Friday, June 21, 2013

Mastering the Internet


The Guardian reports on GCHQ's program to monitor the vast quantities of Internet data pouring through fibre optic cables that Britain has access to, as part of a broader effort called "Mastering the Internet" (Ewen MacAskill, Julian Borger, Nick Hopkins, Nick Davies & James Ball, "Mastering the internet: how GCHQ set out to spy on the world wide web," Guardian, 21 June 2013):
Though the documents are not explicit, it seems the Mastering the Internet programme began life in early 2007 and, a year later, work began on an experimental research project, run out of GCHQ's outpost at Bude in Cornwall.

Its aim was to establish the practical uses of an "internet buffer", the first of which was referred to as CPC, or Cheltenham Processing Centre.

By March 2010, analysts from the NSA had been allowed some preliminary access to the project, which, at the time, appears to have been codenamed TINT, and was being referred to in official documents as a "joint GCHQ/NSA research initiative".

TINT, the documents explain, "uniquely allows retrospective analysis for attribution" – a storage system of sorts, which allowed analysts to capture traffic on the internet and then review it.

The papers seen by the Guardian make clear that at some point – it is not clear when – GCHQ began to plug into the cables that carry internet traffic into and out of the country, and garner material in a process repeatedly referred to as SSE. This is thought to mean special source exploitation.

The capability, which was authorised by legal warrants, gave GCHQ access to a vast amount of raw information, and the TINT programme a potential way of being able to store it.

A year after the plaintive [2009] email asking for new ideas, GCHQ reported significant progress on a number of fronts.

One document described how there were 2 billion users of the internet worldwide, how Facebook had more than 400 million regular users and how there had been a 600% growth in mobile internet traffic the year before. "But we are starting to 'master' the internet," the author claimed. "And our current capability is quite impressive."

The report said the UK now had the "biggest internet access in Five Eyes" – the group of intelligence organisations from the US, UK, Canada, New Zealand and Australia. "We are in the golden age," the report added. ...

GCHQ's mid-year 2010-11 review revealed another startling fact about Mastering the Internet.

"MTI delivered the next big step in the access, processing and storage journey, hitting a new high of more than 39bn events in a 24-hour period, dramatically increasing our capability to produce unique intelligence from our targets' use of the internet and made major contributions to recent operations."

This appears to suggest GCHQ had managed to record 39bn separate pieces of information during a single day. The report noted there had been "encouraging innovation across all of GCHQ".
Canada appears only tangentially in the Guardian coverage, leaving Canadians to wonder if CSE is involved in the UKUSA effort to "Master the Internet".

Let's turn to then-CSE Chief John Adams for the answer to that (Proceedings of the Standing Senate Committee on
National Security and Defence
, 30 April 2007):
The volume and type of communications is literally endless. That combination is the challenge for us. Our vision is security through information superiority. We want to master the Internet. That is a challenge that no one institution — be it ours or the National Security Agency, NSA, for that matter — can manage on their own. We try to do that in conjunction with our allies.

At the same time, we have a threat that is very diverse, very distributed around the world — similar to needles in haystacks. We have the combination of the technology and the threat that, together, make it virtually impossible for any one organization to manage it on its own. That is what we mean by working together. If we are to master that Internet, we will have to do it together; and we are focusing on that.
He used the same terminology in an interview in 2006 (Paul Crookall, "Gathering Intelligence: The challenges of the Communications Security Establishment," Canadian Government Executive, December 2006):
The internet is now a major theatre of operations. Terrorists use it as a principal tool, to research, recruit, plan, communicate and coordinate. We use it to gather intelligence. We have to master the internet or pay the price.
Coincidence?

I think not.

4 Comments:

Blogger Pete said...

This comment has been removed by the author.

June 26, 2013 6:35 am  
Blogger Pete said...

Hi Bill

Edward Snowden's revelations have kicked UKUSA - thrilling China's and Russia's sigint establishments. Snowden has hit NSA and GCHQ. The other three allies have not yet been hit (much) but the Australian Government is concerned:

Unlike the US Australia has very limited power to drive political and media debates to deflect the damage. The Sydney Morning Herald indicates http://www.smh.com.au/opinion/political-news/snowden-leaks-may-embarrass-canberra-20130625-2ov4l.html#ixzz2XIIyDcSC :

“Defence intelligence officials speaking on condition of anonymity have acknowledged there had been “intense exchanges” on Mr Snowden’s disclosures through liaison channels between the US National Security Agency and the Central Intelligence Agency and Australia’s intelligence agencies.

…”The US may be able to brush aside some of the diplomatic fallout from the Snowden leak, but that may not be the case for Australia. China, Malaysia, other countries may respond to us in ways that they would not to Washington.”

Regards

Pete

June 26, 2013 6:47 am  
Blogger Bill Robinson said...

Hi, Pete.

Nice to hear from you again!

What do you think of the new data warehouse being built at HMAS Harman? Is DSD looking to store some Internet-mastering data as well?

Cheers,

Bill.

June 26, 2013 8:23 pm  
Blogger Pete said...

Hi Bill

Short answer - probably.

I'd say the requirements of the UKUSA alliance mean whatever NSA gets up to DSD/Australia would as well - be that in software and hardware practices - only on a smaller scale.

Indirect confirmation Australia is into PRISM http://www.abc.net.au/news/2013-06-28/australian-spy-chief-says-rogue-insiders-a-concern/4788590

DSD (name changing to ASD) is this close to NSA http://www.sans.org/press/australian-defence-signals-directorate-national-cybersecurity-award.php

Cheers

Pete

July 01, 2013 6:39 am  

Post a Comment

Links to this post:

Create a Link

<< Home