Report
on a
James Bamford Talk at Berkeley
 James
Bamford is the author of The
Puzzle Palace and Body
of Secrets, books about the National Security Agency. He
is visiting Berkeley in the School of Public Policy, and gave a
talk entitled "Intelligence Failures that Led to the September
11th Attacks."
He
was introduced by the Dean of the School, who explained that the
school has a new emphasis on information technology and public policy.
The Dean explained that while it is generally true that "Those
who know don’t speak, and those who speak don’t know," James
Bamford is the exception. The Dean said that Bamford was working
on a new book A Killing Sleep: Anatomy of America’s Greatest
Intelligence Failure, a description of what happened prior to
Sept. 11.
 Bamford
started by providing lots of background. He was fresh out of law
school and didn’t want to practice law, so he had the idea of writing
about the most secret agency in the US Government, the National
Security Agency (NSA). This led to the now twenty year-old book,
The Puzzle Palace. NSA eventually found out that he was writing,
and tried very hard to stop him. NSA twice arranged to have him
criminally prosecuted for revealing secrets, but he was able to
show that he had used material in the public domain. Bamford explained
that he had become an expert in using the Freedom of Information
Act (FOIA) to get a lot of information. It’s not so easy, because
the FOIA doesn’t apply to the NSA since the NSA almost doesn’t exist.
It was not created by Congress, but by a memorandum. When he wrote
his first book, the rule was that once a document was declassified,
it could not subsequently be reclassified (sort of a no ex post
facto idea). According to Bamford, Reagan changed those rules, allowing
and in fact doing a lot of reclassification, Clinton didn’t change
the Reagan rule but didn’t do reclassification, and the current
Bush administration has adopted the Reagan rules.
NSA
was created after WWII from the code breaking activity that had
proceeded during the war. At the time it was created, no one but
a couple of people even knew it had been created. NSA stands for
no such agency, or never say anything, or after Puzzle Palace, not
secret anymore. To illustrate how secret NSA is, after Puzzle Palace
was published, Bamford went on a book tour. At one point he was
scheduled onto a PBS show where the other guest was Sen. Bill Bradley.
Prior to the show, the Senator asked Bamford why he was on the show,
and he explained that he had written a book on the NSA. Bradley
asked him what that was, and Bamford explained. Then Bradley went
on the show to explain his ideas for the economy, or whatever, and
then the interview switched to Bamford. Bamford explained that the
NSA was a secret agency. The interviewer said "How secret?"
And, naturally, Bamford did not pass on the opportunity to say that
it was so secret that not even Sen. Bradley knew about it. Bradley
was not pleased.
Years
later, having worked on television news shows, Bamford did a second
NSA book. It also took three years. His first idea was to go to
NSA and ask for a tour, interviews, and documents. They were not
accommodating, to say the least. "Enemy of the state."
"Not in your interest to proceed." However, eventually
NSA turned around, and eventually provided him with access to lots
of information, although they never provided documents. Again, FOIA
came through.
Bamford
explained that he was amazed by some of the material he was able
to get. For example, he found a detailed 1962 plan to invade Cuba.
In the wake of the failed Bay of Pigs invasion, the US was embarrassed
and wanted to dump Castro some other way. The idea was to have the
US Armed Forces invade Cuba, deposed and kill the leadership, and
establish a new government. Basically do to Cuba what we just did
to Afghanistan, Bamford explained. However, there was a problem.
The US needed a pretext to invade. Unfortunately for the invasion
plan, we didn’t know of anything that Castro was doing to the US
besides sitting there being decidedly Communist. So, a pretext had
to be created. The plan Bamford found, through FOIA, sent a chill
down his back. The US would arranged to have Americans shot on the
streets of US cities, we would set off bombs in crowded areas of
US cities, and there was a detailed plan to blow up a commercial
airliner over Cuba. This plan was approved, in 1962, by every member
of the Joint Chiefs, including the chairman. [If this is true, the
plan was never executed.]
About
NSA: it is 38,000 people, 50 buildings, on a campus in Maryland,
in suburban Washington DC. The have the most powerful computers
in the world, 1.6 million tapes in their tape library [tapes?].
Basically they do signals intelligence, listening to phone calls,
faxes, email, and any sort of communication. To do this they have
extensive facilities all around the world. One technique that Bamford
mentioned was how they capture microwave signals. Microwave, unlike
high frequency signals [HF are actually lower frequency than microwave,
in case you care], do not bounce off the ionosphere and travel in
a straight line. Towers must be line of sight from each other. So
how’s the NSA going to listen to this? Answer is that some of the
radiation goes past the receiving station, and continues in its
straight line out into space. The NSA has satellites out there to
grab the signals. [Bamford described the satellites as geosynchronous,
but that wouldn’t work.] NSA also makes and breaks codes. The big
nasty secret within NSA is that in the forty years or more that
NSA spent billions of dollars on breaking the Soviet codes, they
made no progress. No important Soviet code was ever broken by the
NSA, or by anyone.
NSA
has a whole bunch of listening posts around the world. There’s one
in England. Each post captures about two million messages per hour.
They cull out the interesting ones in many ways – limiting prefixes,
etc. The Soviets had a listening post in Cuba for forty years (they
are only just now dismantling it) and they knew how to filter out
the interesting stuff. For example, any phone call to prefix 456
in the DC area code was a call to the White House, any call to 688
is a call to NSA.
So
what about NSA’s involvement in Sept. 11. Some have compared the
failure to the "failure" at Pearl Harbor. Actually, Pearl
Harbor was quite a success for the predecessor agencies to NSA.
The US had managed to completely break the key Japanese codes (Purple),
and the German codes (Enigma) were also broken. In the case of Pearl
Harbor, the US signals people picked up the key message to the Japanese
embassy in Washington, decoded it (it said something like break
off relations and destroy all your crypto equipment) well in advance
of the attack. The message did not say where an attack would come,
so the US sent the message to everyone saying "Japanese attack
expected." The weather was wrong over the Pacific so the usual
HF path did not work. Instead the message was sent to Honolulu via
Western Union, where it arrived a few hours after the attack.
In
contrast, NSA did nothing to help prior to Sept. 11. No monitoring
of Osama Bin Laden (OBL) was done. The hijackers of the plane that
would up hitting the Pentagon lived in Laurel, MD, the same town
that NSA was in. When the hijackers drove from Laurel down US 1
toward Dulles, the traffic in the other direction was mostly NSA
employees on their way to work. Rather embarrassing to the NSA,
in fact a disaster of major proportions. Realize that the primary
goal of NSA, the justification for the billions of dollars per year
of our citizens money spent by the NSA, is simply to prevent a surprise
attack. Yet the US and NSA was caught totally unprepared. Bush was
reading to first graders in Sarasota, the head of NSA was having
breakfast in downtown Washington.
OBL
moved his operations from the Sudan to Afghanistan. The infrastructure
there was insufficient for OBL’s needs, so he contacted an intermediary
in London who in turn arranged for a student in the US to buy a
satellite phone. The phone was mailed to London, the service activated
there, and the phone mailed to OBL. It was an Inmarsat phone. So
NSA has a billion dollars, they figured this out and got good eavesdropping
on OBL. NSA was very proud of this, and would show off their abilities
to distinguished guests at NSA. They would laugh as he called his
mother and talked to her. Unfortunately, OBL seemed to sense something,
because he never used the satphone for operational material. Just
used it for calls home. But this is still useful: at least we know
where he is, because the phone radiates, and that radiation can
be tracked. And we took advantage of that: Clinton called for reprisals
against OBL after the embassy bombings in E. Africa, and we sent
missiles to a training base in Afghanistan that we knew about because
of the satphone. Unfortunately, two bad things resulted: one, OBL
was not there when the missiles arrived, and two, OBL, no dummy,
stopped using the satphone when he realized it was being used to
track him. The NSA never heard from him again. Never. NSA went deaf.
NSA
had other problems: only one or two (at the most) NSA people can
speak an Afghan language. And there were lots of other structural
problems at NSA. To understand this, understand that until ten years
ago, NSA had essentially a single mission: track the Soviets. NSA
knew about Russian missiles and submarines. They looked for the
missiles, and set up very advanced equipment that could provide
early warning if a Soviet missile were launched. To illustrate this
capability, recall that a few months ago an Israeli plane was shot
down on its way from Israel to Russia. The US immediately announced
that a missile had shot down the plane. The guys who did the deed
denied it initially, but soon it came out that the US was right.
These are your NSA tax dollars at work. That’s what we do, but that’s
the wrong thing if you are worried about terrorists. Ten years after
the end of the cold war, the NSA still has the wrong technology
in the wrong places.
Technology
has shifted under NSA’s feet. For example, we could intercept Russian
communications. They used HF, and we had huge antennae that could
catch the stuff as it bounced around the world We had antennas,
some called Elephant Cages, that were a half mile wide, to intercept
Russian HF signals. Unfortunately, no one but the Russians used
this.
Another
technology used by potential adversaries was satellite. The use
of satellites for phone conversations declined dramatically in the
last ten years as other technologies (cable, fiber) replace satellite
which had too much delay (40,000 miles up and back) and was too
expensive. That was too bad for NSA because satellites are easy
to eavesdrop on, fiber is tough. Actually, NSA can tap fiber (no
mean achievement) but the fiber is underground or under the ocean,
making it difficult to get to. Too bad for NSA.
After
the cold war, NSA’s budget was cut by a third and targets increased.
There were targets in Africa, in the Balkans, in North Korea. NSA
continued to miss opportunities: NSA completely missed the atomic
tests in India. NSA completely missed the bombing of the Cole. In
both cases the US was surprised.. The bombing of the African embassies
was missed. Once you know the track record, it is no surprise that
NSA completely missed Sept. 11. It’s what you’d expect.
Language
skills continue as a problem. The US was involved in Haiti, the
NSA had one Creole speaker.
The
other "intelligence" agency that might have helped with
Sept 11 is the Central Intelligence Agency (CIA). CIA missed Sept
11 completely too. This not much of a surprise. CIA itself does
not collect much information, instead CIA specializes in analysis.
What intelligence they do gather is done in a peculiar way. The
CIA has "case officers." They are assigned to embassies
around the world, typically as "cultural attaches." Their
job is to enlist spies from the area. They pay the spies to report
back to them periodically and tell them what’s going on. This is
called "human intelligence" (humint) in contrast to the
material that the NSA gathers. Unfortunately, humint is very unreliable.
You’ll read that the "CIA needs more case officers." For
example, this point is made in a recent book on the CIA by Robert
Baer ("See No Evil: The True Story of a Ground Soldier in the
CIA's War on Terrorism"). Bamford disagrees with this message,
and in fact has recently published a review of the Baer book where
he pans it. Bamford gives an example of how crummy humint is: Recently
the TV show 60 Minutes had found a guy who knew all about something
[can’t remember, maybe about how the terrorists operate]. Before
putting him on the air, 60 Minutes wanted to confirm that this source
was legit, so they retained Robert Baer to check him out (Baer had
left the CIA). Baer certified him as a good source. Only later did
we learn that everything was made up…the source just wanted his
15 minutes of fame. As we said, human sources are no good, and Baer
is no better than anyone at detecting the good ones.
A
major justification for the CIAs modus operandi is that they can’t
get their own people into various organizations. "They’re all
clan based, you have to have been born there…., " the CIA argues.
Let me ask one question: how did a Marin county high school student
get inside El Qaeda in less than two years, learning major pieces
of intelligence, meeting with OBL, etc.? CIA couldn’t do that?
Questions
followed. Q: What about the Internet? A: That's another technology
they missed. OBL used email. OBL did not use encryption of any sort
on any communication. The best breakthrough in the whole intelligence
gathering surrounding Sept 11 was by the New York Times, who spent
$1100 for a computer owned by one of the El Qaeda guys. The disk
was encrypted, but by a cheap encryption that the NYT broke easily,
to find lots of info about Al Qaeda plans. Another major failure
of the CIA and NSA.
Q:
Will NSA try to limit encryption? A: Yes, they'll try to place new
limits on encryption. And Clipper and key escrow will make a comeback.
And lots of other nonsense.
Q:
Can we stop surprise attacks? A: No. We cannot avoid these kind
of attacks. We have to somehow explain to people that this is just
one of the hazards of life, like 50,000 Americans dying of colon
cancer, or 50,000 Americans dying in car accidents every year. The
government cannot bring itself to say the truth, that terrorism
is just one of the risks of life.
Q:
What's your relationship with NSA? A: On the day the second book
was published, NSA held a book signing at NSA HQ. I teach a class
at NSA. The Defense Intelligence Agency used my first book as a
textbook.
Q:
What about the NSC. A: The National Security Council mostly has
nothing to do with NSA. Technically the NSA reports to the head
of the NSC, but besides some basic rules of engagement, there's
no link. The difference between them is remarkable: we've all heard
of Condaleeza Rice, but who's heard of the head of NSA, Gen. Mike
Hayden?
Q:
What about misinformation? A: It's a big problem. The FBI spy Robert
Hanssen worked closely with the NSA. Everything he knew about NSA's
progress or lack thereof was probably provided to the Russians.
Also, the Russians were provided with the names of all the CIA sources
in Russia. NET: the Russians knew everything we knew. Thus, we have
to assume that everything we got from the Russians or our spies
was actually misinformation. Or not. A "wilderness of mirrors."
Q:
How does NSA work? A: Heavy use of polygraphs. Mandatory exams every
five years, plus random use of polygraphs, for every employee. NSA
has more PhDs in mathematics than any other organization in the
western world. NSA has a mental health unit for those who can't
deal with the secrecy and complexities of codes.
Q:
Aren't most rules on government secrecy just ways to protect those
in power from looking like fools? A: Yes, pretty much. Best solution
to this is a diligent journalistic force (a free press) but today's
press is actually getting worse. Before Sept. 11 all the coverage
was on Gary Condit and on shark attacks, in spite of the fact that
there are fewer shark attacks every year. Sells papers.
Q:
What should we do? A: Put national privacy at the same level as
national security. Support privacy groups.
February
11, 2002
LRC
needs your support. Please donate.
|
