By Gregory Hale
Know all the facts before rushing to a decision or judgment, said General Keith Alexander.
That is the essential idea behind the PRISM program, the National Security Agency’s controversial intelligence gathering program. That tool was a vital part in thwarting 54 terrorist attacks worldwide, Alexander said during his keynote address at the Black Hat security conference in Las Vegas Wednesday. Of those 54 potential attacks, 13 were in the U.S., 25 in Europe, 11 in Asia and five in Africa.
The program and the NSA came to light after NSA contractor Edward Snowden leaked information warning the extent of mass data collection was far greater than the public knew and included what he characterized as dangerous and criminal activities.
“I believe what has happened; the damage to our country is significant and irreversible,” Alexander said.
Alexander came off defending what the NSA is all about and what it is trying to do in defending the country. Alexander said U.S. companies are not providing far reaching access to customer data, and only 35 NSA analysts have authorization to search phone metadata and emails. He also talked about the intense oversight involved from the three branches of government so as not to obstruct civil liberties.
Alexander talked about two programs, one is Section 215 Authority, which is a program designed to identify the communications of persons suspected to be associated with terrorist organizations communicating with individuals inside the U.S.
The other program was Section 702 Authority, which is for foreign intelligence purposes and applies only to communications of foreign persons located abroad and requires valid documentation for foreign intelligence purposes such as counterterrorism.
“Under 702, the U.S. does not unilaterally obtain information from the servers of U.S. companies,” Alexander said. “Industry is compelled to comply with this program.”
The genesis of the two programs was the result of terrorist incidents from the World Trade Center Attack in 1993 to the 9/11 attacks to the Boston Marathon attack this past spring.
“The intelligence community according to the 911 commission failed to connect the dots. We didn’t know because we didn’t have the tools and capabilities that showed (the attackers) were actually in California,” Alexander said.
“Virtually all democracies have lawful intercept programs,” he said. The goal of the programs is to collect information, but not a huge depth of information, Alexander said. In Section 215, the NSA will collect date and time of call; calling number; called number; duration of call, and origin of metadata. The NSA does not collect content of calls; no voice; no SMS, no names; addresses, and no credit cards.
In one case these programs helped disrupt a terrorist plot to bomb the New York City subway system, Alexander said.
Time was of the essence in this case. The attacker was in California and started driving across the country. “We intercepted this in early September 6 or 7 and the targeted attack date was by the 14th of September. The FBI had to put the pieces together quickly.”
We gave the email address to the FBI and they took that email address and determined a phone number that connected to New York City and they found that number also connected to other terrorist groups.
“This would have been the biggest terrorist attack since 9/11 on U.S. soil,” he said. “The initial tip came from the PRISM 702 data. We were able to stop the attack,” Alexander said.
As a part of the foreign intelligence program, the NSA intercepted an email from a terrorist in Pakistan. “By using 702 (the foreign intelligence program), we intercepted some communications and was able to get a phone number that was a potential terrorist.
Is what the NSA doing perfect? No, but Alexander said he wants to reach out and try to see how to improve upon intelligence gathering.
“Put the facts on the table. The nation needs to know we are going to do the right thing. If we make a mistake we will hold our selves accountable.”