Some are starting to consider Edward Snowden as the NSA’s old, boring uncle. His leaks grimly pass around secrets of the NSA: online surveillance disclosures, the MonsterMind program and privacy invasion of international governments. And still revelations about the NSA’s classified activities continue to tumble out.
The latest? The National Security Agency is supplying data to two dozen US government agencies courtesy of a “Google-like” search engine designed to share 850 billion records about emails, cellphone locations, Internet chats and phone calls, according to classified documents provided to The Intercept by none other than Edward Snowden.
The tool, called ICREACH, includes millions of records on innocent US citizens (not accused of any wrongdoing), as well as private communications of foreigners. While a multitude of NSA programs have been exposed for collecting large data of communications, and the NSA has admitted sharing some of the collected information with domestic agencies, no one had a clue about the scoop and insights of its sharing.
The particular NSA-built search engine lets the agency share a trove of metadata records not just with others in the CIA and NSA but also with government and domestic law enforcement agencies, such as the DEA and FBI.
The database includes records obtained through Executive Order 12333, which a State Department Official purported as the main program used by the NSA to collect its data; it is not subject to Congress oversight.
Started in 2007, ICREACH was originally intended to internally share data collected from several networks, for tracking suspect’s movements, reveal political or religion affiliations and associate networks.
However, according to a memo from 2010, the program has been accessible to nearly a thousand analysts working in more than 23 US government agencies that carry out intelligence work.
While analysts cannot access the content of phone calls or emails, the metadata in itself may be enough to put together a piece of a suspect’s present, past and potential future patterns.
The NSA also notes the collected data includes protocols and formats that can be used to render the information for systems and people. So, the Google-like search engine acts as a portal for analysts to gather information from various databases to get an idea of a citizen’s activities.
The system can handle upwards of 5 billion records every day and the saved metadata has information concerning when and to whom phone calls are made or emails are sent. It may also reveal GPS location of a citizen’s device.
Those using ICREACH enter selectors, such as a phone number or an email address, and then are redirected to a page that includes relevant data – emails sent to a particular address or phone call records in a particular month.
Director of National Intelligence spokesman, Jeffrey Anchukaitis, declined to comment on a multitude of questions from The Intercept about the scope and size of ICREACH, but stated that information sharing has turned into “a pillar of the post-9/11 intelligence community” as a part of the endeavor to prevent valuable data from getting “stove-piped in any single office or agency.”
While the NSA estimated making more than 850 billion records available on ICREACH, the intelligence community’s “Black Budget” for 2013 reveals that the NSA sought new sources of funds to upgrade the search engine to provide analysts with a wider range of sharable data.
Last year in December, President Obama’s hand-picked surveillance review group said that as a general rule, the government should not be allowed to store and collect all undigested, mass and non-public personal information about citizens to enable data-mining and queries for the purpose of foreign intelligence.
It also recommended that personal information about US citizens should be removed when detected unless it is required to prevent harm to others or holds foreign intelligence value.
One of the five members of the review panel, Peter Swire, told The Intercept he could not state whether the review group received briefing on programs like ICREACH, but said the review group was concerned that the need to share had extended too far among agencies.
Let’s not forget – this is a story about the National Security Agency, the intelligence body responsible for not only gathering foreign intelligence but also tasked with protecting US government information systems.
There are clearly serious questions which need to be asked about whether the authorities have overstepped their remit and invaded individuals’ civil liberties and rights to privacy.
But one also has to continue to question the competence of an organization, which through lax security, allowed its secrets and confidential files to spill out into the public domain in the first place.
Many of us may now be enlightened by the facts that are now available to us but if the NSA and other intelligence agencies can’t keep their own secrets out of the newspapers, what does that say about their ability to secure the sensitive information they might hold about you or me?
- Information Security Post-Snowden
- Privacy, National Security and Mass Surveillance: The Role of Crypto
- Defensive Cyberspace Operations and Intelligence
- The Cyber Security Forum Initiative
Check out Tripwire SecureScan™, a free, cloud-based vulnerability management service for up to 100 Internet Protocol (IP) addresses on internal networks. This new tool makes vulnerability management easily accessible to small and medium-sized businesses that may not have the resources for enterprise-grade security technology – and it detects the Heartbleed vulnerability.
The Executive’s Guide to the Top 20 Critical Security Controls
Tripwire has compiled an e-book, titled The Executive’s Guide to the Top 20 Critical Security Controls: Key Takeaways and Improvement Opportunities, which is available for download [registration form required].