Losing It

David Edgerley Gates

Trump's recent revocation of former DCI John Brennan's security clearance has generated a lot of heat and not much light. Let's see if we can read the entrails.

To begin with, access to confidential information is authorized on a Need-to-Know basis. You need to know this stuff to do your job. Moving into the upper atmosphere, information gets classified at higher levels, Sensitive and Compartmentalized. In my own case, as an analyst working with intercepted military communications, my clearance level was Top Secret/Crypto [CODEWORD Material] Handle Via COMINT Channels Only. The primary purpose, here, was to protect sources and methods. As the intelligence was passed on to consumers, those specific sources and methods were edited out, and only referenced to indicate provenance and reliability - even then, in sanitized euphemisms.

At policy level, the upper reaches of the chain of command, the National Security Council, say, the inner circle, CIA and NSA, State, the Pentagon, these people are breathing thinner air. Compartmentalization isn't an issue, access is across the board. Still, the habit of secrecy, the gnostic power, that Special Knowledge, held in trust by the initiate, is a drug. It's the crystal meth of statecraft. Losing the privilege, going cold turkey, is being cast into the outer darkness, with weeping and gnashing of teeth.

I remember being processed out of Berlin. They terminated my clearance, and red-badged me. I was redundant. It was both exhilarating and depressing. Release is second cousin to exile. But at the same time, it was clearly explained that I was to take their secrets to the grave with me, and the alternative was Leavenworth. There was also a two-year travel restriction. I was prohibited from going to Eastern Europe, for example - which made perfect sense, since our resources targeted Group Soviet Forces and the Warsaw Pact. They might have liked to pick my brain.

More to the point, if you spend a significant period in your life locked into a mission, you can't shift gears as easily as you change your socks. We were on the edge of the Cold War. It's not an exaggeration to suggest we played some small part in preventing it from turning hot. And almost everybody I know from back then kept their hand in. How not? You read between the lines, you hear an echo where other people hear empty air. You miss the high.

It's long-standing convention, going back to Eisenhower, that senior figures keep their secure access through successive administrations. The tradition of the Wise Men, somehow above the fray. Think of Dean Acheson, or Clark Clifford, or James Baker. You can call on these guys in a crisis. And they, of course, are all too ready. What, you think Henry Kissinger's shy?

In the case of Brennan, specifically, I'm hearing that a fair number of people in the intelligence community, both former and currently serving, don't care for the guy. They regard him as self-serving, and his version of his own bio leaves out the unwary he's thrown under the bus. Be that as it may. It's all the more interesting, then, that seven former DCI's and six former Deputy Directors, along with two former Directors of National Intelligence, have put their names to a letter supporting Brennan and challenging Trump. Not challenging Trump's authority to refuse Brennan access to secure materials, but the grounds for it.

Brennan is clearly being punished for shooting his mouth off. He's made no secret of his disdain for Trump, and Trump has seemingly conflated Brennan's animosity with the Mueller investigation. (This is just one of those odd distortions that appear at random in the Trump alternate ecosystem.) What the signatories to the protest letter take issue with is the chilling effect. It's probably safe to say they don't all agree with Brennan, and if they do, they think it's better to keep it to themselves. Gen. Michael Hayden has not, he's been extremely critical of Trump, but Hayden has an honorable track record, in my opinion - a lot better than Brennan's. Bob Gates, Porter Goss, and Leon Panetta. They've kept their own counsel, and I think they must feel duty-bound to speak up. Tenet and Petraeus, on the other hand? Tenet went in the bag for WMD's. Petraeus, damn it, put Little Elvis at the wheel. 

It's naive, or willful ignorance, to think intelligence isn't politicized. We have only to go back as far as the late 1960's, when it was pretty widely known in certain closed circles that the field reporting out of Viet Nam was being massaged as it went up the food chain, to present an acceptable wisdom. But by and large, intelligence professionals try to present a realistic approximation of a shifting and ambiguous world. The run-up to Iraq is in fact a pretty good example. Feith and Wolfowitz tried to use their weasel shop at the Pentagon to discredit the CIA reporting, and Nigerian yellowcake made it into the State of the Union, but the Agency kept pushing the least dishonest assessments they could, even though Tenet was afraid he'd lose both the argument and the confidence of the only client who mattered. This is of course the actual bottom line. You want the president's ear, and his trust. If he stops listening, you've lost the fight. You still do your best to give good weight.

What we're seeing here isn't disloyalty, or a mutiny by the palace eunuchs. It's not the Deep State, either, although you might call it the deep bench. I don't imagine these guys have any hope of changing Trump. Maybe this is no more than a symbolic gesture, a decent respect. I have to wonder if they're not looking past public opinion, which seems pretty rigid, either way, and the bluster and cowardice of Congress, and speaking to their still-serving peers. It's not about the man, whether Brennan or Trump. That's small potatoes. It's about the mission. It's about something larger than parochial self-interest.

Trump already has an adversarial relationship with his national security staff. He's got the attention span of a fruit-fly, for one, which means his briefers have learned to use block lettering and bright colors. Secondly, he refuses to admit Russian disinformation efforts in the election, and the possible benefit to him. And of course third, he uses every opportunity to malign the integrity of his own agencies, particularly CIA and the Feebs.

You have to wonder how this plays as a team-building effort and management message. Obviously, the personnel still in place aren't sharing. But in the 48 hours after the big guns went public, another sixty former CIA senior staff added their names, and now an additional seventy-five have signed on. That's a fair amount of disgruntlement, and we're not talking about a bunch of starry-eyed innocents, either. These are career intelligence officers. They know where the bodies are buried. They've buried a few.

I can only hazard a guess, but this appears to be an engaged support group. Professional courtesy. Commitment. I think it's a show of hands.  

Keystone Cops - the Trump-Russia Connection

Once again, a disclaimer. This post isn't political comment, but thinking out loud about the spycraft involved. Nor do I claim special knowledge. It's pure speculation.

If you're one of the people following what Rick Wilson of The Daily Beast has characterized as "the Trump-Russia intelligence and influence scandal," you can be forgiven for experiencing a certain bemusement. The story keeps wandering off-narrative, the cast doesn't know their lines, the whole thing is like a dress rehearsal for the school play. Lucian K. Truscott IV, writing for SALON, sounds a note of gleeful despair, trying to strike a balance between the giddy anarchy of a Three Stooges routine and the jaws of darkness yawning open beneath our feet. You don't have to take sides to take it seriously, but it has an unreal quality. Farce, caricature, exaggeration of effect, clown noses and oversized shoes. 

What would a working intelligence professional make of all this? If we discount the attitude, and the partisanship, and the Whose-Ox-Is-Being-Gored, and focus on the basic operational dynamics - the tradecraft of recruitment, the servicing of resources, the value of the product - does it show any return on the investment? What's our cost-benefit ratio?

Security operations are often graded on the curve. You might have a downside risk, but if you're blown, the exposure is quantifiable. It's worth losing X to acquire Y. Penetrations are always high-value. Getting someone inside. Philby and Blake. Gunter Guillaume. Alger Hiss. Penkovsky. It's a tightrope act for the spy, of course. For his handlers, not so much. Embarrassment, contrition, crocodile tears. Deep-cover assets understand their vulnerability. It's a buyer's market. You're only as good as your last picture. So forth and so on. The point here being that a penetration is usually considered well worth the money, the extra effort, the aggravation. Any rewards justify the sweat equity. But defectors are known to inflate their resumes. They give themselves better credentials, they claim better access. Another thing to remember is that the more difficult the courtship, and the more it costs, the more highly you value the object of your desire. In other words, we both want to close the sale. It's to our mutual advantage. And who's to say there isn't as much wishful thinking on the one side as on the other?

Intelligence consumers want what's known in the trade as collateral, telling detail that gives your product a material weight, the force of gravity. What we've got here is disconnect. Peripheral vision, low light. Manafort is compromised because he was a bagman for Yanukovych. Kushner met with VneshEconomBank chair Gorkov, and VEB launders dirty money for the Kremlin. Flynn broke bread with Putin at a meet-and-greet sponsored by RT. Page and Stone were coat-trailed by SVR. All of it suggestive, none of it at all imperative.

There's a moment in Smiley's People, about a third of the way through, when George learns that Karla is "looking for a legend, for a girl."  This is the place where the story - the story within, the hidden narrative - begins to shape itself. George first hears that voice, and we're taken into his confidence, and feel its muscularity, and the book turns a corner (its secret just around the next one). 

How do we apply the comforts of a fiction? We suppose not, but hold the phone. The absence of structure tells us something. We're used to the idea of conspiracy, plots laid, inductions devious. I'd suggest this wasn't a concerted effort. Not at either end. I think the Russian services went after targets of opportunity. Putin's an old KGB guy of course, but he seems to have buried the hatchet with GRU. He's made extensive use of both, in Crimea and the Donbass. Russian information warfare strategy has also been formalized. Kaspersky Lab, which on paper is private sector, works in cybersecurity. Once upon a time, this was all under the authority of the Organs, the state apparat, but the chain of command is more flexible. I'm guessing an approach to an American or European businessman could be made by anybody, sanctioned or not. Is it corporate espionage, or government? What's the difference? you might ask. If you're shaking hands with the siloviki, the oligarchs, you're already in bed with the Mafia and state security. It's not at all difficult to imagine a guy like Paul Manafort being recruited, because he'd be recruiting talent himself, working both sides of the street. He's cultivating influence, that's his currency. So let's say we see this happen with other examples. No grand design or discipline, just low-hanging fruit.

Moving ahead, we get to the past summer of an election year, 2016, and evidence of Russian e-mail hacking. We know the FBI opened their investigation in July, and it's now being reported that CIA began briefing the Gang of Eight - the senior majority and minority leaders in the House and Senate, and on the intelligence committees - in mid-August. Slight cognitive dissonance, as the Bureau believed the Russian threat was meant only to disrupt the political process in general, CIA believed it was specifically focused on sabotaging the Clinton campaign and electing Trump. CIA suspects active collusion.

What are the basics? We know any intelligence community is top-heavy with turf warriors. MI5 and MI6. FBI and CIA. SVR and FSB and GRU. But there was a trigger mechanism. My guess is that a ranking somebody in the Russian spy orbits took notice and pulled the various threads together. We imagine frustrations expressed at the top of the food chain, "Who will rid me of this tempestuous priest?" And the barons mount up. I'm also thinking this was as much accident as anything else. The necessary tools were ready to hand. All it required was an organizing principle. The rest is housekeeping, who carried the water.

One last observation. The feckless and the foolish are easily led. You play to their vanities, their limitless self-regard. it's never truer than in the spook trade that you can't cheat an honest man.

Recommended:
Lucian K. Truscott IV in SALON
http://www.salon.com/writer/lucian_k_truscott_iv/

Sauce for the Goose

Meanwhile, back on the spook front, a couple or three developments. Maybe not all of a piece. They just bunched up on the radar around the same time.

To begin with, NSA has announced the establishment of a new Directorate of Operations, to oversee two previously separate missions - known as Signals Intelligence and Information Assurance - the first their offensive eavesdropping capacity, and the second their security firewalls. This is kind of a big deal, although it might not seem like it to an outside. The intelligence agencies prefer not to cross-pollinate.

Although inter-agency and intra-agency transparency looks good on paper, there are inherent risks, and they don't necessarily have a lot to do with jurisdiction or budget fights. Yes, you always have to live with dedicated turf warriors, but this is actually about keeping your assets secure and compartmentalized. For many years, CIA has maintained an institutional divide between Intelligence and Operations, and resisted calls to integrate. You could argue one mission is passive and the other active, but more to the point, a compromise on one side of the shop doesn't jeopardize the other. You limit your exposure. You're not giving up a roadmap to sources and methods.

So it's a trade-off. NSA may well enhance its analytical skills, of intercepted traffic and in defense against cyber attack. They may also be opening the watertight doors.

The next thing that caught my attention probably falls under the heading of Old Wine, New Bottles. Some while ago, DARPA came up with a program, or a menu of programs, called Total Information Awareness. This was shelved, for a time, and then implemented by fits and starts, not as a fully coherent approach. Then come the Snowden leaks, and data-mining is on everybody's lips. Nancy Pelosi and the House Intelligence Committee are shocked, shocked, but eventually the smoke blows away. Now a new tool has surfaced, called Information Volume and Velocity. (Don't you love these names?) This is designed to model trends on social media, among other platforms.

The most obvious application is counterterrorism. ISIS, for one, and the insurgents in the North Caucasus, for another, are more than familiar with Twitter and Facebook. They use them for recruitment, and public relations, and for command-and-control in the field - although lately the more popular vehicle has been on-line simulator games. You can see the appeal of a first-person shooter.

The problem, from NSA's point of view (or CIA, or the FBI, or Homeland Security), isn't data collection. The issue is how to process the material, and spin gold out of straw. The volume, not to mention the velocity, is impossible to keep up with. What they've got is an embarrassment of riches. The information environment is overwhelming. They need a filtering mechanism, to define the threat posture.

Last but not least, we have the recent Apple dust-up. This isn't a theoretical, or preventative policing. It's a question that came up after the San Bernadino shootings last December. Farook, one of the shooters, had an iPhone. FBI investigators would like to unlock it, and Apple says they won't provide a way to defeat the encryption. What we got here is real quicksand.

These issues are nowhere near clear-cut, although Apple CEO Tim Cook seems determined to frame it in apocalyptic terms and FBI Director James Comey is taking a predictably hard line. The law-and-order argument is uncomplicated. Comey says, we need to pursue every lead, in case other people are involved. We have a duly-issued search warrant for the digital contents of the phone, and the manufacturer has a legal and moral obligation to comply. Apple has in fact given the FBI everything it could download from the Cloud, but it refuses to write code that would reverse-engineer the encrypted data that's on the phone itself. Apple maintains that this would of necessity amount to a master key, that would unlock any iPhone. In other words, they could no longer market a secure product. They may cloak it in civil liberties, but it's a business decision.

The disingenuousness, or hypocrisy, on both sides, doesn't take away from either position. Comey's point is perfectly well taken, and so is Cook's. And for once, although I'm sure there are people who probably think I never met a surveillance program I didn't like, I'm with Apple on this one. Whether you trust U.S. federal agencies to take the high road is irrelevant. There are other countries in the world. There are more than a few that bully their own citizens, and whose management of information technology is anything but benign. We'd be handing them a loaded gun.

Is there a common thread? I dunno. There's no hard and fast. Maybe it signifies, maybe not. Stuff drifts past in my peripheral vision, and sometimes it catches the light.

Scattered Castles

There's been a lot of smoke and mirrors lately about the Chinese hacking into computer networks all over the place, and of course it isn't just the Chinese. Cyberattacks have become a lot more common. Anybody remember STUXNET, the virus that targeted the Iranian nuke R&D? Nobody's copped to it, but we can imagine it was probably a joint effort by the U.S. and the Israelis.
My own website was hacked by some Russian trolls. I don't know what the object was. Bank fraud, or Meet Hot Slavs?  It wouldn't be to use any of the actual information from my site, but to compromise the server pathways. FatCow, the server, hosts a buttload of websites, and once in the back door, you could cherry-pick all the caramels, and leave the liquid centers behind.

The point of the Chinese hacks is that they're not amateur or random, by and large, but directed by the Ministry of Defense, against specific hard targets. The big one, most recently (or at least most recently discovered), is the security breach of the Office of Personnel Management. I know this doesn't sound all that glamorous or hot-ticket - OPM is basically the U.S. government's Human Resources department, the central clearinghouse - but in fact it's a big deal. Best guess to date is that 18 million files have been penetrated, and that's a lowball figure. 

Here's what makes it important. OPM is responsible for security clearances, access to classified material. Back in the day, this was the FBI's job, but it's presently estimated that 5 million people, including both government employees and contractors, hold clearances, and the FBI's current staffing is 35,000. You do the math. The numbers are overwhelming. OPM, in turn, farms this out to FIS, the Federal Investigative Services, and the private sector.

But wait, there's more. The intelligence agencies, CIA, NSA, the National Reconnaissance Office (the spy satellite guys), have their own firewalled system, know as Scattered Castles. For whatever reason, budgetary constraints, too much backlog, or pressure from the Director of National Intelligence, the spook shops were instructed to merge their data with OPM's. So was the Defense Department. A certain amount of foot-dragging ensued, not just territory, either, but concerns about OPM's safeguards. In the end, they caved. Not to oversimplify, because the databases are in theory separate, but it created an information chain.

Suppose, and it's a big suppose, that Scattered Castles is accessible through the OPM gatekeeper. Nobody in the intelligence community, or OPM, or the FBI (which is the lead investigator of the OPM break), will go on the record one way or the other. Understandably, because they'd be giving whoever hacked OPM a further opportunity to exploit, if they haven't already. This is a case of locking the barn door after the horse is gone. The worst-case scenario is that active-duty covert agents could be exposed. And bear in mind, that when you're investigated for a security clearance, you give up a lot of sensitive personal data - divorce, bankruptcy, past drug use, your sexual preference - the list goes on. Which opens you up to blackmail, or pressure on your family. This is an enormous can of worms, the consequences yet to be addressed.

OPM uses a Web-based platform called eQip to submit background information. You might in all seriousness ask whether it's any more secure than Facebook. The issue here, long-run, isn't simply the hack, but the collective reactive posture. These guys are playing defense, not offense. The way to address this is to uncover your weaknesses before the other guy does, and identify the threat, not wait for it to happen. Take the fight to them. Otherwise we're sitting ducks.  

It's amazing to me that these people left us open to this, quite honestly. They don't go to the movies, their kids don't play video games, they're totally out to lunch? It ain't science fiction. It's the real world. Cyber warfare is in the here and now.

Heads are gonna roll, no question. OPM's director is for the high jump, and her senior management is probably going to walk the plank, too. This doesn't fix it. What needs fixing is the mindset. We're looking at inertia, plain and simple, a body at rest. We need to own some momentum. 

http://www.DavidEdgerleyGates.com/

Dread Pirate Roberts

by Leigh Lundin

Day in history, 1 October 2013: A half-cocked Texas Tea Party senator shut down the federal government for seventeen days. The resulting outcry in Washington, panic on Wall Street, and consternation in world markets eclipsed another important news story. Outside of crime and tech circles, the public barely took notice of the seizure of Silk Road, the largest, most far-reaching criminal enterprise in the world, and the arrest of its young founder, Ross Ulbricht, aka, Dread Pirate Roberts.

A few days ago, a judge sentenced Ulbricht to two life terms.

Joshuah Bearman and Tomer Hanuka of Wired Magazine have created a fascinating and comprehensive article. I recommend checking their story, part 1 and part 2. Their article reads like a crime novella… and a Greek tragedy.

Recap

The hallmark of a Greek tragedy is hubris, encapsulated in mythology because of human (and human-like) failing. The putative Greek hero ascends, attaining glory and fame, only to be brought low by his (or her) own weaknesses and arrogance.

Such happened to Ross Ulbricht, an entrepreneur, ardent libertarian, former Eagle Scout and non-violent idealist… until the day he wasn’t. He began what he called a libertarian experiment, an on-line drug bazaar, a better eBay than eBay. He named the enterprise Silk Road after the ancient Asian trade routes.

Silk Road didn’t sell only drugs, they sold collectibles, electronics, and other goods much like Craig’s List. The web site also featured Silk Road chat, Silk Road forums, Silk Road wiki, Silk Road exchange, Silk Road credit union, Silk Road market, Silk Road bookstore, and Silk Road libertarian musings by its founder.

Ulbricht promoted trust, partly through anonymity, and partly through BitCoin exchange, but also through efforts to see customers were treated right. He devised an on-line escrow (which eBay should have done years ago), provided reviews and customer support. Ulbricht is noted for writing in his journal “This is more than a business to me. It’s a revolution and is becoming my life’s work.”

Security and anonymity were provided by software originally created by the US Navy. TOR, an acronym for The Onion Router, offered encryption for web sites behind the curtain that hides both legal and illegal activities, as seen in this video Inside the Dark Web or the recent movie, The Deep Web.

Ulbricht used a clever pseudonym as suggested by his mentor, Variety Jones. That alias was Dread Pirate Roberts, from the novel and subsequent film, The Princess Bride. In the story, Dread Pirate Roberts isn’t merely one person but, like Lee Falk’s The Phantom, a series of leaders who hand off the reins and the DPR name to a chosen successor when they become rich enough to retire. In conjunction with Silk Road, the sobriquet obscured who DPR was. Indeed many people believed Roberts was multiple people.

Operation Onion Peeler

The FBI geeks who went after the leader of Silk Road faced an intriguing challenge from a guy who made few mistakes… but a couple of errors was all it took. The digital police didn’t use a battering ram to get their man, they used finesse– or, as one described it, a form of ballet.

There’s little question Ulbricht ran Silk Road nor doubt he deserved a prison sentence for his misdeeds. But two life terms? The judge succumbed to pleas from the prosecutor to “send a message.”

Not all of us are fans of judicial messaging and over-sentencing, but a few other issues need to be considered. One is conspiracy and intent to commit the murder of at least one person and possibly five others who had stolen from the enterprise. That certainly shatters the image of the gentle idealist who wanted freedom for everyone.

However, the murder charge is murky. A Silk Road employee named Curtis Green had supposedly stolen $350,000. Ulbricht lamented how to handle it, writing that he didn’t want to use violence if Green would simply return the money. But Variety Jones, his mentor, urged Ulbricht to kill Green and referred to Green as the ‘organ donor’.

But the plot sickens. It turns out the money was actually stolen by Secret Service agent Shaun Bridges and facilitated by DEA agent Carl Force, who are being charged with the theft as well as other crimes, including laundering another half million dollars in BitCoins.

In other words, two federal agents stole funds using Green’s account, implicating him in the eyes of Ulbricht and moving him to homicide. One wonders if this constitutes entrapment, tipping Ulbricht over the edge of using violence to protect his interests. The only good part was that Green was in custody and not in imminent danger.

Ulbricht’s attorney is appealing the verdict.

Wired article Part 1   ❦   Wired article Part 2