News

The Spybots Among Us

How the NSA tracks terrorists in the United States through the Internet

By Peter Byrne 

Imagine, for a moment, a hypothetical terrorist, disguised as a stockbroker or perhaps a bike messenger, biding his time at an Internet cafe in downtown San Francisco. He orders a cup of coffee, plugs in his laptop computer, and connects to his home page. Three thousand miles away, at Fort George G. Meade in Maryland, an audio speaker bleeps at the computer station of the National Security Agency intelligence analyst assigned to spy on this particular terrorist -- a U.S. citizen -- as he trades e-mail with his cell members and roams cyberspace looking for advice on building weapons.

The NSA is the top-secret arm of the U.S. Department of Defense whose job is to monitor billions of electronic communications around the world -- phone calls, telexes, faxes, and e-mails -- and sift through them for intelligence nuggets. In the case of the San Francisco terrorist, the NSA may have latched onto him after he visited a Web site at the Los Alamos National Laboratory and downloaded a file on "Condensed Matter Plutonium" (no longer available after Sept. 11). Using strings of self-contained computer code called "bots," short for "robots," the NSA tracked him back to his computer. Or perhaps the NSA found him through a tip from the CIA, or because he received an e-mail from another terrorist. In any case, the NSA has had him under surveillance for months. The analyst has been reading the terrorist's e-mail and tracking other visitors to politically extreme Web sites the suspect has visited. Government hackers have also remotely installed a "spybot," disguised as part of the code that creates white space in Microsoft Word documents, on the suspect's hard drive, which, unbeknown to him, has been stealing the entire contents of his computer, keystroke by keystroke, and uploading it to Fort Meade, where sophisticated software has been correlating it with millions of records stored in the world's largest array of Cray supercomputers. Over time, the analyst has determined the true names of all members of the terrorist's violently inclined cell and their physical whereabouts.

Through a combination of mechanical processing power and human intuition, the government has come to realize that the cafe terrorist is planning to suicidally detonate a "dirty" radioactive bomb in less than an hour from inside a van parked on the open-air roof level of the Sutter-Stockton Garage in downtown San Francisco. The NSA sounds an alarm. Within minutes, federal agents raid the Internet cafe and whisk the suspected terrorist away for questioning and indefinite detention, as other teams of agents round up the rest of his cell from their hiding places in Bay Area suburbs.

While this scenario is fictional, it is not unrealistic. Government studies, news reports, and interviews with a score of experts on national security and computer security issues indicate that the NSA monitors and hacks into the Internet and the World Wide Web. While the NSA is generally forbidden to spy on U.S. citizens without probable cause and a court order, there are numerous loopholes in surveillance law that, especially since Sept. 11, allow the NSA to track U.S. citizens in cyberspace at will.

In the aftermath of the terrorist attacks, Congress passed laws and budgets that expanded the NSA's surveillance powers. The so-called Patriot Act (an acronym for Providing Appropriate Tools Required to Intercept and Obstruct Terrorism, a bill that passed in late October) increases the government's authority to intercept electronic communications on the Internet for use in court as evidence against terrorists, criminals, and political activists of all stripes. It also relaxes traditional constitutional protections against unreasonable search and seizure to allow intelligence agencies, such as the NSA, to throw wide nets into cyberspace to capture intelligence for purely military, not prosecutorial, purposes.

In its search for terrorists, the NSA has a stunning array of tools at its disposal. It can intercept and analyze millions of electronic messages a day at a handful of Internet crossroads (including one in San Francisco), made possible by technology supplied in part by Bay Area companies. It can also narrowly target individuals and groups -- hiding on their computer hard drives, spying on their e-mails and Internet travels, and electronically following anyone who visits certain red-flagged Web sites.

Yet those broadened powers, and the airtight secrecy surrounding the agency, have also raised questions about what precedents are being set for spying on American citizens once the current crisis has passed.

The internal legal guidelines the NSA uses to decide under what conditions it is allowed to track "U.S. persons" (citizens, permanent aliens, and businesses) are largely classified, says Michael Vatis, director of the Institute for Security and Technology Studies at Dartmouth College in New Hampshire. Vatis also served as the first director of the National Infrastructure Protection Center, a joint intelligence and law enforcement operation of several federal departments, including the FBI and NSA, that coordinates the government's daily observation of the Internet and private-sector databases and advises computer experts how to plug security holes. In international cyberspace, however, it is very difficult to separate U.S. persons from foreigners, who are generally fair game for surveillance, Vatis observes. "I am certain that the NSA monitors open source [i.e., public material in cyberspace]," Vatis says. "I am confident that the government is doing all it can with regard to the Internet and using existing legal authorities to get access to the communications of terrorists."

Other experts are fairly certain the NSA is bending, and perhaps breaking, those legal authorities.

In 1982, investigative journalist James Bamford wrote The Puzzle Palace, an exhaustively documented history of the National Security Agency. Bamford, who until recently was Washington investigative producer for ABC's World News Tonight With Peter Jennings, brought The Puzzle Palace up to date this year with Body of Secrets. He is widely acknowledged as an authority on the NSA.

• 1
• 2
• 3
• 4
• 5
Next Page »