Obama Administration Expanded Warrantless Surveillance to Target ‘Malicious Cyber Activity’
Documents from NSA whistleblower Edward Snowden show warrantless surveillance was expanded by President Barack Obama’s administration to target “malicious cyber activity.”
After Congress legalized the warrantless wiretapping with the FISA Amendments Act in 2008, non-US citizens could be targeted abroad. The administration developed a new policy for cybersecurity and took steps that would make the difference between a spy and criminal nearly non-existent.
According to a report from the New York Times and ProPublica, the White House National Security Council decided in May 2009 that “reliance on legal authorities that make theoretical distinctions between armed attacks, terrorism and criminal activity may prove impractical.”
The NSA proposed that the government use the warrantless surveillance program for cybersecurity about the same time.
In May and July 2012, the Justice Department signed off on searches of “cybersignatures” and Internet addresses. The approval was tied to previously granted authority to spy on foreign governments obtained from the Foreign Intelligence Surveillance Court. However, the NSA soon grew frustrated with the limits this imposed on them.
“That limit meant the NSA had to have some evidence for believing that the hackers were working for a specific foreign power,” the report indicates. “That rule, the NSA soon complained, left a ‘huge collection gap against cyberthreats to the nation’ because it is often hard to know exactly who is behind an intrusion, according to an agency newsletter. Different computer intruders can use the same piece of malware, take steps to hide their location or pretend to be someone else.”
Before the year was over, the NSA pressed the secret surveillance court for permission to use the warrantless wiretapping program for “cybersecurity purposes.”
As this happened, the FBI’s authority to target Internet data and use it for its criminal and “national security” investigations expanded.
…[T]he FBI in 2011 had obtained a new kind of wiretap order from the secret surveillance court for cybersecurity investigations, permitting it to target Internet data flowing to or from specific Internet addresses linked to certain governments.
To carry out the orders, the FBI negotiated in 2012 to use the NSA’s system for monitoring Internet traffic crossing “chokepoints operated by U.S. providers through which international communications enter and leave the United States,” according to a 2012 NSA document. The NSA would send the intercepted traffic to the bureau’s “cyberdata repository” in Quantico, Virginia…
The newly claimed authority is but another example of an expansion of executive power the Obama administration arrogated to itself without any public debate whatsoever.
Ryan J. Gallagher, a journalist for The Intercept, points out that the revelations also suggest that former NSA director Keith Alexander was lying or deliberately trying to mislead the public to win support for expansion of the NSA’s power to fight cyber attacks.
Alexander “lobbied for more cybersecurity powers” throughout his tenure “but did not mention the scope of those already obtained by the agency,” Gallagher recalls. “In March 2014, the then-NSA director told a cybersecurity conference at Georgetown University: ‘An attack on Wall Street or an exploit going against Wall Street — NSA and Cyber Command would probably not see that. We have no capability there. Against everything that’s been said, the fact is we don’t have the ability to see it.'”
Jonathan Mayer, a computer scientist and lawyer at Stanford University who was consulted for the story, contends, “When data is exfiltrated in the course of an attack, it often includes sensitive information about Americans. The NSA believes that this exfiltrated data should be considered ‘incidental’ collection, rendering it eligible for backdoor searches. Put differently: when a data breach occurs on American soil, and the NSA intercepts stolen data about Americans, it believes it can use that data for intelligence purposes.”
He points out that FBI and Homeland Security Department (DHS) are collaborating and sharing this cybersecurity data collected without a warrant. For the first time, it is clear the NSA has asserted “broad domestic cybersecurity powers” greater than DHS and the Justice Department.
In August 2014, an interview with Snowden by journalist James Bamford was published by Wired. Snowden shared how he was disturbed by a “Strangelovian cyberwarfare program” that had been “in the works” at NSA. It was codenamed “MonsterMind.”
According to Snowden, the program “would automate the process of hunting for the beginnings of a foreign cyberattack. Software would constantly be on the lookout for traffic patterns indicating known or suspected attacks. When it detected an attack, MonsterMind would automatically block it from entering the country—a ‘kill’ in cyber terminology.”
While programs like this had been used by the government before, the program would also have the potential to accidentally start a war because it would have the capability to “automatically fire back, with no human involvement.”
…That’s a problem, Snowden says, because the initial attacks are often routed through computers in innocent third countries. “These attacks can be spoofed,” he says. “You could have someone sitting in China, for example, making it appear that one of these attacks is originating in Russia. And then we end up shooting back at a Russian hospital. What happens next?”…
Snowden explained to Bamford that such a program would be “the ultimate threat to privacy” because the NSA would have to have access to “virtually all private communications coming in from overseas to people in the US” in order for it to work.
…“The argument is that the only way we can identify these malicious traffic flows and respond to them is if we’re analyzing all traffic flows,” he says. “And if we’re analyzing all traffic flows, that means we have to be intercepting all traffic flows. That means violating the Fourth Amendment, seizing private communications without a warrant, without probable cause or even a suspicion of wrongdoing. For everyone, all the time.”…
The contents of these documents reported on by the Times and ProPublica essentially affirm what Snowden was saying about “MonsterMind.” The NSA does appear to be able to intercept all private communications without a warrant or probable cause of wrongdoing.
No public discussion about offensive cyber warfare capabilities has been allowed to take place in Congress. President Obama has refused to let the public be a part of any debate, possibly because the issue has already been decided without the consent of US citizens.
During a Senate Armed Services Committee hearing on “worldwide threats” in February, Sen. Angus King asked Director of National Intelligence James Clapper about whether offensive capabilities should be developed to fight cyber attacks.
Clapper answered, “We do have offensive capabilities that I can’t go into here. I think the issue, though, is, What is the policy? What is it that would achieve cyber deterrence? And that is an issue that, at the policy level, we’re still, frankly, wrestling with.”
“I’m delighted to hear that it is being wrestled with, and I think I heard you say that this is something that we need to consider. And, of course, to go back to Dr. Strangelove, if you have a deterrent and don’t tell people about it, it’s not a deterrent,” King replied.
“Well, that’s true,” Clapper said.
The public is only beginning to get a glimpse at the scale of the “Strangelovian cyber warfare” being engaged in by the US government and the secret law that has been engineered to justify it. And, once again, citizens would have no idea this is what their government was doing with its power if it were not for Snowden.
Defense Department photo of former NSA director Keith Alexander by Mass Communication Specialist 1st Class Daniel Hinton and as government work is in the public domain.