Report

'This Is Not How a Protection Racket Is Supposed to Work'

Why the U.S. and Saudi Arabia are increasingly at odds.

When Saudi Arabia rejected its U.N. Security Council seat on Friday, the move caught nearly everyone off-guard. In retrospect, it shouldn't have.

In recent months, the United States has increasingly pursued a foreign policy at odds with its Persian Gulf ally, scaling back assistance to the Saudi-backed Egyptian military, abruptly dropping its plans to attack Syria despite Saudi support, and entering into a new round of nuclear talks with the kingdom's  regional rival, Iran. According to U.N. diplomats and officials, the Security Council move merely reflected the Saudis' deeper anxiety over the course of American diplomacy in the Middle East, exposing a deepening rift in one of America's most important and longstanding alliances in the region. In short, Saudi Arabia's U.N. snub was a sign of the monarchy's mounting panic over the possible demise of its special relationship with Washington.

For decades, Riyadh and Washington have been bound by a basic tradeoff: America guarantees protection from potential predators in the region, while Saudi Arabia supplies the lifeblood --relatively inexpensive oil -- to run the world economy and pumps billions each year into the U.S. arms industry. But America's failure to back Saudi Arabia on matters it considers vital to its security is raising questions in Riyadh about the value of that exchange.

"This is not how a protection racket is supposed to work," said Christopher Davidson, a scholar and author of After the Sheikhs: The Coming Collapse of the Gulf Monarchies. "Saudi Arabia is becoming increasingly dissatisfied with a relationship it thought it had in the bag, despite having handed over several percent of their GDP to Western arms companies." As a result, he said, "Saudi Arabia is retreating into its shell of countries that surround it and who rely on its aid and good will."

In recent months, Saudi Arabia has sought to take matters into its own hands.

When the U.S. threatened to withhold financial assistance from Egypt's generals following their overthrow of President Mohamed Morsy, the Saudi king held a fundraising campaign -- undercutting U.S. diplomatic efforts to negotiate a political settlement between the generals and Morsy's government. As Secretary of State John Kerry applies pressure on the Syrian National Council to talk with the Bashar al-Assad regime, the Saudis have sent precisely the opposite messages to the rebels they're funding. The Saudis, have resisted attempts by U.N. envoy Lakhdar Brahimi to visit and have applied little pressure on its allies within the Syrian opposition, according to U.N.-based diplomats.

The Saudis have made no secret of their displeasure over U.S. President Barack Obama's decision to call off his cruise missiles and negotiate a deal with Russia to work to dismantle Syria's chemical weapons program. On October 7, Saudi Arabia's Foreign Minister Saud al Faisal abruptly cancelled plans to deliver his government address to the U.N. General Assembly; the move was widely viewed as a response to the Security Council's endorsement of the Syrian chemical weapons deal. "They saw that as a complete capitulation," said one U.N.-based diplomat.

In protest, the Wall Street Journal reported on Tuesday, Saudi Arabia’s intelligence chief announced that Riyadh will dial back  cooperation with Washington to train and equip Syrian rebels. "Our interests increasingly don’t align," a U.S. official told the paper.

A further sign of pique: the Saudis didn't even inform America's top diplomats in New York that they planned to abandon the Security Council. The Saudi protest at the U.N., according to Davidson, constituted a kind of cry for attention, an effort to "shock and wake up their erstwhile allies."

From Riyadh's perspective, the Syrian civil war represents a pivotal front in an existential political and religious struggle for influence in the region, pitting Iran's Shiite rulers against predominantly Sunni Arab rulers. "There is a realization in Riyadh that it is time for the major Arab powers to prepare a response for maintaining order in the Arab world and to counter Iran's expanding infiltrative policies," Nawaf Obaid, a senior fellow at the King Faisal Center for Research and Islamic Studies,  wrote in Al-Monitor. "The kingdom and its regional allies will increase their support to the Syrian rebels and prevent a collapse of collateral nations, such as Lebanon and Jordan. The removal of the tyrannical regime in Damascus is simply too important for the future of the Arabs."

Kerry today met with Saudi Arabia's foreign minister for a two-hour lunch, where he assured the Saudi diplomat that Washington remained committed to preventing Iran from developing a nuclear weapon or continuing to destabilize the region. The two also "discussed the decision by Saudi Arabia to decline the seat on the UNSC," according to a senior administration official. "Secretary Kerry conveyed that while it is Saudi Arabia's decision to make, the U.S. values Saudi Arabia's leadership in the region and the international community and a seat on the UNSC affords member states the opportunity to engage directly on these issues."

Joshua Landis, a Middle East expert at the University of Oklahoma, said that the Saudis' latest decision to abandon their Security Council ambitions reflects mounting concern in Riyadh that the council seat could be a "trap" that will increases pressure on the ruling family to support diplomatic measures in Syria and Iran that it opposes.

"If the Saudis were to join the U.N. Security Council they would have to follow the U.S. and Russia's lead," Landis told Foreign Policy. "There would be heavy pressure on Saudi Arabia to stop subsidizing Salafist militias in Syria and they don't want to do it. Russia and America would say ‘Look, you are part of the United Nations and you have to sever your ties with the Syrian rebels and stop sending them arms and money.' But Saudi Arabia doesn't want to rein them in."

Landis said that the Saudi reliance on jihadists to pursues its goal of unseating Assad risks further fracturing the Saudis' relations with the United States, which he added, may eventually view the Saudi-backed jihadists as a greater threat than even Assad. Some regional specialists say that the U.S. and Saudi Arabia relationship is too important for both sides not to find a way to overcome their current differences. Indeed, even as U.S. and Saudi officials differ over the approach to regional security, American arms deal continue apace, including this recent U.S. deal to sell $460 million in cluster bombs to Saudi Arabia.

But others, like Davidson, believe that the relationship has fundamentally changed. The United States is emerging a major global energy supplier in its own right, lessening  its dependency on Saudi oil. "America is not locked into the same kind of relationship that we have seen over the past few decades;  it has more room to maneuver than it had in the past," Davidson said.

But the question on many U.N. diplomats' minds was why the Saudis went to so much trouble to win a Security Council seat if they had no intention of serving out its terms. Over the past three years, Saudi official undertook an intensive lobbying campaign to win support for its bid, enrolled more than a dozen Saudi diplomats in a year-long course on the Security Council at Columbia University. The erratic way in which the Saudi government managed the issue at the United Nations, according to several U.N.-based diplomats and outside experts, reflected the personal and emotional way in which the Saudi Royal family sometimes confronts diplomatic problems.

Anybody who witnessed the Saudi U.N. envoy's reaction to the Security Council vote in the General Assembly could tell he had no idea what his political masters were planning. "It is a defining moment in the Kingdom's history. As one of the founding members of the United Nations our election is much to rejoice over," Saudi Arabia's U.N. Ambassador Abdallah Al-Mouallimi, who looked ecstatic after the vote, flashing a thumbs up. "We welcome the positive shift as well as challenges of being part of the Security Council body."

But a day later, the Saudi foreign ministry pulled the rug out from underneath his feet, issuing a statement thanking the more than 170 countries that backed its first ever Security Council bid. At the same time, it said it had no intention of filling its seat, denouncing the council's application of "double standards" that promotes the "expansion of the injustices" as well as "violations of rights and the spread of conflicts around the world."

"Allowing the ruling regime in Syria to kill and burn its people by the chemical weapons, while the world stands by idly" constitutes "irrefutable evidence and proof of the inability of the Security Council to carry out its duties and responsibilities," according to the statement. The Kingdom of Saudi Arabia, the statement added, "announces its apology for not accepting membership to the Security Council until the council is reformed and enabled, effectively and practically, to carry out its duties and responsibilities in maintaining international peace and security."

The Saudi action has left the U.N. in something of a quandary. On Saturday, the U.N. Arab Group, which includes all the U.N.'s Arab governments, issued an appeal to Saudi Arabia to reconsider its decision and take up the seat. "They could simply leave the seat vacant by not showing up. That would allow them to show up at any time in the future during the two year membership on the Security Council," said one senior U.N.-based official. "Or they could inform the GA president that they are withdrawing, prompting a new election. Who knows what the king (and it must be the king) is thinking." Today, however, Arab governments appeared to have had a change of heart, expressing support for the Saudi decision.

Others say the Saudis may be overplaying their hand.

"The twin Saudi decisions to give up their speaking slot in the General Debate in the General Assembly and their elected seat on the Security Council suggest a worrisome retreat from global diplomatic engagement," Edward Luck, the dean of the University of San Diego School of Peace Studies. "To the Saudis, the game in the Council may appear rigged, but it is the only game in town."

"It would be a blow for stability in the turbulent Middle East and for the interests that the U.S. and Saudi Arabia share in the region if Riyadh gives up on open multilateral diplomacy," he added. "Regional bodies, weak and increasingly divided along the Shia- Sunni fault line, will not provide an alternative to the UN. More global involvement is needed in the region, not less, especially in the end game in Syria. Many in the West are already worried about alleged Saudi support for more radical elements in the Syrian opposition.  They could prove to be the biggest obstacles to attaining both peace and justice in Syria and stability in its neighborhood."

Luck said it is only inevitable that the Saudis would "be extremely sensitive to any signs of rapprochement between Washington and Tehran, no matter how modest and tentative. But much of the action on sanctions and curbing Iranian nuclear ambitions will be in the Security Council. If Riyadh wanted a bigger voice on these existential matters, it should have taken its seat. The Saudi refusal to join the Council can only be seen as a victory for its Iranian rivals."

-/AFP/Getty Images

National Security

The NSA's New Code Breakers

America's using front companies, break-in artists, and hacktivists to spy on everyone -- and only North Korea seems able to resist.

There was a time when the code breakers of the National Security Agency actually took the lead in solving enemy encryption systems. These days, not so much. In today's NSA, it's hackers, break-in artists, corporate liaisons, and shadow salesman using front companies who are at the forefront of this effort. Even so-called "hacktivists" play an unwitting role in helping the NSA gain access to computer networks -- both hostile and friendly.

Just about the only place that's somewhat immune to the NSA's new style of code-breaking attacks? North Korea, because it's so disconnected from the rest of the world's networks.

Former U.S. intelligence officials confirm that the more than 1,500 cryptanalysts, mathematicians, scientists, engineers, and computer technicians who comprise NSA's elite cryptanalytic unit, the Office of Cryptanalysis and Exploitation Services (S31), have had a remarkably large number of code-breaking successes against foreign targets since the 9/11 attacks. But these wins were largely dependent on clandestine intelligence activities for much of their success in penetrating foreign communications networks and encryption systems, and not the more traditional cryptanalytic attacks on encrypted messages that were the norm during the Cold War era. Prior to 9/11, the NSA's cryptanalysts used their huge stable of supercomputers to break cipher systems using what is referred to as "brute-force methods" -- using the supercomputers to run every cipher permutation until the message or messages in question become readable. It was a long, tedious, and extremely costly process (today the NSA spends over $247 million a year to buy and maintain its state-of-the-art supercomputer systems just for cryptanalytic use). But it did work if there were inherent vulnerabilities or structural weaknesses in the cipher being attacked or if the system's users did not practice proper communications security procedures, such as changing the cipher keys and passwords frequently.

The NSA today has more supercomputers than ever, and the agency still employs a number of puzzle-solvers, linguists, and math geeks. But these classic cryptanalysts have, in part, given way to a new breed.

You won't learn this in the files leaked by former NSA contractor Edward Snowden -- at least not directly. According to individuals who have reviewed the entire collection of 50,000 documents provided to the media by Snowden, what is missing from the papers is any document which lays out in detail just how successful the agency's code-breaking efforts have been. There are numerous documents in the Snowden collection describing individual NSA cryptologic programs, such as the NSA's mostly unsuccessful multiyear effort to crack the encryption protection used by the anonymizer service Tor. But no reports describing the agency's cryptanalytic successes and failures have been found in the Snowden collection to date.

Interviews with current and former intelligence officials conducted over the past two months have revealed that since 9/11, the NSA's computer scientists, electronic engineers, software programmers, and collection specialists have been remarkably inventive in finding new and innovative ways to circumvent the protections supposedly offered by encryption systems by compromising them through clandestine means. Among these clandestine means are CIA and FBI "black-bag jobs," as well as secret efforts by the U.S. intelligence community to interdict the shipment of advanced encryption technology to America's enemies around the world and insert "back doors" into commercially available computer, communications, and encryption technologies that allow the NSA to covertly access these systems without the users knowing it.

But the most sensitive of these clandestine techniques, and by far the most productive to date, is to covertly hack into targeted computers and copy the documents and message traffic stored on these machines before they are encrypted, a process known within the NSA as "Endpoint" operations. Responsibility for conducting these Endpoint operations rests with the computer hackers of the NSA's cyberespionage unit, the Office of Tailored Access Operations (TAO).

According to sources familiar with the organization's operations, TAO has been enormously successful over the past 12 years in covertly inserting highly sophisticated spyware into the hard drives of over 80,000 computer systems around the world, although this number could be much higher. And according to the sources, these implants are designed in such a way that they cannot be detected by currently available commercial computer security software. It has been suggested to me by a reliable source that "this is not an accident," with the insinuation being that many of the biggest commercially available computer security software systems made in the United States and overseas have been compromised by the NSA, either covertly or with the knowledge and consent of the companies that manufacture these systems.

Former agency personnel confirm that in innumerable instances, these TAO implants have allowed NSA analysts to copy and read all of the unencrypted documents stored on the targeted computer's hard drive, as well as copy every document and email message produced and/or transmitted by the machine. But more importantly, TAO has helped NSA cryptanalysts solve several hundred foreign government and commercial encryption systems because these spyware implants, if properly inserted into the computer, can covertly alter its security software as well as copy the encryption system's technical parameters, especially the system's encryption algorithm and access passwords, in a way that cannot be detected. These implants can compromise the encryption systems used by not only the targeted computer, but also by all other computer systems that it communicates with using encryption technology.

According to confidential sources familiar with TAO's operations, many of the NSA's cryptanalytic "success stories" against high-priority targets such as Russia and the People's Republic of China in recent years have been the direct result of TAO's cyberespionage efforts. For example, sources confirm that much of what the U.S. intelligence community knows about China's computer-hacking efforts against targets in the United States, Europe, and Asia stems from TAO's intelligence collection efforts since 2005, when TAO reportedly achieved a major technical breakthrough against a Chinese target.

But TAO doesn't just spy on America's rivals. In 2012, the group reportedly compromised the encryption system used by an important G-8 country to transmit sensitive diplomatic communications via satellite to its embassies around the world. The same is true with a number of countries in the Middle East and South Asia, including Egypt, Syria, Iran, and Pakistan, although the details of these successes are not yet known. And finally, sources report that TAO has successfully compromised the privacy protection systems currently used on a range of 4G cell phones and hand-held devices, thanks in large part to help from a major American telecommunications company.

There are high-profile targets that have proved resistant to TAO's cyberespionage efforts over the years, however. For example, TAO has reportedly had virtually no success penetrating North Korean government computer systems or networks because there are so few of them and they are heavily protected from access to the outside world.

Over time, TAO has become increasingly accomplished at its mission, thanks in part to the high-level cooperation that it secretly receives from the "big three" American telecommunications companies (AT&T, Verizon, and Sprint), most of the large U.S.-based Internet service providers, and many of the top computer security software manufacturers and consulting companies. According to a February 2012 budget document published this year by ProPublica, these companies "Insert vulnerabilities into commercial encryption systems, IT systems, networks, and endpoint communications devices used by targets" on behalf of TAO.

TAO is also very active in the global computer security industry marketplace, using the CIA, Defense Intelligence Agency, and State Department to help it keep close tabs on the latest computer security devices and software systems being developed around the world. And while details are lacking, informed sources report that TAO has been active in covertly buying up commercially available "hacker tools" or spyware software systems from individuals and companies in the United States and overseas, particularly in Western Europe, to help facilitate its ever-growing computer network exploitation efforts.

The extreme sensitivity of TAO's collection efforts has required the NSA to take extraordinary steps to try to disguise its computer-hacking activities. For instance, current and former intelligence sources confirm that TAO increasingly depends on clandestine techniques, such as commercial cover, to hide its activities. TAO uses an array of commercial business entities, some of them proprietary companies established specifically for this purpose, to try to hide its global computer-hacking activities from computer security experts in a maze of interlocking computer servers and command-and-control systems located in the United States and overseas that have no discernible link to the NSA or the U.S. government.

These sources also say that TAO gets a lot of help from politically motivated hackers, or "hacktivists," who unintentionally help the NSA by providing ideas to improve TAO's collection efforts. (Exactly which hacktivists have been particularly helpful, these sources wouldn't say.) Working closely with the NSA's computer security experts at the NSA/CSS Threat Operations Center, TAO personnel perform detailed forensic postmortem studies of every major successful computer penetration operation around the world. Some of these are pulled off by criminal outfits, some by government-backed groups, and others by political actors. In each case, the agency's personnel look for new techniques or procedures that they can use to get inside computer systems around the world.

There is no question that TAO's future looked incredibly bright before the first newspaper articles began appearing in the British and American press in June 2013 based on documents leaked by Snowden. Now, industry sources familiar with TAO say that the organization's future prospects have dimmed somewhat.

A number of foreign-based computer systems and IT networks that formerly were major producers of intelligence information for TAO have over the past three months changed security procedures and encryption systems, routed traffic to more secure computer nodes or servers, erected new firewalls, or have gone offline altogether. According to recent press reports, the Russian government for a time reverted back to using manual typewriters rather than commit sensitive information to its computer systems. And a number of European countries and Brazil have begun shifting their most sensitive data and communications traffic to secure networks that they hope will be resistant to the NSA's intrusive surveillance activities.

But this is, I am sure, just the tip of the iceberg. I have no doubt that the damage to TAO's foreign intelligence collection capabilities and its ability to facilitate the solution of foreign encryption systems by the NSA's cryptanalysts has been substantial. The big question that will determine TAO's future prospects is whether the damage done so far proves to be irreparable.

George Frey/Getty Images