To Find Needles In Haystacks, US Gov't Has Built Hundreds Of New Haystacks

from the working-harder,-not-smarter dept

Lots of folks are submitting the big interactive investigative report put out by the Washington Post, detailing the massive bureaucratic mess that has become the US’s anti-terrorism operations. Basically, since September 11, 2001, when the government (reasonably) agreed to devote more resources to the counter-terrorism, it’s been an opportunity for both government employees and the private sector to build up giant, well-funded bureaucratic entities that have little to no oversight, and quite frequently seem to overlap with what others are doing:

In all, at least 263 organizations have been created or reorganized as a response to 9/11. Each has required more people, and those people have required more administrative and logistic support: phone operators, secretaries, librarians, architects, carpenters, construction workers, air-conditioning mechanics and, because of where they work, even janitors with top-secret clearances.

With so many more employees, units and organizations, the lines of responsibility began to blur. To remedy this, at the recommendation of the bipartisan 9/11 Commission, the George W. Bush administration and Congress decided to create an agency in 2004 with overarching responsibilities called the Office of the Director of National Intelligence (ODNI) to bring the colossal effort under control.

While that was the idea, Washington has its own ways.

The first problem was that the law passed by Congress did not give the director clear legal or budgetary authority over intelligence matters, which meant he wouldn’t have power over the individual agencies he was supposed to control.

The second problem: Even before the first director, Ambassador John D. Negroponte, was on the job, the turf battles began. The Defense Department shifted billions of dollars out of one budget and into another so that the ODNI could not touch it, according to two senior officials who watched the process. The CIA reclassified some of its most sensitive information at a higher level so the National Counterterrorism Center staff, part of the ODNI, would not be allowed to see it, said former intelligence officers involved.

The article then notes that, despite the fact that ODNI is supposed to be coordinating everything “today, many officials who work in the intelligence agencies say they remain unclear about what the ODNI is in charge of.”

So, there are turf battles with little oversight and lots of focus on status symbols, rather than actually getting stuff done:

It’s not only the number of buildings that suggests the size and cost of this expansion, it’s also what is inside: banks of television monitors. “Escort-required” badges. X-ray machines and lockers to store cellphones and pagers. Keypad door locks that open special rooms encased in metal or permanent dry wall, impenetrable to eavesdropping tools and protected by alarms and a security force capable of responding within 15 minutes. Every one of these buildings has at least one of these rooms, known as a SCIF, for sensitive compartmented information facility. Some are as small as a closet; others are four times the size of a football field.

SCIF size has become a measure of status in Top Secret America, or at least in the Washington region of it. “In D.C., everyone talks SCIF, SCIF, SCIF,” said Bruce Paquin, who moved to Florida from the Washington region several years ago to start a SCIF construction business. “They’ve got the penis envy thing going. You can’t be a big boy unless you’re a three-letter agency and you have a big SCIF.”

SCIFs are not the only must-have items people pay attention to. Command centers, internal television networks, video walls, armored SUVs and personal security guards have also become the bling of national security.

“You can’t find a four-star general without a security detail,” said one three-star general now posted in Washington after years abroad. “Fear has caused everyone to have stuff. Then comes, ‘If he has one, then I have to have one.’ It’s become a status symbol.”

But is this working? Well, it doesn’t sound like it. Rather than finding the ever important terrorist needles in the haystack, it sounds like they’re just creating more and more haystacks:

In Yemen, the commandos set up a joint operations center packed with hard drives, forensic kits and communications gear. They exchanged thousands of intercepts, agent reports, photographic evidence and real-time video surveillance with dozens of top-secret organizations in the United States.

That was the system as it was intended. But when the information reached the National Counterterrorism Center in Washington for analysis, it arrived buried within the 5,000 pieces of general terrorist-related data that are reviewed each day. Analysts had to switch from database to database, from hard drive to hard drive, from screen to screen, just to locate what might be interesting to study further.

As military operations in Yemen intensified and the chatter about a possible terrorist strike increased, the intelligence agencies ramped up their effort. The flood of information into the NCTC became a torrent.

As we noted earlier this year, this is why the government missed the guy who tried to blow up a plane on Christmas day. They had all the data. But there was such a backlog, they couldn’t actually piece it all together.

Oh, and beyond the fact that that this “Secret America” has hired hundreds of thousands of people doing overlapping work that just makes everything more confusing, the focus on status symbols and things like SCIFs might make you wonder who’s doing the actual work. You probably don’t want to know:

Among the most important people inside the SCIFs are the low-paid employees carrying their lunches to work to save money. They are the analysts, the 20- and 30-year-olds making $41,000 to $65,000 a year, whose job is at the core of everything Top Secret America tries to do….

When hired, a typical analyst knows very little about the priority countries – Iraq, Iran, Afghanistan and Pakistan – and is not fluent in their languages. Still, the number of intelligence reports they produce on these key countries is overwhelming, say current and former intelligence officials who try to cull them every day. The ODNI doesn’t know exactly how many reports are issued each year, but in the process of trying to find out, the chief of analysis discovered 60 classified analytic Web sites still in operation that were supposed to have been closed down for lack of usefulness. “Like a zombie, it keeps on living” is how one official describes the sites.

So you have four star generals fighting over who has a bigger security detail, while a bunch of recent college grads with little experience produce the “analysis.” Fantastic.

And given our recent stories about cyberwar hype, this story provides a bit more background. Cyberwar is, of course, the hot thing, so all of these different groups are all shoving each other aside to pitch themselves as cyberwar experts to get more money to garner more status symbols.

In the meantime, it’s not at all clear that this deluge of information is actually making anyone safer. We’ve already discussed how adding more haystacks doesn’t make it any easier to find the terrorist needle, but it doesn’t even appear that all this “top secret” security is all that secure. In a separate story, Jim Harper points out the news of a security researcher who created a fictitious, but cute, information security woman, who used social engineering and social networking tricks to build up all sorts of connections within the security world, including top security experts, military personnel and staff at intelligence agencies and defense contractors.

Ms. Sage’s connections invited her to speak at a private-sector security conference in Miami, and to review an important technical paper by a NASA researcher. Several invited her to dinner. And there were many invitations to apply for jobs.

“If I can ever be of assistance with job opportunities here at Lockheed Martin, don’t hesitate to contact me, as I’m at your service,” one executive at the company told her.

One soldier uploaded a picture of himself taken on patrol in Afghanistan containing embedded data revealing his exact location. A contractor with the NRO who connected with her had misconfigured his profile so that it revealed the answers to the security questions on his personal e-mail account.

“This person had a critical role in the intelligence community,” Mr. Ryan said. “He was connected to key people in other agencies.”

So for all this massive new security infrastructure, totally hidden from public view, it’s easy to infiltrate parts of it with some cute photos of a non-existent woman. Fantastic.

Filed Under: , , ,

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “To Find Needles In Haystacks, US Gov't Has Built Hundreds Of New Haystacks”

Subscribe: RSS Leave a comment
iamtheky (profile) says:

“You can’t find a four-star general without a security detail”

is not

“four star generals fighting over who has a bigger security detail”

(even if buried 9 paragraphs later as an off-hand)

How large the security details are of our top military leaders seems quite unrelated, and imho all of their teams should be tripled, highly armored, and highly weaponized.

Yogi says:

No Surprise

You know, I read and see stuff like this everyday, all over the world.

So when i get up in the morning and I see the world is somehow still here with us, and water is running, cars are moving, buildings are still being constructed, people are getting up to go to work, I say to myself: another day, another miracle.

Anonymous Coward says:

Re: Feature Rich Social Networking

I was wondering the same thing. I have never, ever, seen an option that allows your “secret” question and answer to be shown to just anyone. Now if you had it on his “about me” page or something…and in a format that showed what it was, i.e. My password reset info is: question: blah blah blah? and the answer is: blah blah. Then I don’t know how that is even possible. But, I’ve seen stupider things done.

FormerAC (profile) says:

Re: Re: Feature Rich Social Networking

Take a step back from the sarcasm machine and think about it for a minute. Nobody claimed his FaceBook profile showed “My password reset info is.” What they claimed is that the answers were visible on the Facebook page. So, if I try to log into his account and fail, I can initiate the password reset and it asks me a question, the answer to which is on his Facebook page.

Pretty simple don’t ya think. They call it social engineering. Is it a dumb move to have answers to secret questions that easy to find? Yes. Is it easy to lose track of all the “secret questions” you have provided answers too? Yes.

Free Capitalist (profile) says:

Re: Re: Re: Feature Rich Social Networking

Oh you must mean that by saying he:

misconfigured his profile so that it revealed the answers to the security questions on his personal e-mail account.

they meant that he answered all of the personal questions on his profile, some of which are used as security questions to unlock accounts, such as his e-mail account.

That might make sense, though I would argue the use of the word “misconfigured” was a little nebulous were that true.

Still, if he did put that level of detail on his Facebook page, this is the type of guy that needs a check-box for abject mental disabilities.

Anonymous Coward says:

Re: Re: Re: Feature Rich Social Networking

I’m sorry if it came across as sarcastic, but that was not my intent. I was more playing off of what Free Capitalist had said. I guess I did misread the article as well. It seemed to say that his secret question answers were put out there in such a way that they were identified as that.

As someone that does not use stock question and answers for emails I didn’t think about the fact that it could be as simple as a DOB or a maiden (spl) name. thanks for the gut check. 🙂

Dark Helmet (profile) says:

Even more...

“They’ve got the penis envy thing going. You can’t be a big boy unless you’re a three-letter agency and you have a big SCIF.”

It doesn’t stop there. The whole military hierarchy of command is essentially a penis envy construction, and for the most part it works very well….but not in intelligence operations.

And that’s the real problem with the way our intelligence operates. They created a single office to coordinate all intelligence efforts and the sheer volume of those efforts preclude a single office from coordinating them. If they were truly interested in getting this thing right, they’d take a page from our supposed terrorist enemies and go with a distributed authority model. Find people you trust, get them to head up autonomous offices for a specific purpose, and let them get to work. The only thing they ought to need to “phone home” for is authorization on non-routine actions. Anything else, just do what you do.

But that won’t happen, because in government there just HAS to be a big dick in charge. I can’t think of a less nimble way to combat a nimble enemy….

Michael Whitetail says:

Tom Clancy has been deep in the CIA camp for many, many years. He has written numerous fiction and non-fiction books about this.

This has been the way of 1st world government intelligence (loose term, mind you) since 1945. And to a lesser, but still madeningly rediculous level well before that.

Fear + Bureacracy * No oversight = sad tax paayers.

Read up on your Clancy if you havent, it’s all there in great detail.

Kingster (profile) says:

How about some data management...

I dunno… Mebbe it’s just the coder in me. But how freaking hard is it to establish a standard in data storage and retrieval? Hell, we’ve got XML/XSL… Can’t they all use a common template? Same goes for the medical records and financial industries (but don’t get me started THERE).

I dunno, if you have a template, that you fill out with as much info as possible (lat/long, intercept date, text, pictures, operatives involved, yadda yadda yadda), how hard would it be to crunch that crap real time and see “hot spots”? All the agencies use the same thing. Sure, the template may be huge, but you could programmatically derive filling it out based on what had been asked already…


vrob (profile) says:

Re: How about some data management...

That sounds great. Should we finance the construction of another building, or ten, or more, to house all of the personnel necessary to monitor the Facebook and Twitter activity of people who are supposed to know how to keep things private? “Top Secret” may be among the lowest of clearance levels these days, but it should still carry with it at least a modicum of discretion.

On the other hand, Jobs!

Tek'a R (profile) says:

Re: Re: How about some data management...

hey vrob, welcome to the internet.

The part below the bold “How About Some Data Management..” text is the area we like to call the Post. In a comment system as used here on Techdirt, the Post is the part you read and respond to.

Sure, I know its more fun to read the title of the post, jump to a random conclusion and then fire off a sarcastic post, but it really does not add to the overall conversation.

Now, a real reply would be:

That sounds actually great, Kingster. Sadly such a simple plan would require a 20billion dollar budget and bids from every advanced computing firm who wanted that delicious plum. 40bill and 5 years from now when that project was scrapped as unworkable, we will have come up with something else for no good reason.

Or we could get google* to create a tool for this that runs on a new Secure-Android operating system, allowing for real-time crossgroup data sharing and mining while creating security for everyone.

*google used here as a placeholder for a random corp with the programming brainpower to do the job but without the longstanding security contracts/delicious money-printer agreements that corrupt anyone working alongside the overall security world.

vrob (profile) says:

Re: Re: Re: How about some data management...

Thanks pal. I suppose if I agreed with your point of view, I could have posted a “real reply” instead of just being snarky.

Next time I will just PM you first to find out how you would reply and then plan my post accordingly. Kind of like when we were in 7th grade and used call each other every night to plan our outfits for the next day so that we would match.

On the other hand, I was serious about the whole hurray for jobs thing.

DCX2 says:

Your Tax Dollars at Work

Just remember that it’s very important for the government to spend 44% of revenue on military and intelligence spending to “keep us safe”. In fact, being safe is more important than being financially secure…who needs Social Security when you’ve got the Military Industrial Complex!

Ray Trygstad (profile) says:

Unrelated tasks...

I can’t speak for all of these post-9/11 agencies, but I can tell you the “cyber-warriors” of the Department of Homeland Security spend a huge amount of time focused on something that is COMPLETELY outside their mission and makes ZERO contribution to the security of the United States: child porn. Don’t get me wrong: child porn is of the worst crimes there is and offenders deserve to be hunted down and prosecuted to the fullest extent of the law (and maybe even castrated). But it is not the job of HOMELAND SECURITY to do this!!! In their case, this is nothing but a distraction from their primary mission! OK, I’m done venting.

SLK8ne (profile) says:

Representative of how the government works

That is how the WHOLE US government works. What most of the posters don’t know is that this is the tip of the iceberg. My mom worked for the state of Florida for 24 years, and dealt with state and Federal agencies. And I have a cousin who works for FL DOT.

Here’s how the game is played: _________agency is given a budget for the year. If they spend that budget, they can push for a bigger budget next year. Example the FL. DOT changes their WHOLE computer system out every two years. Top to bottom, all new equipment. So you could say truthfully that the whole government in the US is engaged in “penis envy.”

I’m with Yogi on this. It’s a miracle this bloated monster of a government hasn’t collapsed yet.

Add Your Comment

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...