James Bamford writes: Army General Keith Alexander, the director of the NSA, is having a busy year — hopping around the country, cutting ribbons at secret bases and bringing to life the agency’s greatly expanded eavesdropping network.
In January he dedicated the new $358 million CAPT Joseph J. Rochefort Building at NSA Hawaii, and in March he unveiled the 604,000-square-foot John Whitelaw Building at NSA Georgia.
Designed to house about 4,000 earphone-clad intercept operators, analysts and other specialists, many of them employed by private contractors, it will have a 2,800-square-foot fitness center open 24/7, 47 conference rooms and VTCs, and “22 caves,” according to an NSA brochure from the event. No television news cameras were allowed within two miles of the ceremony.
Overseas, Menwith Hill, the NSA’s giant satellite listening post in Yorkshire, England that sports 33 giant dome-covered eavesdropping dishes, is also undergoing a multi-million-dollar expansion, with $68 million alone being spent on a generator plant to provide power for new supercomputers. And the number of people employed on the base, many of them employees of Lockheed Martin and Northrop Grumman, is due to increase from 1,800 to 2,500 in 2015, according to a study done in Britain. Closer to home, in May, Fort Meade will close its 27-hole golf course to make room for a massive $2 billion, 1.8-million-square-foot expansion of the NSA’s headquarters, including a cybercommand complex and a new supercomputer center expected to cost nearly $1 billion.
The climax, however, will be the opening next year of the NSA’s mammoth 1-million-square-foot, $2 billion Utah Data Center. The centerpiece in the agency’s decade-long building boom, it will be the “cloud” where the trillions of millions of intercepted phone calls, e-mails, and data trails will reside, to be scrutinized by distant analysts over highly encrypted fiber-optic links.
Despite the post-9/11 warrantless wiretapping of Americans, the NSA says that citizens should trust it not to abuse its growing power and that it takes the Constitution and the nation’s privacy laws seriously.
But one of the agency’s biggest secrets is just how careless it is with that ocean of very private and very personal communications, much of it to and from Americans. Increasingly, obscure and questionable contractors — not government employees — install the taps, run the agency’s eavesdropping infrastructure, and do the listening and analysis.
And with some of the key companies building the U.S.’s surveillance infrastructure for the digital age employing unstable employees, crooked executives, and having troubling ties to foreign intelligence services, it’s not clear that Americans should trust the secretive agency, even if its current agency chief claims he doesn’t approve of extrajudicial spying on Americans. His predecessor, General Michael V. Hayden, made similar claims while secretly conducting the warrantless wiretapping program.
Until now, the actual mechanics of how the agency constructed its highly secret U.S. eavesdropping net, code-named Stellar Wind, has never been revealed. But in the weeks following 9/11, as the agency and the White House agreed to secretly ignore U.S. privacy laws and bypass the Foreign Intelligence Surveillance Court, J. Kirk Wiebe noticed something odd. A senior analyst, he was serving as chief of staff for the agency’s Signals Intelligence Automation Research Center (SARC), a sort of skunkworks within the agency where bureaucratic rules were broken, red tape was cut, and innovation was expected.
“One day I notice out in the hallway, stacks and stacks of new servers in boxes just lined up,” he said.
Passing by the piles of new Dell 1750 servers, Wiebe, as he often did, headed for the Situation Room, which dealt with threat warnings. It was located within the SARC’s Lab, on the third floor of Operations Building 2B, a few floors directly below the director’s office. “I walk in and I almost get thrown out by a guy that we knew named Ben Gunn,” he said. It was the launch of Stellar Wind and only a handful of agency officials were let in on the secret.
“He was the one who organized it,” said Bill Binney of Gunn. A former founder and co-director of SARC, Binney was the agency official responsible for automating much of the NSA’s worldwide monitoring networks. Troubled by the unconstitutional nature of tapping into the vast domestic communications system without a warrant, he decided to quit the agency in late 2001 after nearly forty years.
Gunn, said Binney, was a Scotsman and naturalized U.S. citizen who had formerly worked for GCHQ, Britain’s equivalent of the NSA, and later become a senior analyst at the NSA. The NSA declined Wired’s request to interview Gunn, saying that, as policy, it doesn’t confirm or deny if a person is employed by the agency.
Shortly after the secret meeting, the racks of Dell servers were moved to a room down the hall, behind a door with a red seal indicating only those specially cleared for the highly compartmented project could enter. But rather than having NSA employees putting the hardware and software together and setting up walls of monitors showing suspected terrorism threats and their U.S. communications, the spying room was filled with a half-dozen employees of a tiny mom-and-pop company with a bizarre and troubling history.
“It was Technology Development Corporation,” said Binney.
The agency went to TDC, he says, because the company had helped him set up a similar network in SARC — albeit one that was focused on foreign and international communications — the kind of spying the NSA is chartered to undertake.
“They needed to have somebody who knew how the code works to set it up,” he said. “And then it was just a matter of feeding in the attributes [U.S. phone numbers, e-mail addresses and personal data] and any of the content you want.” Those “attributes” came from secret rooms established in large telecom switches around the country. “I think there’s 10 to 20 of them,” Binney says.
Formed in April 1984, TDC was owned by two brothers, Randall and Paul Jacobson, and largely run out of Randall’s Clarkesville, Maryland house, with his wife acting as bookkeeper. But its listed address is a post office box in Annapolis Junction, across the Baltimore-Washington Parkway from the NSA, and the company’s phone number in various business directories is actually an NSA number in Binney’s old office.
The company’s troubles began in June 1992 when Paul lost his security clearance. “If you ever met this guy, you would know he’s a really strange guy,” Binney said of Paul. “He did crazy stuff. I think they thought he was unstable.” At the time, Paul was working on a contract at the NSA alongside a rival contractor, Unisys Corporation. He later blamed Unisys for his security problems and sued it, claiming that Unisys employees complained about him to his NSA supervisors. According to the suit, Unisys employees referred to him as “weird” and that he “acted like a robot,” “never wore decent clothes,” and was mentally and emotionally unstable. About that time, he also began changing his name, first to Jimmy Carter, and later to Alfred Olympus von Ronsdorf.
With “von Ronsdorf’s” clearance gone and no longer able to work at the NSA, Randy Jacobson ran the company alone, though he kept his brother and fellow shareholder employed in the company, which led to additional problems.
“What happened was Randy still let him have access to the funds of the company and he squandered them,” according to Binney. “It was so bad, Randy couldn’t pay the people who were working for him.” According to court records, Ronsdorf allegedly withdrew about $100,000 in unauthorized payments. But Jacobson had troubles of his own, having failed to file any income tax statements for three years in the 1990s, according to tax court records. Then in March 2002, around the time the company was completing Stellar Wind, Jacobson fired his brother for improper billing and conversion of company funds. That led to years of suits and countersuits over mismanagement and company ownership.
Despite that drama, Jacobson and his people appeared to have serious misgivings about the NSA’s program once they discovered its true nature, according to Binney. “They came and said, ‘Do you realize what these people are doing?’” he said. “‘They’re feeding us other stuff [U.S.] in there.’ I mean they knew it was unconstitutional right away.” Binney added that once the job was finished, the NSA turned to still another contractor to run the tapping operation. “They made it pretty well known, so after they got it up and running they [the NSA] brought in the SAIC people to run it after that.” Jacobsen was then shifted to other work at the NSA, where he and his company are still employed.
Randall Jacobsen answered his phone inside the NSA but asked for time to respond. He never called back.
In addition to constructing the Stellar Wind center, and then running the operation, secretive contractors with questionable histories and little oversight were also used to do the actual bugging of the entire U.S. telecommunications network.
According to a former Verizon employee briefed on the program, Verint, owned by Comverse Technology, taps the communication lines at Verizon, which I first reported in my book The Shadow Factory in 2008. Verint did not return a call seeking comment, while Verizon said it does not comment on such matters.
At AT&T the wiretapping rooms are powered by software and hardware from Narus, now owned by Boeing, a discovery made by AT&T whistleblower Mark Klein in 2004. Narus did not return a call seeking comment.
What is especially troubling is that both companies have had extensive ties to Israel, as well as links to that country’s intelligence service, a country with a long and aggressive history of spying on the U.S. [Continue reading…]