National Security

The NSA's New Code Breakers

America's using front companies, break-in artists, and hacktivists to spy on everyone -- and only North Korea seems able to resist.

There was a time when the code breakers of the National Security Agency actually took the lead in solving enemy encryption systems. These days, not so much. In today's NSA, it's hackers, break-in artists, corporate liaisons, and shadow salesman using front companies who are at the forefront of this effort. Even so-called "hacktivists" play an unwitting role in helping the NSA gain access to computer networks -- both hostile and friendly.

Just about the only place that's somewhat immune to the NSA's new style of code-breaking attacks? North Korea, because it's so disconnected from the rest of the world's networks.

Former U.S. intelligence officials confirm that the more than 1,500 cryptanalysts, mathematicians, scientists, engineers, and computer technicians who comprise NSA's elite cryptanalytic unit, the Office of Cryptanalysis and Exploitation Services (S31), have had a remarkably large number of code-breaking successes against foreign targets since the 9/11 attacks. But these wins were largely dependent on clandestine intelligence activities for much of their success in penetrating foreign communications networks and encryption systems, and not the more traditional cryptanalytic attacks on encrypted messages that were the norm during the Cold War era. Prior to 9/11, the NSA's cryptanalysts used their huge stable of supercomputers to break cipher systems using what is referred to as "brute-force methods" -- using the supercomputers to run every cipher permutation until the message or messages in question become readable. It was a long, tedious, and extremely costly process (today the NSA spends over $247 million a year to buy and maintain its state-of-the-art supercomputer systems just for cryptanalytic use). But it did work if there were inherent vulnerabilities or structural weaknesses in the cipher being attacked or if the system's users did not practice proper communications security procedures, such as changing the cipher keys and passwords frequently.

The NSA today has more supercomputers than ever, and the agency still employs a number of puzzle-solvers, linguists, and math geeks. But these classic cryptanalysts have, in part, given way to a new breed.

You won't learn this in the files leaked by former NSA contractor Edward Snowden -- at least not directly. According to individuals who have reviewed the entire collection of 50,000 documents provided to the media by Snowden, what is missing from the papers is any document which lays out in detail just how successful the agency's code-breaking efforts have been. There are numerous documents in the Snowden collection describing individual NSA cryptologic programs, such as the NSA's mostly unsuccessful multiyear effort to crack the encryption protection used by the anonymizer service Tor. But no reports describing the agency's cryptanalytic successes and failures have been found in the Snowden collection to date.

Interviews with current and former intelligence officials conducted over the past two months have revealed that since 9/11, the NSA's computer scientists, electronic engineers, software programmers, and collection specialists have been remarkably inventive in finding new and innovative ways to circumvent the protections supposedly offered by encryption systems by compromising them through clandestine means. Among these clandestine means are CIA and FBI "black-bag jobs," as well as secret efforts by the U.S. intelligence community to interdict the shipment of advanced encryption technology to America's enemies around the world and insert "back doors" into commercially available computer, communications, and encryption technologies that allow the NSA to covertly access these systems without the users knowing it.

But the most sensitive of these clandestine techniques, and by far the most productive to date, is to covertly hack into targeted computers and copy the documents and message traffic stored on these machines before they are encrypted, a process known within the NSA as "Endpoint" operations. Responsibility for conducting these Endpoint operations rests with the computer hackers of the NSA's cyberespionage unit, the Office of Tailored Access Operations (TAO).

According to sources familiar with the organization's operations, TAO has been enormously successful over the past 12 years in covertly inserting highly sophisticated spyware into the hard drives of over 80,000 computer systems around the world, although this number could be much higher. And according to the sources, these implants are designed in such a way that they cannot be detected by currently available commercial computer security software. It has been suggested to me by a reliable source that "this is not an accident," with the insinuation being that many of the biggest commercially available computer security software systems made in the United States and overseas have been compromised by the NSA, either covertly or with the knowledge and consent of the companies that manufacture these systems.

Former agency personnel confirm that in innumerable instances, these TAO implants have allowed NSA analysts to copy and read all of the unencrypted documents stored on the targeted computer's hard drive, as well as copy every document and email message produced and/or transmitted by the machine. But more importantly, TAO has helped NSA cryptanalysts solve several hundred foreign government and commercial encryption systems because these spyware implants, if properly inserted into the computer, can covertly alter its security software as well as copy the encryption system's technical parameters, especially the system's encryption algorithm and access passwords, in a way that cannot be detected. These implants can compromise the encryption systems used by not only the targeted computer, but also by all other computer systems that it communicates with using encryption technology.

According to confidential sources familiar with TAO's operations, many of the NSA's cryptanalytic "success stories" against high-priority targets such as Russia and the People's Republic of China in recent years have been the direct result of TAO's cyberespionage efforts. For example, sources confirm that much of what the U.S. intelligence community knows about China's computer-hacking efforts against targets in the United States, Europe, and Asia stems from TAO's intelligence collection efforts since 2005, when TAO reportedly achieved a major technical breakthrough against a Chinese target.

But TAO doesn't just spy on America's rivals. In 2012, the group reportedly compromised the encryption system used by an important G-8 country to transmit sensitive diplomatic communications via satellite to its embassies around the world. The same is true with a number of countries in the Middle East and South Asia, including Egypt, Syria, Iran, and Pakistan, although the details of these successes are not yet known. And finally, sources report that TAO has successfully compromised the privacy protection systems currently used on a range of 4G cell phones and hand-held devices, thanks in large part to help from a major American telecommunications company.

There are high-profile targets that have proved resistant to TAO's cyberespionage efforts over the years, however. For example, TAO has reportedly had virtually no success penetrating North Korean government computer systems or networks because there are so few of them and they are heavily protected from access to the outside world.

Over time, TAO has become increasingly accomplished at its mission, thanks in part to the high-level cooperation that it secretly receives from the "big three" American telecommunications companies (AT&T, Verizon, and Sprint), most of the large U.S.-based Internet service providers, and many of the top computer security software manufacturers and consulting companies. According to a February 2012 budget document published this year by ProPublica, these companies "Insert vulnerabilities into commercial encryption systems, IT systems, networks, and endpoint communications devices used by targets" on behalf of TAO.

TAO is also very active in the global computer security industry marketplace, using the CIA, Defense Intelligence Agency, and State Department to help it keep close tabs on the latest computer security devices and software systems being developed around the world. And while details are lacking, informed sources report that TAO has been active in covertly buying up commercially available "hacker tools" or spyware software systems from individuals and companies in the United States and overseas, particularly in Western Europe, to help facilitate its ever-growing computer network exploitation efforts.

The extreme sensitivity of TAO's collection efforts has required the NSA to take extraordinary steps to try to disguise its computer-hacking activities. For instance, current and former intelligence sources confirm that TAO increasingly depends on clandestine techniques, such as commercial cover, to hide its activities. TAO uses an array of commercial business entities, some of them proprietary companies established specifically for this purpose, to try to hide its global computer-hacking activities from computer security experts in a maze of interlocking computer servers and command-and-control systems located in the United States and overseas that have no discernible link to the NSA or the U.S. government.

These sources also say that TAO gets a lot of help from politically motivated hackers, or "hacktivists," who unintentionally help the NSA by providing ideas to improve TAO's collection efforts. (Exactly which hacktivists have been particularly helpful, these sources wouldn't say.) Working closely with the NSA's computer security experts at the NSA/CSS Threat Operations Center, TAO personnel perform detailed forensic postmortem studies of every major successful computer penetration operation around the world. Some of these are pulled off by criminal outfits, some by government-backed groups, and others by political actors. In each case, the agency's personnel look for new techniques or procedures that they can use to get inside computer systems around the world.

There is no question that TAO's future looked incredibly bright before the first newspaper articles began appearing in the British and American press in June 2013 based on documents leaked by Snowden. Now, industry sources familiar with TAO say that the organization's future prospects have dimmed somewhat.

A number of foreign-based computer systems and IT networks that formerly were major producers of intelligence information for TAO have over the past three months changed security procedures and encryption systems, routed traffic to more secure computer nodes or servers, erected new firewalls, or have gone offline altogether. According to recent press reports, the Russian government for a time reverted back to using manual typewriters rather than commit sensitive information to its computer systems. And a number of European countries and Brazil have begun shifting their most sensitive data and communications traffic to secure networks that they hope will be resistant to the NSA's intrusive surveillance activities.

But this is, I am sure, just the tip of the iceberg. I have no doubt that the damage to TAO's foreign intelligence collection capabilities and its ability to facilitate the solution of foreign encryption systems by the NSA's cryptanalysts has been substantial. The big question that will determine TAO's future prospects is whether the damage done so far proves to be irreparable.

George Frey/Getty Images

National Security

Ash Carter Tells Pentagon Boss, 'It's Time for Me to Go'

Flournoy, Kendall are seen as leading successors.

Ash Carter, the Pentagon's Number Two who longed to be tapped to be defense secretary, is stepping down as his boss, Chuck Hagel, looks to bring on more of his own team.

The departure of Carter, considered to be one of the most powerful and effective deputy secretaries of defense in recent history, was expected even if the timing of his resignation today caught even some Pentagon insiders by surprise.

In the letter he submitted to his boss today, Carter said he has "loved every minute" working for the Defense Department, "now as in previous times in my career." But Carter -- who had long coveted the top job and whose camp had occasionally clashed with Hagel's -- had signaled that he would leave sometime after Hagel found his bearings. Carter had planned to announce his resignation weeks ago, but the budget and the government shutdown prevented it. As neither crisis showed signs of abating, he decided now was the right time to say goodbye after more than two years on the job.

"I have decided that this situation might well continue and I don't want any more time to pass before giving you the opportunity to begin a smooth transition within the office of the Deputy Secretary," Carter wrote in the resignation letter he gave to Hagel today. "It is time for me to go." Carter will step down Dec. 4.

The divorce between Hagel and Carter seemed inevitable. As much as Hagel relied on Carter's undisputed expertise navigating the massive defense bureaucracy, Hagel has wanted to make his own mark on the department -- and with his own people. It was in fact Carter's deep institutional knowledge -- and the fact that Carter was passed over for the top job -- that contributed to the sense that there was little room for both men on the Pentagon's E-Ring. Although the two worked effectively together on a number of pressing issues, the awkward dynamic was a poorly kept secret in and outside the building, as Foreign Policy reported in August.

On Thursday, Hagel "reluctantly accepted" Carter's decision to go and in a statement said he was grateful Carter was willing to stay on and serve as his deputy.

"I have continually relied upon Ash to help solve the toughest challenges facing the Department of Defense," Hagel said in the statement. "He is a brilliant strategist and an excellent manager who helped enhance the Department's buying power, but Ash's most recent tour of the Department will be especially remembered for his tremendous efforts to provide more agile and effective support for our warfighters and their families."

Hagel added that Carter's "compassion, love, and determination to overcome any and all bureaucratic obstacles earned him their abiding respect and appreciation."

Carter's resignation was announced at a principals staff meeting Thursday afternoon at which Carter told service chiefs, service secretaries, and other Hagel "direct reports" that he was leaving. He was immediately given a standing ovation.

Carter was widely credited for being devoted to the job and relished the role. Supporters on Capitol Hill, across Washington, and inside the Pentagon credit his vast knowledge of the Defense Department. That contributed to his ability to get things done at a time of enormous difficulty for a department as it transitions from the blank checks of the last decade to now having to borrow money from a nonprofit to pay death gratuities to fallen service members, as it announced yesterday.

But Carter was also an unsung hero who remained insecure as the Pentagon's second-in-command after being passed over for the top job earlier this year. Barack Obama was said to have wanted a household name, and Hagel, a former Army sergeant, U.S. senator, and moderate Republican who'd taken firm stands on major foreign-policy issues, fit the bill.

Carter agreed to stay on to help Hagel, telling friends that he'd been asked personally by Obama to stay, as the novice Hagel attempted to get his hands around the Defense Department's bureaucracy. And after a bruising confirmation battle, most observers thought Hagel needed all the help he could get.

Carter quickly became Hagel's right-hand man, leading a top-to-bottom review of Pentagon resources as budget cuts neared. Carter also managed a big portfolio -- larger than the one given to his predecessors -- conducting high-level policy discussions with world leaders and routine interaction at the White House as he remained in control of major budget and weapons issues. One former senior staffer likened his role to that of Paul Wolfowitz, the deputy under Donald Rumsfeld, who was a forceful personality in the days after 9/11 and in the run-up to the war in Iraq.

Carter's reputation stemmed from the long leash he was given under then-Defense Secretary Leon Panetta. Panetta, who retired in February, gave Carter near-unprecedented responsibility. But when Hagel arrived, the new secretary asserted himself quickly as the one in charge, redefining the roles and missions of the secretary and deputy secretary from what they had been to a more traditional dynamic.

As a result, the transition was not without its bumps, as FP previously reported. Early on, Hagel's office wasn't notified about an overseas trip on which Carter was about to embark. There were rumors of Hagel shutting Carter down in meetings. And Carter's own ego seemed to go unchecked. At a security conference in Aspen this summer, Carter spoke as if he were the one in charge, never once mentioning the secretary for whom he worked. In the hierarchy-heavy military culture, people started to take notice, and questions began to arise if the Hagel and Carter team would endure for long.

If his departure was inevitable, there was still a sense of loss, as Carter was well-liked for being the point man on a number of defense matters. The staff of Gen. Martin Dempsey, chairman of the Joint Chiefs of Staff, posted a statement on Facebook. "I've had the privilege of working with Deputy Secretary of Defense Ash Carter and am thankful for his contributions over the past four and a half years," Dempsey's statement said. "He's a tremendous leader and will always be a friend to our Armed Forces."

And Jeremy Bash, the former chief of staff under then-Secretary of Defense Leon Panetta, said Carter "grabbed the budget reins" for both Panetta and Hagel, "navigating budget cuts, sequestration, and shutdown planning in a way that few others could have done," Bash told FP. "He was handed a tough assignment, and he performed exceedingly well."

Bash, now managing director of Beacon Global Strategies, predicted Carter would return to government one day.

Washington's national security community immediately turned to the more vexing question of just who would succeed Carter.

Michèle Flournoy, the policy guru who resigned from the Pentagon's top policy job in February 2012 and was also on the shortlist to replace Panetta, is again high on the list. If not a shoo-in for the job, she will be seen as an extremely likely successor. Flournoy campaigned for Obama and is thought to be well-respected across Washington. Some Pentagon watchers believe that if Hillary Clinton wins the presidency in 2016, Flournoy will be an obvious choice as secretary. She might wait out Obama's second term for that possibility, passing on the Number Two job. Or, some believe, Flournoy, who has not had vast management experience on the Defense Department's scale, would be wise to jump at the chance to serve as deputy secretary. That would put her in line to succeed Hagel when the time comes.

"She's dialed in at the White House, she's respected on the Hill, had a good run as undersecretary for policy," said one former senior defense official of Flournoy. "The DepSecDef job is the final, developmental job to become SecDef, and she's young enough that she can hang around."

Frank Kendall, the undersecretary of defense for acquisition, technology, and logistics -- the building's top weapons buyer -- is also considered to be on the shortlist of possible successors. For now, Kendall is in the line of succession to become acting deputy secretary if Carter leaves without another deputy ready to step in.

As Pentagon watchers float other names, two relative unknowns have emerged: BAE Systems' Linda Hudson and the CIA's general counsel, Stephen Preston.

Carter's departure from the Pentagon won't be the last high-profile defection. Pentagon policy chief Jim Miller, long-rumored to be leaving, is expected to hand in his own resignation in the coming weeks, with a departure by the end of the year very likely, multiple sources say.

For now, the Pentagon will prepare to fill Carter's bureaucratic shoes, ones that even Hagel acknowledges will be rather big ones to fill.

Chip Somodevilla/Getty Images