Wednesday, December 30, 2015

Canada and Special Weather Intelligence

In the era before weather satellites, access to information about weather conditions in adversary-controlled areas could be highly valuable. Such information could be used to determine the likelihood of hostile military activities in those areas, to support friendly military activities in or near those areas, and to provide data for future weather forecasts in other parts of the region. Since weather data was often sent to adversary military forces as part of their routine encrypted communications, such information could also provide a "probable plain text" clue that might prove useful in breaking into certain of those encryption systems.

For these reasons, during the Second World War and the Cold War, reports from adversary weather stations were themselves often encrypted, and they were the target of SIGINT collection and codebreaking activities. Within the UKUSA community, intelligence derived from collection of weather station reports was known as Special Weather Intelligence.

The Friedman documents released by the NSA earlier this year contain some interesting insight into Canada's access to Special Weather Intelligence related to the Far East acquired by NSA and GCHQ.

This document reports that although Canada did not originally foresee a need for more than Summaries of such material,
On 23 December 1953, Hq, USAF, Directorate of Intelligence (a) informed [NSA] that the RCAF is ready to receive such [redacted] as is now available from the [redacted], and (b) suggested that the Director, NSA, make arrangements with the RCAF to furnish materials to RCAF Headquarters via the NSA/CBNRC communications link. Accordingly, arrangements have been completed for this channel to be used carrying information prepared by [redacted] from the products of the [redacted.] It would appear that the Canadian requirements for codeword [redacted] have expanded beyond [redacted] Summaries.
The parts of the document that confirm that the subject of this discussion was Special Weather Intelligence have all been redacted, unfortunately, but this other Friedman document helpfully fills in the most important blank, informing us that the title of the first document is "US/UK/CAN Tripartite Arrangements Concerning Far East Special Weather Intelligence" (see entry for USCIB 1.1/1 on page 62).

And these two documents confirm that
On 15 May 1954, LSIB, CRC and USCIB recognized that Canada's peacetime requirements for [redacted] Intelligence bearing codewords had increased subsequent to the Tripartite Conference of March 1953. LSIB, CRC and USCIB therefore agreed that such codeword materials as are required by any of the three parties should be requested under the regular procedures already established for requesting all other types of COMINT codeword material.
(LSIB, CRC, and USCIB were the London Signals Intelligence Board, the Communications Research Committee, and the United States Communications Intelligence Board, the U.K., Canadian, and U.S. interdepartmental committees respectively in charge of GCHQ, CBNRC, and NSA.)

It is interesting to speculate about what may have changed between March 1953 and December 1953 to cause Canada, and the RCAF in particular, to require greater access to Far East Special Weather Intelligence.

Canadian Army and Royal Canadian Navy units took part in the Korean War, and RCAF transport aircraft operated between North America and Korea during the war, but the fighting had been over for nearly five months by the time the RCAF reported it was "ready to receive" expanded access, and by nearly ten months by the time the expanded access actually began. Furthermore, the tripartite statement approving that expanded access described it explicitly as a "peacetime" requirement. It seems highly unlikely, therefore, that the RCAF's need was related to the Korean War.

One possibility is that the RCAF wanted access to the information to help it plan North American early warning and air defence operations with the USAF. (The Far East includes the eastern part of the Soviet Union, which would have been the source of many of the aircraft taking part in an attack on North America.)

Another possibility is that the RCAF wanted the data in support of its own planned operations in the Arctic. In September 1953, the RCAF decided to convert three photo reconnaissance/aerial mapping variants of the Lancaster bomber to an Arctic reconnaissance configuration. According to one source, some of the missions flown by the aircraft involved "ECM patrol in the ocean area well north of the Queen Elizabeth Archipelago, carrying out a listening watch for Soviet electronic emissions." The first mission with the newly converted aircraft was flown in September 1954.

Neither theory (air defence or Arctic reconnaissance) explains why the RCAF's request was limited specifically to Far East Special Weather Intelligence, however. Perhaps Canada already had access to weather intelligence for other regions in the North.

This webpage on the Soviet M-130 Koralle encryption machine discusses the use of encryption for Soviet and Soviet Bloc weather data. However, according to the authors, the M-130 was introduced in 1965, so evidently this machine was not used during the 1950s.

Update 1 January 2016: For more on weather intelligence, see Jeffrey T. Richelson, "Weather or Not," Air Force Magazine, October 2013.

Friday, December 11, 2015

November 2015 CSE staff size


(If you click through on the link and get a different figure, it's probably because the Canada Public Service Agency has updated its website; they update the numbers once a month.)

Thursday, December 10, 2015

Recent items of interest

Recent news and commentary related to CSE or signals intelligence in general:

- Alec Wilson, "'Trust no one': The Citizen Lab’s Ronald Deibert and the biggest machine ever built," The Varsity, 7 December 2015.

- Dave Seglins, "New RCMP cyber unit to target global hackers, online scammers," CBC News, 2 December 2015. See also Justin Ling, "Canadian Cops Have a New Plan of Attack Against ‘Political’ Cybercrime and Anonymous," Vice News, 2 December 2015, and Marie-Danielle Smith, "New RCMP strategy emphasizes international intelligence-sharing," Embassy, 2 December 2015. Document: Royal Canadian Mounted Police Cybercrime Strategy, December 2015.

- Andrew Mitrovica, "Can we please stop blaming terrorism on civil libertarians?" iPolitics, 30 November 2015.

- Jim Bronskill, "RCMP need warrantless access to online subscriber info: Paulson," Canadian Press, 25 November 2015.

- "'Special Pages' from CSE's Wiki (April 2015)" (ATIP release),, 25 November 2015. My contribution.

- Dave Seglins & Lynn Burgess, "Canada 'failing' in fight against cybercrime, hacking," CBC News, 24 November 2015.

- Michael Geist, "Post Paris, Are Canada's Internet Privacy Laws at Risk?" The Tyee, 24 November 2015.

- Dave Seglins & Lynn Burgess, "Cyberattacks on infrastructure a 'major threat,' says CSIS chief," CBC News, 19 November 2015.

- Claire Wählen, "Trudeau government putting new emphasis on cybersecurity," iPolitics, 17 November 2015.

- Dean Beeby, "Internet plays role in terrorism, but is rarely the single cause, study says," CBC News, 15 November 2015.

- Ministerial mandate letters (13 November 2015): Minister of National Defence, Minister of Justice and Attorney General of Canada, Minister of Public Safety and Emergency Preparedness.

- Daniel Therrien, "National Security and Privacy in 2015: Remarks at the Privacy and Access 20/20 Conference," Office of the Privacy Commissioner of Canada, 12 November 2015.

- Jim Bronskill, "Federal security officials eye ‘big data analytics’ in a bid to pinpoint threats," Canadian Press, 12 November 2015.

- Tonda MacCharles, "Trudeau’s decision on national security file promising and risky, experts say," Toronto Star, 11 November 2015.

- Murray Brewster, "New Defence Minister Harjit Singh Sajjan proved mettle in Afghanistan," Canadian Press, 5 November 2015. See also Sandy Garossino, "You have no idea how badass Trudeau's Defence Minister really is," National Observer, 4 November 2015, Tamara Baluja, "Harjit Sajjan: Meet Canada's new 'badass' defence minister," CBC News, 4 November 2015, and Matthew Fisher, "As ‘go-to guy’ in Kandahar, new defence minister won respect of senior officers," National Post, 5 November 2015. Should be interesting having a defence minister who has actually experienced SIGINT from the operational end and knows something about the topic.

- Jim Bronskill, "Trudeau faces demands to reverse an array of Harper-era security policies," Canadian Press, 2 November 2015.

- Ben Makuch, "These Emails Show Canada Was Super Stoked About Saudi Arms Deal," Vice News, 2 November 2015. Possibly relevant to this.

- Ian MacLeod, "Liberals mull keeping some new powers for spy service," Ottawa Citizen, 30 October 2015. As MacLeod reports, Joyce Murray's private member's bill in the last parliament (C-622), which formed the basis of the intelligence reform promises made by the Liberals during the election, "proposed amending the National Defence Act to take away the minister’s power to secretly authorize the interception of Canadians’ 'protected information,' including metadata, and putting it in the hands of Federal Court judges." If adopted, such a provision would probably result in the issuance of a single annual warrant authorizing the bulk collection of metadata, but at least it would put the agency's current metadata collection on a firmer legal footing, and such warrants might also include limitations on which data could be collected, what the data could be used for, whether and with whom it could be shared, and how long it could be retained.

- Patrick McGuire, "VICE News Battles Canadian Police Over Right to Protect Journalist's Material," Vice News, 30 October 2015. See also Alex Boutilier, "VICE Canada to fight RCMP’s demand for notes on suspected ISIS fighter," Toronto Star, 30 October 2015. "Parallel construction" at work?

- Michael Nesbitt, "Who watches the spies?" National Post, 29 October 2015.

- Jim Bronskill, "CSIS Capacity Under C-51 To Work With Foreign Partners Raises Accountability Concerns," Canadian Press, 25 October 2015.

- Jim Bronskill, "Ten things to expect from the Liberal rewrite of C-51," Canadian Press, 22 October 2015.

- Colin Freeze, "Canadian software tied to Yemen civil war, report alleges," Globe and Mail, 21 October 2015. See also Lorenzo Franceschi-Bicchierai, "Researchers Accuse Canadian Internet Company of Helping Yemen Censor the Web, Motherboard, 21 October 2015. The Citizen Lab report: Information Controls during Military Operations: The case of Yemen during the 2015 political and armed conflict. Personally, I'd like to know whether CSE's CNE operators are able to take advantage of Netsweeper deployments in Yemen and other countries.

- Christopher Parsons, "Stuck on the Agenda: Drawing Lessons from the Stagnation of “Lawful Access” Legislation in Canada, Technology, Thoughts & Trinkets blog, 21 October 2015.

- Christopher Parsons, "Beyond Privacy: Articulating the Broader Harms of Pervasive Mass Surveillance, Technology, Thoughts & Trinkets blog, 20 October 2015.

- David Pugliese, "Chinese spies and hackers, U.S. security and the Canadian Space Agency," Ottawa Citizen, 30 September 2015.

- Justin Ling, "Canada’s Defense Minister Talks Fighting the Islamic State, Arming the Kurds, and Cyber Warfare," Vice News, 28 September 2015. Now an opposition MP rather than Defence Minister, but Kenney's comments on the Canadian Forces' computer network attack capabilities are still worthy of notice: "I think you can reasonably assume that when the military develops a command, it has to have the capability to be both offensive and defensive. Potentially hostile countries need to know that, if they are going to launch cyber attacks against our critical systems, Canada and its allies have the capacity to retaliate."

SIGINT history

- Corporal Michael Thomas, "Remembering the crash of Boxtop Flight 22," RCAF, 30 October 2015.

- Maria Robson, "Trading Secrets: Canada’s Comparative Advantage in Signals Intelligence Sharing, 1947 to Present," M.A. thesis, University of Calgary, April 2015.

- William F. Friedman Collection of Official Papers, declassified documents available on the National Security Agency website. Lots of interesting documents here, including quite a few pertaining to Canadian SIGINT, such as this, this, and this.

Update 10 December 2015:

Some additional items I meant to include:

- Janet Davison, "Russian spies in Canada: new lessons from the Gouzenko defection," CBC News, 18 October 2015. Comments by historian Jonathan Haslam. Book: Jonathan Haslam, Near and Distant Neighbours: A New History of Soviet Intelligence, Farrar, Strauss & Giroux, 2015.

- Craig Forcese, "Capstone comments on security for 2015 election," National Security Law blog, 17 October 2015.

- Michael Geist, " How the TPP Puts Canadian Privacy at Risk,", 14 October 2015.

- Colin Freeze, "Former CSIS analyst on homegrown terrorism and Islamic doctrine," Globe and Mail, 13 October 2015. Book: Phil Gurski, The Threat From Within, Rowman & Littlefield, October 2015.

- Matthew Braga, "Where Canada's Three Political Parties Stand on Cybersecurity and Surveillance," Motherboard, 9 October 2015. See also OpenMedia's Report Card on the party platforms.

- Aaron Gluck Thaler, "New student coalition demands repeal of Harper’s surveillance Bill C-51, Ricochet, 9 October 2015.

- Jordan Pearson, "The Canadian Military Wants to Learn How to Hack Cars," Motherboard, 6 October 2015.

- Ian MacLeod, "Q&A: David Lyon talks about surveillance after Snowden," Ottawa Citizen, 5 October 2015. Book: David Lyon, Surveillance After Snowden, John Wiley & Sons, October 2015.

- David Pugliese, "Personnel levels drop at Communications Security Establishment, Ottawa Citizen, 19 September 2015. The numbers were back up to 2140 two months later.

-Stewart Bell, "Asking why people become terrorists is natural, but it’s better to recognize the signs and act, new book says," National Post, 11 September 2015. Interesting background info here: "[Phil Gurski] started work at the Communications Security Establishment in [July] 1983, two months before the Soviet Union’s nuclear early-warning alarm triggered, having falsely identified the launch of Minuteman intercontinental missiles from U.S. bases. The mistake almost started a nuclear war. Back then, the Cold War was the overwhelming focus of the CSE, which hired him at age 22, partly because he was adept at six languages. But Gurski was one of a dozen analysts given the job of keeping track of everything else going on in the world. Like terrorism. After picking up Arabic and Farsi, he became a Middle East expert, but he said there was no real sense of urgency around terrorism, even after the name Osama bin Laden began to surface. 'Terrorism was around back then but we didn’t pay a lot of attention,' he said."

Also of interest:

- The Globe and Mail has added a directory of the PGP keys of a number of its editors and reporters. They also have a SecureDrop site for more secure communications.