An intelligence expert and author tells his Gartner IT Security Summit audience how the National Security Agency was able to keep up with communication technology changes to support domestic and international spying.WASHINGTON—On Dec. 15, 2005, the New York Times
broke the news that soon after the Sept. 11 attacks President Bush had secretly authorized the
National Security Agency to eavesdrop on U.S. citizens and other persons within the country.
A Federal judge has since ruled that the NSAs actions were both illegal and unconstitutional—a matter that will likely be decided by the Supreme Court.
But how, exactly, did the NSA do that snooping?
James Bamford, an expert on intelligence gathering and author of several books on the NSA, including "A Pretext for War: 9/11, Iraq, and the Abuse of Americas Intelligence Agencies," described the technological underpinnings of the NSAs ongoing eavesdropping and how it has had to change to keep up with technology at his keynote here at the Gartner IT Security Summit on June 4.
One of the NSAs main jobs is to eavesdrop—to intercept communications and thereby gather intelligence from countries outside of the United States. Some might picture an agent climbing a telephone pole and attaching a wire to a telephone line, but such a technique, called retail eavesdropping, is only useful for going after one phone line at a time.
The NSA, on the other hand, goes after entire streams of communications, with each channel containing millions of conversations, Bamford said.
At one point, the NSAs job was fairly easy. The agency was targeting microwave communications, which travel in a straight line from one tower to the next. Thats "a nice thing for the NSA," Bamford said, "especially when theyre trying to get Russian communications or those from outside the United States. Those signals go right out into space."
Click here to read more about how AT&T helped the NSA monitor telephone communications and Internet traffic.
In the former Soviet Union, cables cant easily be buried due to permafrost. At one point, this led the country to depend heavily on microwave communications. In order to gather intelligence, the NSA would put one of its many satellites in space and position it where it can capture the microwaves. The method is so elegant that many times the NSA can capture information even before a person receiving a given call has picked it up, Bamford said, given the lack of atmospheric interference in space.
The satellites capture communications, convert them and retransmit them, through another satellite or through a ground station, back to earth. The NSA also has ground stations all over the world to pick up satellite and other communications. "Theyre enormous facilities; they look like moon bases," Bamford said. Most of these bases are covered so observers cant tell where their antennas are pointing. Listening posts also eavesdrop on scores of communications satellites orbiting the earth, picking up on some 2 million pieces of communications per hour.
The NSA has another type of antenna array, nicknamed an elephant cage, which houses 360 elements. When the agency marries multiple elephant cages together, it can pinpoint exactly where a signal is coming from. If a submarine pops to the surface even for a brief moment to send a message, the array can pinpoint it. This type of array is going out of style, Bamford said, but there are still a number around.
This was all well and good until the late 90s, at which point most telecommunications companies began switching from satellites to fiber-optic undersea cables due to their lower cost, higher quality and improved speed. Such undersea cables avoid atmosphere and bandwidth problems, are faster since they dont have to travel as far, and are fairly cheap, Bamford said.
When satellites ruled the communications interception business, all NSA had to do was put a dish out, sit back and collect signals, without having to ask anybody for permission, Bamford said. "Phone calls, e-mail, data communications, all that information came down like rain into dishes," he said. The switch to undersea cables made it more challenging to collect the same information.
"When [telcos] switched to fiber optics, [the question became,] how do you get access to cables? [The cables] go under the ocean, come up and go into a little building owned by AT&T or another company," Bamford said.
It was a big problem for the agency in the late 90s, he said. One way to handle the issue was to build a submarine to go right to the source of communications, and hence the USS Jimmy Carter was commissioned in June 2004. According to Bamford and others, the sub was designed to tap undersea cables and eavesdrop on the communications passing through them.
The United States wont admit that it designed undersea "bugs" to tap the systems, Bamford said, but an earlier version of such a device is on exhibit at the KGB museum in Moscow.
Referring to this earlier version of the cable bug, which the United States used to listen in on Soviet communications during the Cold War in an operation called "Ivy Bells," Bamford said, "They put this big thing underwater and used induction from copper cable. They would program it [to listen] for the most important channel. One good one they listened to was on Soviet missile testing. NSA did that by having the sub sail into [the Northern part of the Sea of Okhotsk]. Theyd look at the shore, looking for warning signs to fishermen saying, Dont drag nets, there are cables here. They found it."
Its more difficult to tap fiber-optic cables, however. "Information doesnt leak out as with copper cables," Bamford said. "Youve got glass fibers and photons, not electricity going through."
Bamford didnt offer any thoughts on how the NSA has overcome the difficulties presented by fiber-optic cables in relation to tapping by submarine, but he did describe an internal network that the NSA has set up to achieve its monitoring goals, including junction point hubs.
"The NSA began going to AT&T and began building secret rooms," he said. "A cable from overseas would terminate in this room. They would convert it to usable signals to be sent out around the country" to NSA agents. "They had a big splitter put on the cable, so when it came in you built a mirror copy of it. The mirror copy goes to a secret room that only two people had access to," Bamford said.
That activity began after Sept. 11 and continued until 2003, he said, only coming to light after a whistleblower at AT&T publicized photos and internal blueprints of the setup. The whistleblower was a retired communications technician, Mark Klein, who has joined the Electronic Frontier Federation in a lawsuit against AT&T.
Bamford himself said he has joined the ACLU in a lawsuit against the NSA over its spying on U.S. residents.
Check out eWEEK.coms Security Center for the latest security news, reviews and analysis. And for insights on security coverage around the Web, take a look at eWEEKs Security Watch blog.
Network Security & Hardware 
