(Updated: September 29, 2014)
After a range of articles about how NSA intercepts foreign communications, we now take a look at the equipment that NSA uses to secure their own telecommunications, more specific those of its director.
We can do this because last December, the CBS program 60 Minutes offered some unprecedented insights into the NSA headquarters. Of course very limited, but still interesting for those with a sharp eye. Perhaps the most revealing was that for the first time ever it was shown how the office of the director of NSA looks like:
The office of NSA director Alexander, December 2013
(click to enlarge)
The office of the director is at a corner on the eighth floor of the OPS 2B building, which is the wider and lower one of the two black mirrored glass structures of the NSA headquarters at Fort George G. Meade. Contrary to what many people would probably expect, the director's office is far from high tech. We see a rather traditional interior with a classic wooden desk, shelfs with books, picture frames and lots of memorabilia, a conference table and a group of old-fashioned seatings with a large plant in a shiny copper pot.
Most interesting for us is the telecommunications equipment used by the current director, Keith B. Alexander, which can be seen in the following screenshot:
NSA director Alexander working at his desk, December 2013
Behind him we see his secure telephone equipment
(click to enlarge)
VTC Screen
In the corner at the left we see a video teleconferencing screen with a high-definition camera, made by the Norwegian manufacturer Tandberg. In 2010 this company was bought by Cisco Systems, so their equipment can be safely used for US Top Secret/SCI videoconferencing. From within secured locations (SCI enclaves), the video feed goes over the JWICS IP network for the intelligence community, which is secured by stream-based Type 1 bulk encryption devices.
STE Phone
At the left of general Alexander there's a large black telephone called Secure Terminal Equipment (STE), which is made by L3 Communications. The STE is a highly secure phone, which means that this device is capable of encrypting calls up to the level of Top Secret/SCI. This phone can be used to make secure calls to anyone with a similar or compatible device. STE is the successor of the almost legendary STU-III secure phone system from the late 1980s.
With an estimated 400.000 users, STE is used for secure communications with everyone working for the US government, the military or its contractors, who can not be reached through a more select secure phone network for the US military (IST/DRSN) or the SIGINT community (NSTS).
IST Phone
At the far right we see a big white Integrated Services Telephone (IST), which was designed by Electrospace Systems Inc. and manufactured by Raytheon. This is a so called "red phone", which means that it's connected to the Defense Red Switch Network (DRSN). This is the main secure telephone network for military command and control communications and connects all mayor US command centers and many other military facilities.
Although this IST phone looks very futuristic, it was gradually replaced by the newer IST-2 since 2003. Remarkable to see that notably the highest NSA official still uses the old model. The new IST-2 was also on the President's desk in the Oval Office, before it was replaced by a Cisco IP phone for the new Executive Voice over Secure IP-network in 2011, to provide a dedicated link between the President and his senior cabinet members.
It's revealing to see that there's no such new IP telephone in the office of the director of NSA, which means that he has no direct line to the President. Which is according to the fact that NSA actually falls under the Department of Defense and its intelligence gathering is coordinated by the Director of National Intelligence.
&nsbp;
NSTS Phone
A third, white phone set is hidden right behind general Alexander's back, but we can see a glimpse of it in this screenshot:
NSA director Alexander working at his desk, December 2013
Behind him we see his secure telephone equipment
This telephone is part of NSTS, which stands for National (or NSA/CSS) Secure Telephone System and is the NSA's internal telephone network for calls up to the level of Top Secret/SCI. Newer NSTS phones are connected by fiber optic modems to a fiber backplane that interfaces with an NSANet access point router. The voice traffic is then encrypted together with data traffic utilizing a Type 1 bulk encryption device.
As can be seen in other pictures from inside NSA, the devices used on the NSTS network are white Nortel M3904 executive phones - a very reliable high-end model which is also used at the offices of both the Israeli and the British prime minister. Nortel was a big Canadian telephone equipment manufacturer, but was dissolved in 2009. Thereafter, the Enterprise Voice and Data division of Nortel was bought by the US telecommications company Avaya (formerly Lucent)
A Nortel M3904 phone from the NSTS network as seen
elsewhere in the NSA headquarters building
From declassified NSA documents, we can learn that the NSTS phones have numbers like 963-5247s (with s for secure) and that the numbers of the STE phones are written like STE 6325 (no real examples).* The IST phones of the DRSN have four or five digit numbers.*
Predecessors of these three types of telephones (STE, IST and NSTS) were also present in the office of then NSA director Michael V. Hayden, when James Bamford described a meeting with him in his 2001 book Body of Secrets:
"There are also several telephones on the table. One for secure internal calls; another is a secure STU-III for secret external calls; and a "red line" with buttons that can put him through instantly to the secretary of defense, the Chairman of the Chiefs of Staff and other senior officials.
No phones, however, connect the director to the White House; indeed, during Hayden's first year in office, he never, once spoke directly to president Clinton".*
In a declassified interview (pdf) with NSA director Hayden from January 5th, 2000, he says:
"Behind my credenza, I have a gray phone, a STU-III, an STE, and a red phone. NSA has a gray phone because it was ahead of everybody else. But everyone else has caught up. So I actually made the note today to go back and see how much it costs us to sustain these systems."Compared to the situation in 2001 as described above, we see that the (outdated) STU-III was removed shortly afterwards, and the term "gray phone" apparently refers to the telephone device connected to the NSTS.
Computers
In a separate program, called 60 Minutes Overtime, CBS showed 'The Making Of' their previous 60 Minutes report about NSA. It included some new video fragments, like one in which we get a better look at the computer equipment on the desk behind director Alexander's chair:
NSA director Alexander being interviewed by John Miller, December 2013
At the left side we see the director's computer equipment
(click to enlarge)
We see a common HP office keyboard, two computer screens and in between them there's a so-called KVM-switch with some colorful stickers on it.
The latter device is used to work on multiple computers or networks operating at different classification levels, all with one Keyboard, Video screen and Mouse, hence the abbreviation KVM. By pushing a button, the device can switch between four different connections, which is done by the hardware in order to keep them physically separated. The KVM Switch in this picture is the SwitchView SC4 from Avocent (formerly Cybex) with four secure channels.
From the stickers with the color codes, we learn that this device enables the director to switch between three separate computer networks at the following classification levels:
- Green: UNCLASSIFIED, which is the military NIPRNet
- Red: SECRET, which is the military SIPRNet
- Orange: TOP SECRET and Yellow: TOP SECRET/SCI
The latter connection is most often used for access to JWICS, the highly secure network used by the American intelligence community, but here it may also be used for NSANet. It's not clear whether the second compter screen is for one of these networks, or for a separate access to the common internet. Both screens have a blue label which might denote that the screens can be used for multiple classification levels.
> See also: US military and intelligence computer networks
60 Minutes
The CBS program Inside the NSA was broadcasted on December 15, 2013, but was immediatly heavily critized as being too less critical in approach to the NSA, some people even said it was NSA propaganda. This seems not quite fair, as Snowden reporter Glenn Greenwald had numourous occasions in media from all over the world to present his interpretation of what NSA is doing - which went almost unquestioned.
CBS reporter John Miller asked NSA director Alexander about all the major things that came up from the Snowden-leaks and he also got answers. NSA even showed an actual example of how the metadata contact chaining method works. Whether one is satisfied by these anwers is another thing, but we should keep in mind that Greenwald's version is not always the right one and NSA is not always lying.
NSA director Keith Alexander, who's a four-star general and a career Army intelligence officer, will retire on March 28. He was head of the National Security Agency and the Central Security Service since August 2005 and the US Cyber Command since May 2010. It's expected that he will be replaced by US Navy Vice Admiral Michael S. Rogers.
Links and Sources
- HuffingtonPost.com: '60 Minutes' Trashed For NSA Piece
- CBSNews.com: Inside the NSA - How did 60 Minutes get cameras into a spy agency
