Lt. Gen. Keith Alexander. photo: Saul Loeb/AFP/Getty Images
The Cowboy of the NSA
12 September 13
Inside Gen. Keith Alexander's all-out, barely-legal drive to build the ultimate spy machine.
n Aug. 1, 2005, Lt. Gen. Keith Alexander reported for duty as the 16th director of the National Security Agency, the United States' largest intelligence organization. He seemed perfect for the job. Alexander was a decorated Army intelligence officer and a West Point graduate with master's degrees in systems technology and physics. He had run intelligence operations in combat and had held successive senior-level positions, most recently as the director of an Army intelligence organization and then as the service's overall chief of intelligence. He was both a soldier and a spy, and he had the heart of a tech geek. Many of his peers thought Alexander would make a perfect NSA director. But one prominent person thought otherwise: the prior occupant of that office.
Air Force Gen. Michael Hayden had been running the NSA since 1999, through the 9/11 terrorist attacks and into a new era that found the global eavesdropping agency increasingly focused on Americans' communications inside the United States. At times, Hayden had found himself swimming in the murkiest depths of the law, overseeing programs that other senior officials in government thought violated the Constitution. Now Hayden of all people was worried that Alexander didn't understand the legal sensitivities of that new mission.
"Alexander tended to be a bit of a cowboy: 'Let's not worry about the law. Let's just figure out how to get the job done,'" says a former intelligence official who has worked with both men. "That caused General Hayden some heartburn."
The heartburn first flared up not long after the 2001 terrorist attacks. Alexander was the general in charge of the Army's Intelligence and Security Command (INSCOM) at Fort Belvoir, Virginia. He began insisting that the NSA give him raw, unanalyzed data about suspected terrorists from the agency's massive digital cache, according to three former intelligence officials. Alexander had been building advanced data-mining software and analytic tools, and now he wanted to run them against the NSA's intelligence caches to try to find terrorists who were in the United States or planning attacks on the homeland.
By law, the NSA had to scrub intercepted communications of most references to U.S. citizens before those communications can be shared with other agencies. But Alexander wanted the NSA "to bend the pipe towards him," says one of the former officials, so that he could siphon off metadata, the digital records of phone calls and email traffic that can be used to map out a terrorist organization based on its members' communications patterns.
"Keith wanted his hands on the raw data. And he bridled at the fact that NSA didn't want to release the information until it was properly reviewed and in a report," says a former national security official. "He felt that from a tactical point of view, that was often too late to be useful."
Hayden thought Alexander was out of bounds. INSCOM was supposed to provide battlefield intelligence for troops and special operations forces overseas, not use raw intelligence to find terrorists within U.S. borders. But Alexander had a more expansive view of what military intelligence agencies could do under the law.
"He said at one point that a lot of things aren't clearly legal, but that doesn't make them illegal," says a former military intelligence officer who served under Alexander at INSCOM.
In November 2001, the general in charge of all Army intelligence had informed his personnel, including Alexander, that the military had broad authority to collect and share information about Americans, so long as they were "reasonably believed to be engaged" in terrorist activities, the general wrote in a widely distributed memo.
The general didn't say how exactly to make this determination, but it was all the justification Alexander needed. "Hayden's attitude was 'Yes, we have the technological capability, but should we use it?' Keith's was 'We have the capability, so let's use it,'" says the former intelligence official who worked with both men.
Hayden denied Alexander's request for NSA data. And there was some irony in that decision. At the same time, Hayden was overseeing a highly classified program to monitor Americans' phone records and Internet communications without permission from a court. At least one component of that secret domestic spying program would later prompt senior Justice Department officials to threaten resignation because they thought it was illegal.
But that was a presidentially authorized program run by a top-tier national intelligence agency. Alexander was a midlevel general who seemed to want his own domestic spying operation. Hayden was so troubled that he reported Alexander to his commanding general, a former colleague says. "He didn't use that atomic word - 'insubordination' - but he danced around it."
The showdown over bending the NSA's pipes was emblematic of Alexander's approach to intelligence, one he has honed over the course of a 39-year military career and deploys today as the director of the country's most powerful spy agency.
Alexander wants as much data as he can get. And he wants to hang on to it for as long as he can. To prevent the next terrorist attack, he thinks he needs to be able to see entire networks of communications and also go "back in time," as he has said publicly, to study how terrorists and their networks evolve. To find the needle in the haystack, he needs the entire haystack.
"Alexander's strategy is the same as Google's: I need to get all of the data," says a former administration official who worked with the general. "If he becomes the repository for all that data, he thinks the resources and authorities will follow."
That strategy has worked well for Alexander. He has served longer than any director in the NSA's history, and today he stands atop a U.S. surveillance empire in whichsignals intelligence, the agency's specialty, is the coin of the realm. In 2010, he became the first commander of the newly created U.S. Cyber Command, making him responsible for defending military computer networks against spies, hackers, and foreign armed forces - and for fielding a new generation of cyberwarriors trained to penetrate adversaries' networks. Fueled by a series of relentless and increasingly revealing leaks from former NSA contractor Edward Snowden, the full scope of Alexander's master plan is coming to light.
Today, the agency is routinely scooping up and storing Americans' phone records. It is screening their emails and text messages, even though the spy agency can't always tell the difference between an innocent American and a foreign terrorist. The NSA uses corporate proxies to monitor up to 75 percent of Internet traffic inside the United States. And it has spent billions of dollars on a secret campaign to foil encryption technologies that individuals, corporations, and governments around the world had long thought protected the privacy of their communications from U.S. intelligence agencies.
The NSA was already a data behemoth when Alexander took over. But under his watch, the breadth, scale, and ambition of its mission have expanded beyond anything ever contemplated by his predecessors. In 2007, the NSA began collecting information from Internet and technology companies under the so-called PRISM program. In essence, it was a pipes-bending operation. The NSA gets access to the companies' raw data - including e-mails, video chats, and messages sent through social media - and analysts then mine it for clues about terrorists and other foreign intelligence subjects. Similar to how Alexander wanted the NSA to feed him with intelligence at INSCOM, now some of the world's biggest technology companies - including Google, Microsoft, Facebook, and Apple - are feeding the NSA. But unlike Hayden, the companies cannot refuse Alexander's advances. The PRISM program operates under a legal regime, put in place a few years after Alexander arrived at the NSA, that allows the agency to demand broad categories of information from technology companies.
Never in history has one agency of the U.S. government had the capacity, as well as the legal authority, to collect and store so much electronic information. Leaked NSA documents show the agency sucking up data from approximately 150 collection sites on six continents. The agency estimates that 1.6 percent of all data on the Internet flows through its systems on a given day - an amount of information about 50 percent larger than what Google processes in the same period.
When Alexander arrived, the NSA was secretly investing in experimental databases to store these oceans of electronic signals and give analysts access to it all in as close to real time as possible. Under his direction, it has helped pioneer new methods of massive storage and retrieval. That has led to a data glut. The agency has collected so much information that it ran out of storage capacity at its 350-acre headquarters at Fort Meade, Maryland, outside Washington, D.C. At a cost of more than $2 billion, it has built a new processing facility in the Utah desert, and it recently broke ground on a complex in Maryland. There is a line item in the NSA's budget just for research on "coping with information overload."
Yet it's still not enough for Alexander, who has proposed installing the NSA's surveillance equipment on the networks of defense contractors, banks, and other organizations deemed essential to the U.S. economy or national security. Never has this intelligence agency - whose primary mission is espionage, stealing secrets from other governments - proposed to become the electronic watchman of American businesses.
This kind of radical expansion shouldn't come as a surprise. In fact, it's a hallmark of Alexander's career. During the Iraq war, for example, he pioneered a suite of real-time intelligence analysis tools that aimed to scoop up every phone call, email, and text message in the country in a search for terrorists and insurgents. Military and intelligence officials say it provided valuable insights that helped turn the tide of the war. It was also unprecedented in its scope and scale. He has transferred that architecture to a global scale now, and with his responsibilities at Cyber Command, he is expanding his writ into the world of computer network defense and cyber warfare.
As a result, the NSA has never been more powerful, more pervasive, and more politically imperiled. The same philosophy that turned Alexander into a giant - acquire as much data from as many sources as possible - is now threatening to undo him. Alexander today finds himself in the unusual position of having to publicly defend once-secret programs and reassure Americans that the growth of his agency, which employs more than 35,000 people, is not a cause for alarm. In July, the House of Representatives almost approved a law to constrain the NSA's authorities - the closest Congress has come to reining in the agency since the 9/11 attacks. That narrow defeat for surveillance opponents has set the stage for a Supreme Court ruling on whether metadata - the information Alexander has most often sought about Americans - should be afforded protection under the Fourth Amendment's prohibition against "unreasonable searches and seizures," which would make metadata harder for the government to acquire.
Alexander declined Foreign Policy's request for an interview, but in response to questions about his leadership, his respect for civil liberties, and the Snowden leaks, he provided a written statement.
"The missions of NSA and USCYBERCOM are conducted in a manner that is lawful, appropriate, and effective, and under the oversight of all three branches of the U.S. government," Alexander stated. "Our mission is to protect our people and defend the nation within the authorities granted by Congress, the courts and the president. There is an ongoing investigation into the damage sustained by our nation and our allies because of the recent unauthorized disclosure of classified material. Based on what we know to date, we believe these disclosures have caused significant and irreversible harm to the security of the nation."
In lieu of an interview about his career, Alexander's spokesperson recommended a laudatory profile about him that appeared in West Point magazine. It begins: "At key moments throughout its history, the United States has been fortunate to have the right leader -- someone with an ideal combination of rare talent and strong character -- rise to a position of great responsibility in public service. With General Keith B. Alexander ... Americans are again experiencing this auspicious state of affairs."
Lawmakers and the public are increasingly taking a different view. They are skeptical about what Alexander has been doing with all the data he's collecting - and why he's been willing to push the bounds of the law to get it. If he's going to preserve his empire, he'll have to mount the biggest charm offensive of his career. Fortunately for him, Alexander has spent as much time building a political base of power as a technological one.
Those who know Alexander say he is introspective, self-effacing, and even folksy. He's fond of corny jokes and puns and likes to play pool, golf, and Bejeweled Blitz, the addictive puzzle game, on which he says he routinely scores more than 1 million points.
Alexander is also as skilled a Washington knife fighter as they come. To get the NSA job, he allied himself with the Pentagon brass, most notably Donald Rumsfeld, who distrusted Hayden and thought he had been trying to buck the Pentagon's control of the NSA. Alexander also called on all the right committee members on Capitol Hill, the overseers and appropriators who hold the NSA's future in their hands.
When he was running the Army's Intelligence and Security Command, Alexander brought many of his future allies down to Fort Belvoir for a tour of his base of operations, a facility known as the Information Dominance Center. It had been designed by a Hollywood set designer to mimic the bridge of the starship Enterprise from Star Trek, complete with chrome panels, computer stations, a huge TV monitor on the forward wall, and doors that made a "whoosh" sound when they slid open and closed. Lawmakers and other important officials took turns sitting in a leather "captain's chair" in the center of the room and watched as Alexander, a lover of science-fiction movies, showed off his data tools on the big screen.
"Everybody wanted to sit in the chair at least once to pretend he was Jean-Luc Picard," says a retired officer in charge of VIP visits.
Alexander wowed members of Congress with his eye-popping command center. And he took time to sit with them in their offices and explain the intricacies of modern technology in simple, plain-spoken language. He demonstrated a command of the subject without intimidating those who had none.
"Alexander is 10 times the political general as David Petraeus," says the former administration official, comparing the NSA director to a man who was once considered a White House contender. "He could charm the paint off a wall."
Alexander has had to muster every ounce of that political savvy since the Snowden leaks started coming in June. In closed-door briefings, members of Congress have accused him of deceiving them about how much information he has been collecting on Americans. Even when lawmakers have screamed at him from across the table, Alexander has remained "unflappable," says a congressional staffer who has sat in on numerous private briefings since the Snowden leaks. Instead of screaming back, he reminds lawmakers about all the terrorism plots that the NSA has claimed to help foil.
"He is well aware that he will be criticized if there's another attack," the staffer says. "He has said many times, 'My job is to protect the American people. And I have to be perfect.'"
There's an implied threat in that statement. If Alexander doesn't get all the information he wants, he cannot do his job. "He never says it explicitly, but the message is, 'You don't want to be the one to make me miss,'" says the former administration official. "You don't want to be the one that denied me these capabilities before the next attack."
Alexander has a distinct advantage over most, if not all, intelligence chiefs in the government today: He actually understands the multibillion-dollar technical systems that he's running.
"When he would talk to our engineers, he would get down in the weeds as far as they were. And he'd understand what they were talking about," says a former NSA official. In that respect, he had a leg up on Hayden, who colleagues say is a good big-picture thinker but lacks the geek gene that Alexander was apparently born with.
"He looked at the technical aspects of the agency more so than any director I've known," says Richard "Dickie" George, who spent 41 years at the NSA and retired as the technical director of the Information Assurance Directorate. "I get the impression he would have been happy being one of those guys working down in the noise," George said, referring to the front-line technicians and analysts working to pluck signals out of the network.
Alexander, 61, has been a techno-spy since the beginning of his military career. After graduating from West Point in 1974, he went to West Germany, where he was initiated in the dark arts of signals intelligence. Alexander spent his time eavesdropping on military communications emanating from East Germany and Czechoslovakia. He was interested in the mechanics that supported this brand of espionage. He rose quickly through the ranks.
"It's rare to get a commander who understands technology," says a former Army officer who served with Alexander in 1995, when Alexander was in charge of the 525th Military Intelligence Brigade at Fort Bragg, North Carolina. "Even then he was into big data. You think of the wizards as the guys who are in their 20s." Alexander was 42 at the time.
At the turn of the century, Alexander took the big-data approach to counterterrorism. How well that method worked continues to be a matter of intense debate. Surely discrete interceptions of terrorists' phone calls and emails have helped disrupt plots and prevent attacks. But huge volumes of data don't always help catch potential plotters. Sometimes, the drive for more data just means capturing more ordinary people in the surveillance driftnet.
When he ran INSCOM and was horning in on the NSA's turf, Alexander was fond of building charts that showed how a suspected terrorist was connected to a much broader network of people via his communications or the contacts in his phone or email account.
"He had all these diagrams showing how this guy was connected to that guy and to that guy," says a former NSA official who heard Alexander give briefings on the floor of the Information Dominance Center. "Some of my colleagues and I were skeptical. Later, we had a chance to review the information. It turns out that all [that] those guys were connected to were pizza shops."
A retired military officer who worked with Alexander also describes a "massive network chart" that was purportedly about al Qaeda and its connections in Afghanistan. Upon closer examination, the retired officer says, "We found there was no data behind the links. No verifiable sources. We later found out that a quarter of the guys named on the chart had already been killed in Afghanistan."
Those network charts have become more massive now that Alexander is running the NSA. When analysts try to determine if a particular person is engaged in terrorist activity, they may look at the communications of people who are as many as three steps, or "hops," removed from the original target. This means that even when the NSA is focused on just one individual, the number of people who are being caught up in the agency's electronic nets could easily be in the tens of millions.
According to an internal audit, the agency's surveillance operations have been beset by human error and fooled by moving targets. After the NSA's legal authorities were expanded and the PRISM program was implemented, the agency inadvertently collected Americans' communications thousands of times each year, between 2008 and 2012, in violation of privacy rules and the law.
Yet the NSA still pursued a counterterrorism strategy that relies on ever-bigger data sets. Under Alexander's leadership, one of the agency's signature analysis tools was a digital graph that showed how hundreds, sometimes thousands, of people, places, and events were connected to each other. They were displayed as a tangle of dots and lines. Critics called it the BAG - for "big ass graph" - and said it produced very few useful leads. CIA officials in charge of tracking overseas terrorist cells were particularly unimpressed by it. "I don't need this," a senior CIA officer working on the agency's drone program once told an NSA analyst who showed up with a big, nebulous graph. "I just need you to tell me whose ass to put a Hellfire missile on."
Given his pedigree, it's unsurprising that Alexander is a devotee of big data. "It was taken as a given for him, as a career intelligence officer, that more information is better," says another retired military officer. "That was ingrained."
Edited - for the entire article go to:
No comments:
Post a Comment