NSA speaks out on Snowden, spying

The NSA gives unprecedented access to the agency's HQ and, for the first time, explains what it does and what it says it doesn't do: spy on Americans

The following is a script from "Inside the NSA" which aired on Dec. 15, 2013. John Miller is the correspondent. Ira Rosen and Gabrielle Schonder, producers.

No U.S. intelligence agency has ever been under the kind of pressure being faced by the National Security Agency after details of some of its most secret programs were leaked by contractor Edward Snowden. Perhaps because of that pressure the agency gave 60 Minutes unprecedented access to NSA headquarters where we were able to speak to employees who have never spoken publicly before.

 

 Full disclosure, I once worked in the office of the director of National Intelligence where I saw firsthand how secretly the NSA operates. It is often said NSA stands for "never say anything," but tonight the agency breaks with that tradition to address serious questions about whether the NSA delves too far into the lives of Americans.

Gen. Keith Alexander: The fact is, we're not collecting everybody's email, we're not collecting everybody's phone things, we're not listening to that. Our job is foreign intelligence and we're very good at that.

The man in charge is Keith Alexander, a four-star Army general who leads the NSA and U.S. Cyber Command. 

John Miller: There is a perception out there that the NSA is widely collecting the content of the phone calls of Americans. Is that true?

"The fact is, we're not collecting everybody's email, we're not collecting everybody's phone things, we're not listening to that. Our job is foreign intelligence and we're very good at that."

Gen. Keith Alexander: No, that's not true. NSA can only target the communications of a U.S. person with a probable cause finding under specific court order. Today, we have less than 60 authorizations on specific persons to do that.

John Miller: The NSA as we sit here right now is listening to a universe of 50 or 60 people that would be considered U.S. persons?

Gen. Keith Alexander: Less than 60 people globally who are considered U.S. persons.

But the NSA doesn’t need a court order to spy on foreigners, from its heavily protected headquarters in Fort Meade, Md., it collects a mind-numbing amount of data from phones and the Internet. They sort through it all looking for clues to terrorist plots, and intelligence on the intentions of foreign governments. To do all that they use a network of supercomputers that use more power than most mid-sized cities.

Gen. Alexander agreed to talk to us because he believes, the NSA has not told its story well.

Gen. Keith Alexander: "We need to help the American people understand what we're doing and why we're doing it." And to put it simply, we're doing two things: We're defending this country from future terrorist attacks and we're defending our civil liberties and privacy. There's no reason that we would listen to the phone calls of Americans. There’s no intelligence value in that. There's no reason that we'd want to read their email. There is no intelligence value in that.

What they are doing is collecting the phone records of more than 300 million Americans.

John Miller: Then why do you need all of those phone records?

Gen. Keith Alexander: How do you know when the bad guy who's using those same communications that my daughters use, is in the United States trying to do something bad? The least intrusive way of doing that is metadata.

Metadata has become one of the most important tools in the NSA’s arsenal. Metadata is the digital information on the number dialed, the time and date, and the frequency of the calls.  We wanted to see how metadata was used at the NSA.  Analyst Stephen Benitez showed us a technique known as “call chaining” used to develop targets for electronic surveillance in a pirate network based in Somalia.

Stephen Benitez: As you see here, I'm only allowed to chain on anything that I've been trained on and that I have access to. Add our known pirate. And we chain him out. 

John Miller: Chain him out, for the audience, means what?

Stephen Benitez: People he's been in contact to for those 18 days.

Stephen Benitez: One that stands out to me first would be this one here. He's communicated with our target 12 times.

Stephen Benitez: Now we’re looking at Target B’s contacts.

John Miller: So he's talking to three or four known pirates?

Stephen Benitez: Correct. These three here. We have direct connection to both Target A and Target B. So we'll look at him, too, we'll chain him out. And you see, he's in communication with lots of known pirates. He might be the missing link that tells us everything.

John Miller: What happens in this space when a number comes up that's in Dallas?

Stephen Benitez: So If it does come up, normally, you'll see it as a protected number-- and if you don't have access to it, you won't be able to look.

If a terrorist is suspected of having contacts inside the United States, the NSA can query a database that contains the metadata of every phone call made in the U.S. going back five years.

John Miller: So you understand then, there might be a little confusion among Americans who read in the newspaper that the N.S.A. has vacuumed up, the records of the telephone calls of every man, woman and child in the United States for a period of years-- that sounds like spying on Americans.

Gen. Keith Alexander: Right, and that's wrong. That's absolutely wrong.

John Miller: You don’t hear the call?

Gen. Keith Alexander: You don't hear the call.

John Miller: You don't see the name.

Gen. Keith Alexander: You don't see the names.

John Miller: You just see this number, called that number.

Gen. Keith Alexander: The-- this number-- the "to/from" number, the duration of the call and date/time, that's all you get. And all we can do is tell the FBI, "That number is talking to somebody who is very bad, you ought to go look at it."

But privacy advocates argue American’s phone records should not sit in bulk at the NSA, searchable under a blanket court order. They believe the NSA should have to get a separate court order for each number and that the record should stay at the phone company. 

John Miller: You get the bill from whatever the service provider is and you see who it's calling in America. You don't need to collect every American's phone numbers to do that.

Gen. Keith Alexander: Well, the reality is if you go and do a specific one for each, you have to tell the phone companies to keep those call detail records for a certain period of time. So, if you don’t have the data someplace you can’t search it. The other part that's important, phone companies-- different phone companies have different sets of records. And these phone calls may go between different phone companies. If you only go to one company, you'll see what that phone company has. But you may not see what the other phone company has or the other. So by putting those together, we can see all of that essentially at one time.

John Miller: Before 9/11, did we have this capability?

Gen. Keith Alexander: We did not.

John Miller: Is it a factor? Was it a factor?

Gen. Keith Alexander: I believe it was.

What Gen. Alexander is talking about is that two of the 9/11 hijackers, Khalid al-Mihdhar and Nawaf al-Hazmi were in touch with an al Qaeda safe house in Yemen. The NSA did not know their calls were coming from California, as they would today.

Gen. Keith Alexander: I think this was the factor that allowed Mihdhar to safely conduct his plot from California. We have all the other indicators but no way of understanding that he was in California while others were in Florida and other places.

Edward Snowden revealed another program called “prism.” Which the NSA says is authorized under the foreign intelligence surveillance act, or FISA. Prism is the program the NSA uses to target the Internet communications of terrorists. It has the capability to capture emails, chats, video and photos. But privacy experts believe the NSA’s dragnet for terrorists on the Internet may also be sweeping up information on a lot of Americans.

Gen. Keith Alexander: No. That's not true. Under FISA, NSA can only target the communications of a U.S. person with a probable cause finding under specific court order.

John Miller: A judge in the FISA court, which is the court that secretly hears the NSA cases and approves or disapproves your requests. Said the NSA systematically transgressed both its own court-appointed limits in bulk Internet data collection programs.

Gen. Keith Alexander: There was nobody willfully or knowingly trying to break the law.

The NSA says their analysts use highly technical systems under increasingly complex legal requirements and that when mistakes are made, they’re human errors, not intentional abuses. The Snowden leaks have challenged the NSA officials to explain programs they never intended to talk about. So how did an obscure contractor and computer specialist, pull off the most damaging breach of secrets in U.S. history?  Few have spent more time thinking about that than Rick Ledgett.

John Miller: How long have you been with the NSA?

Rick Ledgett: For 25 years.

John Miller: How many television interviews have you done?

Rick Ledgett: One, this one.

Ledgett runs the NSA task force doing the damage assessment on the Snowden leaks. And until this interview, the NSA has never discussed the specifics of the extent damage they believe Snowden has done and still could do.

 

NSAwalktalk1.jpg
Rick Ledgett and John Miller
CBS News
 John Miller: There've been all kinds of figures out there about how much he took, how many documents. We've been told 1.7 million.

Rick Ledgett: I wouldn't dispute that.

John Miller: How is that possible?

Rick Ledgett: So, the people who control that, the access to those machines, are called system administrators and they have passwords that give them the ability to go around those-- security measures and that's what Snowden did.

Edward Snowden worked for the NSA in Hawaii.  Part of his job was to help maintain the NSA’s computers and also move large sets of data between different systems.

John Miller: Did he take everything he had access to, or was he a careful shopper?

Rick Ledgett: He did something that we call-- scraping. Where he went out and just went-- used tools to scrape information from websites, and put it into a place where he could download it.

John Miller: At some point you then understood the breadth of what was missing and what could be missing?

Rick Ledgett: Yes.

John Miller: Of all the things he took is there anything in there that worries you or concerns you more than anything else?

Rick Ledgett: It's an exhaustive list of the requirements that have been levied against-- against the National Security Agency. And what that gives is, what topics we're interested in, where our gaps are. But additional information about U.S. capabilities and U.S. gaps is provided as part of that.

John Miller: So, I'm going to assume that there's one in there about China, and there's one in there about Iran, and there's another in there about Russia.

Rick Ledgett: Many more than one.

John Miller: Many more than one?

Rick Ledgett: Yes.

John Miller: How many of those are there?

Rick Ledgett: About 31,000.

John Miller: If those documents fell into their hands? What good would it do them?

Rick Ledgett: It would give them a roadmap of what we know, what we don't know, and give them-- implicitly, a way to-- protect their information from the U.S. intelligence community's view.

John Miller: For an adversary in the intelligence game, that's a gold mine?

Rick Ledgett: It is the keys to the kingdom.

So far, none of those crucial documents have been leaked. In Hong Kong last June, Snowden claimed that exposing the secret programs of the NSA did not make him a traitor or a hero, but an American.

[Edward Snowden: The public needs to decide whether these programs or policies are right or wrong.]

Snowden who is believed to still have access to a million and a half classified documents he has not leaked. Has been granted temporary asylum in Moscow, which leaves the U.S. with few options.

John Miller: He's already said, "If I got amnesty I would come back," given the potential damage to national security, what would your thought on making a deal be?

Rick Ledgett: So, my personal view is, yes, it's worth having a conversation about. I would need assurances that the remainder of the data could be secured and my bar for those assurances would be very high. It would be more than just an assertion on his part.

John Miller: Is that a unanimous feeling?

Rick Ledgett: It's not unanimous.

Among those who think making a deal is a bad idea is Ledgett’s boss, Gen. Alexander.

Gen. Keith Alexander: This is analogous to a hostage taker taking 50 people hostage, shooting 10 and then say, "If you give me full amnesty I'll let the other 40 go." What do you do?

John Miller: It's a dilemma.

Gen. Keith Alexander: It is.

John Miller: Do you have a pick?

Gen. Keith Alexander: I do. I think people have to be held accountable for their actions.

Gen. Keith Alexander: Because what we don't want is the next person to do the same thing, race off to Hong Kong and to Moscow with another set of data knowing they can strike the same deal.

John Miller: This happened on your watch. A 20-something-year-old high school dropout contractor managed to walk out with in essence the crown jewels. Did you offer to resign about the Snowden incident?

Gen. Keith Alexander: Yes.

John Miller: The secretary of Defense, the director of National Intelligence, what did they say?

Gen. Keith Alexander: Well, I offered to resign. And they said, "We don't see a reason that you should resign. We haven't found anybody there doing anything wrong. In fact, this could have happened to anybody in the community. And we don't need you to resign. We need you and deputy director to help work your way through is," which is what we're doing. We'll do everything we can to fix it.

Besides Edward Snowden, Gen. Alexander has growing concerns about a number of increasing threats to the United States, and the NSA's ability to stop them. That part of the story when we come back.

The Snowden Affair

Inside the NSA, where getting hired requires swearing an oath to your country and signing a vow of secrecy under the penalty of law, the very concept of what Edward Snowden did was hard for many to grasp. Gen. Keith Alexander felt he had a big stake in understanding Snowden, so he and Rick Ledgett who runs the Snowden task force got on a plane to Hawaii. They wanted to see the scene of the crime, Edward Snowden's desk.

 

 John Miller: Did you sit in his chair?

Rick Ledgett: I did not. I couldn’t bring myself to do that.

For Ledgett, the trip was important to understanding who Snowden was, and going back through the bits and the bytes, they discovered the first secrets Snowden stole, was how to cheat on a test to get a job at the agency. 

Rick Ledgett: He was taking a technical examination for potential employment at NSA; he used his system administrator privileges to go into the account of the NSA employee who was administering that test, and he took both questions and the answers, and used them to pass the test.

At home, they discovered Snowden had some strange habits.

Rick Ledgett: He would work on the computer with a hood that covered the computer screen and covered his head and shoulders, so that he could work and his girlfriend couldn't see what he was doing.

John Miller: That's pretty strange, sitting at your computer kind of covered by a sheet over your head and the screen?

Rick Ledgett: Agreed.

We also learned for the first time, that part of the damage assessment considered the possibility that Snowden could have left a bug or virus behind on the NSA’s system, like a time bomb. 

Rick Ledgett: So, all the machines that he had access to we removed from our classified network. All the machines in the unclassified network and including the actual cables that connect those machines, we removed as well.

John Miller: This has to have cost millions and millions of dollars.

Rick Ledgett: Tens of millions. Yes.

While Edward Snowden's leaks have been a disaster for the agency, the rest of the NSA’s mission has not slowed down.

[Meanwhile, the Pakistani government has asked the US government to relook its drone policy.]

Twice a week, under the dim blue lights of the NSA’s operations center, the director is given a briefing.

[Sir, we added three new hostage cases this week.]

With his deputy, Chris Inglis, Gen. Alexander listens to a rundown of global issues and international crisis the NSA may be asked to collect intelligence on.

[Sir, moving to Afghanistan.]

The meeting is called the stand-up because no one sits down, which is almost a metaphor for the pace of daily life in the NSA operations center. Howie Larrabee is the center’s director.

Howie Larrabee: This is a 24/7 operation center. We haven’t had a day off. We haven’t had a Christmas off. And we haven’t had a major snowstorm off in more than 40 years.

While the operation’s center grapples with terrorist plots and war zones, another team of analysts is monitoring what the agency says is the rising threat of a cyber attack that could take down anything from the power grid to Wall Street.

"This is a 24/7 operation center. We haven’t had a day off. We haven’t had a Christmas off. And we haven’t had a major snowstorm off in more than 40 years."

John Miller: Could a foreign country tomorrow topple our financial system?

Gen. Keith Alexander: I believe that a foreign nation could impact and destroy major portions of our financial system, yes.

John Miller: How much of it could we stop?

Gen. Keith Alexander: Well, right now it would be difficult to stop it because our ability to see it is limited.

One they did see coming was called the BIOS Plot. It could have been catastrophic for the United States. While the NSA would not name the country behind it, cyber security experts briefed on the operation told us it was China. Debora Plunkett directs cyber defense for the NSA and for the first time, discusses the agency’s role in discovering the plot.

Debora Plunkett: One of our analysts actually saw that the nation state had the intention to develop and to deliver, to actually use this capability-- to destroy computers.

John Miller: To destroy computers.

Debora Plunkett: To destroy computers. So the BIOS is a basic input, output system. It's, like, the foundational component firmware of a computer. You start your computer up. The BIOS kicks in. It activates hardware. It activates the operating system. It turns on the computer.

This is the BIOS system which starts most computers. The attack would have been disguised as a request for a software update. If the user agreed, the virus would’ve infected the computer.

John Miller: So, this basically would have gone into the system that starts up the computer, runs the systems, tells it what to do.

Debora Plunkett: That's right.

John Miller: --and basically turned it into a cinderblock.

Debora Plunkett: A brick.

John Miller: And after that, there wouldn't be much you could do with that computer.

Debora Plunkett: That's right. Think about the impact of that across the entire globe. It could literally take down the U.S. economy.

John Miller: I don't mean to be flip about this. But it has a kind of a little Dr. Evil quality-- to it that, "I'm going to develop a program that can destroy every computer in the world." It sounds almost unbelievable.

Debora Plunkett: Don't be fooled. There are absolutely nation states who have the capability and the intentions to do just that.

John Miller: And based on what you learned here at NSA. Would it have worked?

Debora Plunkett: We believe it would have. Yes.

John Miller: Is this anything that's been talked about publicly before?

Debora Plunkett: No, not-- not to this extent. This is the first time.

The NSA working with computer manufacturers was able to close this vulnerability, but they say there are other attacks occurring daily. So the NSA has hired 3,000 young analysts as part of cyberdefense. 

Three of those analysts Morgan, Charles and Natalie describe to us how country's like China, Russia and Iran use social engineering to get inside a network.

John Miller: They're looking for a disguise to get in?

Charles: Exactly, yes.

John Miller: And at what point will they ask the question that will cause the adversary to hand over that vulnerability?

Morgan: So if I want to craft a social engineering message to lure you in so that I could potentially steal your username and password to gain access to a network, I may go on your Facebook page and see if you like golfing. So if you like golfing, then maybe I'm gonna send you a email about-- you know, a sale at a big golf retailer near you.

John Miller: So you're trying to develop that little box that's irresistible--

Voices: Correct, Uh-huh.

John Miller: --that the person has to click on and open, because--

Morgan: They'll take, yeah.

John Miller: --they need to see what's inside?

Morgan: Right.

John Miller: And that is going to let loose all the gremlins that are going to take over whatever they're capable of taking over.

Morgan: Yeah, that's their door in.

Charles: The other real trick is, it's not necessarily one email. It could be 50 emails. In the new cyber paradigm, you can fail 50 times. You can ignore 50 emails. But if that 51st one is clicked, then that's it. Game over.

But before computers, before phones, there were codes. The NSA was born out of the codebreakers of World War II. And even today, the most secret room inside the most secret building at the NSA is called the black chamber. This is where the nation’s top codebreakers work. We were able to look inside, but for obvious reasons, the NSA asked us not to show the people who worked there.

NSABlackChamberForEmbed.jpg
The Black Chamber
CBS News
 Outside the black chamber is this ordinary-looking file cabinet. But it can only be opened with a code known by a handful of people.  Bob, who watches over it, explains it holds the records of every code America has broken over the last 60 years.

John Miller: If I was Russia, China, Iran, North Korea, would I want what was inside there? 

Bob: You would be greatly interested in what’s in this box.

Bob: This would be the ark of the covenant.

When you walk around the NSA research building, where the codebreakers work, you see some very young people. And very smart people.

John Miller: How long would it take you to do this? 

Joe: About a minute.

John Miller: Are you serious?

Joe: Yeah

John Miller: Go.

Many of the cryptologists skipped grades in school, earned masters degrees and PhDs and look more like they belong on a college campus than at the NSA.

Actually, the Rubik’s cube took him one minute and 35 seconds.

John Miller: You know, I didn't like you before.

For this group, the Rubik’s cube was the easiest problem that day.

Joslyn: So the idea here is we’re looking at a sequence of numbers, and we want to determine whether they’re random or not random.

John Miller:  How are you approaching that? Can you show me?

Joe: We are looking at this data here and it is a bunch of random numbers on the screen.

John Miller: That looks a tad overwhelming.

Joe:  It is.

John Miller: Can you actually imagine solving this?

Joe: We solve hard problem all the time.

John Miller: Is there an unbreakable code?

Chris Inglis: Theoretically, yes. There’s always been an unbreakable code.

Chris Inglis is the former deputy director of the NSA. Among the areas he supervised, are the codebreakers. He says each summer 10,000 high school students apply for a few openings.

Chris Inglis: We clear them fully. We give them full access to our problems. We give them problems that we could not solve. And they solve some number of those problems. The principle reason being that they bring a different perspective and audacity to it that we hadn’t thought about in all the years of experience that we’ve brought to bear.

John Miller: So you’ve had occasions where you’ve given a difficult problem to a high school kid with a top-secret clearance whose come back and said “hey, I think I got this one?”

Chris Inglis: For any given summer that’s more often the rule than the exception. We’re always pleasantly surprised.

While high school kids on summer break may be cracking secret codes, this is still a spy agency that steals secrets, reads emails and listens to foreign leader’s phone calls.

Among the Snowden leaks, perhaps the most embarrassing for the White House was that the NSA monitored some of German Chancellor Angela Merkel’s cell phone calls.  But Gen. Alexander says the NSA doesn’t choose who to spy on. They target the subjects and the countries that other U.S. agencies including the State Department ask for intelligence on. 

Gen. Keith Alexander: That's one of the ones that the White House and I think our principals are looking at. What is the appropriate measures? What should we do? And what are we gonna stop doing? From my perspective when we look at that it has to be both ways. Our country and their country has to come to an agreement to do the same. It can't be--

John Miller: Well--

Gen. Keith Alexander: --either way.

John Miller: --does that mean that we'll just agree to stop spying on everybody including our friends if they all agree to stop spying on everybody including us?

Gen. Keith Alexander: Well, I think that's gotta be part of the negotiation. And I think that's fraught with concern. What do you mean by--

John Miller: Do you think--

Gen. Keith Alexander: --"stop spying"?

John Miller: --Chancellor Merkel hears President Obama's calls?

Gen. Keith Alexander: Well, I don't know. But I know they have a great intelligence capability and that they collect foreign intelligence just like we do.

This week, the CEOs of eight major Internet providers including Google, Apple and Yahoo asked the president for new limits to be placed on the NSA’s ability to collect personal information from their users.

John Miller: One of the Snowden leaks involved the concept that NSA had tunneled into the foreign data centers of major U.S. Internet providers. Did the leak describe it the right way?

Gen. Keith Alexander: No, that's not correct. We do target terrorist communications. And terrorists use communications from Google, from Yahoo, and from other service providers. So our objective is to collect those communications no matter where they are.

But we're not going into a facility or targeting Google as an entity or Yahoo has an entity. But we will collect those communications of terrorists that flow on that network.

Sources tell 60 Minutes the president’s intelligence review panel will recommend new limits on bulk collection of U.S. phone records which concerns Gen. Alexander.

John Miller: After all of this controversy, you could come out of this with less authority than you went into it. What does that say?

Gen. Keith Alexander: Well, my concern on that is specially what's going on in the Middle East, what you see going on in Syria, what we see going on-- Egypt, Libya, Iraq, it's much more unstable, the probability that a terrorist attack will occur is going up. And this is precisely the time that we should not step back from the tools that we've given our analysts to detect these types of attacks.

  • John Miller

    John Miller is a senior correspondent for CBS News, with extensive experience in intelligence, law enforcement and journalism, including stints in the Office of the Director of National Intelligence and the FBI.

60 Minutes App

New Look. New Season. The 60 Minutes app for iPad, iPhone and iPod Touch!

More from 60 Minutes

Comments