Tag Archives: NSA Data Collection

Follow the Money: Electronic Economic Warfare, Treasury’s War

In previous notes, I have examined “The Narrative” underlying the drip-drip-drip of revelations about electoric snooping.  The narrative (“We are watching everyone, everywhere, all the time”) has a number of useful infowar purposes: it makes IT less available to adversaries and it educates friends about the vulnerabilities of civilian IT.

One other benefit of the “NSA is collecting metadata” revelations to the US government is that is obscures other, far more important activities.  Foremost among these is the monitoring and manipulation of money flows.  Economic warfare is arguably more important national securitywise than all the phone and email records you could ever find. Indeed, one important use of all the metadata collection is to understand social networks in order to locate and block money.

We see today a story in the NYT that CIA (not the NSA) routinely collects records of money transfers.  Scarcely a surprising “revelation”, but several points in the article are interesting.  “The data does not include purely domestic transfers or bank-to-bank transactions” most likely because the other data is collected by other agencies which have domestic authority.  I.e., the CIA doesn’t collect the domestic data because it is available via the FBI or Treasury.

Obviously, there is very good reason for US intelligence to track international financial transfers:  global crime, weapons proliferation, terrorism, and economic warfare are dangerous threats.

For a flavor of what this data is for, see Treasury’s War, by Juan Zarate (PublicAffiars, 2013).  This book lays out the strategic position of the US Treasury department, which does need FISA or any other special authority to monitor and intervene in banking and financial matters.

His book is a bit dry (but better than you might fear, from a bureaucrat) but quite clear.  He lays out the view from inside the US government:  the world of “bad actors”  exploiting and corrupting the international financial system.  Many dangerous activities, including nuclear dissemination, large scale criminal trafficking, and global jihadist movements depend on raising and moving money around the world.   This is done via banks (subject to US and other governments) wire transfers, and couriers.

Zarate recounts the US Treasury Departments activities, under their authority to protect the banking system and combat money laundering. In case you didn’t realize it, all bank records (including transfers) are already subject to government monitoring and regulation.  No warrants needed:  if you use a normal bank, you are using a government supervised bank.

Treasury can, and does, conduct economic warfare.  One of the most powerful “sanctions” that has been imposed on Iran in recent years is to cut it off from SWIFT, the official messaging system for interbank transfers.   This dry, technical action by the US Treasury and others is actually one of the most powerful acts of war to date

This highly unusual action makes if very difficult for Iranian banks to conduct business with other banks, interfering with the sale of exported oil and the import of goods.  Combined with other actions, this has brought the Iranians to the bargaining table.  And we can be sure they will want these actions lifted as part of any deal.

Zarate’s book has some useful insights into interagency collaboration and lack thereof within the US government.  It is important to understand the potential power of his kind of economic warfare, but also its limitations. It is not a pinpoint weapon, nor is it something that can be turned on an off. Many of the powers that be in Washington have very limited understanding of these issues.

I would comment that Zarate understand banks, but his views on macroeconomics are not especially deep or clever. Also, in passing, he notes that technological developments such as BitCoin are just what bad actors have been hoping for.  Treasury has already acted on this, and don’t fool yourself—this means using BitCoins will be monitored just like cash.  What did you expect?

So, what do we know?  The US and other governments have very good reason and plenty of legal authority to monitor and intervene in financial transfers.  In the US, multiple agencies are involved.  We also see that the CIA and NSA also collect data outside the US (no doubt other national intelligence agencies collect such data as they can within the US).  We even see hints of redundant coverage, covert acquisition of financial data (off the wire) which is also available from the participants (e.g., bank records).

Attention to the “all my Snowdens” soap opera, and fretting about NSA collecting metadata helps divert attention from these other activities which are, arguably, much more useful for national security, and also more invasive.

I note that the NSA is publicly indicating that they are going to “get out in front” of further “revelations”.  This should interesting, for what they don’t say as much as what they do.  I expect to witness a masterpiece of “narrative” from them.

NSA Out of Control? Or Totally In Command?

“No Morsel Too Minuscule for All-Consuming N.S.A” (NYT)

I am really trying to cut down on blogging about the NSA.  But how can I resist?

As we have been presented with a stream of “revelations” (sometimes recounting information published many years ago) about NSA electronic data collection I have focused on the narrative that has been unfolded.  From the beginning, I have pointed out how this story is so beautifully useful to the NSA that it might as well have been scripted by them.

The basic argument here is to note that the NSA has a difficult mission.  It must not only monitor world wide communications, it is also tasked to protect US communications.  Furthermore, it is almost certainly seeking to deny the use of the Internet to adversaries, especially non-state actors.

I observe that one way to pursue these goals is to make sure that everyone “knows” that the NSA is snooping on them.  Whatever the true activities of the NSA, if everyone believes their cell phone and Internet are being monitored and mined by the NSA, they will have to worry and will use telcom less freely or not at all.  The same narrative shines a harsh light on Internet privacy in general, educating the public and improving domestic security.

How do you get this story told?  Well you certainly don’t issue a press release from Fort Meade.  You want to get it out into the media, and you want the public to remember it.  Hence, you need a Hollywood story line.  The most effective possible approach is to let the media “uncover the truth”.  Even better, you would like a brave whistleblower to make spectacular revelations.  The “truth” of the leaks is enhanced by publicly crucifying the leaker (without actually stopping the leaks).  (Note the beautiful irony of potentially using the anti US “credibility” of wikileaking to promote a US government infowar campaign.)

These mechanisms are used to tell a simple story, The Narrative:  The NSA is spying on everyone, everywhere.  (Including prime ministers, chancellors, and presidents!)

The narrative continues this week.  Mr. Snowden reminds us that he is still in exile, a martyr who serves to validate the deep truths being revealed.  The stories must be true, otherwise, why hound the poor guy to the ends of the Earth.  (OK, Russia is not the end of the Earth, nor the worst possible exile.)

Internet titans are publicly outraged:  not only are they cooperating with the NSA, the NSA is also hacking them.  In a desperate attempt to salvage their global empires, they are working like mad to defend their infrastructure against the NSA. (Given that NSA has inside access, I’m not sure what material effect the countermeasures described might have.  This kind of Spy vs. Spy is hard to read from the outside.)   While Google-hoo strives to preserve their “governments are obsolete” story line, the kerfluffle serves NSA critical mission to protect communication:  the Internet is not private or secure. Are you getting the point yet?

Most important of all, the pundits are closing in on the “NSA was out of control” theory (with its corollary, “why wasn’t I briefed on this?”). The paper of record gives us a wonderful canonical version of The Narrative.  As the title suggests, the NSA is “all consuming” (“an electronic omnivore of staggering capabilities, eavesdropping and hacking its way around the world”), and there are many clever insinuations that tell us that the NSA are a bunch of out of control cowboys.  (We are also treated to many code names and acronyms—indecipherable, but very James Bond.)

This ready-made Hollywood narrative is convenient for politicians who want to have it both ways.  But more important, it tells us that NSA data collection is infinite and not subject to rational limits.  Superhuman. Magical.

Of course, it is quite possible that the NSA is not out of control. We know that politicians in the US and abroad were briefed and consented to these actions.  What we know of the targets are completely rational, even if they don’t necessarily look good on the front page.

In all of this, it is critical to remember that we really don’t know much about what the NSA actually does.  More to the point, the media, pundits, and politicians don’t know either.  So, The Narrative should not be swallowed without examination.

(By the way, I should emphasize that my comments are based 100% on open sources, media reports and known facts.  No inside information, anonymous sources, or unpublished “facts”.)

NSA: Descent Into Farce to Aid the Narrative

Sigh.  I have other things I should attend to, but this NSA stuff is just too easy to blog about.  I suspect that is a sign of a very competent infowar program: feed us a stream of irresistible blog-candy, we’ll do the rest of the work.

I have noted that the French government and media have helped NSA spread it’s narrative.  How unfair of me to neglect the contributions of our other allies in Europe.  Not to be outdone by the wily French, Germany has been quite helpful, also summoning the ambassador and phoning the President.

The entire affair is descending into slapstick. The Germans overflew the US consulate in Frankfurt, supposedly “searching” for listening posts, and “sending a message” to the Americans.  It’s not clear this flight could possibly accomplish either of those goals, but it was a visible and memorable reminder of The Narrative:  the NSA is listening, even in Germany.

Our gallant British allies have, of course, contributed their own comic touches. Detaining the partner at the airport created a new martyr, and also demonstrated that “we will do whatever we can to get at your data”. Picking on close relations is cruel, but very effectively creates sympathy and credibility for the reporters and their stories, increasing their value to the NSA.

And, of course, there is the “chop up the computers in the basement” incident.  Its not clear what this might accomplish, since the data is certainly not located on any single computer.  But, such a dramatic gesture!  Guaranteed to be reported and remembered, and to generate sympathy and credibility.  Whatever was on those disks, they now symbolize the leaked secrets that NSA will do ANYTHING to cover up.  (The best way to deceive someone is to let them deceive themselves.)

All this is distracting from some really interesting stuff, such as the monitoring of financial transactions.  That is really important and arguably more useful to US and world security. We’ll return to it in more detail in the future.

NSA Non-Denial Denial

I don’t want to dwell excessively on the NSA narrative, which I have argued is critical to a strategic offensive to deny adversaries the benefits of IT and telcom. Furthermore, Mr. Snowdens awful adventure fits the purposes of The Narrative so nicely, it is difficult to see him as anything but a valuable NSA infowar asset.

Yesterday, I remarked on the story in Le Monde, which I noted how it continues and extends the game, assuring that the French people are well aware that “the NSA is spying on everything”.  Note that the French government and the US White House kept the story rolling, through fire  “outraged” consultations at the highest (and most visible) levels.

The NSA helped things along with a classic non-denial denial.  While reported in the media as a “denial”, the actual statement says far less that that.

“Recent articles published in the French newspaper Le Monde contain inaccurate and misleading information regarding U.S. foreign intelligence activities.”

Well, sure.  To the degree that the article said anything factual, it is likely not completely accurate.  And the leak was, I contend, intended by the NSA itself to be misleading.

So, did Director Clapper dispute any specific points?  Only one.

“The allegation that the National Security Agency collected more than 70 million “recordings of French citizens’ telephone data” is false.”

OK.  This statement could be literally true in many ways.  For example,

  • perhaps he doesn’t consider the data “recordings” or “telephone recordings”  (They were metadata records and SMS.)
  • Maybe it was less or more than 70 million.  And perhaps is was 70 millions calls, which would not be 70 milliion different people. Or perhaps it wasn’t all “French citizens”.

So, he could be telling the literal truth, appearing to deny and dispute the story, while actually saying nothing to debunk the claims. And he certainly did not hurt the overriding narrative: “The NSA is watching.”

In passing, I note that Director Clapper says several things in his short statement that are indisputably true.

“The United States gathers intelligence of the type gathered by all nations.”

Yup.  Believe it.

Continental Episode of “The Narrative”

We see Mr. Snowden once again serving the vital interests of the NSA, feeding The Narrative, “we are watching everyone, everywhere, all the time”. This time, we are treated to “le récit”, “nous surveillons tout le monde, partout, tout le temps.” (Please pardon my schoolboy French.)

The latest of a masterful drip, drip, drip, of stories, this one clearly timed to embarrass both the US an French governments. Le Monde (my spell checker likes to rewrite this to “lemonade”) reports about a leaked NSA summary report, supposedly detailing data collection on French citizens telephones and SMS for a one month period.

The “lemonade” report itself is otherwise inscrutable, as we have no idea exactly how this gathering was done, or what the data might have been used for.  We are meant to believe that the data was collected by the Americans, rather than simply forwarded by French sources (as often happens), though it doesn’t really say.  We also don’t know what was done with the data. We can imagine many possible searches the NSA might want to do, but we have no facts.

We do get some scary, technical sounding “facts”, including code words such as “DRTBOX” and “US-985D”.  These are a nice decoration for the basic story.  We have no idea what they mean, but they certainly sound James Bond.

We can see the telltale signs of The Narrative.  The story was timed to correspond to a visit by the US Sec. of State, for maximum attention. The French government noisily professes to be “shocked” to discover that the US collects intelligence in France, and even summons the ambassador for an explanation.  Everyone is helping to assure the French people get the message, at almost no cost.

In short, we see once again how Mr. Snowden, far from damaging the NSA, has well served the vital interests of The Narrative.

NSA/Snowden Narrative: Today’s Lesson is “Be Nice to Your Sysadmins”

As the narrative continues, bringing in all the media’s favorite tropes–a ‘OJ meets where’s Waldo’ chase, wikileakers trying to get “back in the game” (to quote the NYT), and a review of the limited number of places you might flee to avoid extradition to the US.

The most interesting development today was the NYT article today, “N.S.A. Leak Puts Focus on System Administrators“, which “reveals” that all those nerds they make fun of actually have tremendous responsibility and, potentially, capability to do great harm.

I’m sure that most readers will think, “we should crack down on admins”.

A long time ago I, too, was a sysadmin (our group mottoes included: “the job of the operating system group is to keep the systems operating” and “what goes up, must go down”). I sure remember the strange dissonance between the job we were entrusted with–keeping a complex, poorly understood system working–and the status we experienced.  Despite the fact that the whole show depended on us, we were considered slightly more useful than the housekeeping crews–except when we had to inconvenience someone, when we became intolerable pests.  (Note that we were on call 24/7, and “allowed” a few hours per week in which we could, if truly necessary, take the systems down. Its not easy to work within such parameters.)

For those of you who have never experienced it, I assure you it is quite scary to login as superuser on an operational, critical system, knowing that a mistake can damage or destroy vital activities and products.  Access to confidential information is a minor issue compared to the possibility of an ‘oops’ that, unfortunately, you actually had permission to  execute.  Say goodbye to that server!


You should be nice to your sysadmins.  Bring them cookies.  Listen to what they try to tell you.  It wouldn’t be a terrible idea to pay them more, and let them have nice offices, etc., but I’m sure you won’t do that.