Israel uses shell companies working for NSA to spy on US
by James Bamford
Israeli funded companies get paid to spy on US for NSA. CHOSEN in NSA sent data mining software to Israel.
Army General Keith Alexander, the director of the NSA, is having a busy year — hopping around the country, cutting ribbons at secret bases and bringing to life the agency’s greatly expanded eavesdropping network.
In January he dedicated the new $358 million CAPT Joseph J. Rochefort Building at NSA Hawaii, and in March he unveiled the 604,000-square-foot John Whitelaw Building at NSA Georgia.
Designed to house about 4,000 earphone-clad intercept operators, analysts and other specialists, many of them employed by private contractors, it will have a 2,800-square-foot fitness center open 24/7, 47 conference rooms and VTCs, and “22 caves,” according to an NSA brochure from the event. No television news cameras were allowed within two miles of the ceremony.
Overseas, Menwith Hill, the NSA’s giant satellite listening post in Yorkshire, England that sports 33 giant dome-covered eavesdropping dishes, is also undergoing a multi-million-dollar expansion, with $68 million alone being spent on a generator plant to provide power for new supercomputers. And the number of people employed on the base, many of them employees of Lockheed Martin and Northrop Grumman, is due to increase from 1,800 to 2,500 in 2015, according to a study done in Britain. Closer to home, in May, Fort Meade will close its 27-hole golf course to make room for a massive $2 billion, 1.8-million-square-foot expansion of the NSA’s headquarters, including a cybercommand complex and a new supercomputer center expected to cost nearly $1 billion.
The climax, however, will be the opening next year of the NSA’s mammoth 1-million-square-foot, $2 billion Utah Data Center. The centerpiece in the agency’s decade-long building boom, it will be the “cloud” where the trillions of millions of intercepted phone calls, e-mails, and data trails will reside, to be scrutinized by distant analysts over highly encrypted fiber-optic links.
Despite the post-9/11 warrantless wiretapping of Americans, the NSA says that citizens should trust it not to abuse its growing power and that it takes the Constitution and the nation’s privacy laws seriously.
But one of the agency’s biggest secrets is just how careless it is with that ocean of very private and very personal communications, much of it to and from Americans. Increasingly, obscure and questionable contractors — not government employees — install the taps, run the agency’s eavesdropping infrastructure, and do the listening and analysis.
And with some of the key companies building the U.S.’s surveillance infrastructure for the digital age employing unstable employees, crooked executives, and having troubling ties to foreign intelligence services, it’s not clear that Americans should trust the secretive agency, even if its current agency chief claims he doesn’t approve of extrajudicial spying on Americans. His predecessor, General Michael V. Hayden, made similar claims while secretly conducting the warrantless wiretapping program.
Until now, the actual mechanics of how the agency constructed its highly secret U.S. eavesdropping net, code-named Stellar Wind, has never been revealed. But in the weeks following 9/11, as the agency and the White House agreed to secretly ignore U.S. privacy laws and bypass the Foreign Intelligence Surveillance Court, J. Kirk Wiebe noticed something odd. A senior analyst, he was serving as chief of staff for the agency’s Signals Intelligence Automation Research Center (SARC), a sort of skunkworks within the agency where bureaucratic rules were broken, red tape was cut, and innovation was expected.
“One day I notice out in the hallway, stacks and stacks of new servers in boxes just lined up,” he said.
Passing by the piles of new Dell 1750 servers, Wiebe, as he often did, headed for the Situation Room, which dealt with threat warnings. It was located within the SARC’s Lab, on the third floor of Operations Building 2B, a few floors directly below the director’s office. “I walk in and I almost get thrown out by a guy that we knew named Ben Gunn,” he said. It was the launch of Stellar Wind and only a handful of agency officials were let in on the secret.
“He was the one who organized it,” said Bill Binney of Gunn. A former founder and co-director of SARC, Binney was the agency official responsible for automating much of the NSA’s worldwide monitoring networks. Troubled by the unconstitutional nature of tapping into the vast domestic communications system without a warrant, he decided to quit the agency in late 2001 after nearly forty years.
Gunn, said Binney, was a Scotsman and naturalized U.S. citizen who had formerly worked for GCHQ, Britain’s equivalent of the NSA, and later become a senior analyst at the NSA. The NSA declined Wired’s request to interview Gunn, saying that, as policy, it doesn’t confirm or deny if a person is employed by the agency.
Shortly after the secret meeting, the racks of Dell servers were moved to a room down the hall, behind a door with a red seal indicating only those specially cleared for the highly compartmented project could enter. But rather than having NSA employees putting the hardware and software together and setting up walls of monitors showing suspected terrorism threats and their U.S. communications, the spying room was filled with a half-dozen employees of a tiny mom-and-pop company with a bizarre and troubling history.
“It was Technology Development Corporation,” said Binney.
The agency went to TDC, he says, because the company had helped him set up a similar network in SARC — albeit one that was focused on foreign and international communications — the kind of spying the NSA is chartered to undertake.
“They needed to have somebody who knew how the code works to set it up,” he said. “And then it was just a matter of feeding in the attributes [U.S. phone numbers, e-mail addresses and personal data] and any of the content you want.” Those “attributes” came from secret rooms established in large telecom switches around the country. “I think there’s 10 to 20 of them,” Binney says.
Formed in April 1984, TDC was owned by two brothers, Randall and Paul Jacobson, and largely run out of Randall’s Clarkesville, Maryland house, with his wife acting as bookkeeper. But its listed address is a post office box in Annapolis Junction, across the Baltimore-Washington Parkway from the NSA, and the company’s phone number in various business directories is actually an NSA number in Binney’s old office.
The company’s troubles began in June 1992 when Paul lost his security clearance. “If you ever met this guy, you would know he’s a really strange guy,” Binney said of Paul. “He did crazy stuff. I think they thought he was unstable.” At the time, Paul was working on a contract at the NSA alongside a rival contractor, Unisys Corporation. He later blamed Unisys for his security problems and sued it, claiming that Unisys employees complained about him to his NSA supervisors. According to the suit, Unisys employees referred to him as “weird” and that he “acted like a robot,” “never wore decent clothes,” and was mentally and emotionally unstable. About that time, he also began changing his name, first to Jimmy Carter, and later to Alfred Olympus von Ronsdorf.
With “von Ronsdorf’s” clearance gone and no longer able to work at the NSA, Randy Jacobson ran the company alone, though he kept his brother and fellow shareholder employed in the company, which led to additional problems.
“What happened was Randy still let him have access to the funds of the company and he squandered them,” according to Binney. “It was so bad, Randy couldn’t pay the people who were working for him.” According to court records, Ronsdorf allegedly withdrew about $100,000 in unauthorized payments. But Jacobson had troubles of his own, having failed to file any income tax statements for three years in the 1990s, according to tax court records. Then in March 2002, around the time the company was completing Stellar Wind, Jacobson fired his brother for improper billing and conversion of company funds. That led to years of suits and countersuits over mismanagement and company ownership.
Despite that drama, Jacobson and his people appeared to have serious misgivings about the NSA’s program once they discovered its true nature, according to Binney. “They came and said, ‘Do you realize what these people are doing?’” he said. “‘They’re feeding us other stuff [U.S.] in there.’ I mean they knew it was unconstitutional right away.” Binney added that once the job was finished, the NSA turned to still another contractor to run the tapping operation. “They made it pretty well known, so after they got it up and running they [the NSA] brought in the SAIC people to run it after that.” Jacobsen was then shifted to other work at the NSA, where he and his company are still employed.
Randall Jacobsen answered his phone inside the NSA but asked for time to respond. He never called back.
In addition to constructing the Stellar Wind center, and then running the operation, secretive contractors with questionable histories and little oversight were also used to do the actual bugging of the entire U.S. telecommunications network.
According to a former Verizon employee briefed on the program, Verint, owned by Comverse Technology, taps the communication lines at Verizon, which I first reported in my book The Shadow Factory in 2008. Verint did not return a call seeking comment, while Verizon said it does not comment on such matters.
At AT&T the wiretapping rooms are powered by software and hardware from Narus, now owned by Boeing, a discovery made by AT&T whistleblower Mark Klein in 2004. Narus did not return a call seeking comment.
What is especially troubling is that both companies have had extensive ties to Israel, as well as links to that country’s intelligence service, a country with a long and aggressive history of spying on the U.S.
In fact, according to Binney, the advanced analytical and data mining software the NSA had developed for both its worldwide and international eavesdropping operations was secretly passed to Israel by a mid-level employee, apparently with close connections to the country. The employee, a technical director in the Operations Directorate, “who was a very strong supporter of Israel,” said Binney, “gave, unbeknownst to us, he gave the software that we had, doing these fast rates, to the Israelis.”
Because of his position, it was something Binney should have been alerted to, but wasn’t.
“In addition to being the technical director,” he said, “I was the chair of the TAP, it’s the Technical Advisory Panel, the foreign relations council. We’re supposed to know what all these foreign countries, technically what they’re doing…. They didn’t do this that way, it was under the table.” After discovering the secret transfer of the technology, Binney argued that the agency simply pass it to them officially, and in that way get something in return, such as access to communications terminals. “So we gave it to them for switches,” he said. “For access.”
But Binney now suspects that Israeli intelligence in turn passed the technology on to Israeli companies who operate in countries around the world, including the U.S. In return, the companies could act as extensions of Israeli intelligence and pass critical military, economic and diplomatic information back to them. “And then five years later, four or five years later, you see a Narus device,” he said. “I think there’s a connection there, we don’t know for sure.”
Narus was formed in Israel in November 1997 by six Israelis with much of its money coming from Walden Israel, an Israeli venture capital company. Its founder and former chairman, Ori Cohen, once told Israel’s Fortune Magazine that his partners have done technology work for Israeli intelligence. And among the five founders was Stanislav Khirman, a husky, bearded Russian who had previously worked for Elta Systems, Inc. A division of Israel Aerospace Industries, Ltd., Elta specializes in developing advanced eavesdropping systems for Israeli defense and intelligence organizations. At Narus, Khirman became the chief technology officer.
A few years ago, Narus boasted that it is “known for its ability to capture and collect data from the largest networks around the world.” The company says its equipment is capable of “providing unparalleled monitoring and intercept capabilities to service providers and government organizations around the world” and that “Anything that comes through [an Internet protocol network], we can record. We can reconstruct all of their e-mails, along with attachments, see what Web pages they clicked on, we can reconstruct their [Voice over Internet Protocol] calls.”
Like Narus, Verint was founded by in Israel by Israelis, including Jacob “Kobi” Alexander, a former Israeli intelligence officer. Some 800 employees work for Verint, including 350 who are based in Israel, primarily working in research and development and operations, according to the Jerusalem Post. Among its products is STAR-GATE, which according to the company’s sales literature, lets “service providers … access communications on virtually any type of network, retain communication data for as long as required, and query and deliver content and data …” and was “[d]esigned to manage vast numbers of targets, concurrent sessions, call data records, and communications.”
In a rare and candid admission to Forbes, Retired Brig. Gen. Hanan Gefen, a former commander of the highly secret Unit 8200, Israel’s NSA, noted his former organization’s influence on Comverse, which owns Verint, as well as other Israeli companies that dominate the U.S. eavesdropping and surveillance market. “Take NICE, Comverse and Check Point for example, three of the largest high-tech companies, which were all directly influenced by 8200 technology,” said Gefen. “Check Point was founded by Unit alumni. Comverse’s main product, the Logger, is based on the Unit’s technology.”
According to a former chief of Unit 8200, both the veterans of the group and much of the high-tech intelligence equipment they developed are now employed in high-tech firms around the world. “Cautious estimates indicate that in the past few years,” he told a reporter for the Israeli newspaper Ha’artez in 2000, “Unit 8200 veterans have set up some 30 to 40 high-tech companies, including 5 to 10 that were floated on Wall Street.” Referred to only as “Brigadier General B,” he added, “This correlation between serving in the intelligence Unit 8200 and starting successful high-tech companies is not coincidental: Many of the technologies in use around the world and developed in Israel were originally military technologies and were developed and improved by Unit veterans.”
Equally troubling is the issue of corruption. Kobi Alexander, the founder and former chairman of Verint, is now a fugitive, wanted by the FBI on nearly three dozen charges of fraud, theft, lying, bribery, money laundering and other crimes. And two of his top associates at Comverse, Chief Financial Officer David Kreinberg and former General Counsel William F. Sorin, were also indicted in the scheme and later pleaded guilty, with both serving time in prison and paying millions of dollars in fines and penalties.
When asked about these contractors, the NSA declined to “verify the allegations made.”
But the NSA did “eagerly offer” that it “ensures deliberate and appropriate measures are taken to thoroughly investigate and resolve any legitimate complaints or allegations of misconduct or illegal activity” and “takes seriously its obligation to adhere to the U.S. Constitution and comply with the U.S. laws and regulations that govern our activities.”
The NSA also added that “we are proud of the work we do to protect the nation, and allegations implying that there is inappropriate monitoring of American communications are a disservice to the American public and to the NSA civilian and military personnel who are dedicated to serving their country.”
However, that statement elides the voluminous reporting by the New York Times, Washington Post, USA Today, Los Angeles Times and Wired on the NSA’s warrantless wiretapping program. Also not reflected is that in the only anti-warrantless wiretapping lawsuit to survive the government’s use of the “state secrets” privilege to throw them out, a federal judge ruled that two American lawyers had been spied on illegally by the government and were entitled to compensation.
So take the NSA’s assurances as you will.
But as NSA director Alexander flies around the country, scissors in hand, opening one top-secret, outsourced eavesdropping center after another, someone might want to ask the question no one in Congress seems willing to ask: Who’s listening to the listeners?