@War: The Rise of the Military-Internet Complex (8 page)

From the start of the program until January 2007, the NSA collected content from 37,664 telephone and Internet selectors, of which 92 percent were foreign, according to a report by the agency's inspector general. This does not account for metadata collection, but as with content, that too was mostly focused on foreign targets. Precisely what portion of the mix was represented by Iraqi communications is unknown. But by the time the 2007 surge began, NSA had put in place the spying infrastructure to collect every piece of electronic data going in and out of the country—every phone call, every text message, every e-mail and social media post. The infrastructure of Stellar Wind, with its pipes and monitoring equipment connected to the switching stations and offices of the United States' biggest telecommunications providers, gave the NSA several entry points into the global network. From there it could scan and copy communications. And it could also launch cyber attacks. The spying paths created by Stellar Wind equipment for electronic eavesdropping were the same ones used to provide access to Iraqi phone and computer networks and implant malware.

Few people have ever known—and it has never been publicly reported—that the key to winning the war in Iraq was a spying program set up to win the war on terror. It was a network of cyber surveillance meant to keep tabs on Americans that allowed US forces to track down Iraqi insurgents.

 

When this massive intelligence-processing machine was exported to Iraq for the surge, it was given a new name: the Real Time Regional Gateway, or RTRG. In the litany of NSA code words known for their absurd inscrutability—Pinwale, EgotisticalGiraffe, Nevershakeababy—the RTRG stood apart because its name actually described what it did.
It produced intelligence reports and found connections among data in real time, that is, as soon as analysts queried the system; it was focused on a geographic region, in this case Iraq; and it
was
a gateway of sorts, a portal through which a user stepped into a virtual space in which all the connections were visible.

General Keith Alexander was the driving force behind the RTRG. The system represented a culmination of his career-long efforts to bring high-level national intelligence directly to “the warfighter” (much like Stasio had envisioned when he first joined the army). The key to the RTRG's success was its ability to fuse all that data coming in from raids, intercepted communications, interrogation reports, drone footage, and surveillance cameras into a single, searchable system. It was like a private Google for the new soldier-spies.

The RTRG had a few fathers. The prototype was designed under a contract to SAIC, a longtime Defense Department contractor. Headquartered in California, the company had such deep and historic ties to the spy business that it was often called NSA-West. An army colonel named Robert Harms, who worked in the Military Intelligence Corps, managed the program at NSA. He would join SAIC after his retirement in 2009.

Also among the developers was one of the most enigmatic spies of the late twentieth century, a retired air force colonel named Pedro “Pete” Rustan. His storied and secretive career gave some insight into how important the RTRG was to intelligence and military leaders such as Alexander and Petraeus, who believed it would be pivotal to the war in Iraq. After the 9/11 attacks Rustan, who had fled communist Cuba as a college student in 1967, left a lucrative career in private business and returned to government service at the National Reconnaissance Office, an agency more secretive than even the NSA, where he led projects to build spy satellites for the military and the CIA. Career intelligence officers who knew Rustan were tight-lipped about what precisely he did, but they described him as one of the true living legends in the spy business, and someone whose work had saved lives. In the 1980s, Rustan designed technology to protect air force jets that were hit by lightning. It worked flawlessly—the service never lost a jet to a lightning strike after it implemented Rustan's design. In the early 1990s, Rustan managed a joint Defense Department and NASA program to build an experimental spacecraft, called
Clementine
, to explore the surface of the moon. It took only twenty-two months to conceive of the satellite and get it to the launch pad, a remarkable feat of engineering and project management that reinforced Rustan's reputation for working brilliantly under tight deadlines.

His work after the 9/11 attacks was closely linked to the new intelligence war. Rustan made frequent trips to the front lines and was known and liked among the clandestine warriors of the Joint Special Operations Command. After a Navy SEAL unit killed Osama bin Laden in Pakistan, they presented Rustan with a flag that flew at their base in Afghanistan. When Rustan died in 2012, Michael Hayden told the
Washington Post
, “This is the kind of guy the public never hears about but who is so responsible for keeping Americans safe.”

In a 2010 interview with a trade publication, Rustan said no one agency in government had been looking for “patterns” in intelligence by putting together disparate pieces of data.
The RTRG was designed to do that. He explained:

 

Imagine that you are in Iraq. You have insurgents. They are on the telephone, making phone calls. That signal would be intercepted by ground [antennas], by the aircraft network and by the space network. If you're smart enough to combine all that data in real time, you can determine where Dick is out there. He's in block 23 down there, and he just said he's going to place a bomb. . . . The information from those three devices come[s] into a location where somebody can actually say action is needed, and the tank or the truck or the warfighters [are] right here in this location. He's a colonel, and he can say, “We have verification that this bad guy is in this location: Go and get him.”

 

The RTRG was unique for the way it brought together not only intelligence but people—the top levels of the military brass and the intelligence community, the brightest minds from across government, and the expertise of private industry. It was a rare example of successful collaboration within the byzantine federal bureaucracy.

The NSA got so good at managing big data—huge data, really—by abandoning its traditional approaches. Rather than trying to store all the information in the RTRG in central databases and analyze it with supercomputers, the agency tapped into the emerging power of distributed computing. Silicon Valley entrepreneurs had developed software that broke big data sets into smaller, manageable pieces and farmed each one out to a separate computer. Now the burden of analyzing huge data sets didn't rest on one machine. Working together, the computers could accomplish tasks faster and cheaper than if one central machine took on the workload. This revolution in data management is what allowed Facebook, Twitter, and Google to manage their own data stores, which were growing exponentially by the late 2000s. NSA used the same distributed computing technology for the RTRG. The system was like Google not only on the front end but on the back end as well. In fact, the NSA later developed its own distributed computer software, called Accumulo, based on technology from Google.

But the collection of huge amounts of electronic data by the NSA had proven controversial before. In the spring of 2004 the Justice Department's Office of Legal Counsel reviewed the program and found that one method of collection in particular was illegal under current law. It had to do with the bulk collection of so-called Internet metadata, including information about the sender and recipients of e-mails. The NSA thought since President Bush's order allowed them to search for keywords and other selectors in Internet metadata, it also implicitly authorized the bulk collection of that data. In the view of the agency's lawyers and its director, Michael Hayden, no one had “acquired” the information until it was actually looked at. A computer gathering up the data and storing it didn't count as acquisition under the law, and it certainly didn't meet the agency's definition of “spying.”

When the president went ahead and reauthorized the program over the Justice Department's objections, senior officials in the department threatened to resign, including the head of the Office of Legal Counsel, Jack Goldsmith; the director of the FBI, Robert Mueller; and the attorney general, John Ashcroft, along with his deputy, Jim Comey, whom President Obama would later choose for Mueller's replacement as head of the FBI.

The threat of mass resignation was a unique moment in the history of the Bush presidency. Had they stepped down, their reasons would eventually become known through press leaks and congressional inquiries. The American people would have discovered not only the existence of a domestic spying program but that top law enforcement officials had resigned because they thought a part of it was illegal.

But for all the high drama surrounding the Internet metadata collection program, it turned out to be only a momentary hiccup in NSA's insatiable consumption of intelligence. Only seven days after Bush ordered the NSA to stop collecting Internet metadata in bulk, Justice Department officials told the NSA's Office of General Counsel and officials in its Signals Intelligence Directorate to find a new legal basis for restarting the program. This time they were to seek permission from the Foreign Intelligence Surveillance Court—the same body that Bush had bypassed when he authorized warrantless surveillance after the 9/11 attacks. Justice Department officials worked closely with a judge on the court to come up with a legal foundation for the program. Hayden personally briefed her twice on what capabilities the NSA needed to acquire bulk Internet metadata. The court issued an order specifying the data links from which NSA could collect information and limiting the number of people with access to what was acquired. Less than four months after President Bush had ordered the agency to stop collecting bulk Internet data, the NSA was back in business. The future foundations of the RTRG were secured.

As the RTRG grew, its regional scope expanded too. Analysts started looking outside of Iraq in a hunt for the insurgents' and terrorists' financial backers. They traced many of the worst attacks back to an individual in Syria who was funneling money to the bomber cells and helping to provide safe passage for replacement fighters through Iran. When Petraeus learned that his forces had pinpointed the Syrian, he took the evidence to a council of President Bush's top advisers, who met every week via video teleconference. Petraeus insisted to Stuart Levey, the Treasury Department's undersecretary for terrorism and financial intelligence, that the department freeze the Syrian's assets and lock him out of the international financial system. Everyone on the call knew better than to deny Petraeus's requests, because if they did, the general would take his complaints directly to President Bush, with whom he had his own weekly videoconference, every Monday morning at 7:30 Washington time.

The intelligence operation also found evidence of Iran's support of Shiite extremists in Iraq. But this information was used to wage a different kind of war—one of ideas. The United States wasn't about to invade Iran or launch secret commando raids to target Iraqi backers. So, it gave the intelligence to the Iraqi government and shared it with local officials in face-to-face meetings.

“Clearly establishing in the eyes of the Iraqi people that Iranian elements were supporting members of the most violent Shiite militias also helped turn some Iraqis against Tehran's meddling in their country,” Petraeus recalled in 2013.
The Americans were using intelligence for propaganda purposes of their own, and it worked.

When the last US troops left Iraq in December 2011, the nine-year war had taken nearly forty-five hundred American lives. But it had also given birth to a new way of fighting. The combination of NSA intelligence with special operations forces was repeated over and over. In May 2011, when a team of Navy SEALs descended upon the Abbottabad, Pakistan, compound of Osama bin Laden, they were directed there by NSA spies. The agency's elite hacker unit, Tailored Access Operations, had remotely implanted spyware on the mobile phones of al-Qaeda operatives and other “persons of interest” in the bin Laden operation.
The CIA helped find the geographic location of one of those phones, which pointed investigators to the compound.

The successful bin Laden mission was just the most famous of hundreds over the years. And it was fairly recent evidence of what America's soldier-spies had long known. Wars would be fought differently now. Hacking and virtual sleuthing would be integrated into all future operations, as indispensable as the weapons and ammunition soldiers carried into battle.

THREE

I
T TOOK ALMOST
a decade to build the cyber force that proved so effective in Iraq. Success may have many fathers, but if one person could claim credit for introducing the senior leaders of the United States government to the concept of cyber warfare, it would be Mike McConnell.

More than a decade before he convinced George W. Bush to authorize cyber attacks in Iraq, McConnell was a three-star admiral running the NSA, where he set up the first “information warfare” unit in 1996. At the agency's Fort Meade headquarters, intelligence and military personnel worked together developing new technologies for defending computer networks—and breaking in to them.

The NSA had spent the Cold War becoming expert at snatching satellite transmissions, tapping undersea telephone cables, and breaking the secret codes of US adversaries. But now, with the Soviet Union gone and the emergence of the World Wide Web, officials were panicked about a new, faceless menace. Already, they knew, foreign intelligence services were trying to penetrate the classified government computer networks. In 1996 the National Defense University held a war game to imagine possible doomsday scenarios, such as computer attacks aimed at banks or electrical grids in the United States. That year the secretary of defense ordered all DOD components to start planning for an “information warfare attack” on the networks that the Pentagon used but didn't actually run, particularly the public telephone network and the Internet, of which the Defense Department was not only an early adopter but the inventor.