Edward Snowden Documents 4/30/14 NSA Snowden NSA Leak Ghostmachine Identifier Lead Triage With Echobase New NSA Edward Snowden Leaks
PRISM Olympic Option
GCHQ’s Request for NSA Data
Britain’s electronic surveillance agency, Government Communications Headquarters, has long presented its collaboration with the National Security Agency’s massive electronic spying efforts as proportionate, carefully monitored, and well within the bounds of privacy laws. But according to a top-secret document in the archive of material provided to The Intercept by NSA whistleblower Edward Snowden, GCHQ secretly coveted the NSA’s vast troves of private communications and sought “unsupervised access” to its data as recently as last year – essentially begging to feast at the NSA’s table while insisting that it only nibbles on the occasional crumb.
The document, dated April 2013, reveals that GCHQ requested broad new authority to tap into data collected under a law that authorizes a variety of controversial NSA surveillance initiatives, including the PRISM program.
PRISM is a system used by the NSA and the FBI to obtain the content of personal emails, chats, photos, videos, and other data processed by nine of the world’s largest internet companies, including Google, Yahoo!, Microsoft, Apple, Facebook, and Skype. The arrangement GCHQ proposed would also have provided the British agency with greater access to millions of international phone calls and emails that the NSA siphons directly from phone networks and the internet.
The Snowden files do not indicate whether NSA granted GCHQ’s request, but they do show that the NSA was “supportive” of the idea, and that GCHQ was permitted extensive access to PRISM during the London Olympics in 2012. The request for the broad access was communicated at “leadership” level, according to the documents. Neither agency would comment on the proposed arrangement or whether it was approved.
Last June, in the wake of the Guardian‘s PRISM disclosures, British Foreign Secretary William Hague issued a lengthy statement declaring that “the arrangements for oversight and the general framework for exchanging information with the United States are the same as under previous governments.” Warrants to intercept the communications of any individual in the United Kingdom, the statement read, must be personally signed by a cabinet secretary.
Likewise, the British Intelligence and Security Committee reported in July that, after reviewing “GCHQ’s access to the content of communications, the legal framework which governs that access, and the arrangements GCHQ has with its overseas counterparts for sharing such information,” the spy agency’s collaboration with the NSA was within the bounds of British law.
But the broader access secretly sought by GCHQ only months earlier appears to have been unprecedented – and would have placed fewer restrictions on how the NSA’s surveillance data is obtained and handled by British spies.
In response to the revelation, British member of Parliament Julian Huppert has accused government officials of issuing statements intended to “deliberately mislead” about GCHQ’s surveillance programs and called for an overhaul of the current system of oversight.
Eric King, head of research at London-based human rights group Privacy International, said that the latest disclosure raised “serious concerns” about whether GCHQ has pushed for the ability to sift through data collected by the NSA in a bid to circumvent British laws restricting the scope of its surveillance.
“GCHQ’s continued insistence that it is following the law becomes less credible with every revelation,” King told The Intercept, adding that he believed the agency was “stretching its legal authorities with help from international partners.”
GCHQ’s request is outlined in an NSA memo marked “top secret” and “noforn” – agency jargon for “no foreigners.”
It was prepared last year for Gen. Keith Alexander, then director of the NSA, in advance of a visit by Sir Iain Lobban, chief of GCHQ. Lobban was scheduled to attend a dinner at Alexander’s home on April 30, 2013. The following day, the two spy chiefs were to have a “one-on-one discussion,” and Lobban was to be given a tour of NSA headquarters in Fort Meade, Maryland, complete with demonstrations of the agency’s operations.
The memo includes talking points for Alexander on issues related to Syria and Iran, and also warns that GCHQ is being “challenged with their activities and operations being subject to increased scrutiny and oversight from their government (and public).” Alexander was told that Lobban might ask about the safeguards in place to prevent any data that GCHQ shared with the NSA from being handed to others, such as Israel, who might use it in “lethal operations.”
Under the heading “key topic areas,” the document notes that gaining “unsupervised access” to data collected by the NSA under section 702 of the Foreign Intelligence Surveillance Act “remains on GCHQ’s wish list and is something its leadership still desires.”
Section 702 of FISA grants the NSA wide latitude to collect the email and phone communications of “persons reasonably believed to be located outside the United States.” It authorizes PRISM and several other programs – with codenames such as BLARNEY and STORMBREW – that covertly mine communications directly from phone lines and internet cables.
The memo adds: “NSA and SID [Signals Intelligence Directorate] leadership are well aware of GCHQ’s request for this data, and the steps necessary for approval. NSA leadership could be asked whether we’re still supportive of this initiative.”
GCHQ was previously reported to have had some level of access to PRISM since at least June 2010, generating 197 intelligence reports from the data in 2012. However, the British agency appears to have been unsatisfied with limits placed on its use of the system.
While GCHQ’s ultimate aim was to gain “unsupervised” access to the NSA’s FISA databases, as of April 2013 it had already successfully lobbied for increased access to the trove “supervised” by the NSA. The newly disclosed Snowden document indicates that GCHQ was close to concluding a deal to gain the supervised access to communications collected under FISA as part of a program called “Triage 2.0.” This deal, under unspecified conditions imposed by the NSA, was “awaiting signature” from the British agency in April 2013, according to the document.
In addition, the top-secret memo notes that the NSA had separately agreed with GCHQ to share data on a broader “unsupervised” basis as part of a program called Olympic Option.
Olympic Option was a surveillance program operated during the London Olympics in 2012, under which at least 100 GCHQ operatives were given access to the PRISM system “throughout the Olympic timeframe,” ostensibly to identify potential terror threats. In a single six-day period in May 2012, according to a top-secret PowerPoint slide, GCHQ received 11,431 “cuts of traffic” from communications intercepted using PRISM. (“Cuts” is a term used by the NSA to describe extracts of conversations that it collects.) The memo prepared for Alexander describes the British request for unsupervised access to FISA 702 data as “in a manner similar to Olympics Option [sic].”
The data sharing between the agencies during the Olympics, though, was not isolated to PRISM. It also encompassed large volumes of metadata – such as the “to” and “from” details from an email but not the content of the message itself – as part of a more expansive Olympics surveillance effort. The NSA was funneling troves of intercepted data to GCHQ from a system called GHOSTMACHINE, a massive cloud database used by the NSA to analyze metadata and store, according to one document in the Snowden archive, “100s of billions of entries.”
The NSA declined to answer a series of questions from The Intercept about its surveillance cooperation with GCHQ or comment on whether the arrangement has involved sharing information on Americans’ communications.
In a statement, NSA spokeswoman Vanee Vines said that the agency is legally barred from sharing intelligence collected under PRISM and similar programs “unless the Foreign Intelligence Surveillance Court has first approved minimization procedures, which must comply with the Fourth Amendment and limit the collection, retention and dissemination of information about U.S. persons.” Vines added that, in response to a “genuine threat of terrorist attack” surrounding the 2012 Olympics, the U.S.intelligence community “took steps authorized by law and consistent with the Constitution to protect Americans and citizens of other countries.”
Similarly, GCHQ refused to answer any questions on the record about the documents. The agency issued its boilerplate response to inquiries, insisting that its work “is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight.”
Earlier this month, a report by the U.K. government’s communications interception commissioner deemed GCHQ’s arrangements with the NSA to have been within the law and said that the agency was not engaged in “indiscriminate random mass intrusion.”
But the newly revealed documents raise questions about the full extent of the clandestine cooperation – key details about which appear to have been withheld from lawmakers.
Huppert, the member of Parliament, served on a committee that reviewed – and recommended against – a push from the British government for more powers to access private data before the Snowden materials became public last year.
At no point during that process, Huppert says, did GCHQ disclose the extent of its access to PRISM and other then-secret NSA programs. Nor did it indicate that it was seeking wider access to NSA data – even during closed sessions held to allow security officials to discuss sensitive information. Huppert says these facts were relevant to the review and could have had a bearing on its outcome.
“It is now obvious that they were trying to deliberately mislead the committee,” Huppert told The Intercept. “They very clearly did not give us all the information that we needed.”
Decrying the process as a “good example of how governments should not behave,” the Liberal Democrat parliamentarian is calling for significant reform of the U.K.’s current surveillance regime.
“I want to see much greater clarity on how we have oversight, because it is currently not fit for purpose,” he says. “We need much more transparency about what is happening. And we need to revise our laws, because our laws clearly have too many loopholes in them.”
More about GHOSTMACHINE: GHOSTMACHINE: The NSA’s cloud analytics platform
ECHOBASE; GHOSTMACHINE; IDENTIFIER SCOREBOARD; SIGINT ANALYTICS; WAVELEGAL
The Norwegian military intelligence service collects vast amounts of signal intelligence, known as «sigint». In Afghanistan alone NIS collected 33 million registrations from telecommunication during 30 days around Christmas 2012, according to their own revelations.
Additionally they listen to satellites and radio communication in our own region. The listening post in Vardø, close to the Russian-Norwegian border at the top of Europe, is basically a giant ear eastward. The collection of data has grown out of hand and the Norwegian spies have not been able to use all their collections.
Handeling of this big data is becoming an increasingly important part of the intelligence services’ surveillance programs worldwide. The NSA program to monitor email communications and web surfing all over the world, XKeyscore, collected 41 billion records during a 30-day period in 2012. Enormous computing power and storage capacity is needed to process the data and find the needles in the haystacks.
The Norwegian Inteligence Service (NIS) is also nauseous from the unmanageable amounts of data it is served daily. This is partly the reason why NSA now purchases a supercomputer codenamed Steelwinter. This information comes from a document Edward Snowden took from NSA and has later shared with Dagbladet. The document, marked «top secret» is a summary of how the NSA sees the collaboration with Norway after a meeting between the two services in March 2013.
The supercomputer NIS buys is a derivation of the so-called Windsor Blue supercomputer.
«NIS is in the process of acquiring STEEL WINTER (a WINDSORBLUE derivative supercomputer ) and has entered into a partnership with NSA – cryptanalysis ( …) service to develop applications of mutual benefit» the document says.
«Windsor Blue» is the name of a program for supercomputers at the American IT-giant IBM. The company is working towards creating a so-called exascale supercomputer which means it can make a quintillion – 1 000 000 000 000 000 000 – calculations per second.
– Exascale computers have not yet been build, but when we get there, such a computer would be about 20 times more powerful than the largest supercomputer we know today, says associate professor Anne C. Elster at NTNU university in Trondheim, Norway.
This machine is in China, and according to Elster about 30,000 times more powerful than the new game console Playstation 4. Gaming computers with their powerful graphics cards are the fastest computers available on the mass marked today.
The document does not say when the computer will be delivered, but in addition to the actual purchase, NIS has entered into a partnership with NSA to develop software for decryption. Some of the most interesting data NIS collects are encrypted, and the extensive processes for decryption require huge amounts of computing power.
– It is not possible to crack strong cryptography even with today’s most powerful computers, says researcher and cryptologist Havard Raddum at Simula and the University of Bergen.
But many do not use strong enough encryption or parts of the encryption key may already be familiar to those trying to crack the code.
– Then, a supercomputer would be helpful, he says.
Tranfers to NSA
NIS sources states that the purpose of the acquisition is to analyze large amounts of data and find the needles they’re looking for in the haystacks. They also want to do more of this work in Norway. As it is now, and has been in the past, large amounts of data is being sent to the NSA to be analyzed there.
The parliamentary body for oversight of the Norwegian intelligence services, the EOS-committee, states in their latest report that NIS now will reduce the transmission of large amounts of data:
«The Committee has also been informed that a new form of data exchange is under development, shifting to smaller but more targeted exchange of data», the report says. This new system will be ready in 2014.
NIS top Kjell Grandhagen is not willing to comment on the computer other than saying this:
– NIS handles larges amounts of data and need a relatively high computing power.
He emphasizes that the service under any circumstance do not monitor Norwegians in Norway.
– Our service can not monitor Norwegians in Norway, and we neither do so. There is full national control over the information that is shared with other countries. The Parliament?s intelligence oversight committee controls this continuously. Partners who receive information from the Norwegian intelligence cannot share that with others without our consent, Grandhagen says.
The new supercomputer is a boost for NISs capacity to analyze their own data and is part of a major investment program.
«NIS has received a four-fold increase (approximately US$100M) in their budget to support this effort», the document says.
The budget increase of about 600 million Norwegian kroners, is spread over the next five years. Over the last years NISs total annual budget has been around 1,1 billion kroners (about US$ 185 million). Dagbladet has learned that the investment in Steelwinter is made within this framework.
The NSA is wagering so heavily on decryption that they are now involved in efforts to build the next generation of supercomputers. Even the most powerful machines available today are not powerful enough for the NSA. Therefore, they established «The penetrating Hard Targets » – project where they sponsor and participate in research on so-called quantum computers, according to a document Washington Post received from Edward Snowden. This is a brand new technology and if the engineers get this working it will be possible to create computers that are many times more powerful than the most powerful supercomputers available today.
– They are quite far from being able to make a quantum computer now, but if they manage it would have revolutionized the possibilities of cracking encryption. A quantum computer would crack most known encryption methods, Raddum says.
The Windsor Blue project has at least been around since 2011 and the research is being done on a computer lab in Yorktown Heights, an hour’s drive north from New York City in the United States.
– It is IBM who makes these super computers and they have been called something with “blue” since the days when chess player Gary Kasparov played against «Deep Blue» in 1997, Thomas Drake says.
He is a former manager at NSA and worked in the spy organization until 2007.
Drake had to quit at NSA after he warned of widespread surveillance of Americans. He was charged with espionage, but ended up as a free man with one year on probation and community service for having abused state equipment.
– Why would Norway need such a supercomputer?
– This is all about capacities, and this will give Norway the opportunity to analyze and understand. Such capabilities are useful with the sheer volume of data we have to deal with in the digital underworld.
But he also says that the internal competition between spy organizations means that many now wants the hottest computing power possible to come by.
April 30, 2014
NSA briefing memo about GCHQ Director Sir Iain Lobban’s visit to NSA on April 30, 2013 (4 pages)
NSA SIGDEV slides: Identifier Lead Triage with ECHOBASE (14 slides)
Sources: https://firstlook.org/theintercept/article/2014/04/30/gchq-prism-nsa-fisa-unsupervised-access-snowden/ , http://www.dagbladet.no/2014/04/26/nyheter/snowden_i_norge/edward_snowden/nsa/etterretningstjenesten/32991102/ ,