Since the NSA released its first transparency report (pdf) last week, admitting to affecting 89,138 targets’ communications under the controversial Section 702 of the USA Freedom Act, there’s been a lot of speculation as to whether a “target” represents one person or one organization and everyone in it. The transparency report itself specifies that “target” has multiple meanings. Considering the agency’s “collect everything” mentality – the more the merrier when it comes to storing and searching for specifics later – then it’s difficult to believe that one “target” actually means one individual.
For example, under FISA Business Records in 2013, the NSA said 248 was the “number of known or presumed U.S. persons who were the subject of queries of information collected in bulk or who were subject to a business records application.” Yet being interested in collecting the phone records of less than 300 people didn’t stop the agency from collecting the phone records of almost every American.
Of course in 2013, the NSA was run by General Keith Alexander. The same man was in control in 2011 when a secret “Five Eyes” presentation described the goals of a "New Collection Posture” (pdf) as “Collect it All; Process it All; Exploit it All; Partner it All; Sniff it All,” and “Know it All." Yet in 2012, Alexander played word games to deny domestic spying and “dossiers on Americans.”
Alexander also claimed the Snowden leaks caused “the greatest damage to our combined nations’ intelligence systems that we have ever suffered.”
Compare that to what the new NSA Chief Admiral Michael S. Rogers said, “You have not heard me as the director say, ‘Oh, my God, the sky is falling.’ I am trying to be very specific and very measured in my characterizations.”
As ex-chief of the NSA who excelled in FUD, Alexander still seems to think the sky is falling. He stated, “What I’m concerned about is we’re going to have a 9/11 in cyberspace. We don’t need to suffer this kind of attack.” He also keeps warning about a major attack coming to the financial industry. “It would be devastating if one of our major banks was hit, because they’re so interconnected,” Alexander said.
Alexander told banks that customers would lose confidence in banks if “all your banking stuff was just wiped out.” However, his new firm IronNet Cybersecurity Inc. is conveniently available for hire to save the day. When he met with the Securities Industry and Financial Markets Association, SIFMA, Alexander offered to provide advice for “$1 million a month,” later dropping the price for his expertise to $600,000 a month.
After hearing about that astronomical price tag and seeing the headline, "For another million, I'll show you the back door we put in your router," Rep. Alan Grayson sent a letter (pdf) to SIFMA. In it, Grayson quoted security expert Bruce Schneier as saying, "Think of how much actual security they could buy with that $600K a month. Unless he's giving them classified information."
Grayson asked SIFMA to send him all paperwork related to negotiations with Alexander so it could be determined if Alexander “is selling military and cybersecurity secrets” to the financial sector for the big bucks.
Grayson also noted:
Disclosing or misusing classified information for profit is, as Mr. Alexander well knows, a felony. I question how Mr. Alexander can provide any of the services he is offering unless he discloses or misuses classified information, including extremely sensitive sources and methods. Without the classified information he acquired in his former position, he literally would have nothing to offer to you.