NSA leaks put focus on intelligence apparatus’s reliance on outside contractors
By Robert O’Harrow Jr., Dana Priest and Marjorie Censer, Published:
The unprecedented leak of top-secret documents by National Security Agency contractor Edward Snowden raises far-reaching questions about the government’s rush to outsource intelligence work to contractors since the Sept. 11, 2001, terrorist attacks.
Never before have so many U.S. intelligence workers been hired so quickly, or been given access to secret government information through networked computers. In recent years, about one in four intelligence workers has been a contractor, and 70 percent or more of the intelligence community’s secret budget has gone to private firms.
Explore Top Secret America
The government has built a national security and intelligence system so big, so complex and so hard to manage, no one really knows if it's fulfilling its most important purpose: keeping its citizens safe.
Booz Allen Hamilton, which hired the 29-year-old Snowden three months ago to work at the NSA, has been a leader among more than 1,900 firms that have supplied tens of thousands of intelligence analysts in recent years, including technologists and field spies.
But in the rush to fill jobs, the government has relied on faulty procedures to vet intelligence workers, documents and interviews show. At the same time, intelligence agencies have not hired enough in-house government workers to manage and oversee the contractors, contracting specialists said.
On Monday, lawmakers said they will examine Snowden’s hiring and the growing use of private companies for intelligence work.
“We’ll be going over every inch of this,” said Rep. Adam B. Schiff (D-Calif.), a member of the House Intelligence Committee who expects confidential briefings on the leak in the next few days. Public hearings are likely as well, he said.
Schiff said the committee long has worried about the cost of outsourcing but now will scrutinize the security risks more closely. “Now I think we’ll be looking that through an entirely different lens,” he said.
Intelligence officials, government auditors and contracting specialists have warned for years that the vulnerability to spies and breaches was rising, along with contracting fraud and abuse.
“When you increase the volume of contractors exponentially but you don’t invest in the personnel necessary to manage and oversee that workforce, your exposure increases,” said Steven Schooner, co-director of the government procurement law program at George Washington University. “This is what happens when you have staggering numbers of people with access to this kind of information.”
The reliance on contractors reflects a major shift toward outsourcing over the past 15 years, in part because of cutbacks in the government agencies and commitment to smaller government by the George W. Bush administration.
Most of the work went to the largest contractors, including Booz Allen Hamilton, which had $5.8 billion in revenue last year. Almost all of Booz Allen’s work was for the government, and nearly a quarter of that was for intelligence agencies.
In the first few years after 2001, when the competition for qualified job candidates was the fiercest, it was not unusual for companies to give signing bonuses of $30,000 or a new car for workers with top-secret security clearances.
By 2010, the overall intelligence budget had grown by 250 percent since 2000. Nowhere was the growth larger than at the NSA. The budget there doubled, as did the physical infrastructure. The hidden Fort Meade complex includes as much square footage as the Pentagon and is surrounded by 112 acres of parking lots, according to military construction documents filed with Howard County. Ten thousand employees are to be added in the next 15 years, according to the plans.
Many of the NSA’s contractors are located in the 285-acre National Business Park, which is connected to the agency by a private road. Booz Allen shares the skyline there with other giants: L-3 Communications, Northrop Grumman and SAIC, to name a few.
By the mid-2000s, all of the intelligence agencies had become dependent on private contractors such as Snowden — who says he made $200,000 a year — to perform everything from information technology installation and maintenance to intelligence analysis and agent protection.
The government has built a national security and intelligence system so big, so complex and so hard to manage, no one really knows if it's fulfilling its most important purpose: keeping its citizens safe.
Private contractors working for the CIA recruited spies, protected CIA directors, helped snatch suspected extremists off the streets of Italy and even interrogated suspected terrorists in secret prisons aboard.
The Defense Security Service, the agency that grants security clearances to many of the Defense Department’s intelligence agencies, became so overwhelmed with that task that on April 28, 2006, it shut down the clearance process altogether. Its backlog of pending cases had reached 700,000, and it had run out of money to process any more. The government’s solution was to hire more contractors to administer the security clearance reviews.
Over time, the backlog has been dramatically cut. “A long while ago, we were looking at well over a year for even low-level clearances, and the government has gotten it down to roughly four, five, six months,” said Evan Lesser, who founded ClearanceJobs.com, a career site that specializes in cleared candidates. “Whether that is at the sake of quality is, I think, surely a debate that could be had.”
By 2011, more than 4.2 million government and contract workers had security clearances, and more than a third of them had top-secret access.
But little has been done to beef up the infrastructure needed to ensure that money is well spent and, more important, to protect the reservoirs of secret information the government is gathering to pursue its battle against terrorism.
A review by the Government Accountability Office in 2009 found that of 3,500 security clearance reviews, almost nine in 10 lacked documentation. Of those, nearly a quarter were still approved. “DOD adjudicators granted clearance eligibility without requesting missing investigative information or fully documenting unresolved issues in 22 percent of DOD’s adjudicative files,” the auditors said.
Glenn Voelz, an Army intelligence officer previously assigned to the Joint Chiefs of Staff at the Pentagon, warned in a 2009 essay that “the rapid and largely unplanned integration of many nongovernmental employees into the workforce presents new liabilities that have been largely ignored to this point,” including espionage and counterintelligence.
Among the most aggressive, connected and successful contractors is Snowden’s most recent employer, Booz Allen Hamilton.
The McLean-based Booz Allen has almost 25,000 employees and recorded $5.8 billion in revenue for fiscal 2013, earning $219 million in profit. Its profits have been soaring in recent years. Nearly all of its revenue comes as a result of “strong and longstanding relationships with a diverse group of clients at all levels of the U.S. government,” the company said in a financial filing.
The largest shareholder of the firm is the Carlyle Group, which owns more than two thirds of the shares.
Booz Allen is often referred to as something of a gold standard for intelligence, cybersecurity and other national security issues. It recently described a cutting-edge program this way: “Developing predictive intelligence services that include anticipatory cyber threat solutions, protection, and detection capabilities and the application of social media analytics designed to provide early identification of trends that would otherwise not be possible using after-the-fact analysis of traditional data sources.”
A Booz Allen spokesman declined requests for interviews. In a statement Sunday, the company said: “Booz Allen can confirm that Edward Snowden, 29, has been an employee of our firm for less than 3 months, assigned to a team in Hawaii. News reports that this individual has claimed to have leaked classified information are shocking, and if accurate, this action represents a grave violation of the code of conduct and core values of our firm. We will work closely with our clients and authorities in their investigation of this matter.
Craig Timberg and Neil Irwin contributed to this report.
What spying apologists don’t tell you about “thwarted plots”
Defenders of the government's spying programs claim they're stopping massive attacks. Here's the real story
BY MARCY WHEELER
Listen to defenders of the U.S. government’s recently revealed data collection practices, and you’re likely to hear claims about terrorist plots these sweeping activities have purportedly stopped.
Senate Intelligence Committee Chairwoman Dianne Feinstein, D-Calif., explained on ABC’s “This Week” Sunday that in one of the signature uses of the dragnet collection of every American’s phone records, the NSA managed to track one of our own informants, David Headley, as he helped Islamic terrorists plan attacks. She did not mention that it did nothing to prevent the 2008 terrorist attack in Mumbai, which killed 166 — and in which Headley had a role in planning.
Director of National Intelligence James Clapper called the effort to track Headley – which did manage to thwart Headley’s 2009 plans to attack a Danish newspaper – a success, in an interview with Andrea Mitchell. Such is the value of these programs, it appears, that top proponents of the program celebrate the tracking of a DEA informant gone bad as their main talking point.
“U.S. officials say Headley simply slipped through the cracks,” ProPublica reported earlier this year in a blockbuster story on Headley. ProPublica describes competing claims about when the Drug Enforcement Agency, which first recruited Headley in 1997, stopped using him as an informant; DEA insists he was deactivated in 2002, while other sources say he remained a U.S. informant through 2005. What’s clear is that Headley spent the subsequent years leading up to the 2008 Mumbai attack traveling form Pakistan to India, casing out the terror plot.
Multiple warnings to the Indian government — perhaps based on the intelligence now being touted — failed to prevent the attack. “U.S. officials learned enough about his activities to become concerned, monitor him intermittently and pick up fragments of intelligence that contributed to the warnings to India,” reported ProPublica. At the time of the attack, Headley had returned safely to Lahore, Pakistan, and he even traveled between there, Chicago and Europe thereafter, planning another plot. In October 2009, the FBI arrested Headley in Chicago as he traveled to Pakistan to hand off intelligence for an attack on Denmark.
Before we start celebrating our finding an informant-turned-terrorist we lost as one of the successes that makes massive spying worthwhile, shouldn’t we first get an explanation for how our intelligence agencies lost track of Headley in the first place?
The flood of missed warnings about Headley’s increasing ties with Islamic terrorists did lead to an investigation led by DNI Clapper’s office in 2010, but the results of it have not been made public. Yet the embarrassment of having a former American informant play a key role in one of the biggest attacks since 9/11 doesn’t seem to have prevented Clapper and Feinstein from boasting of NSA’s success in his case.
Headley’s attacks are not the only ones cited by Feinstein and Clapper. Feinstein also cited the case of Najibullah Zazi, an Afghan immigrant to the U.S. who plotted to blow up the New York subway in 2009. FBI’s success in thwarting Zazi’s attack is probably the most serious publicly known example of a thwarted attack. To the extent the NSA’s programs played a key role, then, it is a significant success.
But even there, the claims appear fuzzy or overblown. Feinstein, for example, describes the success this way (emphasis added): “[Zazi] made the decision that he was going to blow up a New York subway, who went to a beauty wholesale supply place, bought enough hydrogen peroxide to make bombs, was surveilled by the FBI for six months, traveled to go to New York, to meet with a number of other people who were going to carry out this attack with him, and were arrested by the FBI, who has pled guilty and in federal prison.”
It’s an interesting use of the word “surveilled,” because according to sworn court testimony the lead that identified Zazi was an email account identified in a British terrorism case, which the NSA tracked. That account, not Zazi, was surveilled. Days, not months, before Zazi’s planned attack, he sent an email to the account asking for help making explosives, which led the FBI to uncover his plot.
PRISM — the direct access to Internet companies’ data, which Clapper’s office describes as a “computer system used to facilitate the government’s statutorily authorized collection of foreign intelligence information from electronic communication service providers” — appears to have been the means by which FBI conducted this surveillance. A New York Times source explains PRISM was the only means to access the email: “It was through an e-mail correspondence that we had access to only through Prism.” But tracking the email account would have been legal under the FISA laws in place prior to 9/11. As such, PRISM seems to have made it easier to capture Zazi, but may not have been pivotal.
The claim PRISM helped to nab Zazi is new since these revelations. But Feinstein has long insisted that Section 215 — the dragnet collection program — had a role, too (she made that claim, in part, to support the reauthorization of the language used to conduct the dragnet collection in 2009).
That makes the Zazi case troubling too, because there is a good deal of circumstantial evidence that the government used Section 215 to identify people in Aurora, Colo., who had, like Zazi, purchased hydrogen peroxide and acetone, which (in addition to being common household chemicals) are precursors for the explosives Zazi used. The government described three people associated with Zazi in an affidavit justifying his detention, implying they were accomplices. Yet, these three unnamed people never appeared in the legal case again. They appear to have been completely innocent of any tie to Zazi’s plot. If so, then, in addition to being a success story, the Zazi case would also be a perfect example of how these tools can implicate perfectly innocent people as terrorists for something as innocent as buying hair care supplies.
At the very least, the fuzzy cases Feinstein and Clapper are boasting about demonstrate the need for far more transparency on these tools. If they’re justifying a gross incursion on American privacy, in part because they helped track down an informant our intelligence services lost track of — and created false positives based on hair bleach purchases — then we need to seriously reconsider their use.
Sources: NSA sucks in data from 50 companies
JUNE 6, 2013
Deep State excerpt: Why the NSA keeps everything so secret
Solving the mystery of PRISM
Deep State excerpt: The NSA is the largest factory of secrets in the world
Ambinder is co-author of a new book about government secrecy and surveillance, Deep State: Inside the Government Secrecy Industry.
**
Analysts at the National Security Agency can now secretly access real-time user data provided by as many as 50 American companies, ranging from credit rating agencies to internet service providers, two government officials familiar with the arrangements said.
Several of the companies have provided records continuously since 2006, while others have given the agency sporadic access, these officials said. These officials disclosed the number of participating companies in order to provide context for a series of disclosures about the NSA's domestic collection policies. The officials, contacted independently, repeatedly said that "domestic collection" does not mean that the target is based in the U.S. or is a U.S. citizen; rather, it refers only to the origin of the data.
The Wall Street Journal reported today that U.S. credit card companies had also provided customer information. The officials would not disclose the names of the companies because, they said, doing so would provide U.S. enemies with a list of companies to avoid. They declined to confirm the list of participants in an internet monitoring program revealed by the Washington Post and the Guardian, but both confirmed that the program existed.
"The idea is to create a mosaic. We get a tip. We vet it. Then we mine the data for intelligence," one of the officials said.
In a statement, Director of National Intelligence James Clapper said that programs collect communications "pursuant to section 702 of the Foreign Intelligence Surveillance Act, " and "cannot be used to intentionally target any U.S. citizen, any other U.S person, or anyone within the United States."
He called the leaks "reprehensible" and said the program "is among the most important" sources of "valuable" intelligence information the government takes in.
One of the officials who spoke to me said that because data types are not standardized, the NSA needs several different collection tools, of which PRISM, disclosed today by the Guardian and the Washington Post, is one. PRISM works well because it is able to handle several different types of data streams using different basic encryption methods, the person said. It is a "front end" system, or software, that allows an NSA analyst to search through the data and pull out items of significance, which are then stored in any number of databases. PRISM works with another NSA program to encrypt and remove from the analysts' screen data that a computer or the analyst deems to be from a U.S. person who is not the subject of the investigation, the person said. A FISA order is required to continue monitoring and analyzing these datasets, although the monitoring can start before an application package is submitted to the Foreign Intelligence Surveillance Court.
From the different types of data, including their credit card purchases, the locations they sign in to the internet from, and even local police arrest logs, the NSA can track people it considers terrorism or espionage suspects in near-real time. An internet geo-location cell is on constant standby to help analysts determine where a subject logs in from. Most of the collection takes place on subjects outside the U.S, but a large chunk of the world's relevant communication passes through American companies with servers on American soil. So the NSA taps in locally to get at targets globally.
It is not clear how the NSA interfaces with the companies. It cannot use standard law enforcement transmission channels to do, since most use data protocols that are not compatible with that hardware. Several of the companies mentioned in the Post report deny granting access to the NSA, although it is possible that they are lying, or that the NSA's arrangements with the company are kept so tightly compartmentalized that very few people know about it. Those who do probably have security clearances and are bound by law not to reveal the arrangement.
This arrangement allows the U.S. companies to "stay out of the intelligence business," one of the officials said. That is, the government bears the responsibility for determining what's relevant, and the company can plausibly deny that it subjected any particular customer to unlawful government surveillance. Previously, Congressional authors of the FAA said that such a "get out of jail free" card was insisted by corporations after a wave of lawsuits revealed the extent of their cooperation with the government.
It is possible, but not likely, that the NSA clandestinely burrows into servers on American soil, without the knowledge of the company in question, although that would be illegal.
The 2008 FISA Amendments Act allow the NSA to analyze, with court orders, domestic communications of all types for counter-terrorism, counter-espionage, counter-narcotics and counter-proliferation purposes. If the agency believes that both ends of the communication, or the circle of those communicating, are wholly within the U.S., the FBI takes over. If one end of the conversation is outside the U.S., the NSA keeps control of the monitoring. An administration official said that such monitoring is subject to "extensive procedures," but as the Washington Post reported, however, it is often very difficult to segregate U.S. citizens and residents from incidental contact.
One official likened the NSA's collection authority to a van full of sealed boxes that are delivered to the agency. A court order, similar to the one revealed by the Guardian, permits the transfer of custody of the "boxes." But the NSA needs something else, a specific purpose or investigation, in order to open a particular box. The chairman of the Senate intelligence committee, Sen. Dianne Feinstein, said the standard was "a reasonable, articulatable" suspicion, but did not go into details.
Legally, the government can ask companies for some of these records under a provision of the PATRIOT Act called the "business records provision." Initially, it did so without court cognizance. Now, the FISC signs off on every request.
Armed with what amounts to a rubber stamp court order, however, the NSA can collect and store trillions of bytes of electromagnetic detritus shaken off by American citizens. In the government's eyes, the data is simply moving from one place to another. It does not become, in the government's eyes, relevant or protected in any way unless and until it is subject to analysis. Analysis requires that second order.
And the government insists that the rules allowing the NSA or the FBI to analyze anything relating to U.S. persons or corporations are strict, bright-line, and are regularly scrutinized to ensure that innocents don't get caught up in the mix. The specifics, however, remain classified, as do the oversight mechanisms in place.
The wave of disclosures about the NSA programs have significantly unsettled the intelligence community.
The documents obtained by the two newspapers are marked ORCON, or originator controlled, which generally means that the agency keeps a record of every person who accesses them online and knows exactly who might have printed out or saved or accessed a copy. The NSA in particular has a good record of protecting its documents.
The scope of the least suggest to one former senior intelligence official who now works for a corporation that provides data to the NSA that several people with top-level security clearances had to be involved.
The motive, I suspect, is to punch through the brittle legal and moral foundation that modern domestic surveillance is based upon. Someone, at a very high level, or several people, may have simply found that the agency's zeal to collect information blinded it to the real-world consequences of such a large and unending program. The minimization procedures might also be well below the threshold that most Americans would expect.
Clapper said in his statement that the disclosures about the program "risk important protections for the security of Americans."
