328 NSA Documents Reveal “Vast Network” of Iranian Agents, Details of a Key Intelligence Coup, and a Fervor for Voice-Matching Technology

It began not by tapping enemy insurgents’ phones or capturing their emails, but by following the money.

When the National Security Agency discovered that Iran may have been buying computer chips from the United States, routing them through a U.S. ally, and potentially supplying them to detonate bombs against U.S. forces in Iraq and Afghanistan, it credited so-called economic intelligence with the find.

And the solution was not a death blow delivered by the military, but rather a new regulation on the export of certain technologies via the Commerce Department, which the spy agency said would end up “saving American and coalition lives.”

The unusual strategy of tracing monetary flows to stop explosions is one of many significant disclosures contained in a batch of 328 internal NSA documents provided by whistleblower Edward Snowden and released by The Intercept today after research and redaction.

Also included in the material, which originates from SIDtoday, the newsletter of the agency’s core Signals Intelligence Directorate, is the untold story of how intelligence related to Al Qaeda leader Abu Musab al-Zarqawi was finally acquired; an assessment that a “vast … network of Iranian agents”  operated in Iraq and influenced its government; a major push to hone the agency’s voice identification technology; details on how NSA staff deployed abroad viewed, and sometimes stereotyped, their host countries; and grumbling about having to comply with public-records laws.

Those stories and others are detailed in the highlights below; the NSA declined to answer questions about them. Also with this SIDtoday release, drawing on the same set of documents, Peter Maass profiles the NSA’s “SIGINT Curmudgeon,” Rahe Clancy, who wrote a beloved set of articles for SIDtoday, trying to instigate change from within the agency and riling up his fellow spies against its corporatization. Alleen Brown and Miriam Pensack, meanwhile, detail instances in which the NSA has spied on environmental disputes and around issues like climate change, overfishing, and water scarcity. And Micah Lee reveals that the NSA infiltrated virtual private computer networks used by various airlines, the Al Jazeera news network, and the Iraqi government.

U.S. Army Gen. George W. Casey, Jr., commander for Multi-National Force-Iraq, speaks with U.S. Army Maj. Sean Bastian, commanding officer of a military transition team, during a Thanksgiving Day visit Nov. 23, 2006, at Combat Outpost Rawah in Iraq’s Al Anbar province.

In Iraq, a “Vast and Disperse Network of Iranian Agents”

The NSA caught Iran smuggling American microprocessors that may have been used to bomb U.S. troops in Iraq, according to a May 2006 SIDtoday article. To import the chips, Iran set up front companies in the United Arab Emirates, an agency staffer wrote; the front companies then sent the microprocessors to customers in Iran and Syria.

The chips had both civilian and military capabilities and “have been used or are capable of being used” in the improvised explosive devices used extensively against U.S. forces in Iraq, the report concluded. Intelligence on the chip smuggling came not from intercepted military or diplomatic communications, as is typical at the agency, but rather through “economic reporting.”

Earlier the same year, an NSA representative who was embedded with U.S. Special Operations Command stated in a top-secret SIDtoday report that analysts had discovered “a vast and disperse network of Iranian agents in Iraq serving the Iranian Ministry of Intelligence or the Islamic Revolutionary Guards Corps.”

In Kuwait, different NSA units deployed a satellite interception system to hear conversations between Iranian agents, according to SIDtoday. This produced new intelligence reports that “have focused on Iran’s (and specifically Iran’s external paramilitary and intelligence forces’) activities in Iraq and the influence they wield on important figures in the new Iraqi Government.”

SIDtoday’s 2006 reporting on Iran’s involvement in Iraq buttressed comments by Gen. George W. Casey Jr., the top American military commander in Iraq, who told reporters in June that year that the military was “quite confident that the Iranians, through their covert special operations forces, are providing weapons, I.E.D. technology and training to Shia extremist groups in Iraq.” By 2017, the New York Times would say that Iran dominated Iraq: Iran-sponsored militias dominated in Iraq’s south, and cabinet politicians who resisted Iran lost their jobs, while U.S. efforts in Iraq primarily focused on chasing the Islamic State in the country’s north.

U.S. Army soldiers make radio contact after arriving by helicopter at night at an undisclosed location south of Baghdad, where they believed a top leader of the insurgency and close associated of Abu Musab al-Zarqawi was hiding, June 5, 2005.

How Key Al-Zarqawi Intelligence Was Obtained

In Iraq, at a strategic level, the U.S. was concerned about Iran; at the ground level, its top priority in 2006 was finding the Jordanian Ahmad Fadil al-Khalayleh, better known as Abu Musab al-Zarqawi — the most wanted terrorist in the country. Al-Zarqawi was the leader of the insurgent group Al Qaeda in Iraq and a fugitive from a Jordanian death sentence. The reward for information resulting in his capture or death reached $25 million.

Zarqawi was brutal to Iraqis as well as Americans. According to Joby Warrick, author of the Pulitzer Prize-winning book “Black Flags: The Rise of ISIS,” “The Jordanian also would seek to strike fear into Americans and other Westerners in Iraq with a series of kidnappings and videotaped beheadings. The first victim, Pennsylvania businessman Nicholas Berg, was butchered on camera by a hooded Islamist that CIA officers later confirmed was Zarqawi himself.”

NSA specialists were able to figure out the location of the internet cafe in Baghdad where the courier was about to access an email account.  An important message from al-Zawahiri to al-Zarqawi, “outlining al-Qaeda’s strategic vision for Iraq,” was obtained.

A major breakthrough had come in 2005, when NSA analysts intercepted, via a courier in Iraq, emails that were intended for al-Zarqawi from Al Qaeda No. 2 Ayman al-Zawahiri in Pakistan. In partnership with U.S. forces, NSA specialists in geospatial intelligence and counterterrorism were able to figure out the location of the internet cafe in Baghdad where the courier was about to access an email account. The courier and a “traveling partner” were caught, and an important message from al-Zawahiri to al-Zarqawi, “outlining al-Qaeda’s strategic vision for Iraq,” was obtained. The 15-page document was made public by the Office of the Director of National Intelligence in 2005, but the circumstances under which it was obtained appear to have not been previously reported. (Warrick’s book said “the CIA’s acquisition of the letter was a closely-guarded secret” and stated only that “the surveillance net” around al-Zarqawi “had snagged a singular piece of correspondence.”)

By early 2006, SIDtoday continued to report on how signals intelligence successes helped capture lesser-known figures. But the primary target remained at large and continued to issue propaganda videos. An intelligence analyst described the intensity of an assignment to a task force in Mosul, Iraq: “We worked for 14 to 18 hours a day, pouring over traffic and piecing together data to find threats or information that would help us locate and go get bad guys. You would feel every minute of those days, but you’d wake up one morning and it would be August.” 

Back at NSA headquarters, new mathematical analysis tools supplemented old-school language expertise in the process of reviewing audio recordings of al-Zarqawi posted on the open web, confirming his voice.

At last, on June 7, 2006, the “primary PC,” which stands for “precious cargo,” was found and dealt a death blow. In SIDtoday, an analyst from the NSA Cryptologic Services Group described the work of the Special Operations Task Force leading up to the targeted bomb strike that killed al-Zarqawi and others, reportedly in a two-story house near Baqubah, northeast of Baghdad, saying that a combination of signals intelligence, imagery intelligence, human intelligence, and “detainee reporting” uncovered the identity and location of al-Zarqawi’s “personal religious advisor,” Sheikh ‘Abd-al-Rahman, who was followed to al-Zarqawi’s hiding place and perished with him.

In this television image from Arab satellite station Al Jazeera, Osama bin Laden, right, listens as his top deputy Ayman al-Zawahiri speaks at an undisclosed location, in this image made from undated video tape broadcast by the station, April 15, 2002.

Fervor for Voice Matching Technology

By the end of 2006, the NSA had come to believe that audio fingerprinting as performed against al-Zarqawi could be used as a simple fix for a host of complex problems, from freeing hostages to curbing nuclear weapons proliferation, according to a series of SIDtoday articles.

Despite repeated setbacks, the NSA remained enthusiastic about voice matching technology, which identifies people by the sound of their voice. The agency had help: According to SIDtoday, voice matching techniques were developed by the Massachusetts Institute of Technology Lincoln Laboratory on the back of efforts to confirm the authenticity of broadcasts by Al Qaeda leaders Osama bin Laden and Ayman al-Zawahiri.

A February 2006 SIDtoday article described some of the difficulties inherent in voice matching, noting that Al Qaeda second-in-command al-Zawahiri displayed more “tonal diversity” than usual following a botched drone strike against him. (The attack killed at least 18 in the Pakistani village of Damadola but missed al-Zawahiri, reportedly due to faulty intelligence on his location.)

“During the 30 Jan message — lasting about three minutes — the terrorist never quite settled down, probably rattled by the attempt on his life and the vehement content,” the article stated. Despite al-Zawahiri’s shaky voice, “mathematical voice matching produced a perfect score of 99% upon comparison with previous soundfiles on this speaker from the same source.”

Six weeks later, another article described how two of five transmissions by al-Zawahiri in a nine-month span failed to yield a high-confidence voice match with previous transmissions. This was solved with new technology from MIT, which “allows optimal combination of vocal-tract models from contentious intercepts,” according to SIDtoday. The lesson to NSA: “Careful modeling” is “critical” for making voice identification actually work — and particularly important once voice matching is applied on a “large scale” to identify those “bent on terrorist activities against U.S. forces or the local populace.”

The same article goes on to describe a hand-held device, close to going into production, which would provide field access to MIT’s “mathematical engine” and voice matching estimates in “hostile environments.”

A May 2006 article describes another voice recognition stumble, when an October 2003 audio recording of bin Laden could not identify the Al Qaeda chief’s voice because it “proved to be of too low quality.” The file was later “enhanced” using software from a “local vendor … to yield a perfect match.” Still, there were successes, credited to the MIT software, with which “voice matching has become simplicity itself.” For example, an April 2006 recording of bin Laden was successfully matched against a January 2005 recording of bin Laden and against multiple other recordings.

The May SIDtoday article included references to screenshots of the MIT software’s “Speaker Comparison Algorithm” interface. Though those screenshots were not included in the SIDtoday articles as provided by Snowden, two images from an article on Lincoln Laboratory’s webpage — which were removed during the course of reporting this article — refer to a similarly named interface:  

Screenshots of MIT Lincoln Lab’s VOCALinc tool, which was “sponsored by the Department of Defense” and developed “utilizing U.S. government operational data.”

The MIT voice identification software was so important to the NSA that the agency approved a four-hour course on it based on MIT documentation and added the class to the National Cryptologic School syllabus, according to a July 2006 SIDtoday article.

The code, or an MIT-updated version of it, appears to have still been in use nearly eight years later. According to publicly available documentation from 2014, MIT Lincoln Lab’s VOCALinc tool was “already in use by several entities,” including “intelligence missions concerning national security” in areas such as terrorism. The document also references the development of “unseen devices such as body microphones and multirecording systems.” (Lincoln Lab did not provide responses to questions in the weeks leading up to publication of this article, although a spokesperson indicated he would try to get a response from a staffer “if sponsors allow him to discuss these topics.”)

Perhaps the clearest example of the enthusiasm for audio fingerprinting at the NSA in 2006 comes from an article written in March by the agency’s “Technical Director, Operational Technologies,” Adolf Cusmariu.

In the article — titled “Nuclear Sleuthing — Can SIGINT Help?” — Cusmariu took the idea at the base of the NSA’s voice matching technology to a new level of optimism.

What if, Cusmariu asked, the NSA scanned intercepted phone calls for the distinct sound generated by centrifuges used in uranium enrichment facilities? Could this help identify hidden nuclear weapons facilities in “rogue states like Iran and North Korea?”

What if, Cusmariu asked, the NSA scanned intercepted phone calls for the distinct sound generated by centrifuges used in uranium enrichment facilities?

There were several problems with the idea. First, there was the issue of background noise — the sound of the centrifuges inevitably mixing with other audio sources — “making unequivocal fingerprinting problematic.” Then, there was the fact that “the person making the call would have to be located inside, or at least near, the centrifuge compound for the acoustical signature to be audible.”

“Yes, a needle in a haystack!” Cusmariu admitted, but nonetheless, “algorithms have been developed … looking for just such signatures.” Unfortunately, “no convincing evidence has been found so far.”

Public records show that, in the months following these articles, Cusmariu filed for patents on “identifying duplicate voice recording” and “comparing voice signals that reduces false alarms.” Both were granted and describe methods similar to those discussed in SIDtoday, but with different applications.

To be sure, there was reason for some level of optimism about voice recognition technology. A brief — and top secret — SIDtoday article from May 2006 suggested that voice identification helped free the Briton Norman Kember and two Canadian fellow peace activists, who were held hostage in Baghdad. The successful operation was widely reported at the time, but the fact that voice ID helped identify the hostage-takers was not made public.

The CIA and the NSA staff of the Special Collection Service site in Baghdad worked together to find the kidnappers for several nights leading up to March 23, 2006, the article disclosed. On the final night, British and American spies, working side by side “to eliminate incorrect targets through voice identification,” were able to isolate “the specific terrorist believed to be holding the hostages.” The article does not, however, state whether the match was made by a computer, human, or combination of the two.

Eventually, the NSA played a pivotal role in developing voice matching technology, as described in Ava Kofman’s exposé earlier this year in The Intercept.

 “Dragon Team” Helped NSA Thwart Cordless Phones Used by Insurgents

Although it lacked the technical glamour of voice matching, the NSA saw its effort against high-powered cordless phones as critical to protecting U.S. troops on the ground. Early on in the Afghanistan and Iraq wars, the simple, rugged devices, also known as HPCPs, were in common use by insurgents, including as a means of triggering improvised explosive devices, or IEDs. SIDtoday articles from 2003 complained that these handsets, which could communicate with other handsets that were also within a 50-mile range of the radio base station, created an “intelligence gap,” and were such a problem that the NSA hosted a “Worldwide HPCP Conference” to understand, and design attacks against, this technology.

Less than three years later, the NSA had made significant progress. A SIDtoday article from May 2006 said a “dragon team” of NSA researchers developed a tool called “FIRESTORM” that supported a denial-of-service attack capability against cordless phone networks. FIRESTORM could prevent IED attacks and support an ability to “ping” a specific device, “forcing the targeted HPCP to emit an RF signal that can be geolocated by any asset in the area.” The dragon team had been “eagerly working with potential users to move this capability out of the development lab and into the fight.”

Sugar Grove station in West Virginia.

How NSA Staff Viewed the Rest of the World

The NSA needed staff paying attention to issues, like HPCPs, that resonated only once you were outside the bubble of Washington, D.C., and Fort Meade, Maryland — or which could only be addressed effectively from another country. To do so, it needed to convince them of the benefits of relocation. The perennial “SID Around the World” series within SIDtoday described daily life on assignment to global NSA locations, often in glowing terms. With a substantial portion of agency postings in remote locations, where big satellite dishes can dominate empty landscapes, or in offices on military bases, or in the underground bunkers below them, the idea was to make working abroad for the NSA sound fun. But in just its third year, the series seemed to fall back on lazy stereotypes and imperious complaining.

The series seemed to fall back on lazy stereotypes and imperious complaining.

A lucky staffer in Bangkok, an “adventurous woman,” is most enthusiastic about the cost of living there. “You can hire a maid for less than $100 a month or $1200 per year as a single person,” she wrote. “Most domestic services include: cooking, cleaning, washing, ironing, and babysitting children and/or pets. Tell me where you find that kind of help so cheaply? And the Thai domestic help are kind and trustworthy; therefore, no need to worry about your valuables.” You can live like a queen.

In 2006, to one staffer, the Japanese “fascination with technology” was notable; they carried cellphones equipped with two-way video conferencing and web browsing, and drove cars equipped with GPS. 

Yet “[d]espite having one of the oldest cultures in the world, the Japanese seem very innocent and naive.” Really?

It seems there were some ugly Americans on assignment.

Traffic was bad, or the roads are narrow, in England, Japan, and Turkey, too.

In Turkey, the cuisine was “world-class,” although lacking variety: “Probably 90 percent of Turkish restaurants offer no more than 4 or 5 traditional Turkish dishes.”

Indeed, culinary attractions, a staple of the series, seemed sparse. In fact, NSA staffers were introducing America’s Fourth of July fare and Italian dishes to the villagers of rural Yorkshire, where they tasted English boiled beef and potatoes with a “wilted sprig of parsley” on top. No really, “it is actually very good and certainly doesn’t deserve the bad reviews that it has been getting.”

But the shopping! In Ankara, the fruit was so fresh, the price was so cheap, and there were, again, “world-class” handicrafts. In Thailand, there were many “wonders for a single woman to enjoy,” like gorgeous silk fabrics, gems, and jewelry.

Meanwhile, back in the U.S., one of the best parts of a Utah posting was the dusty road trip on I-15 to California. And from the Sugar Grove station in West Virginia, the nearest shopping was 40 miles away, in another state, over snow, black ice, and curvy roads in the winter. Nothing was said about the cuisine. Getting to work at the underground NSA site required driving to the top of a mountain from the U.S. Naval Information Operations Command center at Sugar Grove, a naval base in landlocked West Virginia. There were occasional bear sightings. Since its 2006 appearance in SIDtoday, the naval base has been decommissioned and sold, but the underground NSA facility continues to operate with its secret mission.

Through its sister publication Field of Vision, The Intercept covered Sugar Grove with a film and story last year. As Sam Biddle reported at the time, “antennas at the NSA listening post, codenamed TIMBERLINE, were built to capture Soviet satellite messages as they bounced off the moon, imbuing a pristine stretch of Appalachia with a sort of cosmic gravity.” The former base is scheduled to reopen in October as a substance abuse treatment center.

The most enthusiastic appraisal of daily signals intelligence life was contributed by a GCHQ staffer assigned to the NSA Fort Meade headquarters from the United Kingdom. The temporary Marylander loved the food (“crab cakes!! Maryland crab soup!”), the climate, the roads, the local countryside, and the cheap gas. They and their wife were delighted by football and baseball games, and even by deer nibbling on flower beds. The Britons also enjoyed the friendly neighbors and, in a turnaround, were the hosts for the Fourth of July barbecue, leading “several spirited renderings of the Star-Spangled Banner.” 

Informing the Public at the NSA: “A Dirty Job, But Someone’s Got To Do It”

It wasn’t just people in other countries who seemed foreign to some NSA staff; voluntarily providing information to the American public provoked some strange and not entirely welcome sensations as well. James Risen and Eric Lichtblau of the New York Times reported in December 2005 that the NSA had been secretly authorized to spy on U.S. communications without a warrant. The Pulitzer Prize Board, in awarding the U.S.’s highest journalism honor, credited the pair with inspiring “a national debate on the boundary line between fighting terrorism and protecting civil liberty.”

Fulfilling public information requests is a “disruption to … day-to-day operations.”

This debate, in turn, seems to have inspired a surge in Freedom of Information Act requests directed at the NSA. The requests, in which journalists and other citizens try and pry information from the notoriously secretive agency, spiked to more than 1,600 in the first half of 2006, from 800 in the course of an entire normal year, a member of the Intelligence Security Issues division disclosed in SIDtoday. The staffer did not mention Risen (now at The Intercept) or Lichtblau, but did cite “the agency appearing so frequently in the news” as the cause of the increase.

In SIDtoday, the Intelligence Security Issues staffer portrayed the NSA’s response to handling FOIA requests in terms typically reserved for a trip to the dentist for a root canal, describing his department’s work as “a dirty job, but someone’s got to do it,” and promising to make fulfilling FOIA requests “as painless as possible,” even though fulfilling the requests is a “disruption to … day-to-day operations.” One wonders what adjectives the Intelligence Security Issues division deployed seven years later to explicate the process, when the Snowden revelations prompted an 888 percent rise in FOIA requests to the agency.  

The Skype internet phone program is seen on Sept. 1, 2009, in New York City.

NSA Decided It Was Legal To Spy on Some U.S. Phone Numbers

Sometimes, if a law became inconvenient, the NSA could do more than grumble; it could change its interpretation of the rule. For most people, the arrival of online phone call services like Skype and Vonage was a boon; it allowed them to dodge long-distance calling fees and to take their number with them anywhere around the world. The NSA, however, realized in 2006 that it had a big problem with such convenience: Online calling services might allow targets to acquire phone numbers with U.S. area codes and thus become off-limits to the agency, which is not supposed to conduct domestic spying.

“A target may be physically located in Iraq but have a US or UK phone number,” an NSA staffer grappling with the issue wrote in SIDtoday. NSA had previously interpreted a federal legal document, United States Signals Intelligence Directive 18, as barring the targeting of U.S. numbers, and built safeguards into various online systems, causing U.S. numbers to be “minimized upon presentation … and restricted from contact chaining,” a process in which a network of connected people is mapped, according to SIDtoday. In response to the rise of internet calling, the NSA developed techniques “for identifying the foreign status” of phone numbers, and the agency’s Office of General Counsel ruled that U.S. phone numbers affiliated with online calling services could be classified as foreign and targeted for surveillance if the number was “identified on foreign links” and was associated with an online calling service such as Vonage.

U.S. President George W. Bush holds a copy of a presidential commission’s report on pre-war intelligence on weapons of mass destruction while flanked by Judge Laurence Silberman and former Democratic Sen. Charles Robb of Virginia, co-chairs of the commission, during a press conference on March 31, 2005, in Washington, D.C.

Back to Basics: NSA Staff Instructed on Better Analyzing and Sharing Information

Whatever its success collecting and exploiting signals intelligence, the NSA was concerned its staff might not be communicating or disseminating this intelligence properly. “Write Right,” SIDtoday’s monthly column on authoring effective reports, brought to its 2006 edition a new focus on how to effectively route information to other intelligence agencies and federal entities, a process referred to officially (and dully) within NSA as “information sharing.”

The new attention to broad intelligence dissemination may have been a response to the scathing report of the so-called WMD Commission in March 2005, which stated, among other things:

The Intelligence Community’s performance in assessing Iraq’s pre-war weapons of mass destruction programs was a major intelligence failure. The failure was not merely that the Intelligence Community’s assessments were wrong. There were also serious shortcomings in the way these assessments were made and communicated to policymakers.

A maxim on intelligence from Colin Powell, the former chair of the Joint Chiefs of Staff, is quoted twice in SIDtoday’s 2006 “Write Right” columns, once in May and again in December: “Tell me what you know, tell me what you don’t know, tell me what you think; always distinguish which is which.” Columns previously devoted to spell-checking or capitalization began giving advice on adding context (“collateral”) and analysis (“comment”) — and on how to provide analysis without editorializing. Warnings about the use of web research as “collateral” sources included a prohibition on citing Wikipedia.

With information sharing as the new norm, the “Write Right” author (and guest authors) repeated the need to understand and follow changing policies and to make sure that a report is releasable to the intended recipients. This guidance included what could or could not be discussed on the agency’s collaborative discussion forum, called “Enlighten.” No chit-chat: “The ENLIGHTEN system is an aid to professionals in doing their jobs,” according to the forum’s primer, which is quoted in an October 2006 “Write Right.” “All information posted on ENLIGHTEN must pertain to Agency-related (official) business. UNDER NO CIRCUMSTANCES IS ENLIGHTEN AUTHORIZED FOR DISSEMINATING PERSONAL OR NON-OFFICIAL INFORMATION.”

Customers queue outside the Apple Store in London for the launch of the iPhone 3G on July 11, 2008.

The NSA Goes After Newer (3G!) Phones and “Social Networks”

Rapid change was buffeting not just NSA’s information-sharing practices but some of the core communications systems the agency surveilled as well, and in early 2006 the agency held multiple internal events to explain newly developed techniques to evolve its intelligence collection in parallel with these systems.

One SIDtoday article announced a “brown bag session” about exploiting video from third-generation, or 3G, cellphones, including “basic instructions on how best to search, analyze and use camera cell phone video data.” 3G mobile data networks first became commercially available in Japan in 2001, in South Korea and the United States in 2002, and in the United Kingdom in 2003. By 2008, the United States and Europe alone had over 127 million 3G users.

Another article announced an “open house” hosted by the “Social Network Analysis Workcenter” to show off “ASSIMILATOR,” a new web-based tool for analyzing the social networks of surveillance targets. In this case, “social network” refers to the list of people a target communicates with based on signals intelligence from a variety of sources, not social networking services.

Top photo: A U.S. soldier at a press conference in Baghdad takes down an older photo in order to display the latest image purporting to show the body of Abu Musab al-Zarqawi, an Al Qaeda-linked militant who led a bloody campaign of suicide bombings, kidnappings, and hostage beheadings in Iraq.