February 27, 2014

NSA director Alexander's phones

(Updated: March 16, 2014)

After a range of articles about how NSA intercepts foreign communications, we now take a look at the equipment that NSA uses to secure their own telecommunications, more specific those of its director.

We can do this because last December, the CBS program 60 Minutes offered some unprecedented insights into the NSA headquarters. Of course very limited, but still interesting for those with a sharp eye. Perhaps the most revealing was that for the first time ever it was shown how the office of the director of NSA looks like:



The office of NSA director Alexander, December 2013
(click to enlarge)


The office of the director is at a corner on the eighth floor of the OPS 2B building, which is the wider and lower one of the two black mirrored glass structures of the NSA headquarters at Fort George G. Meade. Contrary to what many people would probably expect, the director's office is far from high tech. We see a rather traditional interior with a classic wooden desk, shelfs with books, picture frames and lots of memorabilia, a conference table and a group of old-fashioned seatings with a large plant in a shiny copper pot.

Most interesting for us is the telecommunications equipment used by the current director, Keith B. Alexander, which can be seen in the following screenshot:



NSA director Alexander working at his desk, December 2013
Behind him we see his secure telephone equipment
(click to enlarge)


VTC Screen
In the corner at the left we see a video teleconferencing screen with a high-definition camera, made by the Norwegian manufacturer Tandberg. In 2010 this company was bought by Cisco Systems, so their equipment can be safely used for US Top Secret/SCI videoconferencing. From within secured locations (SCI enclaves), the video feed goes over the JWICS IP network for the intelligence community, which is secured by stream-based Type 1 bulk encryption devices.


STE Phone
At the left of general Alexander there's a large black telephone called Secure Terminal Equipment (STE), which is made by L3 Communications. The STE is a highly secure phone, which means that this device is capable of encrypting calls up to the level of Top Secret/SCI. This phone can be used to make secure calls to anyone with a similar or compatible device. STE is the successor of the almost legendary STU-III secure phone system from the late 1980s.

With an estimated 400.000 users, STE is used for secure communications with everyone working for the US government, the military or its contractors, who can not be reached through a more select secure phone network for the US military (IST/DRSN) or the SIGINT community (NSTS).


IST Phone
At the far right we see a big white Integrated Services Telephone (IST), which was designed by Electrospace Systems Inc. and manufactured by Raytheon. This is a so called "red phone", which means that it's connected to the Defense Red Switch Network (DRSN). This is the main secure telephone network for military command and control communications and connects all mayor US command centers and many other military facilities.

Although this IST phone looks very futuristic, it was gradually replaced by the newer IST-2 since 2003. Remarkable to see that notably the highest NSA official still uses the old model. The new IST-2 was also on the President's desk in the Oval Office, before it was replaced by a Cisco IP phone for the new Executive Voice over Secure IP-network in 2011, to provide a dedicated link between the President and his senior cabinet members.

It's revealing to see that there's no such new IP telephone in the office of the director of NSA, which means that he has no direct line to the President. Which is according to the fact that NSA actually falls under the Department of Defense and its intelligence gathering is coordinated by the Director of National Intelligence.


NSTS Phone
A third, white phone set is hidden right behind general Alexander's back, but we can see a glimpse of it in this screenshot:



NSA director Alexander working at his desk, December 2013
Behind him we see his secure telephone equipment


This telephone is part of NSTS, which stands for National (or NSA/CSS) Secure Telephone System and is the NSA's internal telephone network for calls up to the level of Top Secret/SCI. Newer NSTS phones are connected by fiber optic modems to a fiber backplane that interfaces with an NSANet access point router. The voice traffic is then encrypted together with data traffic utilizing a Type 1 bulk encryption device.

As can be seen in other pictures from inside NSA, the devices used on the NSTS network are white Nortel M3904 executive phones - a very reliable high-end model which is also used at the offices of both the Israeli and the British prime minister. Nortel was a big Canadian telephone equipment manufacturer, but was dissolved in 2009. Thereafter, the Enterprise Voice and Data division of Nortel was bought by the US telecommications company Avaya (formerly Lucent)



A Nortel M3904 phone from the NSTS network as seen
elsewhere in the NSA headquarters building


From declassified NSA documents, we can learn that the NSTS phones have numbers like 963-5247s (with s for secure) and that the numbers of the STE phones are written like STE 6325 (no real examples).* The IST phones of the DRSN have four or five digit numbers.*


Predecessors of these three types of telephones (STE, IST and NSTS) were also present in the office of then NSA director Michael V. Hayden, when James Bamford described a meeting with him in his 2001 book Body of Secrets:
"There are also several telephones on the table. One for secure internal calls; another is a secure STU-III for secret external calls; and a "red line" with buttons that can put him through instantly to the secretary of defense, the Chairman of the Chiefs of Staff and other senior officials.
No phones, however, connect the director to the White House; indeed, during Hayden's first year in office, he never, once spoke directly to president Clinton".*


Computers
In a separate program, called 60 Minutes Overtime, CBS showed 'The Making Of' their previous 60 Minutes report about NSA. It included some new video fragments, like one in which we get a better look at the computer equipment on the desk behind director Alexander's chair:



NSA director Alexander being interviewed by John Miller, December 2013
At the left side we see the director's computer equipment
(click to enlarge)


We see a common HP office keyboard, two computer screens and in between them there's a so-called KVM-switch with some colorful stickers on it.

The latter device is used to work on multiple computers or networks operating at different classification levels, all with one Keyboard, Video screen and Mouse, hence the abbreviation KVM. By pushing a button, the device can switch between four different connections, which is done by the hardware in order to keep them physically separated. The KVM Switch in this picture is the SwitchView SC4 from Avocent (formerly Cybex) with four secure channels.

From the stickers with the color codes, we learn that this device enables the director to switch between three separate computer networks at the following classification levels:
- Green: UNCLASSIFIED, which is the military NIPRNet
- Red: SECRET, which is the military SIPRNet
- Orange: TOP SECRET and Yellow: TOP SECRET/SCI

The latter connection is most often used for access to JWICS, the highly secure network used by the American intelligence community, but here it may also be used for NSANet. It's not clear whether the second compter screen is for one of these networks, or for a separate access to the common internet. Both screens have a blue label which might denote that the screens can be used for multiple classification levels.


60 Minutes
The CBS program Inside the NSA was broadcasted on December 15, 2013, but was immediatly heavily critized as being too less critical in approach to the NSA, some people even said it was NSA propaganda. This seems not quite fair, as Snowden reporter Glenn Greenwald had numourous occasions in media from all over the world to present his interpretation of what NSA is doing - which went almost unquestioned.

CBS reporter John Miller asked NSA director Alexander about all the major things that came up from the Snowden-leaks and he also got answers. NSA even showed an actual example of how the metadata contact chaining method works. Whether one is satisfied by these anwers is another thing, but we should keep in mind that Greenwald's version is not always the right one and NSA is not always lying.



CBS 60 Minutes: Inside the NSA (December 15, 2013)



NSA director Keith Alexander, who's a four-star general and a career Army intelligence officer, will retire on March 28. He was head of the National Security Agency and the Central Security Service since August 2005 and the US Cyber Command since May 2010. It's expected that he will be replaced by US Navy Vice Admiral Michael S. Rogers.



Links and Sources
- HuffingtonPost.com: '60 Minutes' Trashed For NSA Piece
- CBSNews.com: Inside the NSA - How did 60 Minutes get cameras into a spy agency

7 comments:

franz said...

There is a second - SCIF room

Anonymous said...

Joe Tag writes:

Regarding the IST phone, you have a good insight about the model, and it's use. Also, I agree, in this office, he does not have the Cisco-IP "TSG Qualified" phone-set, which is curious, interesting.

I believe that many INTEL organizations are still following the phone-set color codes: White (not needing a label ); Grey is Secure, Black phones (if STE ) need a "SECURE" or "STE" label; otherwise the phone is "clear";
Green is "sterile/clean" .
The white Nortel (old name: Northern Telecom) 3904/3903 phones may have a inside shielded paint-job; maybe not. They are probably on a special Secure/Encrypted network; calls off of the net may be protected by STE-R or a rack of L3-Omni's or a rack General Dynamics Sectera's.

There are at least 2 computers under the desk; perhaps that the "Blue" label denotes that the systems have been set at the CONFIDENTIAL level when the photo was taken? ( Green is Unclassified) . You mention "Both screens have a blue label which might denote that the screens can be used for multiple classification levels."

Excellent site; and I will visit again.




Anonymous said...

Good observation about the phones. The Nortel M3904 (white) is probably on an "always secure/encrypted network"; calls "off-net" protected by STE-R, rack of L3 Communications Omnis' or rack of General Dynamics Sectera units.

Excellent site, and I will visit again. Joe Tag.

Anonymous said...

Bitch got a lot of phones. No balls or backbone though. I bet she does nothing but gossip all day.

Informative post.

Anonymous said...

I've seen that the Nortel phones are "Platinum" White.

puja shaha said...

Kassa och butik

Vi erbjuder Kvalité och snabb service och vet att det är mycket viktigt att få saker gjort snabbt , därför kan vi erbjuda service avtal Från 99:-/mån så du får snabbt på plats service (även distans avtal)och så ser vi till att du alltid håller ditt kassasystem uppdaterad med den nyaste programvaran!

Kontakt información:

Norra Ågatan 5 A Arboga Västmanland 732 31
teléfono: 0589-10031
Site: www.kassanetto.se

puja shaha said...

Torgkassa


Vi erbjuder Kvalité och snabb service och vet att det är mycket viktigt att få saker gjort snabbt , därför kan vi erbjuda service avtal Från 99:-/mån så du får snabbt på plats service (även distans avtal)och så ser vi till att du alltid håller ditt kassasystem uppdaterad med den nyaste programvaran!

Kontakt información:

Norra Ågatan 5 A Arboga Västmanland 732 31
teléfono: 0589-10031
Site: www.kassanetto.se