Intel Community Has Its
Own Ultra Secure 'Internet'
Top-Secret U.S. Network Puts the Latest Satellite Pictures From Suspect
Sites Within Immediate Reach
By Vernon Loeb
Washington Post Service
Source: International Herald Tribune,
WASHINGTON - Four years ago, the U.S. intelligence community started to realize that "information superiority" in the Internet age called for more than glossy documents ferried around town in highly secure vans.
The need for intelligence in real time was becoming more acute with each passing conflict, having been publicly flagged after the Gulf War by none other than General Norman Schwarzkopf, who loudly complained that the intelligence community had failed to put satellite imagery into his hands fast enough.
Today, the latest satellite photos of terrorist camps and Iraqi tank formations are but a click away. Imagery, communications intercepts and all manner of intelligence reports move in seconds across an intelligence community intranet called Intelink, a top-secret, super-secure network that has revolutionized the dissemination of U.S. intelligence and become a potent, searchable analytic tool for analysts and military officers all over the world.
Fredrick Thomas Martin, a former National Security Agency official, tells how all this happened in a new book called "Top Secret Intranet," describing a journey through cyberspace in which the 13 U.S. intelligence agencies have gone from zealously guarding their own secrets to sharing many of them over what the book calls "the world's largest, most secure network."
"Intelink," writes Mr. Martin, "has become an information service that is critical to the intelligence mission of this nation."
Switched on in late 1994, the network is now used regularly by 50,000 analysts, operatives, military officers and policymakers with top-secret security clearances at 100 sites. They can click on the latest satellite imagery from the National Imagery and Mapping Agency, search the network for communications intercepts from the National Security Agency and chat electronically with analysts of various stripes about the latest terrorist threats and military maneuvers.
What makes the network's creation all the more remarkable, in a procurement culture known for the $600 toilet seat and the $7,600 coffee pot, according to Mr. Martin, is that the handful of computer mavens who started it decided to use only commercially available software pioneered on the Internet and the World Wide Web. Intelink now runs with a Netscape browser and a variety of commercial search engines, including AltaVista. The searchable universe consists of 440,000 electronic pages, which would make it a very large site by commercial standards. By contrast, has 241,000 pages.
For the highly secretive intelligence community, talking the talk of Web technology proved easier, in some respects, than walking the walk. The power of Web-based data searchable across a vast network forced it to re-examine - and ultimately waive - its "need-to-know" doctrine for disseminating intelligence, which has for years kept information tightly compartmentalized and shared only with those who need to know and use it.
"As one can imagine, there were many pockets of resistance - people who were adamantly opposed to waiving or even relaxing the 'need-to-know' principle," Mr. Martin writes. "But, interestingly, once the success of Intelink had been established, there was no turning back, and very little talk about turning back."
Mr. Martin describes the network as impenetrable to attack by hackers because it runs on dedicated Defense Department networks that have no link to the Internet. This "air gap" is the first line of defense.
The second is this: To open an Intelink account with the network's 24-hour operations center housed at the National Security Agency's Fort Meade headquarters and obtain a password, a would-be user must first have obtained a top-secret security clearance.
Also, Intelink terminals are located only inside top-secret government facilities, and even if a hacker somehow managed to tap into a secure Pentagon phone line and intercepted raw data moving over that line, Mr. Martin says, he would still have to defeat an encryption algorithm the National Security Agency is confident cannot be broken.
Still, intelligence officials such as John Dahms of the CIA, recently appointed the intelligence community's first chief information officer, remain obsessed with security. They are worried not so much about hacker threats from the outside but the potential for penetration from within. A Capitol Hill analyst who monitors intelligence recently called Intelink a "revolution in a positive and negative sense."
The analyst said, "From a counterintelligence point of view, it's as frightening as anything you could imagine," pointing out that a traitor such as Aldrich Ames of the CIA, if given access to Intelink, could download secrets that might not otherwise have been available to him. But even if that were to happen, Mr. Dahms said in a recent interview, it is doubtful that a traitor could use Intelink to obtain information about ongoing intelligence operations and the names of foreign intelligence assets. That kind of information, which Mr. Ames sold to the KGB in the mid-1980s, is not put up on the network, Mr. Dahms said.
All 13 intelligence agencies, Mr. Dahms said, maintain their own internal intranets separated by firewalls from Intelink. Raw, working data about sources and operations stay inside the firewall, he said, leaving Intelink largely for "finished" intelligence.
"Some people see that as withholding information - begrudgingly putting out the more generic, vanilla intelligence," Mr. Dahms said. "CIA especially falls within that criticism, because so much of our intelligence comes from very sensitive sources. And we're just not about to put it out for 400,000 people to browse."
GIVEN ITS security obsession, Mr. Dahms said the intelligence community was working on software to reinstitute "need-to-know" compartmentalization on the network, building certain electronic pages that require their own digital identifications for a user to gain access. But security concerns have failed to keep network use from growing rapidly.
In 1994, several months after Steven Schanzer, an information systems official at the Defense Intelligence Agency, first sold the CIA director at the time, R. James Woolsey, on his vision of a CompuServe kind of environment for the intelligence community, in 1994, the network went on-line with a handful of users. No one was ordered to participate, and no one was told what to post.
"The whole concept was the power of the information," Mr. Schanzer, now director of the Defense Security Service, said in an interview. "It grew almost exponentially from Day 1." Five years ago, production of a "finished" intelligence report often involved a flurry of secure faxes among analysts at different agencies, meetings around Washington and mailing lists for 300 or 400 recipients. Paper documents were then delivered by secure truck and airplane, Mr. Dahms said.
With Intelink, he said, documents are posted instantaneously, and analysts at different agencies are starting to produce intelligence reports collaboratively over the network.