The CIA, NSA, Menwith Hill terrorist connection.



The following article reproduced from: https://theintercept.com/2019/05/29/nsa-sidtoday-surveillance-intelligence/?utm_source=The+Intercept+Newsletter&utm_campaign=c834c956ee-EMAIL_CAMPAIGN_2019_06-01&utm_medium=email&utm_term=0_e00a5122d3-c834c956ee-132908061

U.K. Base, and NSA Intern, Facilitated Death or Capture of “Chicken Man” and Other Iraq Militants

In mid-2006, the National Security Agency (NSA) was closely watching a “most wanted” militant organization with a presence in Iraq, known as the Moroccan Islamic Fighting Group. The agency was struggling to eavesdrop on the group’s communications, which it said had led to a “critical gap” in intelligence.

However, the NSA got lucky when an intern working at the agency’s Menwith Hill surveillance base in England uncovered a network associated with the group. By tracking the communications of an Algerian bombmaker associated with the Moroccan organization, the NSA was able to identify other Islamist fighters working to manufacture explosives in Iraq, according to a July 2006 SIDtoday article. 

The NSA discovered chatter between militants, who were apparently fighting with the Moroccan jihadis against the U.S. and its allies in Iraq. One of the militants on an intercepted phone call referred to “chickens” falling from the sky, an apparent coded reference to the downing of U.S. helicopters that previous May. The man on the phone call became known to the NSA as “Chicken Man,” and his communications proved invaluable to the U.S. spies who were listening in.

The NSA passed the intelligence it gathered from the phone calls to U.S. forces in Iraq. The analysts at Menwith Hill — working with NSA employees at the agency’s base in Augusta, Georgia — continued to keep tabs on the jihadis. Then, between May 23 and May 25, 2006, the U.S. military launched operations that resulted in the killing and capture of nine mostly foreign fighters, including Chicken Man, according to the SIDtoday article.

Menwith Hill is the NSA’s largest overseas surveillance base and continues to play a key role in U.S. military operations around the world. As The Intercept has previously reported, the spy hub has been used to aid “a significant number of capture-kill operations” across the Middle East and North Africa, according to NSA documents, and is equipped with eavesdropping technology that can vacuum up more than 300 million emails and phone calls a day. Human rights groups and some British politicians have demanded more information about the role of Menwith Hill in controversial U.S. drone strikes and other lethal operations, arguing that the base is unaccountable to British citizens and is shrouded in too much secrecy.

Another SIDtoday article, from December 2006, credited analysts working in the NSA’s British base at Menwith Hill with locating internet cafes in the Iraqi city of Ramadi that were allegedly used by associates of Al Qaeda leader Abu Ayyub Al-Masri. It did this through an intiative known as GHOSTHUNTER, which mapped locations of small, “VSAT” satellite dishes throughout the region.

“Terminals from the current top three VSAT technologies in the Middle East — DirecWay, Linkstar, and iDirect — have
all been successfully located as part of the GHOSTHUNTER initiative,” the article said, including 150 terminals “on networks of interest… in Baghdad, Ramadi, and neighboring cities.”

After hearing “rave reviews” about a CIA’s Intellipedia sabbatical, plans to adopt the training for NSA employees were in the works, according to an early 2007 article, and one of the CIA’s Intellipedia “pioneers” gave presentations to NSA analysts about the platform.

On January 28, 2014, the top-secret version of Intellipedia had 255,402 users and 113,379 pages; the secret version had 214,801 users and 107,349 pages; and the unclassified version had 127,294 users and 48,274 pages, according to the NSA’s response to a Freedom of Information Act request.

As part of an investigation into cyberattacks that target hardware supply chains, The Intercept published multiple top-secret Intellipedia wiki pages. These include the “Air-Gapped Network Threats” page, the “BIOS Threats” page, and “Supply Chain Cyber Threats” page.

According to SIDtoday, Intellipedia was introduced alongside two other tools to bring classified information into the internet age: a classified instant messaging system linking the NSA, CIA, and other intelligence agencies, as well as blog platform “for sharing your knowledge and your point of view with others.”

A two–part interview in SIDtoday provides new details about the Special Collection Service (SCS), the covert NSA joint effort with the CIA to collect signals intelligence from U.S. embassies abroad. The revelations include information on SCS’s history and examples of its missions.

Since 2006, new NSA facilities in Texas, Hawaii, Georgia, and Utah are sharing the load of the agency’s enormous power requirements.

Since then, the number of SCS sites has ebbed and flowed depending on budgets and operational needs. In 1988, before the Berlin Wall came down, SCS reached a peak of 88 sites worldwide, the director said. In the following years, the number decreased, only to drastically increase in the aftermath of 9/11, when no fewer than 12 new sites were added. At one point, the SCS Caracas site was shut down when it was no longer needed, only to be reopened when “anti-American Venezuelan President” Hugo Chávez was elected in 1998.

The most important SCS site is probably its headquarters, located in an “attractive (…) rural location outside Laurel, MD,” according to the interview. While the address of the “tree-lined corporate campus” was included in James Bamford’s 2008 book “The Shadow Factory,” and is identified as “Special Collection Service” on Google Maps, the SIDtoday article is the first public document confirming the existence of the joint NSA-CIA facility.

One SIDtoday article recounts how a MUSKETEER team, having deployed to the U.S. embassy in Beijing, struck gold during a survey of Wi-Fi signals from “the embassies of India, Singapore, Pakistan, Colombia, and Mongolia.” At the Indian Embassy, the team discovered that someone, possibly sponsored by the Chinese government, had hacked computers inside and was transmitting “approximately 10 sensitive diplomatic documents” every day (“often Microsoft Office-compatible files or Adobe PDF documents”) to drop boxes on the “public internet.” The NSA began regularly collecting the information from these drop boxes for itself and “analyzing the Indian Embassy’s diplomatic communications,” according to SIDtoday.

NOTES/References

CIA - https://en.wikipedia.org/wiki/Central_Intelligence_Agency

NSA - https://en.wikipedia.org/wiki/National_Security_Agency

SCS - https://en.wikipedia.org/wiki/Special_Collection_Service

Stateroom (Surveillance Program) -  https://en.wikipedia.org/wiki/Stateroom_(surveillance_program)

STATEROOM is the code name of a highly secretive signals intelligence collection program involving the interception of international radio, telecommunications and internet traffic. It is operated out of the diplomatic missions of the signatories to the UKUSA Agreement and the members of the ECHELON network including Australia, New Zealand, United Kingdom, Canada and the United States.