PREVIEW: In The Crosshairs: How I Became the Target of an NSA Power Struggle, by Greg Hansen

We've been extended an exclusive opportunity to publish a free preview chapter from the book by NSA Insider, Greg Hansen, "In The Crosshairs: How I Became the Target of an NSA Power Struggle." While the book doesn't blow the type of whistles blown by Edward Snowden, it's still a strong condemnation of the US's intelligence organizations, and blows a softer whistle, perhaps just as important as Snowden's revelations, but for different reasons. The book gets into specific detail about the political infighting, backstabbing, agendas, and ineptitude which come a tremendous taxpayer expense and an incalculable impact on national security. From Greg's introduction in the book...

We have all heard the expression, "No good deed goes unpunished." Normally this line is uttered in jest. However, as I describe my experiences with the NSA you will see that, when it comes to politics in the Intelligence community, it is not a laughing matter. My creation of the analytic tool at virtually no cost was a good deed, but one that offended certain NSA personnel who were guilty of self-promotion and self-denial both. In order to promote themselves they had to somehow diminish what I had done or, better yet, eliminate my work altogether.

My book will demonstrate how the combination of fear of failure, self-promotion, self-denial and organizational self-deception can put the success of an operation or new initiative at risk. Furthermore I will detail the costly effect of the actions of the NSA personnel I offended not only in financial terms but also in terms of the impact on the ability of the Intelligence Community agencies to collaborate and cooperate with each other.

Enjoy this sample chapter...


The NSA Trailblazer Program

Based at Fort Meade, Md., with field offices around the world, the NSA harvests virtually every form of electronic communication -- including phone calls, e-mails and video links -- through a vast array of satellites, ground-based listening stations and military airplanes and ships. But there were huge holes in the agency's information filter and, as a result, a congressional report on Sept. 11 intelligence failures found that "potentially vital" information was lost, particularly with regard to terrorist groups.

That is what Trailblazer, launched in November 1999 by then-NSA Director Michael Hayden, was designed to address. The program was launched in 1999 was to enable NSA analysts to connect the 2 million bits of data the agency ingests every hour and enable analysts to quickly pick out the most important information. The advent of the Internet, cell phones, and instant messaging, however, made that task increasingly complex. Trailblazer was intended to be NSA's state-of-the art tool for sifting through the ocean of modern-day digital communications and uncovering key nuggets to protect the nation against an ever-changing collection of enemies.

As initially envisioned Trailblazer would have translated all digital computer language into plain text or voice. The data would have been analyzed to identify new patterns of activity or connections among people whose communications are intercepted, then stored in an easily searchable database. Key communications automatically would have been forwarded to the appropriate analysts, who for the first time could have followed up with their own searches of the database.

NSA, however, already had a program that accomplished what Trailblazer was intended to accomplish. That program was called ThinThread. ThinThread could theoretically ingest and correlate data from financial transactions, travel records, Web searches, G.P.S. equipment, and any other "attributes" that an analyst might find useful in pinpointing "the bad guys." In addition, ThinThread processed information as it was collected—discarding useless information on the spot and avoiding the overload problem that plagued centralized systems. Pilot tests of ThinThread proved almost too successful, according to a former intelligence expert who analyzed it. "It was nearly perfect," the official says. "But it processed such a large amount of data that it picked up more Americans than the other systems." Though ThinThread was intended to intercept foreign communications, it continued documenting signals when a trail crossed into the U.S. This was a big problem: federal law forbade the monitoring of domestic communications without a court warrant. Privacy controls were implemented and an "anonymizing feature," added so that all American communications would be encrypted until a warrant was issued. The system would indicate when a pattern looked suspicious enough to justify a warrant. But this was before 9/11, and the N.S.A.'s lawyers deemed ThinThread too invasive of Americans' privacy. In addition, concerns were raised about whether the system would function on a huge scale, although preliminary tests had suggested that it would. In the fall of 2000, [General Michael Hayden, the director of the N.S.A.] decided not to use ThinThread, largely because of his legal advisers' concerns.27

Thus the Trailblazer program was born. The initial Trailblazer plan called for more than 1,000 priority items, and ballooned as it was passed through three separate NSA divisions, each with its own priorities.

On 29 March, 2001, the National Security Agency (NSA) awarded three prime contracts for concept studies, launching the Agency's transformation efforts. The studies will define the architecture, cost, and acquisition approach for "Trailblazer 1", the NSA program to develop analytic capabilities to meet the challenge of rapidly evolving, modern telecommunications. The prime contracts were awarded to Booz Allen & Hamilton, Inc. (Annapolis Junction, MD), Lockheed Martin Corporation (Hanover, MD), and TRW (Systems & Information Technology Group, Columbia, MD). These prime contractors will have over thirty industry partners, in total, associated with their efforts. "Trailblazer 1" was known as the Concept Development Phase.

In addition, in October, 2001 NSA awarded a five-year, $50 million systems engineering and technical assistance contract for support on its Trailblazer project to Annapolis Junction, Md.-based Conquest Inc. Conquest's contract specified that it would define and test the best architecture, cost and acquisition approach from concepts proposed by the "Trailblazer 1" three prime contractors.

According to a declassified and redacted Inspector General report "Trailblazer 1 had the following key responsibilities:

1. Ensure the execution of a new NSA program transforming the U. S. Cryptologic System exploitation of the global network; map detailed digital network exploitation mission requirements to a cryptologic architecture and implement them; and Act as the catalyst for transforming customer interaction and operational practices.
   
2. Begin the retooling of NSA programmatically, technologically, and culturally to provide mission services and capabilities that are responsive to the emerging technology and customer needs.

This same report said, in relation to ThinThread:

1. There was minimal user, system, technical, or programmatic documentation.
   
2. There was no user documentation on how to use the tool. That was inefficient and could lead to a significant increase in user error.
   
3. Difficulties using the tool can also lead to an increase in support calls that drained project resources.
   
4. ThinThread did not have a clearly stated, documented set of mission goals or objectives.
   
5. There was no program plan, making it difficult to communicate information about ThinThread at a programmatic level
   
6. A detailed schedule including all activities related to the system and deliverables before, during and after deployment was not available. A high-level schedule containing the chronology of deployment was developed but a detailed schedule was essential for proper resource management, costing, and prediction.
   
7. No installation and maintenance documentation was completed for personnel, although the team was working with the pilot site to develop installation documentation.
   
8. There was no process for controlling and measuring operational, programmatic, and technical performance effectiveness of ThinThread once deployed.
   
9. ThinThread did not have a clearly stated set of system specifications or a method to validate the ThinThread concept or performance results. Thus, there was no way to determine if the system was successful or if it failed, which may lead to confusion in stakeholders' understanding of the success of ThinThread.
   
10. ThinThread had mechanisms for assessing progress and status within the system development phase. However, there were no systematic, consistent mechanisms for overall program measurement, which included identifying test criteria, establishing program schedules, and documenting a system baseline to address progress. No feedback mechanisms had been identified such as risk management or contingency planning.
    
11. Aside from schedule control, there were no tools to measure progress towards program objectives because there were no formalized program objectives.
    
12. ThinThread did not have Standards of performance established for personnel developing ThinThread.

The report concluded by saying, "The effects of minimal documentation could be overcome if an integrated team accomplished the development and deployment of ThinThread. (The ThinThread program) must develop necessary documentation. (This) would necessitate an increase in the personnel devoted to documenting the system, but is essential to the successful deployment and operation of ThinThread. The lack of this documentation presented a serious risk to the successful deployment of ThinThread."

In other words, ThinThread was not ready for deployment. The little I know about ThinThread suggests that it might have performed well, but I agree that the lack of documentation was a serious issue. Whether the program could have been salvaged is a matter of debate. In the above referenced report NSA did state, "NSA recommended that the audit report emphasis that the ThinThread capability is valued by NSA." Nonetheless ThinThread was abandoned in favor of Trailblazer.

On October 21, 2002, SAIC announced a contract award from the NSA to be the provider of the technology demonstration platform (TDP) phase of the TRAILBLAZER program (Trailblazer 2). The SAIC-led Digital Network Intelligence (DNI) Enterprise team included Northrop Grumman Corporation, Booz Allen Hamilton Inc., The Boeing Company, Computer Sciences Corporation and SAIC wholly-owned subsidiary Telcordia Technologies to contribute to the modernization of the NSA's signals intelligence capabilities. The TDP phase of the TRAILBLAZER program was estimated at $280 million and was to be performed over a period of 26 months.

According to a declassified and redacted Inspector General report:

1. The mission of the National Security Agency/Central Security Service (NSAlCSS) is to provide actionable Signals Intelligence to U.S. decision makers, from the national to the tactical level, while protecting~ the nation's vital information from attacks. The urgency of the NSA/ CSS mission is greater than ever since the September 11th attacks and the Global War on Terrorism.
   
2. In addition, defense planning guidance and the Director of Central Intelligence guidance stipulate the need for "globally vigilant intelligence system that can provide early strategic warning of crisis and detect threats" that is supported by capabilities such as an "information superiority backbone."
   
3. Trailblazer is a major acquisition program...to acquire an integrated system that is composed largely of commercial technology to provide the much-needed mission capability against the global network through a series of spiral developments.

Complaints about the Trailblazer program began almost immediately. One complaint focused on the SAIC practice of hiring top military and federal officials that basically created a Washington-based "revolving door." An example of how this revolving door worked to SAIC's advantage is the Trailblazer program: William B. Black Jr. retired from a top National Security Agency office in 1997 to become SAIC vice president. In 2000, he returned to the NSA. Two years later, NSA awarded SAIC a $280 million contract for Trailblazer.

Other complaints focused on the management of the program. In 2005 the "web magazine" Washington Technology reported32: One of the priorities for newly installed National Security Agency Director Lt. Gen. Keith Alexander likely will be to bring under control the huge cost overruns and long delays in the agency's Trailblazer IT modernization initiative. The five- year-old Trailblazer is the agency's premiere effort to update its communications surveillance and eavesdropping infrastructure to better handle global technologies, including the Internet, cell phones, pagers and fiber optics. Since the terrorist attacks of Sept. 11, Trailblazer has been viewed as critical and an urgent priority for intercepting terrorist messages around the world.

With more than $477 million in contracts announced thus far -- and a classified overall price tag in the billions -- Trailblazer has racked up hundreds of millions of dollars in extra costs and is months behind schedule with no abatement in sight. Salvaging and refocusing Trailblazer to get it back on track is a must to make the program effective and to prevent an IT boondoggle, agency observers said. "Gen. Alexander will have to clean up the mess," said Matthew Aid, a former NSA employee and a writer on national security issues. "We need to know if the money is being properly spent." "Overall, most people think [Trailblazer is] a disappointment," said James Bamford, a national security author. However, the agency has no alternative but to move forward with Trailblazer because it is so central to the agency's mission, he said. "If you kill Trailblazer, you might as well kill NSA," Bamford said. "Gen. Alexander has no choice but to find a way to make it work."

In January, 2006 the Baltimore Sun reported that: "The National Security Agency's ‘Trailblazer' program envisioned in 1999 as an overarching state-of-the-art data-mining system capable of sorting through millions of telephone and Internet communications and pluck out items relevant to national security and counterterrorism, is an abject failure, according to multiple sources and reports. The program has soaked up six years of effort and $1.2 billion in taxpayer dollars, with nothing to show except some schematic drawings and a few isolated technological and analytical gadgets, and little hope of much future progress. Matthew Aid, who has advised three federal commissions and panels investigating the 9/11 attacks, says that Trailblazer is "the biggest boondoggle going on now in the intelligence community." Part of the problem is that over its six years of development, Trailblazer has passed through three separate NSA divisions, each with its own priorities and design goals. Its overseers have failed to exert the proper authority to clearly define the program's goals and keep the project on track. In 2003, the NSA's inspector general found that the program suffered from "inadequate management and oversight" of private contractors and overpayment for the work that was done. The lead private contractor for the project, Science Applications International Corporation (SAIC), has not provided the technical and managerial expertise necessary to create the system."

Most telling in my mind, however, is an article from the Baltimore Sun in 2006. It claimed that, "In a sharp rebuke to the National Security Agency's leadership, an internal task force has concluded that the country's largest intelligence agency lacks vision and is unable to set objectives and meet them. NSA employees also do not trust one another, which has left the agency fragmented and in search of a "unity of purpose," according to a task force report released to employees late last month. "What we need is fundamental change in the way we manage NSA and what we expect of management and ourselves," concluded the study, which was led by the NSA's deputy chief of cryptanalysis. The Sun obtained unclassified portions of the report and eight related documents. Management problems have been blamed for repeated setbacks as the agency tries to upgrade its ability to analyze the millions of snippets of conversations and other communications collected worldwide every day. In recent years, several major programs have been hampered by delays, technology breakdowns or cost overruns. "We do not trust our peers to deliver," the task force wrote. "Fragmentation has undermined corporate trust. Lack of trust is on display in NSA organizational structures [and] behaviors across the Enterprise."

The article also quoted the task force as saying, "NSA must decide upon a common purpose, develop plans and strategies aligned with that purpose, manage all of our resources, and tie rewards to successful execution of our plans. Inability to carry out plans and hold employees and managers accountable for executing them is also a persistent problem. There is no clear measurement and no accountability for execution performance."

The mere fact that this type of information regarding a classified project was becoming public was amazing. However, not having worked in the classified world, at least not at the classification levels of Trailblazer, I was not cognizant of the problems affecting Trailblazer. My experience with Trailblazer was positive; however, the comments in the Baltimore Sun regarding accountability will come back to haunt me over the next ten years.


Copyright 2015, Greg Hansen, all rights reserved. Posted with permission of AboveTopSecret.com

In The Crosshairs: How I Became the Target of an NSA Power Struggle
By Greg Hansen


ABOUT THE AUTHOR:

Greg Hansen is a Process Improvement Expert, specializing in the application of emerging technologies to optimize business operations, developing and implementing comprehensive change management plans, leading to quality execution, sustainability and cost reduction.

From 2003 – 2014 he worked for General Dynamics and SAIC (later Leidos) at the National Security Agency where he coordinated with site coordinator for cyber command in facilitation of the development of conceptual process strategies for cross-agency collaboration for Cyber Intelligence Preparation of the Environment (CIPE) planning. He also served as Technical Director for multiple process improvement initiatives including NSA Threat Operation Center and NSA's Trailblazer Technology Demonstration Platform (TBTDP).

Mr. Hansen is the author of "Automating Business Process Reengineering: Using the Power of Visual Simulation Strategies to Improve Performance and Profit" (Prentice Hall). This book is available on Amazon.com here

Mr. Hansen is also the author of numerous academic papers.


TABLE OF CONTENTS

Introduction
The Thirty-Six Million Dollar Mistake
We Know Better Than You (1)
My First Experience with NSA
The Changing Political Climate
Small Business Innovative Research (SBIR) Projects
- Overview
- Bayes' Nets
- Applicability to NSA
The NSA Trailblazer Program
Trailblazer Program Data Mining Technology
The Fine Art of Finger Pointing
The Fiasco – Part One
The End of Trailblazer
The Enemy Within
The Fiasco – Part Two
Overview of the NSA/CSS Threat Operations Center
The Militaristic Structure of Government Employment
Cyber Intelligence Preparation of the Environment
- The Difficulty of Fighting Cyber Attacks
- Problems with the Existing CIPE Process
The CIPE Analysis Tool
The Battles Begin
Cease and Desist
An End Run
Intrusion Analysis Data Base
 Guerilla Warfare
The Internal NSA War Begins
Waste, Fraud and Abuse
The Internal SAIC War Begins
The Internal NSA War Escalates
he Internal SAIC War Escalates
It Gets Personal
Major Successes
- Indicators of Intrusion Set Cooperation
- Third Party Participation
- Disruption of Adversarial TTPs
- Awards and Recognition
We Know Better Than You (2)
Hostile Takeover
All Out War
Fear and Loathing
The Set Up
The Peter Principle at Work
The Triumph of Politics
The Negative Impact of Internal NSA Politicking
Prologue - My Bizarre Last Day at NSA
References


Purchase on Amazon




DISCLAIMER: ATS is not making any profit, or commission of any type, from the sales of this book.

We're currently working on a schedule for an "Ask Me Anything" with Greg in the very near future, stay tuned.

a reply to: SkepticOverlord

I am really excited to read what he has written!

I think the ATS community is lucky to have him here.

I will write again once I have read the part of his book that is presented here on ATS.

Tagged for when I got my dinner in front of me tonight!

Sorry, Skeptic Overloard,

to me he seems to be just a frustrated employee, who even does not know to what company he was employed exactly.

His only problem is his pay:

Is Severance Pay a thing of the Past?

Not so much a whistleblower of the NSA. More a confused SAIC employee, who felt bad treated by Leidos, which is another company. It seems he did not know, who is who.

I am ready to correct myself, but this is what I see at first glance.

a reply to: SkepticOverlord

My main problem with Edward Snowden and the whole NSA uncovered hype. Is that I knew with the NSA was up to in the 70s as a teenager. I knew full well at that time the NSA monitored all electronic communication. I also knew at the time they were supposed to only do that to overseas communication. But get real what spy agency has ever played by the rules?

Here are excerpts from one of the first reports on the NSA dated 1972.

NSA 1972

Let's also not forget the Echelon reports in 1988 which 60 minutes did a report on in 2000.

Echelon report 1988

Here is a quote and a link to the 60 minute transcript from 2000.

If you made a phone call today or sent an e-mail to a friend, there's a good chance what you said or wrote was captured and screened by the country's largest intelligence agency. The top-secret Global Surveillance Network is called Echelon, and it's run by the National Security Agency and four English-speaking allies: Canada, Great Britain, Australia and New Zealand. The mission is to eavesdrop on enemies of the state: foreign countries, terrorist groups and drug cartels. But in the process, Echelon's computers capture virtually every electronic conversation around the world. How does it work, and what happens to all the information that's gathered? A lot of people have begun to ask that question, and some suspect that the information is being used for more than just catching bad guys.

60 minute transcript 2000

Now the NSA's exploits has been known about and documented since 1972. While I'm glad the information came out (again) I just really have a hard time understanding why everyone acted so surprised.

a reply to: SkepticOverlord

very cool. I think I am going to buy it. Nice.

a reply to: Siddharta

You have little idea what you are talking about. Thanks, BTW , for looking at my LinkedIn profile. yes I am pissed that I got laid off. I personally became the target of an NSA power struggle - no doubt about that. My crime was that I did what others wanted (REDACTED BY NSA) millions to do. If you think that wasting taxpayer dollars is fine, then good for you.

NSA employees - the Government employees - were afraid of me. Why? Because I kept bringing up their complete waste of funds.

[REMOVED BY ADMIN]

a reply to: Expat888

So you have read the book, right?
No?
Then what are you talking about?

a reply to: greghansen

Your language speaks for itself.
So I don't have to add anything at all, but this second line -being confirm to ATS rules.

a reply to: greghansen

This site is a big family with many resources. I just lost interest in you and your book with the way you address people here. You come here promoting a book about NSA. This means people are going to question certain things that could be solved by a little time and explaining.

a reply to: LoverBoy

This means people are going to question certain things that could be solved by a little time and explaining.

Nah, man, it's going to take a lot more than a little.

If all it took was a little, then Americans wouldn't have lost interest in how their privacy has been massively invaded and walked away from this story.

One of the things that you learn just from the freebie that Greg has posted is that we went from a working system that augmented the capabilities of live analysts to do their jobs legally (ThinThread) to a broken system that breaks the law by design (Trailblazer) and seems to make the analyst a vestigial organ of the system. Greg's story also corroborates Binney's, which is important.

Plus, you know whatever it was that Greg created that threatened to un# the system is going to shed more light on how the system is #d.

So, there's that.

Welcome to ATS you will be questioned on your information and sources dont take it personal were a group that truly gets to the bottom of things imho your going to need thick skin to survive here we will give you a chance but its not going to be cake i wish you the best Mr Hansen and look foward to more information from you below is posted a direct link to ATS T&C's

15a) Offensive Content: You will not Post forum posts, private messages, PODcasts, blog entries, videos, images, and other supported content, links to images or use avatars and/or signatures that are unlawful, harassing, libelous, privacy invading, abusive, threatening, harmful, hateful, vulgar, obscene, and/or disruptive. You will not use text, images, avatars or link to images or domains that contain gore, mutilation, pornography or illegal content. Doing so will result in removal of your Post(s) and immediate termination of your account.

15b.) Profanity: You will not use profanity in our forums on the Websites, and will neither Post with language or content that is obscene, sexually oriented, or sexually suggestive nor link to sites that contain such content. You will also not use common alternative spellings or net-speak alternative for profane words.

link to T&C's

I look foward to more of your Posts Mr. Hansen.

a reply to: greghansen

originally posted by: greghansen
a reply to: Siddharta

So...until you have something valuable to add - STFU.

So you have read the book, right?
No?
Then what are you talking about?

Not an auspicious beginning, sir. These questions are legitimate and present legitimate concerns. Responding with ad hominem attacks and sarcasm and being so defensive exacerbates the issues rather than diffuses them. What did someone do but look into your past a bit. Isn't that what you did to others for an entire career? It shouldn't be surprising. If you take a more circumspect and non-emotional tone, it will go a long way toward having a fruitful discussion here. If we had all already read your book, there would be little reason to read parts of it again here. I assume it's not a prerequisite to enter this discussion.

The fact is your own positions and which companies you actually worked for are really a bit confusing. I had just assumed you were a NSA employee, but apparently that's not the case. If you could furnish just a quickee single line per employer resume it would do a lot to clear this issue up.

It looks like the book is a Kindle edition only. Is it or will it be available in hardback?

Greg. Have you seen 'The Man With one Red Shoe'

👣