Get SF Weekly Newsletters
Pin It

The Spybots Among Us 

How the NSA tracks terrorists in the United States through the Internet

Wednesday, Dec 19 2001

Page 2 of 5

"It's not easy to penetrate what the NSA is doing, but the climate has changed entirely since Sept. 11. The emphasis is on aggressive pursuit."

The NSA has long had the capability and the motivation to spy on U.S. citizens on the Internet without restriction, Bamford observed. The passage of the Patriot Act gave it the political go-ahead to do that under certain conditions.

"Just as mighty navies once ruled the high seas," Bamford wrote in Body of Secrets, "the [NSA's] goal is to rule cyberspace."

The NSA reportedly intercepts 3 billion messages a day from all the mediums it watches. Modern communications -- and the Internet specifically -- have dramatically changed the nature of national security and intelligence-gathering. The battle for control of the world's information infrastructure has even been given a name: Netwar. Under these new rules of engagement, America's enemies are no longer well-defined, monolithic opponents like the Soviet Union, say experts like John Arquilla, who is an associate professor at the Naval Postgraduate School in Monterey, which trains Navy officers in intelligence techniques and special operations.

Last month, Arquilla gave a talk on Netwar at a meeting of the Council on Foreign Relations in San Francisco. Arquilla defines America's enemies today as loosely organized networks of terrorists, street gangs, international syndicates of criminals, and even anti-World Trade Organization protesters. These anti-hierarchical, leaderless networks tend to operate in the shadows until a trigger moment, Arquilla says, when they suddenly "swarm" a target, such as the World Trade Center towers or the 1999 WTO meeting in downtown Seattle. The Internet enables the underground networks to flourish by providing rapid communication channels, information on how to design weapons, and, most important, an international forum to air grievances and promote political causes.

The NSA is fighting back, Arquilla says, by tracking these enemies with "intelligent software agents" -- bots.

"It is not unreasonable to assume," Arquilla confides, "that the NSA is engaged in clandestine technology intelligence -- ECHELON, Semantic Forests -- there are other names that I am not allowed to tell you. Clandestine technology intelligence allows us to track dark networks; if you go to certain Web sites a bot will follow you. Bots empower human agents."

Simply put, bots are strings of computer code that roam the Internet like fish in the sea, entering people's computers and performing automated tasks on their own. They are everywhere on the Web. Businesses commonly send out bots on the Internet to build customer profiles, search for mentions of the corporate name, or mine Web sites for demographic data to use in market research. Bots can piggyback into your computer every time you visit a Web page, open an e-mail, or download music online. Search engine bots travel the Web, creating indexes for Google and Yahoo!. Once inside a personal computer, bots can, quite legally, connect to the Internet without the computer owner's knowledge, sending out streams of data, including personal financial information sucked out of money-management programs.

In the hands of the NSA, however, bots become a different animal. "[The NSA's] bots are like corporate-marketing and data-mining bots on steroids," Arquilla says.

After cautioning the interviewer that he is "approaching a no-go zone," Arquilla says, "We can use bots to see who is accessing information of dual use to science and terrorism." For example, he says, Web sites that display the human genome can be used to create biological weapons. Spybots inserted into the operating system code at a genome Web server can be instructed to follow any visitor and then report back to the NSA.

Two years ago, the European Parliament issued an investigative report that offered an unprecedented glimpse into the NSA's ECHELON program, which covertly intercepts the world's military, diplomatic, commercial, and civilian communications as they are transmitted through the air or by wire. (ECHELON is a joint effort of the English-speaking countries. The Parliament's investigation was inspired by allegations that the NSA was using those intercepts to give hot tips to American businesses at the expense of their European competitors.) The ECHELON report said the NSA uses custom-designed bots to ferret out information on Web pages, Usenet, and open databases. These spybots are many times more powerful than common search engines, which skim the surface of the Web as they follow a series of hypertext links from one Web page to another.

One South Dakota company designs bots for the government that access 500 times more data than normal searchbots. Gerard Tardif, vice president of BrightPlanet, says his bots, unlike ordinary search engines, mine the vast collection of databases underlying public Web pages. Tardif's quasi-intelligent bots do not just blindly follow hypertext links, they enter into a dynamic relationship with a database, querying it for deep content. For example, "LexiBot" can visit the Web site of a nonprofit organization that raises money to educate Palestinian schoolchildren and retrieve its latest financial data, if that data is connected to the Web page server. A normal bot would just return the URL for the Web page.

"Some of our customers are using our products for intelligence-gathering in support of national defense," says Tardif. "We are permitted to mention some customer names, such as NATO and Lawrence Livermore Laboratories. But the others must remain anonymous."

The clever searchbots are dumb beasts, however, compared to the NSA's "Trojan horses," a generic name for a particularly malicious type of software, or "malware." Trojan horse bots can be written to carry out a series of complex tasks, such as finding the password to your online bank account and using it to transfer your terrorist trust fund, penny by penny, to thousands of randomly selected accounts, where the tiny deposits will not be noticed.

About The Author

Peter Byrne


Subscribe to this thread:

Add a comment

Popular Stories

  1. Most Popular Stories
  2. Stories You Missed


  • clipping at Brava Theater Sept. 11
    Sub Pop recording artists 'clipping.' brought their brand of noise-driven experimental hip hop to the closing night of 2016's San Francisco Electronic Music Fest this past Sunday. The packed Brava Theater hosted an initially seated crowd that ended the night jumping and dancing against the front of the stage. The trio performed a set focused on their recently released Sci-Fi Horror concept album, 'Splendor & Misery', then delved into their dancier and more aggressive back catalogue, and recent single 'Wriggle'. Opening performances included local experimental electronic duo 'Tujurikkuja' and computer music artist 'Madalyn Merkey.'"