The NSA Hides Its Domestic Collection by Refusing to Count It

/9 Comments/in , /by

In his speech at Cato last week Ron Wyden made it clear that when he asked Keith Alexander and James Clapper in advance of the reauthorization of the FISA Amendments Act for the number of Americans’ communications that had been collected under Section 702, he meant to elicit the estimates John Bates made in his October 3, 2011 opinion.

I spent much of 2012 asking the NSA and the DNI [Director of National Intelligence] whether anyone had done an estimate of how many American communications had been collected under section 702. The ODNI and the NSA insisted that such an estimate was impossible, but what they failed to tell the public was that the Fisa court had already done one.

Bates had the NSA conduct a manual review of a statistical subsection of 50,440 transactions collected via upstream collection between January and June 2011. (Note, it appears Bates may have had to raise dire warnings with “top DOJ officials” on July 8, 2011 before he got such a review.) He then annualized the results and estimated that the NSA was collecting up to 56,000 communications of Americans each year, made up of 46,000 communications consisting entirely of an American’s communication (Single Communication Transactions), and 10,000 in which their communication got included in a Multiple Communication Transaction swept up in the search.

Given what we’ve learned about the 2011 confrontation, Wyden’s serial requests for this information take on added importance for two reasons.

Administration never disclosed its domestic collection to the most Members of Congress

First, because the Administration very pointedly did not inform the bulk of Congress that NSA had been — and had been allowed to continue — collecting purely domestic communications from telecom switches. Neither the February 9, 2012 statement to the Senate Intelligence Committee nor the May 4, 2012 notice to Congress provided any indication that this violation involved collecting domestic communications (the December 8, 2011 statement to the House Intelligence Committee did, and both Committees, presumably as well as the Judiciary Committees, received the opinion itself, which makes that clear). It’s also not clear whether any of these notices included any mention of the SCTs, those single communication transactions involving just a US person communication.

Read more

Share this entry

The 2011 Disclosures

/in /by

This post simply breaks out the dates in the October 3, 2011 John Bates opinion, adding the claims the government made at the time. It provides a somewhat better idea of the circumstances surrounding the manual review of upstream collection NSA did.

Read more

Share this entry

“Folksy and Firm” Flummoxes Fancy NYT Journalists

/18 Comments/in /by

Less than 10 days ago, Keith Alexander admitted to Patrick Leahy that the single solitary case in which the phone dragnet proved critical was that of Basaaly Moalin. But that was not an attack. Rather, it was an effort to send money to al-Shabaab (and others) because they were protecting Somalia against a US backed Ethiopian invasion.

And yet two crack “journalists” used this as the lead of their “interview” with Alexander with not a hint of pushback.

The director of the National Security Agency, Gen. Keith B. Alexander, said in an interview that to prevent terrorist attacks he saw no effective alternative to the N.S.A.’s bulk collection of telephone and other electronic metadata from Americans.

The phone dragnet has never — never! — been more than one tool in preventing any attack, and yet Alexander gets to imply, unchallenged, it is critical going forward.

Instead of actual reporting, we get platitudes like this.

General Alexander was by turns folksy and firm in the interview. But he was unapologetic about the agency’s strict culture of secrecy and unabashed in describing its importance to defending the nation.

That culture is embodied by two installations that greet visitors to Fort Meade. One is a wall to honor N.S.A. personnel killed on overseas missions. The other is a tribute to the Enigma program, the code-breaking success that helped speed the end of World War II and led to the creation of the N.S.A. The intelligence community kept Enigma secret for three decades.

The only thing remotely resembling a challenge came when these “reporters” note Alexander’s claim to have willingly shut down the Internet metadata program (which the NSA has largely kept secret, in spite of having been disclosed) ignores NSA claims it (like the phone dragnet now, purportedly) was critical.

But he said the agency had not told its story well. As an example, he said, the agency itself killed a program in 2011 that collected the metadata of about 1 percent of all of the e-mails sent in the United States. “We terminated it,” he said. “It was not operationally relevant to what we needed.”

However, until it was killed, the N.S.A. had repeatedly defended that program as vital in reports to Congress.

The rest consists of more of the same kind of rebuttal by redefinition. The claim that NSA shares data with Israel is wrong, this “journalism” says, because “the probability of American content in the shared data was extremely small” (which of course says nothing about the way it would violate minimization procedures in any case). The claim that NSA launched 200 offensive cyberattacks in 2011 is wrong because many of those were actually other “electronic missions.” Besides, Alexander claims,

“I see no reason to use offensive tools unless you’re defending the country or in a state of war, or you want to achieve some really important thing for the good of the nation and others,” he said. [my link, for shits and giggles]

We are not now nor were we in 2006 when StuxNet started “in a state of war” with Iran, so how credible are any of these claims?

Mostly though, this appears to be an attempt, four months after highlighting the importance of PRISM against cyberattacks but then going utterly silent about that function, to reassert the importance of NSA’s hacking to prevent hacking.

Even there, though, Alexander presented dubious claims that got no challenge.

General Alexander said that confronting what he called the two biggest threats facing the United States — terrorism and cyberattacks — would require the application of expanded computer monitoring. In both cases, he said, he was open to much of that work being done by private industry, which he said could be more efficient than government.

In fact, he said, a direct government role in filtering Internet traffic into the United States, in an effort to stop destructive attacks on Wall Street, American banks and the theft of intellectual property, would be inefficient and ineffective.

“I think it leads people to the wrong conclusion, that we’re reading their e-mails and trying to listen to their phone calls,” he said.

The NSA already is filtering Internet traffic into the United States (and also searching on and reading incidentally collected Internet traffic without a warrant) under Section 702 certificates supporting counterterrorism, counterproliferation and … cyberattacks.

But nosiree, Alexander can’t envision doing what he’s already doing — and had been doing in a way that violated statute and the Fourth Amendment for three years already by 2011 — in the name of protecting the banksters who’ve gutted our economy. Only all of that — including the retention of US person data in the name of protecting property (presumably including intellectual property) is baked right into the NSA’s minimization procedures.

And that bit about violating Section 702 and the Fourth Amendment for over three years with a practice that was also baked into NSA’s minimization procedures? Here’s the claim the NYT’s crack journalists allow Alexander to end this charade with.

“We followed the law, we follow our policies, we self-report, we identify problems, we fix them,” he said. “And I think we do a great job, and we do, I think, more to protect people’s civil liberties and privacy than they’ll ever know.”

Share this entry

Findings versus Law: “The Intelligence Community Does Not Task Itself”

/9 Comments/in , /by

Predictably, Ben Wittes adopted the Shane Harris piece airing NSA gripes about the White House’s flaccid defense of them as part of Lawfare’s Empathy for Wiretappers series (brought to you in part by NSA contractor Northrop Grumman!).

In his commentary on the piece, Wittes compares Bush’s defense of torture (which Wittes calls coercive interrogation) and warrantless wiretapping (I assume he means the illegal warrantless wiretapping, as distinct from the warrantless wiretapping permitted under the existing legally sanctioned program) with Obama’s relative silence on NSA’s programs.

Another comparison would be to the way President Bush handled the firestorms over NSA’s warrantless wiretapping program and the CIA’s coercive interrogation program. Whatever one thinks of the programs in question, in my view the comparison does not flatter Obama.

Say what you will about Bush and the CIA’s interrogation program; there’s no question that he owned it. Nobody in the public ever thought that the program belonged to then-CIA Director George Tenet—though Tenet certainly was an enthusiastic executor. It was Bush’s program, and the reason it came off this way was that Bush publicly, repeatedly, and personally defended it. He made speeches about it. He wrote about it in his book. He never ran away from it. Nor, notably, did his attorney general. Similarly, Bush never ran away from warrantless wiretapping program. We associate him so personally with these programs, because he stoutly stood by them.

Obama has a lot on his plate right now. But he and his White House should not be leaving defense of intelligence programs he believes in to the intelligence community. Nor should Eric Holder, whose department convinced the FISA Court of the legal views currently at issue and oversees day-to-day FISA collection activity at NSA.

The intelligence community does not task itself. And when the political leadership tasks it to do something that then engulfs it in controversy, it should be a matter of honor not to let it dangle in the breeze.

As a threshold matter, who in their right mind would ask Eric Holder to defend a program? For better or worse, he has no more credibility right now than James Clapper or Keith Alexander, particularly among conservatives who believe he’s responsible for Fast and Furious. That may make him ineffective as an AG, but that is the AG Obama has chosen to retain.

Furthermore, which Attorney General does Ben have in mind that also defended these programs (or does he mean just torture?). Not only did John Ashcroft refuse to reauthorize parts of the illegal wiretap program, but Alberto Gonzales lied about it to get confirmed as Attorney General. Or does he mean Michael Mukasey, who by all appearances sold his soul at a meeting with David Addington, promising he wouldn’t oppose torture, in order to become Attorney General in the first place?

But I’m more interested, generally, in what I consider an inapt comparison.

One can argue that the President should aggressively defend whatever intelligence activities take place under his watch. But there is a big difference between the illegal wiretap and torture programs — which were authorized by a Presidential Directive and Finding, respectively — and the surveillance programs being exposed as a result of the Snowden  leaks — which were authorized by law.

In the former case, the intelligence agencies are all the more reliant on the President’s vocal defense, because without it they are entirely illegal. And for better and worse, the President should (but didn’t, at least not in the case of torture) pay close attention to the execution of those programs because he’s on the hook for them himself. That makes it much harder for the President to criticize any violations of the programs he authorized (like torture contractors James Mitchell and Bruce Jessen exceeding the terms of the program).

To the extent that the Intelligence Committees operate within the terms of the law, the same could be said of congressionally sanctioned programs.

That’s not what we’re talking about here. We’re talking about phone dragnet, Internet dragnet, and upstream collection, all of which violated the laws and/or Court ordered procedures authorizing them. When the government moved the phone dragnet under Section 215, it retained access for other agencies, performed contact chaining on unapproved selectors, and allowed access to the database from other NSA interfaces, old features of the illegal program that should have been turned off in 2006. We don’t know what the Internet dragnet violations were, but they’re likely also continuations of the illegal program. And NSA used FISA to intentionally target (according to John Bates) US person communications, in violation of the law and the Fourth Amendment, but also a practice that continued from the illegal program.

And the phone dragnet and (presuming they were discovered as part of the end-to-end review, though if they weren’t it’d be even more damning) Internet dragnet violations were admitted, after having persisted for 3 years, just as Obama entered the White House. The phone dragnet violations, at least, did not operate unchecked under the Obama Administration.

Further, as I noted yesterday, the woman now being criticized for her silence, Lisa Monaco, is one of the handful of people who had to ride herd on NSA as DOJ’s National Security Division brought NSA practices into compliance with the actual letter of the law.

I’d like to learn more about the tensions between Agencies as the Administration tried to bring the NSA programs into line with the letter of the law and FISC orders. Perhaps NSA worked proactively to reveal and fix everything (though the record seems to suggest the opposite). Perhaps it didn’t, and David Kris and Lisa Monaco had to push to force them to comply. But under Keith Alexander, the NSA failed to stay within the letter of the law (which ought to be reason enough to fire him). That makes the problems now being revealed substantively different from the torture and illegal wiretap programs, where the Executive only had to comply with what the President personally bought off on.

It may well be that Obama has approved all of what we’re seeing (he certainly approved an expanded StuxNet so should be held responsible for much of the hacking we’re doing; note that our offensive attacks actually are parallel to the covert programs raised by Wittes), though he couldn’t have approved the phone dragnet violations. It may well be that his Administration instead reined them in as soon as they discovered them, with whatever cooperation or resistance from NSA. We simply don’t know.

But an Agency violating the letter of the law and court orders affirmatively authorizing their actions is qualitatively different than an Agency violating the law based on direct orders from the President.

Share this entry

Shorter Rupp: We Inform Members at Briefings They Can’t Attend Because They’re Too Busy

/3 Comments/in /by

Since it became clear Mike Rogers had chosen not to pass on the Administration’s notice of phone dragnet problems, I’ve been wondering if he did the same with any notice about the FISA Amendments Act upstream problems.

In response to a query from Politico, Rogers and his counterpart Dutch Ruppersberger seem to suggest they did not pass on the notice.

Moreover, the House leaders who held the keys to the report did not loudly broadcast its existence to the rest of the chamber. The chairman of the Intelligence Committee, Rogers, and the panel’s ranking Democrat, Dutch Ruppersberger of Maryland, declined to say whether they even had sent a letter in 2012 informing members there had been a critical document to view. Hill sources say they don’t recall anything of the sort.

More telling still, though, is Rupp’s justification for providing briefings instead of the actual white paper.

Party leaders did hold unclassified and classified briefings on FISA, but they occurred just days before the House’s September 2012 vote to reauthorize the law. The Republican briefing, for example, occurred only two days before the House approved the FISA Amendments Act, according to an invite obtained by POLITICO. Yet nowhere in the message, sent Sept. 7, 2012, is any mention of the White House white paper on FISA oversight — the document that detailed how the agency had erred in collecting U.S. communications.

Committee leaders, though, stress they acted appropriately. “Members were notified of the contents of the white paper through the briefing,” Ruppersberger told POLITICO. “We felt that a briefing was an appropriate way to notify members of this important issue so that they would have the opportunity to get all of their questions answered immediately.”

The congressman continued: “Some members chose to take advantage of a briefing and some did not. We thought offering a briefing shortly before the vote was held would work best with members’ busy schedules and keep the issue fresh in their minds as they cast their vote.” [my emphasis]

In his explanation, Rupp explains that members have busy schedules.

And his accommodation for those busy schedules was to require members who want to be informed on issues they didn’t receive notice of adjust their busy schedule to show up at one of two briefings, rather than go to a SCIF to read a document during whatever time is most convenient for them. Indeed, I’ve heard from members that that’s part of the problem with briefings — they require people to drop all their other important issues and cater to Rogers’ and Rupp’s schedules, instead. All to learn about issues not identified in the meeting notice.

I’d add two points to the Politico piece. First, while it notes that the notice pitched the 2011 compliance problems as an example of functional oversight, there’s another problem with it. It doesn’t appear to reveal that some agency (probably FBI) already did, and the NSA newly started searching on incidentally collected US person data. Thus, it left out one of the most crucial aspects of the 2011 opinion, that it permitted the access to US person communications without a warrant.

And then a persnickety issue. Politico makes this claim.

The Washington Post first revealed that lapse in PATRIOT Act oversight in August, which at the time Rogers acknowledged “very few members” had taken advantage of any related briefing opportunities.

As the reporter admitted he knew, the WaPo did not, in fact, “first” reveal the earlier failure to pass on the notice. The WaPo reporting followed my own and the Guardian’s, as well as several other sites. The whole issue of “first” is stupid, but why use it, particularly if you know it is factually inaccurate?

Share this entry

“Together, we all prevail”

/17 Comments/in /by

For a 1,500-word Shane Harris piece that could be part of Lawfare’s Empathy for Wiretappers series (brought to you by NSA contractor Northrop Grumman!), Stewart Baker blames the White House failure to mount a vocal defense of NSA on John Brennan’s departure.

“I think actually this is the first signal that John Brennan is gone,” said Baker, the former NSA general counsel. “I think that if Brennan had still been there he would have immediately appreciated the importance, and communicated that to the president, of defending the program.”

John Brennan, of course, played a key role in rationalizing Dick Cheney’s illegal wiretap program, and therefore not only has a stake in protecting NSA, but also in insisting that the current program — which is just a rehashed version of the illegal program — is critical for detecting terrorists.

By comparison, Lisa Monaco, whom Baker implicitly criticizes (and the article explicitly notes) for her silence in the face of NSA’s problems, headed DOJ’s National Security Division from 2010 2011 until this year, and so likely had to deal with the aftermath of the phone dragnet problems, the full brunt of the Internet dragnet problems (which purportedly got shut down under her tenure), and the upstream collection problems — all three “features” of the illegal program that never got shut down when it moved under FISA Court supervision, and got called “bugs” when DOJ (Monaco!) had to reveal them.

And while the piece provides interesting new details about White House’s chilly relationship with a man they’ve nevertheless given vastly increasing amounts of power to,

The weak backing from top administration officials has aggravated the relationship between Alexander and the White House, where he has never been warmly embraced.

[snip]

Alexander has never been especially close to Obama or White House officials. Some thought he had tried to amass too much surveillance authority without appreciating the legal constraints on his agency, according to a former administration official. “I don’t understand why the White House didn’t throw Alexander under the bus,” the official added.

It actually doesn’t consider whether the Administration might be pursuing a conscious strategy of weakening Alexander’s considerable power (I have no reason to believe they are, but I can imagine why they might want to weaken someone who has only expanded his power since 2005 and got caught in serial fuck-ups as well).

It also doesn’t consider the possibility that one reason NSA employees are dispirited is because they’re learning about programs that violate the self-image they’ve got of their Agency.

Former intelligence officials who remain in regular contact with those still in government say that morale at the NSA is low, both because of the reaction to leaks by former contractor Edward Snowden, which put the normally secretive agency under intense scrutiny, and because of budget cutbacks and the continuing government shutdown, which has left some employees furloughed without pay.

Ah well. The NSA spokesperson is issuing slogans, so all is well in the national security world.

An NSA spokesperson downplayed any rift between the agency and the administration. “National security is a team sport. For us, collaboration is built into the very fabric of who we are,” said Vanee Vines. “There is no truth to rumors of dissension between NSA and the administration regarding the Agency’s mission to help defend the nation and save lives. Together, we all prevail.”

Together, we all prevail.

Share this entry

Jack Goldsmith’s Code

/9 Comments/in /by

On May 6, 2004, Jack Goldsmith signed an OLC memo that read, in part,

We conclude that in the circumstances of the current armed conflict with al Qaeda, the restrictions set out in FISA, as applied to targeted efforts to intercept the communications of the enemy in order to prevent further armed attacks on the United States, would be an unconstitutional infringement on the constitutionally assigned powers of the President. The President has inherent constitutional authority as Commander in Chief and sole organ for the nation in foreign affairs to conduct warrantless surveillance of enemy forces for intelligence purposes to detect and disrupt armed attacks on the United States. Congress does not have the power to restrict the President’s exercise of that authority.

[snip]

Finally, as part of the balancing of interests to evaluate the Fourth Amendment reasonableness, we think it is significant that [redacted] is limited solely to those international communications for which “there are reasonable grounds to believe … [that] a party to such communication is a group engaged in international terrorism, or activities in preparation therefor, or any agent of such a group.” March 11, 2004 Authorization [redacted] The interception is thus targeted precisely at communications for which there is already a reasonable basis to think there is a terrorism connection. This is relevant because the Supreme Court has indicated that in evaluating reasonableness, one should consider the “efficacy of [the] means for addressing the problem.”

[snip]

Thus, a program of surveillance that operated by listening to the content of every telephone call in the United States in order to find those calls that might relate to terrorism would require us to consider a rather difference [sic] balance here. [redacted] however, is precisely targeted to intercept solely those international communications for which there are reasonable grounds already to believe there is a terrorism connection, a limitation which further strongly supports the reasonableness of the searches.

We now know that opinion not only authorized the wiretapping of calls involving US persons, but also at least assumed the collection and contact chaining of the call records of all Americans (there’s an almost entirely redacted section of the memo that describes the March 19 halt to the collection of Internet metadata and the April 2 modification we don’t yet know about).

It’s worth keeping in mind that Goldsmith laid out the case that such a program was “reasonable” under the Fourth Amendment as you read his current writing on the NSA. For example, when — several weeks ago — he scolded the White House for not more aggressively defending the program that has actually expanded since he authorized it 9 years ago…

The government cannot rely on outsiders to explain these documents.  It must do so itself, aggressively and comprehensively, even at the expense of revealing more classified information or having to acknowledge embarrassing information.  If it doesn’t do so, the information already leaked, and the information that will be leaked in the weeks and months ahead, will continue to be portrayed in a very unfavorable light.

He was in part calling for the White House to protect programs he — back in 2004 — deemed critical to protect against terrorism.

Even more interesting is Goldsmith’s prediction (funded by Northrop Grumman, which is a significant NSA contractor) that we’ll all learn to welcome NSA scanning all the metadata and content of US communications — searches far more intrusive, and not committed under the guise of war — in search of hackers in the future.

“I can’t defend the country until I’m into all the networks,” General Alexander reportedly told senior government officials a few months ago.

For Alexander, being in the network means having government computers scan the content and metadata of Internet communications in the United States and store some of these communications for extended periods. Read more

Share this entry

Surveillance Logic: Snowden Is Bad because AQAP Conference Call Leak Was

/in , , /by

McClatchy did an interview with former national security official Ken Wainstein. He focuses on leaks, explaining how sometimes the “good leaks” don’t get prosecuted and admitting that overclassification is a problem.

But in response to McClatchy’s suggestion that Edward Snowden’s leaks are good, Wainstein responds in a bizarre fashion — by bringing up an entirely different leak.

Q: Do you weigh the public’s interest in the information that was leaked and whether it served the public good? For example, would you weigh whether Snowden’s actions triggered a broader debate about classified programs that the public should have known more about?

A: I think prosecutors would look at the intent of the leaker and what that person was intending to do.

But you wouldn’t have consensus that (the Snowden leak) was the best way to bring about this debate and that there hasn’t been damage. Just last week, for example, there was talk about how al Qaeda has shut down some of its communications because of aleak. I wouldn’t say it’s a given that it’s in the public interest that these disclosures are out there.

Wainstein’s talking, of course, of the NYT report that the public reports about the AQAP conference call story caused the terrorists to start using other communication methods.

But there are several problems with his claim. First, as I’ve pointed out, there’s a significant likelihood the leak in question came from AQAP sympathizers in the Yemeni government; in any case the leak was sourced to a broadly known fact in Yemen, not the US.

More importantly, the entire point of the story was that that AQAP leak had done more damage than all of Edward Snowden’s leaks. In fact, when criticized for the story, NYT’s editor pointed to that comparative fact as the entire point of the story.

He also said that many of the critics of the story “are missing part of the news here – that Snowden has not given away the store” in terms of harming national security or counterterrorism efforts.

The article, Mr. Hamilton said, “told an important and surprising story given the focus on Edward Snowden and the N.S.A. leaks. It had the kind of detail about terrorist operations that only reporters with long experience in national security coverage – and sources they can trust – can uncover.”

In other words, in response to a suggestion that Snowden’s leak did more harm than good, Wainstein points to a story that, even if the emphasis was wrong, pointed out that Snowden hadn’t done much damage.

Maybe Wainstein brought it up to suggest that McClatchy had better watch out; the AQAP story was also a McClatchy story. He’d be better off thanking McClatchy for making it clear someone in Yemen doesn’t keep our secrets very well.

But I guess that would ruin his entire scold about Edward Snowden.

Share this entry

The Business as Usual Brigade

/7 Comments/in /by

I missed the CATO surveillance event today (they’ll have video up soon, Julian Sanchez promises), but here’s the speech Ron Wyden gave.

I’m amused by this line:

We wanted to put this marker down early because we know in the months ahead we will be up against a “business-as-usual brigade” – made up of influential members of the government’s intelligence leadership, their allies in thinktanks and academia, retired government officials, and sympathetic legislators.

Wyden, a politician, can’t name these people.

But I would suggest they are all immediately identifiable as an archetype:

Influential members of the government’s intelligence leadership: Keith Alexander and James Clapper

Their allies in thinktanks and academia: Ben Wittes

Retired government officials: Michael Hayden

Sympathetic legislators: Dianne Feinstein

Indeed, further in his speech, he repeats claims these people have made, without identifying the speaker.

Some of the “business as usual” arguments have something of an Alice in Wonderland flavor.

We have heard that surveillance of Americans’ phone records, aka metadata, is not actually surveillance at all – it’s simply the collection of bits of information. [DiFi]

We’ve been told that falsehoods aren’t falsehoods – they are simply imprecise statements. [Clapper]

We’ve been told that rules that have been repeatedly broken are a valuable check on government overreach. [Wittes]

And we’ve been told that codifying secret surveillance laws and making them public surveillance laws is the same as actually reforming these overreaching surveillance programs. [Hayden]

And Wyden is absolutely correct. DiFi has submitted changes to Section 215 and 702 that … don’t change a single solitary thing, except that they (1) write down what the FISA Court has already mandated and (2) expand surveillance by authorizing the wiretapping of roamers for a period in the US.

So maybe Wyden isn’t correct? Maybe this is not the “Business as Usual Brigade,” but the “Use a crisis to authorizing phone wiretapping in the US brigade”?

Whatever it is, these are recognizable people. And the press should be focusing on the many ways in which their legislation actually increases surveillance.

Share this entry

How Can NSA Protect Our Power Grid from Cyberattack When It Can’t Keep Its Own Power On?

/34 Comments/in , /by

In the United States, it is usually a safe bet to attribute massive government fuck-ups to the bloated contractors we’ve outsourced our projects to.

And the electrical problems plaguing NSA’s new UT data center — described as lightening in a box that has caused $100,000 of damage each of the 10 times it has happened — do seem to stem from poorly supervised contractors.

The Army Corps of Engineers is overseeing the data center’s construction. Chief of Construction Operations, Norbert Suter said, “the cause of the electrical issues was identified by the team, and is currently being corrected by the contractor.” He said the Corps would ensure the center is “completely reliable” before handing it over to the NSA.

But another government assessment concluded the contractor’s proposed solutions fall short and the causes of eight of the failures haven’t been conclusively determined. “We did not find any indication that the proposed equipment modification measures will be effective in preventing future incidents,” said a report last week by special investigators from the Army Corps of Engineers known as a Tiger Team.

[snip]

It took six months for investigators to determine the causes of two of the failures. In the months that followed, the contractors employed more than 30 independent experts that conducted 160 tests over 50,000 man-hours, according to project documents.

[snip]

Contractors have started installing devices that insulate the power system from a failure and would reduce damage to the electrical machinery. But the fix wouldn’t prevent the failures, according to project documents and current and former officials.

Now, don’t pee your pants laughing.

But I did have two thoughts as I read this.

First, this extended confusion sounds similar to that which Iranian nuclear scientists experienced as they tried to figure out why their centrifuges kept blowing up, thanks to StuxNet. While I think the chances some kind of hack caused this are small (but not zero), I do find it ironic that we cause ourselves the same kind of havoc we cause our worst enemies.

And consider the mission!

Back in February, Keith Alexander warned of the possibility of cyberattacks on our grid (which, anonymous sources made clear, could probably only be launched by China or Russia, but that didn’t stop Alexander from suggesting Anonymous might launch such attacks). The NSA needs more authority to protect against attacks that might bring down our power sources, the head of the NSA suggested.

But the entity that proposes to wield that authority, it seems, can’t even build a brand spanking new electrical system immune from some kind of failure.

Share this entry