- Home
- Fred Kaplan
Dark Territory Page 2
Dark Territory Read online
Page 2
They’d found the right man. Not only had Ware long known about the myriad vulnerabilities of computer networks, he’d helped design the software program at NORAD. And for someone so steeped in the world of big secrets, Ware was remarkably open, even friendly. He looked like Jiminy Cricket from the Disney cartoon film of Pinocchio, and he acted a bit like him, too: excitable, quick-witted, quick to laugh.
Listening to the pair’s questions, Ware waved off their worries. Yes, he told them, the NORAD computer was supposed to be closed, but some officers wanted to work from home on the weekend, so they’d leave a port open. Anyone could get in, if the right number was dialed. Ware was letting the fledgling screenwriters in on a secret that few of his colleagues knew. The only computer that’s completely secure, he told them with a mischievous smile, is a computer that no one can use.
Ware gave Lasker and Parkes the confidence to move forward with their project. They weren’t interested in writing sheer fantasy; they wanted to imbue even the unlikeliest of plot twists with a grain of authenticity, and Ware gave them that. It was fitting that the scenario of WarGames, which aroused Ronald Reagan’s curiosity and led to the first national policy on reducing the vulnerability of computers, was in good part the creation of the man who’d first warned that they were vulnerable.
Ware couldn’t say so, but besides working for RAND, he also served on the Scientific Advisory Board of the National Security Agency. He knew the many ways in which the NSA’s signals intelligence crews were piercing the shields—penetrating the radio and telephone communications—of the Russian and Chinese military establishments. Neither of those countries had computers at the time, but ARPANET was wired through dial-up modems—through phone lines. Ware knew that Russia or China could hack into America’s phone lines, and thus into ARPANET, with the same bag of tricks that America was using to hack into their phone lines.
In other words, what the United States was doing to its enemies, its enemies could also do to the United States—maybe not right now, but someday soon.
* * *
The National Security Agency had its roots in the First World War. In August 1917, shortly after joining the fight, the United States government created Military Intelligence Branch 8, or MI-8, devoted to deciphering German telegraph signals. The unit stayed open even after the war, under the dual auspices of the war and state departments, inside an inconspicuous building in New York City that its denizens called the Black Chamber. The unit, whose cover name was the Code Compilation Company, monitored communications of suspected subversives; its biggest coup was persuading Western Union to provide access to all the telegrams coming over its wires. The Black Chamber was finally shut down in 1929, after Secretary of State Henry Stimson proclaimed, “Gentlemen don’t read each other’s mail.” But the practice was revived, with the outbreak of World War II, as the Signal Security Agency, which, along with British counterparts, broke the codes of German and Japanese communications—a feat that helped the Allies win the war. Afterward, it morphed into the Army Security Agency, then the multiservice Armed Forces Security Agency, then in 1952—when President Harry Truman realized the services weren’t cooperating with one another—a unified code-breaking organization called the National Security Agency.
Throughout the Cold War, the NSA set up bases around the world—huge antennas, dishes, and listening stations in the United Kingdom, Canada, Japan, Germany, Australia, and New Zealand—to intercept, translate, and analyze all manner of communications inside the Soviet Union. The CIA and the Air Force flew electronic-intelligence airplanes along, and sometimes across, the Soviet border, picking up signals as well. In still riskier operations, the Navy sent submarines, equipped with antennas and cables, into Soviet harbors.
In the early years of the Cold War, they were all listening mainly to radio signals, which bounced off the ionosphere all around the globe; a powerful antenna or large dish could pick up signals from just about anyplace. Then, in the 1970s, the Russians started switching to microwave transmissions, which beamed across much shorter distances; receivers had to be in the beam’s line of sight to intercept it. So the NSA created joint programs, sending spies from the CIA or other agencies across enemy lines, mainly in the Warsaw Pact nations of Eastern Europe, to erect listening posts that looked like highway markers, telephone poles, or other mundane objects.
Inside Moscow, on the tenth floor of the American embassy, the NSA installed a vast array of electronic intelligence gear. In a city of few skyscrapers, the tenth floor offered a panoramic view. Microwave receivers scooped up phone conversations between top Soviet officials—including Chairman Leonid Brezhnev himself—as they rode around the city in their limousines.
The KGB suspected something peculiar was going on up there. On January 20, 1978, Bobby Ray Inman, the NSA director, was awakened by a phone call from Warren Christopher, the deputy secretary of state. A fire had erupted in the Moscow embassy, and the local fire chief was saying he wouldn’t put it out unless he was given access to the tenth floor. Christopher asked Inman what he should do.
Inman replied, “Let it burn.” (The firefighters eventually put it out anyway. It was one of several fires that mysteriously broke out in the embassy during that era.)
By 1980, the last full year of Jimmy Carter’s presidency, the American spy agencies had penetrated the Soviet military machine so deeply, from so many angles, that analysts were able to piece together a near-complete picture of its operations, patterns, strengths, and weaknesses. And they realized that, despite its enormous buildup in troops and tanks and missiles, the Soviet military was extremely vulnerable.
The fatal gaps lay in the communications links of its command-control systems—the means by which radar operators tracked incoming planes and missiles, general officers sent out orders, and Kremlin higher-ups decided whether to go to war. And once American SIGINT crews were inside Soviet command-control, they could not only learn what the Russians were up to, which was valuable enough; they could also insert false information, disrupt the command signals, even shut them off. These disruptions might not win a war by themselves, but they could tip the balance, sowing confusion among Soviet officers, making them distrust the intelligence they were seeing and the orders they were receiving—which, in the best of scenarios, might stop them from launching a war in the first place.
The Russians, by now, had learned to encrypt their most vital command-control channels, but the NSA figured out how to break the codes, at least some of them. When cryptologists of whatever nationality coded a signal, they usually made a mistake here and there, leaving some passages in plain text. One way to break the code was to find the mistake, work backward to see how that passage—say, an often-used greeting or routine military jargon—had been encrypted in previous communiqués, then unravel the code from there.
Bobby Ray Inman had been director of naval intelligence before he took over the NSA in 1977, at the start of President Carter’s term. Even back then, he and his aides had fiddled with encryption puzzles. Now with the NSA’s vast secret budget at his disposal, Inman went at the task with full steam. In order to compare encrypted passages with mistakes in the clear, he needed machines that could store a lot of data and process it at high speed. For many years, the NSA had been building computers—vast corridors were filled with them—but this new task exceeded their capacity. So, early on in his term as director, Inman started a program called the Bauded Signals Upgrade, which involved the first “supercomputer.” The machine cost more than a billion dollars, and its usefulness was short-lived: once the Soviets caught on that their codes had been broken, they would devise new ones, and the NSA code breakers would have to start over. But for a brief period of Russian obliviousness, the BSU helped break enough high-level codes that, combined with knowledge gained from other penetrations, the United States acquired an edge—potentially a decisive edge—in the deadliest dimension of the Cold War competition.
Inman had a strong ally in the Pentagon’s top scientist,
William Perry. For a quarter century, Perry had immersed himself in precisely this way of thinking. After his Army service at the end of World War II, Perry earned advanced degrees in mathematics and took a job at Sylvania Labs, one of the many high-tech defense contractors sprouting up in Northern California, the area that would later be called Silicon Valley. While many of these firms were designing radar and weapons systems, Sylvania specialized in electronic countermeasures—devices that jammed, diffracted, or disabled those systems. One of Perry’s earliest projects involved intercepting the radio signals guiding a Soviet nuclear warhead as it plunged toward its target, then altering its trajectory, so the warhead swerved off course. Perry figured out a way to do this, but he told his bosses it wouldn’t be of much use, since Soviet nuclear warheads were so powerful—several megatons of blast, to say nothing of thermal heat and radioactive fallout—that millions of Americans would die anyway. (This experience led Perry, years later, to become an outspoken advocate of nuclear arms-reduction treaties.)
Still, Perry grasped a key point that most other weapons scientists of the day did not: that getting inside the enemy’s communications could drastically alter the effect of a weapon—and maybe the outcome of a battle or a war.
Perry rose through the ranks of Sylvania, taking over as director in 1954, then ten years later he left to form his own company, Electromagnetic Systems Laboratory, or ESL, which did contract work almost exclusively for the NSA and CIA. By the time he joined the Pentagon in 1977, he was as familiar as anyone with the spy agencies’ advances in signals intelligence; his company, after all, had built the hardware that made most of those advances possible.
It was Perry who placed these scattershot advances under a single rubric: “counter-C2 warfare,” the “C2” standing for “command and control.” The phrase derived from his longtime preoccupation with electronic countermeasures, for instance jamming an enemy jet’s radar receiver. But while jammers gave jets a tactical edge, counter-C2 warfare was a strategic concept; its goal was to degrade an enemy commander’s ability to wage war. The concept regarded communications links—and the technology to intercept, disrupt, or sever them—not merely as a conveyor belt of warfare but as a decisive weapon in its own right.
When Jimmy Carter was briefed on these strategic breakthroughs, he seemed fascinated by the technology. When his successor, the Cold War hawk Ronald Reagan, heard the same briefing a year later, he evinced little interest in the technical details, but was riveted to the big picture: it meant that if war broke out between the superpowers, as many believed likely, the United States could win, maybe quickly and decisively.
In his second term as president, especially after the reformer Mikhail Gorbachev took over the Kremlin, Reagan rethought the implications of American superiority: he realized that his military’s aggressive tactics and his own brazen rhetoric were making the Russians jumpy and the world more dangerous; so he softened his rhetoric, reached out to Gorbachev, and the two wound up signing a string of historic arms-reduction treaties that nearly brought the Soviet Union—the “evil empire,” as Reagan had once described it—into the international order. But during his first term, Reagan pushed hard on his advantage, encouraging the NSA and other agencies to keep up the counter-C2 campaign.
Amid this pressure, the Russians didn’t sit passive. When they found out about the microwaves emanating from the U.S. embassy’s tenth floor, they started beaming its windows with their own microwave generators, hoping to listen in on the American spies’ conversations.
The Russians grew clever at the spy-counterspy game. At one point, officials learned that the KGB was somehow stealing secrets from the Moscow embassy. The NSA sent over an analyst named Charles Gandy to solve the mystery. Gandy had a knack for finding trapdoors and vulnerabilities in any piece of hardware. He soon found a device called the Gunman inside sixteen IBM Selectric typewriters, which were used by the secretaries of high-level embassy officials. The Gunman recorded every one of their keystrokes and transmitted the data to a receiver in a church across the street. (Subsequent probes revealed that an attractive Russian spy had lured an embassy guard to let her in.)
It soon became clear that the Russians were setting up microwave beams and listening stations all over Washington, D.C., and New York City. Senior Pentagon officials—those whose windows faced high buildings across the Potomac River—took to playing Muzak in their offices while at work, so that if a Russian spy was shooting microwaves at those windows, it would clutter the ambient sound, drowning out their conversations.
Bobby Ray Inman had his aides assess the damage of this new form of spying. President Carter, a technically sophisticated engineer (he loved to examine the blueprints of the military’s latest spy satellites), had been assured that his phone conversations, as well as those of the secretaries of state and defense, were carried on secure landlines. But NSA technicians traced those lines and discovered that, once the signal reached Maryland, it was shunted to microwave transmitters, which were vulnerable to interception. There was no evidence the Soviets were listening in, but there was no reason to think they weren’t; they certainly could be, with little difficulty.
It took a while, but as more of these vulnerabilities were discovered, and as more evidence emerged that Soviet spies were exploiting them, a disturbing thought smacked a few analysts inside NSA: Anything we’re doing to them, they can do to us.
This anxiety deepened as a growing number of corporations, public utilities, and government contractors started storing data and running operations on automated computers—especially since some of them were commingling classified and unclassified data on the same machines, even the same software. Willis Ware’s warnings of a dozen years earlier were proving alarmingly prophetic.
Not everyone in the NSA was troubled. There was widespread complacency about the Soviet Union: doubt, even derision at the idea, that a country so technologically backward could do the remarkable things that America’s SIGINT crews were doing. More than that, to the extent computer hardware and software had security holes, the NSA’s managers were reluctant to patch them. Much of this hardware and software was used (or copied) in countries worldwide, including the targets of NSA surveillance; if it could easily be hacked, so much the better for surveillance.
The NSA had two main directorates: Signals Intelligence and Information Security (later called Information Assurance). SIGINT was the active, glamorous side of the puzzle palace: engineers, cryptologists, and old-school spies, scooping up radio transmissions, tapping into circuits and cables, all aimed at intercepting and analyzing communications that affected national security. Information Security, or INFOSEC, tested the reliability and security of the hardware and software that the SIGINT teams used. But for much of the agency’s history, the two sides had no direct contact. They weren’t even housed in the same building. Most of the NSA, including the SIGINT Directorate, worked in the massive complex at Fort Meade, Maryland. INFOSEC was a twenty-minute drive away, in a drab brown brick building called FANEX, an annex to Friendship Airport, which later became known as BWI Marshall Airport. (Until 1968, INFOSEC had been still more remote, in a tucked-away building—which, many years later, became the Department of Homeland Security headquarters—on Nebraska Avenue, in Northwest Washington.) INFOSEC technicians had a maintenance function; they weren’t integrated into operations at all. And the SIGINT teams did nothing but operations; they didn’t share their talents or insights to help repair the flaws in the equipment they were monitoring.
These two entities began to join forces, just a little, toward the end of Carter’s presidency. Pentagon officials, increasingly aware that the Soviets were penetrating their communications links, wanted INFOSEC to start testing hardware and software used not only by the NSA but by the Defense Department broadly. Inman set up a new organization, called the Computer Security Center, and asked his science and technology chief, George Cotter, to direct it. Cotter was one of the nation’s top cryptologists; he’d been doing si
gnals intelligence since the end of World War II and had worked for the NSA from its inception. Inman wanted the new center to start bringing together the SIGINT operators and the INFOSEC technicians on joint projects. The cultures would remain distinct for years to come, but the walls began to give.
The order to create the Computer Security Center came from the ASD(C3I), the assistant secretary of defense for command, control, communications, and intelligence—the Pentagon’s liaison with the NSA. When Reagan became president, his defense secretary, Caspar Weinberger, appointed Donald Latham to the position. Latham had worked SIGINT projects with George Cotter in the early to mid-1970s on the front lines of the Cold War: Latham as chief scientist of U.S. European Command, Cotter as deputy chief of NSA-Europe. They knew, as intimately as anyone, just how deeply both sides—the Soviets and the Americans (and some of their European allies, too)—were getting inside each other’s communications channels. After leaving NSA, Latham was named deputy chief of the Pentagon’s Office of Microwave, Space and Mobile Systems—and, from there, went on to work in senior engineering posts at Martin Marietta and RCA, where he remained immersed in these issues.
When General Jack Vessey came back from that White House meeting after Ronald Reagan had watched WarGames and asked his aides to find out whether someone could hack into the military’s most sensitive computers, it was only natural that his staff would forward the question to Don Latham. It didn’t take long for Latham to send back a response, the same response that Vessey would deliver to the president: Yes, the problem is much worse than you think.
Latham was put in charge of working up, and eventually drafting, the presidential directive called NSDD-145. He knew the various ways that the NSA—and, among all federal agencies, only the NSA—could not only hack but also secure telecommunications and computers. So in his draft, he put the NSA in charge of all their security.