint US, UK and Australian programme codenamed Overhead supported the strike in Yemen in 2012….

British officials and ministers follow a strict policy of refusing to confirm or deny any support to the targeted killing programme, and evidence has been so scant that legal challenges have been launched on the basis of single paragraphs in news stories.

The new documents include a regular series of newsletters – titled Comet News – which are used to update GCHQ personnel on the work of Overhead, an operation based on satellite, radio and some phone collection of intelligence. Overhead began as a US operation but has operated for decades as a partnership with GCHQ and, more recently, Australian intelligence.

The GCHQ memos, which span a two-year period, set out how Yemen became a surveillance priority for Overhead in 2010, in part at the urging of the NSA, shortly after the failed 2009 Christmas Day bomb plot in which Umar Farouk Abdulmutallab attempted to detonate explosives hidden in his underpants on a transatlantic flight.  Ten months later a sophisticated plot to smuggle explosives on to aircraft concealed in printer cartridges was foiled at East Midlands airport. Both plots were the work of al-Qaida in the Arabian Peninsula (AQAP), the Yemen-based al-Qaida offshoot.

One Comet News update reveals how Overhead’s surveillance networks supported an air strike in Yemen that killed two men on 30 March 2012. The men are both described as AQAP members.  In the memo, one of the dead men is identified as Khalid Usama – who has never before been publicly named – a “doctor who pioneered using surgically implanted explosives”. The other is not identified…

US officials confirmed to Reuters in 2012 that there had been a single drone strike in Yemen on 30 March of that year. According to a database of drone strikes maintained by the not-for-profit Bureau of Investigative Journalism, the only incident in Yemen on that date targeted AQAP militants, causing between six and nine civilian casualties, including six children wounded by shrapnel.  Asked whether the strike described in the GCHQ documents was the same one as recorded in the Bureau’s database, GCHQ declined to comment.

The incident is one of more than 500 covert drone strikes and other attacks launched by the CIA and US special forces since 2002 in Pakistan, Yemen and Somalia – which are not internationally recognised battlefields.  The GCHQ documents also suggest the UK was working to build similar location-tracking capabilities in Pakistan, the country that has seen the majority of covert strikes, to support military operations “in-theatre”.

A June 2009 document indicates that GCHQ appeared to accept the expanded US definition of combat zones, referring to the agency’s ability to provide “tactical and strategic SIGINT [signals intelligence] support to military operations in-theatre, notably Iraq and Afghanistan, but increasingly Pakistan”. The document adds that in Pakistan, “new requirements are yet to be confirmed, but are both imminent and high priority”….

By this point NSA and GCHQ staff working within the UK had already prioritised surveillance of Pakistan’s tribal areas, where the majority of US covert drone strikes have been carried out. A 2008 memo lists surveillance of two specific sites and an overview of satellite-phone communications of the Federally Administered Tribal Areas, in which nearly all Pakistan drone strikes have taken place, among its key projects.

British intelligence-gathering in Pakistan is likely to have taken place for a number of reasons, not least because UK troops in Afghanistan were based in Helmand, on the Pakistani border.One of the teams involved in the geo-location of surveillance targets was codenamed “Widowmaker”, whose task was to “discover communications intelligence gaps in support of the global war on terror”, a note explains.

Illustrating the close links between the UK, US and Australian intelligence services, Widowmaker personnel are based at Menwith Hill RAF base in Yorkshire, in the north of England, in Denver, Colorado, and in Alice Springs in Australia’s Northern Territory.

Other Snowden documents discuss the difficult legal issues raised by intelligence sharing with the US….The UK has faced previous legal challenges over the issue. In 2012, the family of a tribal elder killed in Pakistan, Noor Khan, launched a court case in England in which barristers claimed GCHQ agents who shared targeting intelligence for covert strikes could be “accessory to murder”. Judges twice refused to rule on the issue on the grounds it could harm the UK’s international relations.

Excerpts from Alice Ross and James Ball,  GCHQ documents raise fresh questions over UK complicity in US drone strikes,  Guardian, June 24, 2015

The Nationalization of Internet: example 1

emergency switch at nuclear power plant Switzerland. Image from wikipedia

The Swiss government has ordered tighter security for its own computer and telephone systems that could block foreign companies from key technology and communications contracts.  The governing Federal Council’s decision Wednesday cited concerns about foreign spies targeting Switzerland.

National Security Agency leaker Edward Snowden, who worked for the CIA at the U.S. mission to the U.N. in Geneva from 2007 to 2009, has released documents indicating that large American and British IT companies cooperated with those countries’ intelligence services.According to a Swiss government statement, contracts for critical IT infrastructure will “where possible, only be given to companies that act exclusively according to Swiss law, where a majority of the ownership is in Switzerland and which provides all of its services from within Switzerland’s borders.”

Swiss govt tightens tech security over NSA spying, Associated Press, Feb. 5, 2014

The Damaged Credibility of Internet Security

NIST. Image from wikipedia

On Nov. 6, 2013,  the Internet Engineering Task Force (IETF), an organisation which brings together the scientists, technicians and programmers who built the internet in the first place and whose behind-the-scenes efforts keep it running, debated what to do about all this. A strong streak of West Coast libertarianism still runs through the IETF, and the tone was mostly hostile to the idea of omnipresent surveillance. Some of its members were involved in creating the parts of the internet that spooks are now exploiting. “I think we should treat this as an attack,” said Stephen Farrell, a computer scientist from Trinity College, Dublin, in his presentation to the delegates. Discussion then moved on to what should be done to thwart it….

Even America’s government is getting in on the act. The credibility of its National Institute of Standards and Technology, which sets American cryptographic standards with the help of the NSA, has been dented by Mr Snowden’s revelations. On November 1st it announced it would review the way it carries out its work, in an effort to rebuild trust. The unspoken implication was that it would try harder to stop spooks attempting to slip “unreliable” technology past its vetting procedures.Other security experts are re-examining existing products. Dr Green and his colleague Kenn White are leading a forensic audit of Truecrypt, a popular program that enciphers a user’s hard disks but which displays some odd-looking behaviour and has rather murky origins (it is open-source, but its designers are anonymous, and are thought to live in eastern Europe).

Fixing cryptography is only part of the problem. Intelligence agencies can also tap data cables, allowing them to capture unscrambled information being sent between a user and a server, regardless of whether it is later encrypted.  Mr Snowden’s leaks seem to have boosted the market for better ways of dealing with this behaviour, too. Mike Janke, a former commando who now runs Silent Circle, a firm that offers “end-to-end” encryption software (meaning all messages are transmitted pre-scrambled), counts everything from corporations worried about industrial espionage to the Dalai Lama among his customers. He says that “business is up about 400% since the summer of Snowden”. In the wake of Mr Snowden’s revelations, his firm shut down its e-mail service and is preparing a new one that will transmit all messages pre-scrambled, meaning that only the recipient, not even the company itself, will be able to decode them…

On October 30th the Washington Post reported that America’s spies have bugged private, unencrypted fibre-optic cables which carry bits and bytes between the data centres in the worldwide networks of Google and Yahoo, without the companies’ knowledge. Google, which, of course, must be able to read its customers’ e-mail in order to inflict advertisements on them, nevertheless relies on people trusting it to guard their data, observes Dr Green.  “There’s a lot of anger out there,” says Christopher Soghoian, principal technologist at the American Civil Liberties Union, a lobbying group. “I’ve seen two blog posts by Google engineers in the last three days that contained the words ‘fuck you, NSA’.”

Excerpts, Internet security: Besieged, Economist, Nov. 9, 2013 at 83

NSA Files and US Firms in China

CIsco UCS.  Imge from wikipedia

Foreign  companies love to complain about doing business in China. The rules of the game are rigged against them, they grouse, the locals are corrupt and the government is always turning the thumbscrews on them. Amid such moans it is worth remembering that, for all the barriers that foreign multinationals face in China, it has welcomed them with open arms compared with the protectionism imposed by Japan and South Korea at comparable stages in their economic development. Nevertheless, the recent spate of high-profile crackdowns on international firms, and people associated with them, has prompted worries about a generalised anti-foreigner backlash.

This week police in Shanghai formally arrested a British fraud investigator, Peter Humphrey, whom they had detained for six weeks as part of an inquiry into alleged bribery of doctors by foreign drug firms, along with his wife, also an investigator. Mr Humphrey had done work for GlaxoSmithKline (GSK), a British drugs firm, four of whose Chinese managers were arrested last month. Since these arrests other foreign drugmakers have come under investigation, including Sanofi and Eli Lilly.

Now foreign technology firms are worried that they may be next. Chinese nationalists were outraged when Huawei, a local telecoms-equipment giant, was blacklisted last year by American politicians on unsubstantiated allegations of spying. But they grew apoplectic when Edward Snowden earlier this year revealed the extent of American spying on China. Official media outlets have since been calling for the expulsion of Cisco and other leading American technology firms, dubbed the “eight guardian warriors”….

As for the foreign technology firms, and the fear that a nationalist backlash will drive them away, it is true that some in officialdom and in the online Weibo-sphere are eager to see their departure. And there is some evidence of such firms losing a contract here or there. However, it will be bizarre if China were to chase away these firms in the same way that America has seen off Huawei. American technology firms are the world’s best. America does not need Chinese technology, whereas China most certainly needs access to American inventions.

Excerpt, Multinationals in China Guardian warriors and golden eggs, Economist, Aug. 24, 2013, at 59

———————————————————————————————————–

“At the end of June, the state-backed China Economic Weekly ran a cover story calling eight US companies – Cisco, IBM, Google, Qualcomm, Intel, Apple, Oracle and Microsoft – “guardian warriors” that had “seamlessly penetrated” Chinese society. The Weekly called Cisco “the most horrible”, given its significant – more than 50% – market share in China’s information infrastructure in financial, military, government and transportation sectors. The magazine also ran a long list of ‘the Eight’s’ projects within China, including Cisco’s upgrades of the People’s Bank of China’s Intranet, IBM’s facilitation in building the Yunnan province police bureau’s database, and Microsoft’s improvements to China Eastern Air’s information technology”. Excerpt from http://rhg.com/notes/eight-guardian-warriors-prism-and-its-implications-for-us-businesses-in-china-2