31 May 2015

The Shadow NSA: The Growing Privatization of Cyber Espionage in the U.S.

Tim Shorrock

How Private Contractors Have Created a Shadow NSA 

About a year ago, I wangled a media invitation to a “leadership dinner” in northern 
Virginia sponsored by the Intelligence and National Security Alliance. INSA is a powerful but 
little-known coalition established in 2005 by companies working for the National Security Agency. In recent years, it has become the premier organization for the men and women who run the massive cyberintelligence-industrial complex that encircles Washington, DC.

The keynote speaker was Matthew Olsen, who was then the director of the National Counterterrorism Center (NCTC). He used his talk to bolster the morale of his colleagues, which had recently been stung by the public backlash against the NSA’s massive surveillance programs, the extent of which was still com-ing to light in the steady release of Edward Snowden’s huge trove of documents. “NSA is a national treasure,” Olsen declared. “Our national security depends on NSA’s continued capacity to collect this kind of information.” There was loud, sustained applause.

One of those clapping was a former Navy SEAL named Melchior Baltazar, the CEO of an up-and-coming company called SDL Government. Its niche, an eager young flack explained, is providing software that military agencies can use to translate hundreds of thousands of Twitter and Facebook postings into English and then search them rapidly for potential clues to terrorist plots or cybercrime.

It sounded like the ideal tool for the NSA. Just a few months earlier, Snowden had leaked documents revealing a secret program called PRISM, which gave the NSA direct access to the servers of tech firms, including Facebook and Google. He had also revealed that the NSA and its British counterpart, the GCHQ, had special units focused on cracking encryption codes for social media globally.

SDL’s software is perfectly designed for such a task. It might be useful, say, for a team of SEALs on a covert operation trying to make sure their cover wasn’t blown by somebody on social media—something that almost happened when an alert Twitter user in Pakistan picked up early signs of the secret US raid on Osama bin Laden’s compound. And, of course, we don’t know the extent to which the NSA could deploy it.

In any case, the software, SDL boasts, is “securely deployed on-premise, behind the firewall, at over 75 government organizations, including the Department of Defense and the Intelligence Community.” No wonder Baltazar was at the INSA event, rubbing shoulders with the kings and queens of the intelligence-contracting industry.

This small company, and INSA itself, are vivid examples of the rise of a new class in America: the cyberintelligence ruling class.

These are the people—often referred to as “intelligence professionals”—who do the actual analytical and targeting work of the NSA and other agencies in America’s secret government. Over the last 15 years, thousands of former high-ranking intelligence officials and operatives have left their government posts and taken up senior positions at military contractors, consultancies, law firms, and private-equity firms. In their new jobs, they replicate what they did in government—often for the same agencies they left. But this time, their mission is strictly for-profit.

Take Olsen, who served as general counsel for the NSA and as a top lawyer for the Justice Department before joining the NCTC. He is now the president for consulting services of IronNet Cybersecurity, the company founded last year by Army Gen. Keith Alexander, the longest-
serving director in the history of the NSA. The firm is paid up to $1 million a month to consult with major banks and financial institutions in a “cyber war council” that will work with the NSA, the Treasury Department, and other agencies to deter cyberattacks that “could trigger financial panic,” Bloomberg reported last July.

Some members of this unique class are household names. Most cable-news viewers, for example, are familiar with Michael Chertoff and Michael Hayden, two of the top national-security officials in the Bush administration. In 2009, they left their positions at the Justice Department and the NSA, respectively, and created the Chertoff Group, one of Washington’s largest consulting firms, with a major emphasis on security.

Other members are unknown except to insiders. Sam Visner, whom I wrote about in a 2013 Nation article about NSA whistleblowers, is in this latter group. A former executive at the giant contractor SAIC, he was hired by Hayden in 2000 and tasked with managing the NSA’s privatized (and disastrous) Trailblazer program, which was outsourced to (who else?) SAIC. He returned to SAIC in 2003, then moved on to the government tech firm Computer Services Corporation, which not only manages but owns the NSA’s internal-communications system. For most of the last six years, as the cyberintelligence industry grew by leaps and bounds under Obama, Visner was running CSC’s massive cybersecurity program for the government.

Hardly a week goes by in Washington without a similar transition. In March, The Washington Post described cybersecurity law as “the latest hot job in the Washington revolving door.” Robert Mueller, the recently retired director of the FBI, had just joined the national-security law practice of WilmerHale. One of his latest tasks? Advising Keith Alexander as he tries to tamp down congressional outrage over his decision to hire two NSA officials, one of whom planned to work simultaneously for IronNet and the agency (he later withdrew).

Well, enough, you might say: Isn’t this simply a continuation of Washington’s historic revolving door?

The answer is no. As I see it, the cyberintelligence- industrial complex is qualitatively different from—and more dangerous than—the military-industrial complex identified by President Eisenhower in his famous farewell address. This is because its implications for democracy, inequality, and secrecy are far more insidious.

It is not new for American defense policies to be shaped by and for the 1 percent. Throughout US history, diplomatic and national-security officials have come directly from the ruling elite, and more often than not they have served those interests while in office. Allen and John Foster Dulles, the brothers and law partners who headed the CIA and the State Department during the Eisenhower administration, were classic examples, running multiple operations to support their own clients.

The Eisenhower era also saw the advent of retired generals moving into industry. In 1956, the radical sociologist C. Wright Mills published The Power Elite, a groundbreaking study of the institutions through which the corporations of his day wielded political and economic power. Mills was particularly disturbed by the spectacle of multinational companies appointing prominent generals to their boards. Among those who had traded in their uniforms for big business, he found, were some of the great heroes of World War II: Douglas MacArthur (Remington Rand), Lucius Clay (Continental Can), and Jimmy Doolittle (Shell Oil).

This “personnel traffic,” Mills wrote, symbolized “the great structural shift of modern American capitalism toward a permanent war economy.” It was a prescient analysis, but Mills was talking only of generals; the idea of high-level government officials going into the military business was unthinkable at the time.

The next several decades saw the rise of private security companies and consultancies run by former CIA and FBI agents. Once, in the early 1980s, I was startled to find myself seated next to William Colby, the notorious former CIA director, at a seminar on the Panama Canal. He was there representing a consortium of Japanese construction firms. And, of course, in 1982 Henry Kissinger walked away from his years as national-security adviser and secretary of state to start a corporate consulting firm that remains one of the most powerful in Washington.

Even as Cold War officials increasingly drifted toward the corporate world, there was one line they rarely crossed: Until the 1990s, taking positions at defense contractors was considered unseemly. Then came Frank Carlucci, a former CIA deputy director who served as national-
security adviser and defense secretary during Ronald Reagan’s second term. Within weeks of retiring, he had joined the boards of no fewer than nine major corporations, including three important military contractors.

This was too much for Caspar Weinberger, a former Bechtel executive who was Carlucci’s predecessor at the Pentagon. “Generally, I would not think it appropriate to serve on the board of a company that had extensive contractual relationships with the department, particularly not if they had those relationships while I was in office,” he told a reporter at the time. “Cap is entitled to his own preferences,” Carlucci sniffed in response. He went on to chair the Carlyle Group, the private-equity firm that had become the nation’s ninth-largest defense contractor by 2001.

With the end of the Cold War, Carlucci’s 
way became the norm. Intelligence and defense budgets were cut after the collapse of the Soviet Union, and thousands of CIA and NSA officers left government for positions with defense contractors. Demand for them grew during the Bosnian War, as the military and its intelligence agencies began hiring private companies to do work historically carried out by the state.

Among them was Halliburton, the Texas oil-services and logistics firm. In 1995, after retiring as George H.W. Bush’s defense secretary, Dick Cheney became the CEO of Halliburton. Over the next five years, he transformed the company into one of the world’s largest military contractors. Around the same time, the elder Bush was hired as a senior adviser to the Carlyle Group. By the time Cheney became George W. Bush’s vice president in 2001, outsourcing was official policy, and the migration of senior-level government officials into the defense and intelligence industries was standard practice.

Then came the September 11 attacks, after which untold billions of dollars were poured into intelligence and surveillance. This ushered in the new age.

What we have now is a national-security class that simultaneously bridges the gap between private and public, merging government careers with jobs as corporate executives and consultants. By retaining their security clearances, many of its members have access to the most highly guarded intelligence, which they use to the benefit of their corporate and government clients. The power they wield is exponentially greater than that of their Cold War predecessors.

To see the difference, let’s take a closer look at the Chertoff Group and its best-known executive, Michael Hayden. Chertoff founded his consultancy in March 2009, barely two months after President Obama’s inauguration. The group’s cofounder was Chad Sweet, who had served as Chertoff’s chief of staff at the Department of Homeland Security (DHS) and had earlier worked in the CIA’s National Clandestine Service. In effect, the pair re-created the national-security team that had provided much of the intelligence advice to Bush and Cheney, and they said as much in their literature. According to the firm’s website, the Chertoff Group provides “business and government leaders with the same kind of high-level, strategic thinking and diligent execution that have kept the American homeland and its people safe since 9/11.”

When Hayden came on board in April 2009, he emphasized continuity. “After serving for decades at the highest levels of the U.S. military and the U.S. intelligence services, I grew accustomed to working alongside remarkably talented and dedicated professionals,” the former NSA director wrote. “I wanted an opportunity to re-create the experience in the private sector.” And he did just that. One of the firm’s early recruits was Charles E. Allen, a legendary intelligence official who had recently served as director of intelligence for Chertoff’s DHS. Another principal with extensive NSA experience is Paul Schneider, Chertoff’s deputy secretary at DHS; from 2002 to 2003, he was Hayden’s senior acquisition executive at the NSA. That would have put him in charge of all of the NSA’s hugely expensive contracting, which exploded during Hayden’s reign from 1999 to 2005.

With other hires, Hayden created a kind of shadow NSA at the Chertoff Group. But this isn’t his only gig. He has also joined the boards of Motorola Solutions (a key NSA contractor) and Alion Science and Technology (likely one as well). Strangely, Hayden’s bio on the Alion website touts his role in domestic surveillance: “Under his guidance as the Director of NSA, the domestic telephone call database was created to monitor international communications to assist in locating terrorists.”

The Chertoff Group doesn’t disclose its clients. But one of its most important functions for both the state and its contractor allies is as a broker of mergers and acquisitions. These aren’t just “deals”; they also represent significant reorganizations within the intelligence community, which is 70 percent contracted and, like any other industry, requires centralization. Using its team of NSA, CIA, and DHS veterans (who have deep classified knowledge of their agencies’ contracting histories and future needs), the Chertoff Group has brokered dozens of deals through its subsidiary, Chertoff Capital. Its areas of focus include cybersecurity, intelligence and data analytics, defense technology and “Development and Diplomacy (‘Soft Power’).” You get the picture.

Another way the cyberintelligence elite exerts undue influence is through the media. Matthew Olsen, the former National Counterterrorism Center director and IronNet president, recently joined ABC News as a commentator. Hayden is a fixture on cable news, where he regularly extols the greatness of the NSA and its vast surveillance capabilities. Look into any “national-security analyst” on television, and you’ll find a member of this class. Watch carefully: Few of them ever diverge from the company (or NSA, or CIA) line. Worse, the networks rarely disclose these conflicts of interest.

Meanwhile, members of this dual public/private class rub shoulders at places like INSA, where they often meet behind closed doors to discuss classified programs. And even while making millions of dollars through their contracting and consulting gigs, these former officials advise the same agencies they profit from. Olsen, for example, was just named to the DHS Homeland Security Advisory Council. It’s a cozy, closed, and very profitable world.

So what does the existence of such a class mean? First off, it deepens inequality. We all know that corporations can buy access to lawmakers through hefty political donations. Now they have access to some of the state’s most closely held secrets. According to a declassified document obtained in April by The New York Times, Hayden and Alexander were “read into” Stellar Wind, the warrantless-surveillance program started after 9/11. They are bound by law not to divulge those secrets. But their knowledge based on those secrets is of unfathomable value to the corporations they advise on cybersecurity and acquisitions strategies. That knowledge isn’t shared with the public, but it is available to the companies that can afford it.

Second, it places participatory democracy at risk. The vast majority of Americans are excluded from the consequential discussions that take place at the cyber-intelligence elite’s secret meetings. While hashing over controversial programs such as domestic spying, offensive cyberintelligence operations, or FBI terrorist-entrapment programs, the state and corporate leaders at INSA—as well as other places where the new class meets—operate on a completely different plane from the rest of us. Meanwhile, the black hole of secrecy keeps the new hybrid class and its organizations immune from any meaningful oversight by either the executive branch or Congress.

To penetrate this shield, there’s a great need for more reporting and whistleblowing about the pernicious role of contractors in national security. Unfortunately, only a few journalists have explored the world of privatized spying. And strangely, virtually none of the documents leaked by Edward Snowden have focused on the corporate elephant that so clearly dominates the surveillance jungle. As far as I’ve been able to track, only one or two of the Snowden documents actually mention contractors.

One was released in 2014 as part of a Der Spiegel story on the NSA’s extensive collaboration with the German intelligence agency BND. The 2005 document identified an NSA code name as the “coverterm [sic] representing NSA’s contract with Computer Services Corporation (CSC) for mission support. All publicly available information regarding work on this contract…will be sanitized so that no association with NSA will be made.” This document has yet to be mentioned by either the Intercept or The Washington Post, the largest recipients of the Snowden trove.

In his many public appearances since 2013, including in the film Citizenfour, Snowden himself has played down his relationship with Booz Allen Hamilton, which employed him during his time with the NSA. Tom Drake, one of the whistleblowers who exposed the agency’s corrupt relationship with SAIC and Booz Allen and worked as a senior executive at the NSA until 2008, told me in April that Snowden most likely never had possession of the NSA’s contracts. Because Snowden was an infrastructure analyst, Drake said, “he wouldn’t have had access to that.” Contracts, he added, are stored in a “completely different system.”

But whether they come from Snowden or another whistleblower, documents on the contractor role at the NSA and other agencies are essential if we are to understand the totality of US spying programs and the full extent of the threats they pose. To confront the surveillance state, we also have to confront the cyberintelligence ruling class and expose it for what it really is: a joint venture of government officials and private-sector opportunists with massive power and zero accountability.

No comments: