[CTRL] [1] STOA Report: Interception Capabilities 2000

[Kris Millegan]

 -Caveat Lector-

from:
http://www.aci.net/kalliste/echelon/ic2000.htm
<A HREF="http://www.aci.net/kalliste/echelon/ic2000.htm">STOA Report:
Interception Capabilities 2000
</A>
-----
Awesome report. Site has oodles pix and drawings.
Om
K
--[1]--
7 May 1999. Thanks to Anonymous.



------------------------------------------------------------------------

Interception Capabilities 2000






Report to the Director General for Research of the European Parliament
(Scientific and Technical Options Assessment programme office)
on the development of surveillance technology and risk of abuse of
economic information.

This study considers the state of the art in Communications intelligence
(Comint) of
automated processing for intelligence purposes of intercepted broadband
multi-language leased or
common carrier systems, and its applicability to Comint targeting and
selection, including speech recognition .



Contents
Summary
Report
Recommendations
Technical annexe
Notes

Report by : Duncan Campbell, IPTV Ltd
Edinburgh, Scotland : April, 1999

Mailto:[EMAIL PROTECTED]

Illustration : 30 metre antennae at the Composite Signals Organisation
Station, Morwenstow, England,
intercepting communications from Atlantic Ocean and Indian Ocean
regional satellites. (D Campbell)






------------------------------------------------------------------------

••
Interception Capabilities 2000


Contents

1. Organisations and methods •
What is communications intelligence? •
UKUSA alliance
Other Comint organisations

How intelligence works •
Planning
Access and collection

Processing

Production and dissemination





2. Intercepting international communications •
International Leased Carrier (ILC) communications •
High frequency radio
Microwave radio relay

Subsea cables

Communications satellites

Communications techniques

ILC communications collection •
Access
Operation SHAMROCK

High frequency radio interception

Space interception of inter-city networks

Sigint satellites

COMSAT ILC collection

Submarine cable interception

Intercepting the Internet

Covert collection of high capacity signals

New satellite networks





3. ECHELON and Comint production •
The "Watch List" •
New information about ECHELON sites and systems •
Westminster, London : Dictionary computer
Sugar Grove, Virginia : COMSAT interception at ECHELON site

Sabana Seca, Puerto Rico and Leitrim, Canada : COMSAT interception sites


Waihopai, New Zealand : Intelsat interception at ECHELON site



ILC processing techniques



4. Comint and Law Enforcement •
Misrepresentation of law enforcement interception requirements
Law enforcement communications interception - policy development in
Europe




5. Comint and economic intelligence •
Tasking economic intelligence
Disseminating economic intelligence

The use of Comint economic intelligence product •
Panavia European Fighter Aircraft consortium and Saudi Arabia
Thomson CSF and Brazil

Airbus Industrie and Saudi Arabia

International trade negotiations

Targeting host nations





6. Comint capabilities after 2000 ••
Developments in technology

Policy issues for the European Parliament


Technical annexe •
Broadband (high capacity multi-channel) communications
Communications intelligence equipment •
Wideband extraction and signal analysis
Filtering, data processing, and facsimile analysis

Traffic analysis, keyword recognition, text retrieval, and topic
analysis

Speech recognition systems

Continuous speech recognition

Speaker identification and other voice message selection techniques



"Workfactor reduction"; the subversion of cryptographic systems



Glossary and definitions


Footnotes
 •



Summary




1. Communications intelligence (Comint) involving the covert
interception of foreign communications has been practised by almost
every advanced nation since international telecommunications became
available. Comint is a large-scale industrial activity providing
consumers with intelligence on diplomatic, economic and scientific
developments. The capabilities of and constraints on Comint activity may
usefully be considered in the framework of the "intelligence cycle"
(section 1).

2. Globally, about 15-20 billion Euro is expended annually on Comint and
related activities. The largest component of this expenditure is
incurred by the major English-speaking nations of the UKUSA alliance.(1)
 This report describes how Comint organisations have for more than 80
years made arrangements to obtain access to much of the world's
international communications. These include the unauthorised
interception of commercial satellites, of long distance communications
from space, of undersea cables using submarines, and of the Internet. In
excess of 120 satellite systems are currently in simultaneous operation
collecting intelligence (section 2).

3. The highly automated UKUSA system for processing Comint, often known
as ECHELON, has been widely discussed within Europe following a 1997
STOA report.(2) That report summarised information from the only two
primary sources then available on ECHELON.(3) This report provides
original new documentary and other evidence about the ECHELON system and
its involvement in the interception of communication satellites (section
3). A technical annexe give a supplementary, detailed description of
Comint processing methods.

4. Comint information derived from the interception of international
communications has long been routinely used to obtain sensitive data
concerning individuals, governments, trade and international
organisations. This report sets out the organisational and reporting
frameworks within which economically sensitive information is collected
and disseminated, summarising examples where European commercial
organisations have been the subject of surveillance (section 4).

5. This report identifies a previously unknown international
organisation - "ILETS" - which has, without parliamentary or public
discussion or awareness, put in place contentious plans to require
manufacturers and operators of new communications systems to build in
monitoring capacity for use by national security or law enforcement
organisations (section 5).

6. Comint organisations now perceive that the technical difficulties of
collecting communications are increasing, and that future production may
be costlier and more limited than at present. The perception of such
difficulties may provide a useful basis for policy options aimed at
protective measures concerning economic information and effective
encryption (section 6).

7. Key findings concerning the state of the art in Comint include :
••Comprehensive systems exist to access, intercept and process every
important modern form of communications, with few exceptions (section 2,
technical annexe);
•Contrary to reports in the press, effective "word spotting" search
systems automatically to select telephone calls of intelligence interest
are not yet available, despite 30 years of research. However, speaker
recognition systems - in effect, "voiceprints" - have been developed and
are deployed to recognise the speech of targeted individuals making
international telephone calls;
•Recent diplomatic initiatives by the United States government seeking
European agreement to the "key escrow" system of cryptography masked
intelligence collection requirements, and formed part of a long-term
program which has undermined and continues to undermine the
communications privacy of non-US nationals, including European
governments, companies and citizens;
•There is wide-ranging evidence indicating that major governments are
routinely utilising communications intelligence to provide commercial
advantage to companies and trade.
•••
1. Organisations and methods

What is communications intelligence?



1. Communications intelligence (Comint) is defined by NSA, the largest
agency conducting such operations as "technical and intelligence
information derived from foreign communications by other than their
intended recipient". (4)Comint is a major component of Sigint (signals
intelligence), which also includes the collection of non-communications
signals, such as radar emissions.(5) Although this report deals with
agencies and systems whose overall task may be Sigint, it is concerned
only with Comint.

2. Comint has shadowed the development of extensive high capacity new
civil telecommunications systems, and has in consequence become a
large-scale industrial activity employing many skilled workers and
utilising exceptionally high degrees of automation.

3. The targets of Comint operations are varied. The most traditional
Comint targets are military messages and diplomatic communications
between national capitals and missions abroad. Since the 1960s,
following the growth of world trade, the collection of economic
intelligence and information about scientific and technical developments
has been an increasingly important aspect of Comint. More recent targets
include narcotics trafficking, money laundering, terrorism and organised
crime.

4. Whenever access to international communications channels is obtained
for one purpose, access to every other type of communications carried on
the same channels is automatic, subject only to the tasking requirements
of agencies. Thus, for example, NSA and its British counterpart GCHQ,
used Comint collected primarily for other purposes to provide data about
domestic political opposition figures in the United States between 1967
and 1975.
•UKUSA alliance


5. The United States Sigint System (USSS) consists of the National
Security Agency (NSA), military support units collectively called the
Central Security Service, and parts of the CIA and other organisations.
Following wartime collaboration, in 1947 the UK and the US made a secret
agreement to continue to conduct collaborative global Comint activities.
Three other English-speaking nations, Canada, Australia and New Zealand
joined the UKUSA agreement as "Second Parties". The UKUSA agreement was
not acknowledged publicly until March 1999, when the Australian
government confirmed that its Sigint organisation, Defence Signals
Directorate (DSD) "does co-operate with counterpart signals intelligence
organisations overseas under the UKUSA relationship".(6) The UKUSA
agreement shares facilities, tasks and product between participating
governments.

6. Although UKUSA Comint agency staffs and budgets have shrunk following
the end of the cold war, they have reaffirmed their requirements for
access to all the world's communications. Addressing NSA staff on his
departure in 1992, then NSA director Admiral William Studeman described
how "the demands for increased global access are growing". The "business
area" of "global access" was, he said, one of "two, hopefully strong,
legs upon which NSA must stand" in the next century.(7)
•Other Comint organisations


7. Besides UKUSA, there at least 30 other nations operating major Comint
organisations. The largest is the Russian FAPSI, with 54,000 employees.
(8) China maintains a substantial Sigint system, two stations of which
are directed at Russia and operate in collaboration with the United
States. Most Middle Eastern and Asian nations have invested
substantially in Sigint, in particular Israel, India and Pakistan.
•How intelligence works


8. In the post cold war era, Comint interception has been constrained by
recognisable industrial features, including the requirement to match
budgets and capabilities to customer requirements. The multi-step
process by means of which communications intelligence is sought,
collected, processed and passed on is similar for all countries, and is
often described as the "intelligence cycle". The steps of the
intelligence cycle correspond to distinct organisational and technical
features of Comint production. Thus, for example, the administration of
NSA's largest field station in the world, at Menwith Hill in England and
responsible for operating over 250 classified projects, is divided into
three directorates: OP, Operations and Plans; CP, Collection Processing;
and EP, Exploitation and Production.


•Planning


9. Planning first involves determining customer requirements. Customers
include the major ministries of the sponsoring government - notably
those concerned with defence, foreign affairs, security, trade and home
affairs. The overall management of Comint involves the identification of
requirements for data as well as translating requirements into
potentially achievable tasks, prioritising, arranging analysis and
reporting, and monitoring the quality of Comint product.

10. Once targets have been selected, specific existing or new collection
capabilities may be tasked, based on the type of information required,
the susceptibility of the targeted activity to collection, and the
likely effectiveness of collection.
•Access and collection


11. The first essential of Comint is access to the desired
communications medium so that communications may be intercepted.
Historically, where long-range radio communications were used, this task
was simple. Some important modern communications systems are not "Comint
friendly" and may require unusual, expensive or intrusive methods to
gain access. The physical means of communication is usually independent
of the type of information carried. For example, inter-city microwave
radio-relay systems, international satellite links and fibre optic
submarine cables will all usually carry mixed traffic of television,
telephone, fax, data links, private voice, video and data.

12. Collection follows interception, but is a distinct activity in that
many types of signals may be intercepted but will receive no further
processing save perhaps technical searches to verify that communications
patterns remain unchanged. For example, a satellite interception station
tasked to study a newly launched communications satellite will set up an
antenna to intercept all that the satellite sends to the ground. Once a
survey has established which parts of the satellite's signals carry,
say, television or communications of no interest, these signals will not
progress further within the system.

13. Collection includes both acquiring information by interception and
passing information of interest downstream for processing and
production. Because of the high information rates used in many modern
networks, and the complexity of the signals within them, it is now
common for high speed recorders or "snapshot" memories temporarily to
hold large quantities of data while processing takes place. Modern
collection activities use secure, rapid communications to pass data via
global networks to human analysts who may be a continent away. Selecting
messages for collection and processing is in most cases automated,
involving large on-line databanks holding information about targets of
interest.
•Processing


14. Processing is the conversion of collected information into a form
suitable for analysis or the production of intelligence, either
automatically or under human supervision. Incoming communications are
normally converted into standard formats identifying their technical
characteristics, together with message (or signal) related information
(such as the telephone numbers of the parties to a telephone
conversation).

15. At an early stage, if it is not inherent in the selection of the
message or conversation, each intercepted signal or channel will be
described in standard "case notation". Case notation first identifies
the countries whose communications have been intercepted, usually by two
letters. A third letter designates the general class of communications:
C for commercial carrier intercepts, D for diplomatic messages, P for
police channels, etc. A fourth letter designates the type of
communications system (such as S for multi-channel). Numbers then
designate particular links or networks. Thus for example, during the
1980s NSA intercepted and processed traffic designated as "FRD" (French
diplomatic) from Chicksands, England, while the British Comint agency
GCHQ deciphered "ITD" (Italian diplomatic) messages at its Cheltenham
headquarters. (9)

16. Processing may also involve translation or "gisting" (replacing a
verbatim text with the sense or main points of a communication).
Translation and gisting can to some degree be automated.
•Production and dissemination


17. Comint production involves analysis, evaluation, translation and
interpretation of raw data into finished intelligence. The final step of
the intelligence cycle is dissemination, meaning the passing of reports
to the intelligence consumers. Such reports can consist of raw (but
decrypted and/or translated) messages, gists, commentary, or extensive
analyses. The quality and relevance of the disseminated reports lead in
turn to the re-specification of intelligence collection priorities,
thereby completing the intelligence cycle.

18. The nature of dissemination is highly significant to questions of
how Comint is exploited to obtain economic advantage. Comint activities
everywhere are highly classified because, it is argued, knowledge of the
success of interception would be likely to lead targets to change their
communications methods to defeat future interception. Within the UKUSA
system, the dissemination of Comint reports is limited to individuals
holding high-level security "SCI" clearances.(10) Further, because only
cleared officials can see Comint reports, only they can set requirements
and thus control tasking. Officials of commercial companies normally
neither have clearance nor routine access to Comint, and may therefore
only benefit from commercially relevant Comint information to the extent
that senior, cleared government officials permit. The ways in which this
takes place is described in Section 5, below.

19. Dissemination is further restricted within the UKUSA organisation by
national and international rules generally stipulating that the Sigint
agencies of each nation may not normally collect or (if inadvertently
collected) record or disseminate information about citizens of, or
companies registered in, any other UKUSA nation. Citizens and companies
are collectively known as "legal persons". The opposite procedure is
followed if the person concerned has been targeted by their national
Comint organisation.

20. For example, Hager has described (11) how New Zealand officials were
instructed to remove the names of identifiable UKUSA citizens or
companies from their reports, inserting instead words such as "a
Canadian citizen" or "a US company". British Comint staff have described
following similar procedures in respect of US citizens following the
introduction of legislation to limit NSA's domestic intelligence
activities in 1978.(12) The Australian government says that "DSD and its
counterparts operate internal procedures to satisfy themselves that
their national interests and policies are respected by the others ...
the Rules [on Sigint and Australian persons] prohibit the dissemination
of information relating to Australian persons gained accidentally during
the course of routine collection of foreign communications; or the
reporting or recording of the names of Australian persons mentioned in
foreign communications".(13) The corollary is also true; UKUSA nations
place no restrictions on intelligence gathering affecting either
citizens or companies of any non-UKUSA nation, including member states
of the European Union (except the UK).

••2. Intercepting international communications
International Leased Carrier (ILC) communications



21. It is a matter of record that foreign communications to and from, or
passing through the United Kingdom and the United States have been
intercepted for more than 80 years.(14) Then and since, most
international communications links have been operated by international
carriers, who are usually individual national PTTs or private companies.
In either case, capacity on the communication system is leased to
individual national or international telecommunications undertakings.
For this reason, Comint organisations use the term ILC (International
Leased Carrier) to describe such collection.
•High frequency radio


22. Save for direct landline connections between geographically
contiguous nations, high frequency (HF) radio system were the most
common means of international telecommunications prior to 1960, and were
in use for ILC, diplomatic and military purposes. An important
characteristic of HF radio signals is that they are reflected from the
ionosphere and from the earth's surface, providing ranges of thousands
of miles. This enables both reception and interception.
•Microwave radio relay


23. Microwave radio was introduced in the 1950s to provide high capacity
inter-city communications for telephony, telegraphy and, later,
television. Microwave radio relay communications utilise low power
transmitters and parabolic dish antennae placed on towers in high
positions such as on hilltops or tall buildings. The antennae are
usually 1-3m in diameter. Because of the curvature of the earth, relay
stations are generally required every 30-50km.
•Subsea cables


24. Submarine telephone cables provided the first major reliable high
capacity international communications systems. Early systems were
limited to a few hundred simultaneous telephone channels. The most
modern optical fibre systems carry up to 5 Gbps (Gigabits per second) of
digital information. This is broadly equivalent to about 60,000
simultaneous telephone channels.
•Communications satellites


25. Microwave radio signals are not reflected from the ionosphere and
pass directly into space. This property has been exploited both to
provide global communications and, conversely, to intercept such
communications in space and on land. The largest constellation of
communications satellites (COMSATs) is operated by the International
Telecommunications Satellite organisation (Intelsat), an international
treaty organisation. To provide permanent communications from point to
point or for broadcasting purposes, communications satellites are placed
into so-called "geostationary" orbits such that, to the earth-based
observer, they appear to maintain the same position in the sky.

26. The first geostationary Intelsat satellites were orbited in 1967.
Satellite technology developed rapidly. The fourth generation of
Intelsat satellites, introduced in 1971, provided capacity for 4,000
simulataneous telephone channels and were capable of handling all forms
of communications simultaneously -telephone, telex, telegraph,
television, data and facsimile. In 1999, Intelsat operated 19 satellites
of its 5th to 8th generations. The latest generation can handle the
equivalent to 90,000 simultaneous calls.
•Communications techniques


27. Prior to 1970, most communications systems (however carried)
utilised analogue or continuous wave techniques. Since 1990, almost all
communications have been digital, and are providing ever higher
capacity. The highest capacity systems in general use for the Internet,
called STM-1 or OC-3, operates at a data rate of 155Mbs. (Million bits
per second; a rate of 155 Mbps is equivalent to sending 3 million words
every second, roughly the text of one thousand books a minute.) For
example, links at this capacity are used to provide backbone Internet
connections between Europe and the United States. Further details of
communications techniques are given in the technical annexe.
•ILC communications collection
Access



28. Comint collection cannot take place unless the collecting agency
obtains access to the communications channels they wish to examine.
Information about the means used to gain access are, like data about
code-breaking methods, the most highly protected information within any
Comint organisation. Access is gained both with and without the
complicity or co-operation of network operators.
•Operation SHAMROCK


29. From 1945 onwards in the United States the NSA and predecessor
agencies systematically obtained cable traffic from the offices of the
major cable companies. This activity was codenamed SHAMROCK. These
activities remained unknown for 30 years, until enquiries were prompted
by the Watergate affair. On 8 August 1975, NSA Director Lt General Lew
Allen admitted to the Pike Committee of the US House of Representatives
that :
•••"NSA systematically intercepts international communications, both
voice and cable".


30. He also admitted that "messages to and from American citizens have
been picked up in the course of gathering foreign intelligence". US
legislators considered that such operations might have been
unconstitutional. During 1976, a Department of Justice team investigated
possible criminal offences by NSA. Part of their report was released in
1980. It described how intelligence on US citizens:
•••"was obtained incidentally in the course of NSA's interception of
aural and non-aural (e.g., telex) international communications and the
receipt of GCHQ-acquired telex and ILC (International Leased Carrier)
cable traffic (SHAMROCK)" (emphasis in original).(15) •
High frequency radio interception antenna (AN/FLR9)
DODJOCC sign at NSA station, Chicksands

High frequency radio interception



31. High frequency radio signals are relatively easy to intercept,
requiring only a suitable area of land in, ideally, a "quiet" radio
environment. From 1945 until the early 1980s, both NSA and GCHQ operated
HF radio interception systems tasked to collect European ILC
communications in Scotland.(16)

32. The most advanced type of HF monitoring system deployed during this
period for Comint purposes was a large circular antenna array known as
AN/FLR-9. AN/FLR-9 antennae are more than 400 metres in diameter. They
can simultaneously intercept and determine the bearing of signals from
as many directions and on as many frequencies as may be desired. In
1964, AN/FLR-9 receiving systems were installed at San Vito dei
Normanni, Italy; Chicksands, England, and Karamursel, Turkey.

33. In August 1966, NSA transferred ILC collection activities from its
Scottish site at Kirknewton, to Menwith Hill in England. Ten years
later, this activity was again transferred, to Chicksands. Although the
primary function of the Chicksands site was to intercept Soviet and
Warsaw Pact air force communications, it was also tasked to collect ILC
and "NDC" (Non-US Diplomatic Communications). Prominent among such tasks
was the collection of FRD traffic (i.e., French diplomatic
communications). Although most personnel at Chicksands were members of
the US Air Force, diplomatic and ILC interception was handled by
civilian NSA employees in a unit called DODJOCC.(17)

34. During the 1970s, British Comint units on Cyprus were tasked to
collect HF communications of allied NATO nations, including Greece and
Turkey. The interception took place at a British army unit at Ayios
Nikolaos, eastern Cyprus.(18) In the United States in 1975,
investigations by a US Congressional Committee revealed that NSA was
collecting diplomatic messages sent to and from Washington from an army
Comint site at Vint Hill Farms, Virginia. The targets of this station
included the United Kingdom.(19)
•Space interception of inter-city networks


35. Long distance microwave radio relay links may require dozens of
intermediate stations to receive and re-transmit communications. Each
subsequent receiving station picks up only a tiny fraction of the
original transmitted signal; the remainder passes over the horizon and
on into space, where satellites can collect it. These principles were
exploited during the 1960s to provide Comint collection from space. The
nature of microwave "spillage" means that the best position for such
satellites is not above the chosen target, but up to 80 degrees of
longitude away.

36. The first US Comint satellite, CANYON, was launched In August 1968,
followed soon by a second. The satellites were controlled from a ground
station at Bad Aibling, Germany. In order to provide permanent coverage
of selected targets, CANYON satellites were placed close to
geostationary orbits. However, the orbits were not exact, causing the
satellites to change position and obtain more data on ground targets.
(20) Seven CANYON satellites were launched between 1968 and 1977.

37. CANYON's target was the Soviet Union. Major Soviet communications
links extended for thousands of miles, much of it over Siberia, where
permafrost restricted the reliable use of underground cables.
Geographical circumstances thus favoured NSA by making Soviet internal
communications links highly accessible. The satellites performed better
than expected, so the project was extended.

38. The success of CANYON led to the design and deployment of a new
class of Comint satellites, CHALET. The ground station chosen for the
CHALET series was Menwith Hill, England. Under NSA project P-285, US
companies were contracted to install and assist in operating the
satellite control system and downlinks (RUNWAY) and ground processing
system (SILKWORTH). The first two CHALET satellites were launched in
June 1978 and October 1979. After the name of the first satellite
appeared in the US press, they were renamed VORTEX. In 1982, NSA
obtained approval for expanded "new mission requirements" and were given
funds and facilities to operate four VORTEX satellites simultaneously. A
new 5,000m2 operations centre (STEEPLEBUSH) was constructed to house
processing equipment. When the name VORTEX was published in 1987, the
satellites were renamed MERCURY.(21)

39. The expanded mission given to Menwith Hill after 1985 included
MERCURY collection from the Middle East. The station received an award
for support to US naval operations in the Persian Gulf from 1987 to
1988. In 1991, a further award was given for support of the Iraqi war
operations, Desert Storm and Desert Shield.(22) Menwith Hill is now the
major US site for Comint collection against its major ally, Israel. Its
staff includes linguists trained in Hebrew, Arabic and Farsi as well as
European languages. Menwith Hill has recently been expanded to include
ground links for a new network of Sigint satellites launched in 1994 and
1995 (RUTLEY). The name of the new class of satellites remains unknown.
•Sigint satellites


40. The CIA developed a second class of Sigint satellite with
complementary capabilities over the period from 1967 to 1985. Initially
known as RHYOLITE and later AQUACADE, these satellites were operated
from a remote ground station in central Australia, Pine Gap. Using a
large parabolic antenna which unfolded in space, RHYOLITE intercepted
lower frequency signals in the VHF and UHF bands. Larger, most recent
satellites of this type have been named MAGNUM and then ORION. Their
targets include telemetry, VHF radio, cellular mobile phones, paging
signals, and mobile data links.

41. A third class of satellite, known first as JUMPSEAT and latterly as
TRUMPET, operates in highly elliptical near-polar orbits enabling them
to "hover" for long period over high northern latitudes. They enable the
United States to collect signals from transmitters in high northern
latitudes poorly covered by MERCURY or ORION, and also to intercept
signals sent to Russian communications satellites in the same orbits.

Comint satellites in geostationary orbits, such as VORTEX, intercept
terrestial microwave spillage
Inter-city microwave radio relay tower pills" signals into space


42. Although precise details of US space-based Sigint satellites
launched after 1990 remain obscure, it is apparent from observation of
the relevant ground centres that collection systems have expanded rather
than contracted. The main stations are at Buckley Field, Denver,
Colorado; Pine Gap, Australia; Menwith Hill, England; and Bad Aibling,
Germany. The satellites and their processing facilities are
exceptionally costly (of the order of $1 billion US each). In 1998, the
US National Reconnaissance Office (NRO) announced plans to combine the
three separate classes of Sigint satellites into an Integrated Overhead
Sigint Architecture (IOSA) in order to " improve Sigint performance and
avoid costs by consolidating systems, utilising ... new satellite and
data processing technologies". (23)

43. It follows that, within constraints imposed by budgetary limitation
and tasking priorities, the United States can if it chooses direct space
collection systems to intercept mobile communications signals and
microwave city-to-city traffic anywhere on the planet. The geographical
and processing difficulties of collecting messages simultaneously from
all parts of the globe suggest strongly that the tasking of these
satellites will be directed towards the highest priority national and
military targets. Thus, although European communications passing on
inter-city microwave routes can be collected, it is likely that they are
normally ignored. But it is very highly probable that communications to
or from Europe and which pass through the microwave communications n
etworks of Middle Eastern states are collected and processed.

44. No other nation (including the former Soviet Union) has deployed
satellites comparable to CANYON, RHYOLITE, or their successors. Both
Britain (project ZIRCON) and France (project ZENON) have attempted to do
so, but neither persevered. After 1988 the British government purchased
capacity on the US VORTEX (now MERCURY) constellation to use for
unilateral national purposes.(24) A senior UK Liaison Officer and staff
from GCHQ work at Menwith Hill NSA station and assist in tasking and
operating the satellites.
•COMSAT ILC collection


45. Systematic collection of COMSAT ILC communications began in 1971.
Two ground stations were built for this purpose. The first at
Morwenstow, Cornwall, England had two 30-metre antennae. One intercepted
communications from the Atlantic Ocean Intelsat; the other the Indian
Ocean Intelsat. The second Intelsat interception site was at Yakima,
Washington in the northwestern United States. NSA's "Yakima Research
Station" intercepted communications passing through the Pacific Ocean
Intelsat satellite.

46. ILC interception capability against western-run communications
satellites remained at this level until the late 1970s, when a second US
site at Sugar Grove, West Virginia was added to the network. By 1980,
its three satellite antenna had been reassigned to the US Naval Security
Group and were used for COMSAT interception. Large-scale expansion of
the ILC satellite interception system took place between 1985 and 1995,
in conjunction with the enlargement of the ECHELON processing system
(section 3). New stations were constructed in the United States (Sabana
Seca, Puerto Rico), Canada (Leitrim, Ontario), Australia (Kojarena,
Western Australia) and New Zealand (Waihopai, South Island). Capacity at
Yakima, Morwenstow and Sugar Grove was expanded, and continues to
expand.

Based on a simple count of the number of antennae currently installed at
each COMSAT interception or satellite SIGINT station, it appears that
the UKUSA nations are between them currently operating at least 120
satellite based collection systems. The approximate number of antennae
in each category are:

- Tasked on western commercial communications satellites (ILC)40-
Controlling space based signals intelligence satellites30- Currently or
formerly tasked on Soviet communications satellites50


Systems in the third category may have been reallocated to ILC tasks
since the end of the cold war.(25)

47. Other nations increasingly collect Comint from satellites. Russia's
FAPSI operates large ground collection sites at Lourdes, Cuba and at Cam
Ranh Bay, Vietnam.(26) Germany's BND and France's DGSE are alleged to
collaborate in the operation of a COMSAT collection site at Kourou,
Guyana, targeted on "American and South American satellite
communications". DGSE is also said to have COMSAT collection sites at
Domme (Dordogne, France), in New Caledonia, and in the United Arab
Emirates.(27) The Swiss intelligence service has recently announced a
plan for two COMSAT interception stations.(28)

Satellite ground terminal at Etam, West Virginia connecting Europe and
the US via Intelsat IV
GCHQ constructed an identical "shadow" station in 1972 to intercept
Intelsat messages for UKUSA
•Submarine cable interception


48. Submarine cables now play a dominant role in international
telecommunications, since - in contrast to the limited bandwidth
available for space systems - optical media offer seemingly unlimited
capacity. Save where cables terminate in countries where te
lecommunications operators provide Comint access (such as the UK and the
US), submarine cables appear intrinsically secure because of the nature
of the ocean environment.

49. In October 1971, this security was shown not to exist. A US
submarine, Halibut, visited the Sea of Okhotsk off the eastern USSR and
recorded communications passing on a military cable to the Khamchatka
Peninsula. Halibut was equipped with a deep diving chamber, fully in
view on the submarine's stern. The chamber was described by the US Navy
as a "deep submergence rescue vehicle". The truth was that the "rescue
vehicle" was welded immovably to the submarine. Once submerged, deep-sea
divers exited the submarine and wrapped tapping coils around the cable.
Having proven the principle, USS Halibut returned in 1972 and laid a
high capacity recording pod next to the cable. The technique involved no
physical damage and was unlikely to have been readily detectable.(29)

50. The Okhotsk cable tapping operation continued for ten years,
involving routine trips by three different specially equipped submarines
to collect old pods and lay new ones; sometimes, more than one pod at a
time. New targets were added in 1979. That summer, a newly converted
submarine called USS Parche travelled from San Francisco under the North
Pole to the Barents Sea, and laid a new cable tap near Murmansk. Its
crew received a presidential citation for their achievement. The Okhotsk
cable tap ended in 1982, after its location was compromised by a former
NSA employee who sold information about the tap, codenamed IVY BELLS, to
the Soviet Union. One of the IVY BELLS pods is now on display in the
Moscow museum of the former KGB. The cable tap in the Barents Sea
continued in operation, undetected, until tapping stopped in 1992.

51. During 1985, cable-tapping operations were extended into the
Mediterranean, to intercept cables linking Europe to West Africa. (30)
 After the cold war ended, the USS Parche was refitted with an extended
section to accommodate larger cable tapping equipment and pods. Cable
taps could be laid by remote control, using drones. USS Parche continues
in operation to the present day, but the precise targets of its missions
remain unknown. The Clinton administration evidently places high value
on its achievements, Every year from 1994 to 1997, the submarine crew
has been highly commended.(31) Likely targets may include the Middle
East, Mediterranean, eastern Asia, and South America. The United States
is the only naval power known to have deployed deep-sea technology for
this purpose.

52. Miniaturised inductive taps recorders have also been used to
intercept underground cables.(32) Optical fibre cables, however, do not
leak radio frequency signals and cannot be tapped using inductive loops.
NSA and other Comint agencies have spent a great deal of money on
research into tapping optical fibres, reportedly with little success.
But long distance optical fibre cables are not invulnerable. The key
means of access is by tampering with optoelectronic "repeaters" which
boost signal levels over long distances. It follows that any submarine
cable system using submerged optoelectronic repeaters cannot be
considered secure from interception and communications intelligence
activity.

USS halibut with disguised chamber for diving
Cable tapping pod laid by US submarine off Khamchatka
•Intercepting the Internet


53. The dramatic growth in the size and significance of the Internet and
of related forms of digital communications has been argued by some to
pose a challenge for Comint agencies. This does not appear correct.
During the 1980s, NSA and its UKUSA partners operated a larger
international communications network than the then Internet but based on
the same technology.(33) According to its British partner "all GCHQ
systems are linked together on the largest LAN [Local Area Network] in
Europe, which is connected to other sites around the world via one of
the largest WANs [Wide Area Networks] in the world ... its main networki
ng protocol is Internet Protocol (IP).(34) This global network,
developed as project EMBROIDERY, includes PATHWAY, the NSA's main
computer communications network. It provides fast, secure global
communications for ECHELON and other systems.

54. Since the early 1990s, fast and sophisticated Comint systems have
been developed to collect, filter and analyse the forms of fast digital
communications used by the Internet. Because most of the world's
Internet capacity lies within the United States or connects to the
United States, many communications in "cyberspace" will pass through
intermediate sites within the United States. Communications from Europe
to and from Asia, Oceania, Africa or South America normally travel via
the United States.

55. Routes taken by Internet "packets" depend on the origin and
destination of the data, the systems through which they enter and leaves
the Internet, and a myriad of other factors including time of day. Thus,
routers within the western United States are at their most idle at the
time when central European traffic is reaching peak usage. It is thus
possible (and reasonable) for messages travelling a short distance in a
busy European network to travel instead, for example, via Internet
exchanges in California. It follows that a large proportion of
international communications on the Internet will by the nature of the
system pass through the United States and thus be readily accessible to
NSA.

56.Standard Internet messages are composed of packets called "datagrams"
. Datagrams include numbers representing both their origin and their
destination, called "IP addresses". The addresses are unique to each
computer connected to the Internet. They are inherently easy to identify
as to country and site of origin and destination. Handling, sorting and
routing millions of such packets each second is fundamental to the
operation of major Internet centres. The same process facilitates
extraction of traffic for Comint purposes.

57. Internet traffic can be accessed either from international
communications links entering the United States, or when it reaches
major Internet exchanges. Both methods have advantages. Access to
communications systems is likely to be remain clandestine - whereas
access to Internet exchanges might be more detectable but provides
easier access to more data and simpler sorting methods. Although the
quantities of data involved are immense, NSA is normally legally
restricted to looking only at communications that start or finish in a
foreign country. Unless special warrants are issued, all other data
should normally be thrown away by machine before it can be examined or
recorded.

58. Much other Internet traffic (whether foreign to the US or not) is of
trivial intelligence interest or can be handled in other ways. For
example, messages sent to "Usenet" discussion groups amounts to about 15
Gigabytes (GB) of data per day; the rough equivalent of 10,000 books.
All this data is broadcast to anyone wanting (or willing) to have it.
Like other Internet users, intelligence agencies have open source access
to this data and store and analyse it. In the UK, the Defence Evaluation
and Research Agency maintains a 1 Terabyte database containing the
previous 90 days of Usenet messages.(35) A similar service, called "Deja
News", is available to users of the World Wide Web (WWW). Messages for
Usenet are readily distinguishable. It is pointless to collect them
clandestinely.

59. Similar considerations affect the World Wide Web, most of which is
openly accessible. Web sites are examined continuously by "search
engines" which generate catalogues of their contents. "Alta Vista" and
"Hotbot" are prominent public sites of this kind. NSA similarly employs
computer "bots" (robots) to collect data of interest. For example, a New
York web site known as JYA.COM (http://www.jya.com/cryptome) offers
extensive public information on Sigint, Comint and cryptography. The
site is frequently updated. Records of access to the site show that
every morning it is visited by a "bot" from NSA's National Computer
Security Centre, which looks for new files and makes copies of any that
it finds.(36)

60. It follows that foreign Internet traffic of communications
intelligence interest - consisting of e-mail, file transfers, "virtual
private networks" operated over the internet, and some other messages -
will form at best a few per cent of the traffic on most US Internet
exchanges or backbone links. According to a former employee, NSA had by
1995 installed "sniffer" software to collect such traffic at nine major
Internet exchange points (IXPs).(37) The first two such sites
identified, FIX East and FIX West, are operated by US government
agencies. They are closely linked to nearby commercial locations, MAE
East and MAE West (see table). Three other sites listed were Network
Access Points originally developed by the US National Science Foundation
to provide the US Internet with its initial "backbone".

Internet siteLocationOperatorDesignationFIX EastCollege Park, MarylandUS
governmentFederal Information ExchangeFIX WestMountain View, California
US governmentFederal Information ExchangeMAE EastWashington, DCMCI
Metropolitan Area EthernetNew York NAPPennsauken, New JerseySprintlink
Network Access PointSWABWashington, DCPSInet / Bell AtlanticSMDS
Washington Area BypassChicago NAPChicago, IllinoisAmeritech / Bellcorp
Network Access PointSan Francisco NAPSan Francisco, CaliforniaPacific
BellNetwork Access PointMAE WestSan Jose, CaliforniaMCIMetropolitan Area
EthernetCIXSanta Clara CaliforniaCIXCommercial Internet Exchange
•••••••Table 1 NSA Internet Comint access at IXP sites (1995) (38)


61. The same article alleged that a leading US Internet and
telecommunications company had contracted with NSA to develop software
to capture Internet data of interest, and that deals had been struck
with the leading manufacturers Microsoft, Lotus, and Netscape to alter
their products for foreign use. The latter allegation has proven correct
(see technical annexe). Providing such features would make little sense
unless NSA had also arranged general access to Internet traffic.
Although NSA will not confirm or deny such allegations, a 1997 court
case in Britain involving alleged "computer hacking" produced evidence
of NSA surveillance of the Internet. Witnesses from the US Air Force
component of NSA acknowledged using packet sniffers and specialised
programmes to track attempts to enter US military computers. The case
collapsed after the witnesses refused to provide evidence about the
systems they had used.(39)
•Covert collection of high capacity signals


62. Where access to signals of interest is not possible by other means,
Comint agencies have constructed special purpose interception equipment
to install in embassies or other diplomatic premises, or even to carry
by hand to locations of special interest. Extensive descriptions of
operations of this kind have been published by Mike Frost, a former
official of CSE, the Canadian Sigint agency.(40) Although city centre
embassy premises are often ideally situated to intercept a wide range of
communications, ranging from official carphone services to high capacity
microwave links, processing and passing on such information may be
difficult. Such collection operations are also highly sensitive for
diplomatic reasons. Equipment for covert collection is therefore
specialised, selective and miniaturised.

63. A joint NSA/CIA "Special Collection Service" manufactures equipment
and trains personnel for covert collection activities One major device
is a suitcase-sized computer processing system. ORATORY. ORATORY is in
effect a miniaturised version of the Dictionary computers described in
the next section, capable of selecting non-verbal communications of
interest from a wide range of inputs, according to pre-programmed
selection criteria. One major NSA supplier ("The IDEAS Operation") now
offers micro-miniature digital receivers which can simultaneously
process Sigint data from 8 independent channels. This radio receiver is
the size of a credit card. It fits in a standard laptop computer. IDEAS
claim, reasonably, that their tiny card "performs functions that would
have taken a rack full of equipment not long ago".
•New satellite networks


64. New network operators have constructed mobile phone systems
providing unbroken global coverage using satellites in low or medium
level earth orbits. These systems are sometimes called satellite
personal communications systems (SPCS). Because each satellite covers
only a small area and moves fast, large numbers of satellites are needed
to provide continuous global coverage. The satellites can relay signals
directly between themselves or to ground stations. The first such system
to be completed, Iridium, uses 66 satellites and started operations in
1998. Iridium appears to have created particular difficulties for
communications intelligence agencies, since the signals down from the
Iridium and similar networks can only be received in a small area, which
may be anywhere on the earth's surface.
--[cont]--
Aloha, He'Ping,
Om, Shalom, Salaam.
Em Hotep, Peace Be,
Omnia Bona Bonis,
All My Relations.
Adieu, Adios, Aloha.
Amen.
Roads End
Kris

DECLARATION & DISCLAIMER
==========
CTRL is a discussion and informational exchange list. Proselyzting propagandic
screeds are not allowed. Substance—not soapboxing!  These are sordid matters
and 'conspiracy theory', with its many half-truths, misdirections and outright
frauds is used politically  by different groups with major and minor effects
spread throughout the spectrum of time and thought. That being said, CTRL
gives no endorsement to the validity of posts, and always suggests to readers;
be wary of what you read. CTRL gives no credeence to Holocaust denial and
nazi's need not apply.

Let us please be civil and as always, Caveat Lector.
========================================================================
Archives Available at:
http://home.ease.lsoft.com/archives/CTRL.html

http:[EMAIL PROTECTED]/
========================================================================
To subscribe to Conspiracy Theory Research List[CTRL] send email:
SUBSCRIBE CTRL [to:] [EMAIL PROTECTED]

To UNsubscribe to Conspiracy Theory Research List[CTRL] send email:
SIGNOFF CTRL [to:] [EMAIL PROTECTED]

Om