The combination of deduplication and constant improvements in storage technology allowed the agency to store intelligence data for progressively longer periods of time. Just over the course of my career, the agency’s goal went from being able to store intelligence for days, to weeks, to months, to five years or more after its collection. By the time of this book’s publication, the agency might already be able to store it for decades. The NSA’s conventional wisdom was that there was no point in collecting anything unless they could store it until it was useful, and there was no way to predict when exactly that would be. This rationalization was fuel for the agency’s ultimate dream, which is permanency—to store all of the files it has ever collected or produced for perpetuity, and so create a perfect memory. The permanent record.
The NSA has a whole protocol you’re supposed to follow when you give a program a code name. It’s basically an I Ching–like stochastic procedure that randomly picks words from two columns. An internal website throws imaginary dice to pick one name from column A, and throws again to pick one name from column B. This is how you end up with names that don’t mean anything, like FOXACID and EGOTISTICALGIRAFFE. The point of a code name is that it’s not supposed to refer to what the program does. (As has been reported, FOXACID was the code name for NSA servers that host malware versions of familiar websites; EGOTISTICALGIRAFFE was an NSA program intended to exploit a vulnerability in certain Web browsers running Tor, since they couldn’t break Tor itself.) But agents at the NSA were so confident of their power and the agency’s absolute invulnerability that they rarely complied with the regulations. In short, they’d cheat and redo their dice throws until they got the name combination they wanted, whatever they thought was cooclass="underline" TRAFFICTHIEF, the VPN Attack Orchestrator.
I swear I never did that when I went about finding a name for my backup system. I swear that I just rolled the bones and came up with EPICSHELTER.
Later, once the agency adopted the system, they renamed it something like the Storage Modernization Plan or Storage Modernization Program. Within two years of the invention of EPICSHELTER, a variant had been implemented and was in standard use under yet another name.
THE MATERIAL THAT I disseminated to journalists in 2013 documented such an array of abuses by the NSA, accomplished through such a diversity of technological capabilities, that no one agent in the daily discharge of their responsibilities was ever in the position to know about all of them—not even a systems administrator. To find out about even a fraction of the malfeasance, you had to go searching. And to go searching, you had to know that it existed.
It was something as banal as a conference that first clued me in to that existence, sparking my initial suspicion about the full scope of what the NSA was perpetrating.
In the midst of my EPICSHELTER work, the PTC hosted a conference on China sponsored by the Joint Counterintelligence Training Academy (JCITA) for the Defense Intelligence Agency (DIA), an agency connected to the Department of Defense that specializes in spying on foreign militaries and foreign military–related matters. This conference featured briefings given by experts from all the intelligence components, the NSA, CIA, FBI, and military, about how the Chinese intelligence services were targeting the IC and what the IC could do to cause them trouble. Though China certainly interested me, this wasn’t the kind of work I would ordinarily have been involved in, so I didn’t pay the conference much mind until it was announced that the only technology briefer was unable to attend at the last minute. I’m not sure what the reason was for that absence—maybe flu, maybe kismet—but the course chair for the conference asked if there was anyone at the PTC who might be able to step in as a replacement, since it was too late to reschedule. One of the chiefs mentioned my name, and when I was asked if I wanted to give it a shot, I said yes. I liked my boss, and wanted to help him out. Also, I was curious, and relished the opportunity to do something that wasn’t about data deduplication for a change.
My boss was thrilled. Then he told me the catch: the briefing was the next day.
I called Lindsay and told her I wouldn’t be home. I was going to be up all night preparing the presentation, whose nominal topic was the intersection between a very old discipline, counterintelligence, and a very new discipline, cyberintelligence, coming together to try to exploit and thwart the adversary’s attempts to use the Internet to gather surveillance. I started pulling everything off the NSA network (and off the CIA network, to which I still had access), trying to read every top secret report I could find about what the Chinese were doing online. Specifically, I read up on so-called intrusion sets, which are bundles of data about particular types of attacks, tools, and targets. IC analysts used these intrusion sets to identify specific Chinese military cyberintelligence or hacking groups, in the same way that detectives might try to identify a suspect responsible for a string of burglaries by a common set of characteristics or modus operandi.
The point of my researching this widely dispersed material was to do more than merely report on how China was hacking us, however. My primary task was to provide a summary of the IC’s assessment of China’s ability to electronically track American officers and assets operating in the region.
Everyone knows (or thinks they know) about the draconian Internet measures of the Chinese government, and some people know (or think they know) the gravamen of the disclosures I gave to journalists in 2013 about my own government’s capabilities. But listen: It’s one thing to casually say, in a science-fiction dystopic type of way, that a government can theoretically see and hear everything that all of its citizens are doing. It’s a very different thing for a government to actually try to implement such a system. What a science-fiction writer can describe in a sentence might take the concerted work of thousands of technologists and millions of dollars of equipment. To read the technical details of China’s surveillance of private communications—to read a complete and accurate accounting of the mechanisms and machinery required for the constant collection, storage, and analysis of the billions of daily telephone and Internet communications of over a billion people—was utterly mind-boggling. At first I was so impressed by the system’s sheer achievement and audacity that I almost forgot to be appalled by its totalitarian controls.
After all, China’s government was an explicitly antidemocratic single-party state. NSA agents, even more than most Americans, just took it for granted that the place was an authoritarian hellhole. Chinese civil liberties weren’t my department. There wasn’t anything I could do about them. I worked, I was sure of it, for the good guys, and that made me a good guy, too.
But there were certain aspects of what I was reading that disturbed me. I was reminded of what is perhaps the fundamental rule of technological progress: if something can be done, it probably will be done, and possibly already has been. There was simply no way for America to have so much information about what the Chinese were doing without having done some of the very same things itself, and I had the sneaking sense while I was looking through all this China material that I was looking at a mirror and seeing a reflection of America. What China was doing publicly to its own citizens, America might be—could be—doing secretly to the world.
And although you should hate me for it, I have to say that at the time I tamped down my unease. Indeed, I did my best to ignore it. The distinctions were still fairly clear to me. China’s Great Firewall was domestically censorious and repressive, intended to keep its citizens in and America out in the most chilling and demonstrative way, while the American systems were invisible and purely defensive. As I then understood US surveillance, anyone in the world could come in through America’s Internet infrastructure and access whatever content they pleased, unblocked and unfiltered—or at least only blocked and filtered by their home countries and American businesses, which are, presumptively, not under US government control. It was only those who’d been expressly targeted for visiting, for example, jihadist bombing sites or malware marketplaces who would find themselves tracked and scrutinized.