www.antiwar.com/orig/ketcham.php?articleid=13506
September 26, 2008 Trojan Horse How Israeli Backdoor Technology Penetrated the US Government's Telecom System and Compromised National Security by Christopher Ketcham Since the late 1990s, federal agents have reported systemic communications security breaches at the Department of Justice, FBI, DEA, the State Department, and the White House. Several of the alleged breaches, these agents say, can be traced to two hi-tech communications companies, Verint Inc. Together, Verint and Amdocs form part of the backbone of the government's domestic intelligence surveillance technology. Both companies are based in Israel having arisen to prominence from that country's cornering of the information technology market and are heavily funded by the Israeli government, with connections to the Israeli military and Israeli intelligence (both companies have a long history of board memberships dominated by current and former Israeli military and intelligence officers). Verint is considered the world leader in "electronic interception" and hence an ideal private sector candidate for wiretap outsourcing. The companies' operations, sources suggest, have been infiltrated by freelance spies exploiting encrypted trapdoors in Verint/Amdocs technology and gathering data on Americans for transfer to Israeli intelligence and other willing customers (particularly organized crime). "The fact of the vulnerability of our telecom backbone is indisputable," says a high level US intelligence officer who has monitored the fears among federal agents. "How it came to pass, why nothing has been done, who has done what these are the incendiary questions." If the allegations are true, the electronic communications gathered up by the NSA and other US intelligence agencies might be falling into the hands of a foreign government. Reviewing the available evidence, Robert David Steele, a former CIA case officer and today one of the foremost international proponents for "public intelligence in the public interest," tells me that "Israeli penetration of the entire US telecommunications system means that NSA's warrantless wiretapping actually means Israeli warrantless wiretapping." As early as 1999, the National Security Agency issued a warning that records of US government telephone calls were ending up in foreign hands Israel's, in particular. In 2002, assistant US Attorney General Robert F Diegelman issued an eyes only memo on the matter to the chief information technology (IT) officers at the Department of Justice. IT officers oversee everything from the kind of cell phones agents carry to the wiretap equipment they use in the field; This might not seem much to blink at in the post-9/11 intel and security overhaul. What group or groups of foreign nationals had close access to IT systems at the Department of Justice? One former Justice Department computer crimes prosecutor tells me, speaking on background, "I've heard that the Israelis can listen in to our calls." Retired CIA counterterrorism and counterintelligence officer Philip Giraldi says this is par for the course in the history of Israeli penetrations in the US He notes that Israel always features prominently in the annual FBI report called "Foreign Economic Collection and Industrial Espionage" Israel is second only to China in stealing US business secrets. The 2005 FBI report states, for example, "Israel has an active program to gather proprietary information within the United States. These collection activities are primarily directed at obtaining information on military systems and advanced computing applications that can be used in Israel's sizable armaments industry." A key Israeli method, warns the FBI report, is computer intrusion. In the big picture of US government spying on Americans, the story ties into 1994 legislation called the Communications Assistance for Law Enforcement Act, or CALEA, which effected a sea-change in methods of electronic surveillance. Gone are the days when wiretaps were conducted through on-site tinkering with copper switches. CALEA mandated sweeping new powers of surveillance for the digital age, by linking remote computers into the routers and hubs of telecom firms a spyware apparatus linked in real-time, all the time, to American telephones and modems. CALEA made spy equipment an inextricable ligature in our telephonic life. Top officials at the FBI pushed for the legislation, claiming it would improve security, but many field agents have spoken up to complain that CALEA has done exactly the opposite. The data-mining techniques employed by NSA in its wiretapping exploits could not have succeeded without the technology mandated by CALEA. It could be argued that CALEA is the hidden heart of the NSA wiretap scandal. THE VERINT CONNECTION According to former CIA officer Giraldi and other US intelligence sources, software manufactured and maintained by Verint, Inc. Says Giraldi: "Phone calls are intercepted, recorded, and transmitted to US investigators by Verint, which claims that it has to be hands on' with its equipment to maintain the system." Giraldi also notes Verint is reimbursed for up to 50 percent of its R&D costs by the Israeli Ministry of Industry and Trade. According to Giraldi, the extent of the use of Verint technology "is considered classified," but sources have spoken out and told Giraldi they are worried about the security of Verint wiretap systems. The key concern, says Giraldi, is the issue of a "trojan" embedded in the software. A Trojan in information security hardware/software is a backdoor that can be accessed remotely by parties who normally would not have access to the secure system. Allegations of massive Trojan spying have rocked the Israeli business community in recent years. An AP article in 2005 noted, "Top Israeli blue chip companiesare suspected of using illicit surveillance software to steal information from their rivals and enemies." "It is the largest cybercrime case in Israeli history," Boaz Guttmann, a veteran cybercrimes investigator with the Israeli national police, tells me. "Trojan horse espionage is part of the way of life of companies in Israel. This is of course the culture on which the US depends for much of its secure software for data encryption and telephonic security. "There's been a lot discussion of how much we should trust security products by Israeli telecom firms," says Philip Zimmerman, one of the legendary pioneers of encryption technology (Zimmerman invented the cryptographic and privacy authentication system known as Pretty Good Privacy, or PGP, now one of the basic modern standards for communications encryption). "Generally speaking, I wouldn't trust stuff made overseas for data security," says Zimmerman. Look at where the expertise is, Zimmerman adds: Among the ranks of the International Association for Cryptological Research, which meets annually, there is a higher percentage of Israelis than any other nationality. The Israeli-run Verint is today the provider of telecom interception systems deployed in over 50 countries. Carl Cameron, chief politics correspondent at Fox News Channel, is one of the few reporters to look into federal agents' deepening distress over possible trojans embedded in Verint technology. In a wide-ranging four-part investigation into Israeli-linked espionage that aired in December 2001, Cameron made a number of startling discoveries regarding Verint, then known as Comverse Infosys. Sources told Cameron that "while various FBI inquiries into Comverse have been conducted over the years," the inquiries had "been halted before the actual equipment has ever been thoroughly tested for leaks." Cameron also noted a 1999 internal FCC document indicating that "several government agencies expressed deep concerns that too many unauthorized non-law enforcement personnel can access the wiretap system." Much of this access was facilitated through "remote maintenance." Immediately following the Cameron report, Comverse Infosys changed its name to Verint, saying the company was "maturing." In 1997, DEA transformed its wiretap infrastructure with the $25 million procurement from Comverse/Verint of a technology called "T2S2" "tran...
|
http://csua.com/feed/