Madiha Tahir, a filmmaker and independent journalist who primarily covers Pakistan, attended a National Security Agency recruitment drive held last July at the University of Wisconsin.
Tahir, who was taking language courses at the university at the time, opted to pose a few “unconventional” questions to the recruiters, like what countries the NSA perceives as “enemies” and whether being good liar was a prerequisite for working for the intelligence agency.
“I don’t believe the NSA is telling complete lies,” one of the two NSA recruiters told Tahir, who asked if the alleged line of lies the NSA produced in the wake of former NSA contracter Edward Snowden’s whistleblowing disclosures, including allegations that then-NSA chief Gen. Keith Alexander and National Intelligence Director James Clapper both lied to Congress.
“And I do believe that you know, I mean people can, you can read a lot of different things that are, um, portrayed as fact and that doesn’t make them fact just because they’re in newspapers,” the recruiter continued.
Since Snowden allegedly stole more than 15,000 Australian intelligence files, 58,000 British intelligence files and 1.7 million American intelligence files from NSA computers and Glenn Greenwald published them, many have questioned the vetting process that allowed Snowden to enter the intelligence community in the first place.
A high school dropout that was discharged from the Army Reserves without completing his training, Snowden has infamously shifted his views on state-controlled information security. In 2009, he said that classified information leakers should be “shot in the balls,” but in 2010, he stated, “Did we get to where we are today via a slippery slope that was entirely within our control to stop, or was it an relatively instantaneous sea change that sneaked in undetected because of pervasive government secrecy?”
“General Alexander, who was director of NSA at the time of Snowden’s disclosures, has acknowledged that those disclosures represent a major security failure,” Paul Pillar, a nonresident senior fellow with the Center for 21st Century Security and Intelligence in the Foreign Policy program at the Brookings Institution, told MintPress News. “The failure involves both the original decision to grant Snowden a security clearance and monitoring of his activities after he was hired.
“Security clearances always involve some acceptance of risk and weighing of risk. There never can be a guarantee that a particular employee will not do what Snowden has done,” continued Pillar. “There is not a direct and clear line between anti-government thoughts and becoming a turncoat.”
“Getting the un-gettable”
In considering the type of people recruited by the NSA, it’s important to consider the organization’s recruitment philosophy. While much of the NSA consists of language experts, mathematicians and computer data experts charged with securing, interpreting and monitoring the electronic data feeds coming from abroad and allegedly within the United States, there is a part of the NSA’s Signals Intelligence Directorate that it meant to “get the un-gettable,” as put by the Daily Beast.
With over 1,000 military and civilian personnel, the Tailored Access Operations group has been tasked with discovering and exploiting weak security points in computers and other consumer-grade devices, in order to facilitate remote surveillance and data retrieval — something the NSA calls “Computer Network Exploitation.”
According to documentation published in Der Spiegel in 2013, the hackers and programmers at TAO have created zero-day exploits for a wide range of consumer products. For example, one device can break into a protected WiFi network up to 8 miles away. In another example, NSA agents have been known to intercept computers ordered online to install monitoring equipment. In one troubling scenario in 2010, garage door openers across west San Antonio, Texas, would not work because one of the NSA’s radio antennas was broadcasting at a frequency and intensity strong enough to override the garage door receivers.
Cultivating skillsets and ignoring past “indiscretions”
It is estimated that the NSA has compromised more than 100,000 machines worldwide and has developed radio frequency technology that can communicate with computers — even those not connected to the Internet — via tiny radio wave receivers installed into the computers surreptitiously. To cultivate the kinds of skillsets necessary to successfully intervening in so many security set-ups and technical infrastructures, the NSA has tapped into a wide range of communities — including academia, industry and the hacker community.
In 2012, for example, Alexander, then-head of the NSA, made an appearance at Def Con — one of the largest and best-known hacker conventions. Wearing blue jeans and a T-shirt, he delivered a keynote speech on the “shared values” of the hacker and intelligence communities. The NSA had a recruitment table at the event and set-up a special website just for the conference.
An NSA pamphlet indicated the agency’s willingness to ignore a potential recruit’s past in order to secure the right skillsets. “If you have a few, shall we say, indiscretions in your past, don’t be alarmed,” read the pamphlet.
“By the way, if you think you saw cool things at DEF CON® 20, just wait until you cross the threshold to NSA, ‘cause you ain’t seen nothing yet,” it added.
Despite its presence amid the hacking community, the NSA has traditionally counted on academia and the flux of doctoral graduates looking for a job to help fill its vacancies. Many recruits come in via the NSA’s Centers of Academic Excellence program, a funding apparatus jointly sponsored by the Department of Homeland Security that seeks to promote research in information assurance and cyber defense. The program currently offers funding to 180 universities throughout the United States and Puerto Rico.
A dry well
The NSA, however, is coming up against a wall. Encouraged by Snowden’s actions and the push toward greater transparency within the government, an increasing number of potential recruits have soured to the notion of joining the NSA.
“The NSA destroyed the security of the Internet and privacy of communications for the whole planet,” wrote Alexander Beilinson, explaining his reason for objecting to the NSA’s presence at this year’s American Mathematical Society-hosted Joint Mathematics Meetings. “But if any healing is possible, it would probably start with making the NSA and its ilk socially unacceptable — just as, in the days of my youth, working for the KGB was socially unacceptable for many in the Soviet Union.”
The NSA has admitted to the recruitment hurdles it faces.
“We need to recruit from Snowden’s generation,” former CIA and NSA director Michael Hayden said last July. “The challenge is how to recruit this talent while also protecting ourselves from the small fraction of the population that has this romantic attachment to absolute transparency at all costs.”
In addressing this issue, the NSA has employed a multitude of tactics, including offering paid internships to high school seniors via its Work Study program and funding Def Con Kids — now r00tz Asylum — which seeks to educate kids about “white-hat,” or beneficial, hacking.
However, for the most part, the NSA utilizes subcontractors, such as Snowden, to develop the tools and software it needs to carry out its mission. In this situation, the creators of cyber-weaponry are blind to how it will ultimately be used — which defeats the morality question — while those tasked with developing and implementing the methodology of the government’s most covert data collection are outside government control.
Without a deeper understanding of how the NSA vets its employees and subcontractors, it is unclear how ethical questions of government overreach and privacy violations are screened — or if they are even screened at all.
“Those of us on the outside have no way of knowing what changes may have been made in the meantime in the vetting of people working with classified information, or of assessing the effectiveness of any such changes,” said Pillar, the fellow with the Center for 21st Century Security and Intelligence.
“It is safe to assume that, given the major damage of the Snowden disclosures, there has been increased attention devoted to this matter, and probably changes of some sort have been instituted in the clearance process.”