Data Intercept Technology Unit

Last updated

The Data Intercept Technology Unit (DITU, pronounced DEE-too) is a unit of the Federal Bureau of Investigation (FBI) of the United States, which is responsible for intercepting telephone calls and e-mail messages of terrorists and foreign intelligence targets inside the US. It is not known when DITU was established, but the unit already existed in 1997. [1]

Contents

DITU is part of the FBI's Operational Technology Division (OTD), which is responsible for all technical intelligence collection, and is located at Marine Corps Base Quantico in Virginia, which is also the home of the FBI's training academy. OTD had organized its activities into seven regions. [2]

Internet wiretapping

Interception at Internet service providers

In the late 1990s, DITU managed an FBI program codenamed Omnivore, which was established in 1997. This program was able to capture the e-mail messages of a specific target from the e-mail traffic that travelled through the network of an Internet service provider (ISP). The e-mail that was filtered out could be saved on a tape-backup drive or printed in real-time. [3]

In 1999, Omnivore was replaced by three new tools from the DragonWare Suite: Carnivore, Packeteer and CoolMiner. [3] [4] Carnivore consisted of Microsoft workstations with packet-sniffing software which were physically installed at an Internet service provider (ISP) or other location where it can "sniff" traffic on a LAN segment to look for email messages in transit. Between 1998 and 2000 Carnivore was used about 25 times. [3]

By 2005, Carnivore had been replaced by commercial software such as NarusInsight. [5] A report in 2007 described this successor system as being located "inside an Internet provider's network at the junction point of a router or network switch" and capable of indiscriminately storing data flowing through the provider's network. [6]

The raw data collected by these systems are decoded and put together by a tool called Packeteer and these can be viewed by using a custom made software interface called CoolMiner. FBI field offices have CoolMiner workstations that can access the collected data which are stored at the Storage Area Network (SAN) of one of the seven DITU regions.[ citation needed ] [7]

In August 2013, CNet reported that DITU helped developing custom "port reader" software that enables the FBI to collect metadata from internet traffic in real time. This software copies the internet communications as they flow through a network and then extracts only the requested metadata. The CNet report says that the FBI is quietly pressing telecom carriers and Internet service providers to install this software onto their networks, so it can be used in cases where the carriers' own lawful interception equipment cannot fully provide the data the Bureau is looking for. [8]

According to the FBI, the Patriot Act from 2001 authorizes the collection of internet metadata without a specific warrant, but it can also be done with a pen register and trap and trace order, for which it is only required that the results will likely be "relevant" to an investigation. A specific warrant is needed though for the interception of the content of internet communications (like e-mail bodies, chat messages and streaming voice and video) both for criminal investigations and for those under the Foreign Intelligence Surveillance Act. [8]

Assisting NSA collection

Slide about NSA's PRISM program which mentions the role of DITU in collecting the data Prism-slide-6.jpg
Slide about NSA's PRISM program which mentions the role of DITU in collecting the data

Since the NSA set up the PRISM program in 2007, it is DITU that actually picks up the data at the various internet companies, like Facebook, Microsoft, Google and Yahoo, before passing them on to the NSA for further processing, analysing and storing. [9]

DITU also works closely with the three biggest American telecommunications providers (AT&T, Verizon, and Sprint) to "ensure its ability to intercept the telephone and Internet communications of its domestic targets, as well as the NSA's ability to intercept electronic communications transiting through the United States on fiber-optic cables". [4]

The latter is probably related to the NSA's collection of domestic telephony metadata, for which the FBI petitioned the Foreign Intelligence Surveillance Court to order the biggest American telecommunication carriers, like for example Verizon Business Network Services, to hand over all the call records of their customers to the NSA. [4]

An NSA document disclosed by the Snowden leaks gives the example of DITU "working with Microsoft to understand an additional feature in Outlook.com which allows users to create email aliases, which may affect our tasking processes." [10]

See also

Related Research Articles

Wiretapping, also known as wire tapping or telephone tapping, is the monitoring of telephone and Internet-based conversations by a third party, often by covert means. The wire tap received its name because, historically, the monitoring connection was an actual electrical tap on an analog telephone or telegraph line. Legal wiretapping by a government agency is also called lawful interception. Passive wiretapping monitors or records the traffic, while active wiretapping alters or otherwise affects it.

Computer and network surveillance is the monitoring of computer activity and data stored locally on a computer or data being transferred over computer networks such as the Internet. This monitoring is often carried out covertly and may be completed by governments, corporations, criminal organizations, or individuals. It may or may not be legal and may or may not require authorization from a court or other independent government agencies. Computer and network surveillance programs are widespread today and almost all Internet traffic can be monitored.

<span class="mw-page-title-main">Mass surveillance</span> Intricate surveillance of an entire or a substantial fraction of a population

Mass surveillance is the intricate surveillance of an entire or a substantial fraction of a population in order to monitor that group of citizens. The surveillance is often carried out by local and federal governments or governmental organizations, but it may also be carried out by corporations. Depending on each nation's laws and judicial systems, the legality of and the permission required to engage in mass surveillance varies. It is the single most indicative distinguishing trait of totalitarian regimes. It is often distinguished from targeted surveillance.

The Communications Assistance for Law Enforcement Act (CALEA), also known as the "Digital Telephony Act," is a United States wiretapping law passed in 1994, during the presidency of Bill Clinton.

<span class="mw-page-title-main">Carnivore (software)</span> Electronic communication monitor used by the FBI

Carnivore, later renamed DCS1000, was a system implemented by the Federal Bureau of Investigation (FBI) that was designed to monitor email and electronic communications. It used a customizable packet sniffer that could monitor all of a target user's Internet traffic. Carnivore was implemented in October 1997. By 2005 it had been replaced with improved commercial software.

Lawful interception (LI) refers to the facilities in telecommunications and telephone networks that allow law enforcement agencies with court orders or other legal authorization to selectively wiretap individual subscribers. Most countries require licensed telecommunications operators to provide their networks with Legal Interception gateways and nodes for the interception of communications. The interfaces of these gateways have been standardized by telecommunication standardization organizations. As with many law enforcement tools, LI systems may be subverted for illicit purposes.

The System for Operative Investigative Activities is the technical specification for lawful interception interfaces of telecommunications and telephone networks operating in Russia. The current form of the specification enables the targeted surveillance of both telephone and Internet communications. Initially implemented in 1995 to allow access to surveillance data for the FSB, in subsequent years the access has been widened to other law enforcement agencies.

<span class="mw-page-title-main">MAINWAY</span> NSA database of US telephone calls

MAINWAY is a database maintained by the United States' National Security Agency (NSA) containing metadata for hundreds of billions of telephone calls made through the largest telephone carriers in the United States, including AT&T, Verizon, and T-Mobile.

<span class="mw-page-title-main">Digital Collection System Network</span>

The Digital Collection System Network (DCSNet) is the Federal Bureau of Investigation (FBI)'s point-and-click surveillance system that can perform instant wiretaps on almost any telecommunications device in the United States.

<span class="mw-page-title-main">Stellar Wind</span> Warrantless surveillance program of the NSA in the United States

"Stellar Wind" was the code name of a warrantless surveillance program begun under the George W. Bush administration's President's Surveillance Program (PSP). The National Security Agency (NSA) program was approved by President Bush shortly after the September 11, 2001 attacks and was revealed by Thomas Tamm to The New York Times in 2004. Stellar Wind was a prelude to new legal structures that allowed President Bush and President Barack Obama to reproduce each of those programs and expand their reach.

<span class="mw-page-title-main">Tailored Access Operations</span> Unit of the U.S. National Security Agency

The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997, but was not named or structured as TAO until "the last days of 2000," according to General Michael Hayden.

<span class="mw-page-title-main">PRISM</span> Mass surveillance program run by the NSA

PRISM is a code name for a program under which the United States National Security Agency (NSA) collects internet communications from various U.S. internet companies. The program is also known by the SIGAD US-984XN. PRISM collects stored internet communications based on demands made to internet companies such as Google LLC and Apple under Section 702 of the FISA Amendments Act of 2008 to turn over any data that match court-approved search terms. Among other things, the NSA can use these PRISM requests to target communications that were encrypted when they traveled across the internet backbone, to focus on stored data that telecommunication filtering systems discarded earlier, and to get data that is easier to handle.

<span class="mw-page-title-main">XKeyscore</span> Mass surveillance system

XKeyscore is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intelligence agencies, including the Australian Signals Directorate, Canada's Communications Security Establishment, New Zealand's Government Communications Security Bureau, Britain's Government Communications Headquarters, Japan's Defense Intelligence Headquarters, and Germany's Bundesnachrichtendienst.

<span class="mw-page-title-main">Mass surveillance in the United States</span>

The practice of mass surveillance in the United States dates back to wartime monitoring and censorship of international communications from, to, or which passed through the United States. After the First and Second World Wars, mass surveillance continued throughout the Cold War period, via programs such as the Black Chamber and Project SHAMROCK. The formation and growth of federal law-enforcement and intelligence agencies such as the FBI, CIA, and NSA institutionalized surveillance used to also silence political dissent, as evidenced by COINTELPRO projects which targeted various organizations and individuals. During the Civil Rights Movement era, many individuals put under surveillance orders were first labelled as integrationists, then deemed subversive, and sometimes suspected to be supportive of the communist model of the United States' rival at the time, the Soviet Union. Other targeted individuals and groups included Native American activists, African American and Chicano liberation movement activists, and anti-war protesters.

<span class="mw-page-title-main">2010s global surveillance disclosures</span> Disclosures of NSA and related global espionage

During the 2010s, international media reports revealed new operational details about the Anglophone cryptographic agencies' global surveillance of both foreign and domestic nationals. The reports mostly relate to top secret documents leaked by ex-NSA contractor Edward Snowden. The documents consist of intelligence files relating to the U.S. and other Five Eyes countries. In June 2013, the first of Snowden's documents were published, with further selected documents released to various news outlets through the year.

This is a category of disclosures related to global surveillance.

<span class="mw-page-title-main">Global surveillance</span> Mass surveillance across national borders

Global mass surveillance can be defined as the mass surveillance of entire populations across national borders.

<span class="mw-page-title-main">Timeline of global surveillance disclosures (2013–present)</span>

This timeline of global surveillance disclosures from 2013 to the present day is a chronological list of the global surveillance disclosures that began in 2013. The disclosures have been largely instigated by revelations from the former American National Security Agency contractor Edward Snowden.

<span class="mw-page-title-main">Cellphone surveillance</span> Interception of mobile phone activity

Cellphone surveillance may involve tracking, bugging, monitoring, eavesdropping, and recording conversations and text messages on mobile phones. It also encompasses the monitoring of people's movements, which can be tracked using mobile phone signals when phones are turned on.

References

  1. "Going for the throat: Carnivore in an Echelon World - Part I" (PDF). Archived from the original (PDF) on 2016-08-04. Retrieved 2014-07-13.
  2. "Operational Technology". Federal Bureau of Investigation. Retrieved 2022-03-12.
  3. 1 2 3 "Internet Wiretapping – Government and Law Enforcement Use" (PDF). Archived from the original (PDF) on 2014-07-26. Retrieved 2014-07-16.
  4. 1 2 3 Shane Harris, "Meet the Spies Doing the NSA's Dirty Work", Foreign Policy, November 21, 2013
  5. "FBI Ditches Carnivore Surveillance System". Foxnews.com. Associated Press. 2005-01-18. Retrieved 2008-10-29.
  6. "FBI turns to broad new wiretap method". CNET News. January 30, 2007.
  7. "fbi-spy-letf" (PDF).
  8. 1 2 Declan McCullagh, "FBI pressures Internet providers to install surveillance software", CNet, August 2, 2013
  9. Clark, Gerard J. (2014). "the constitutional protection of information in a digital age" (PDF). Suffolk UL Rev. 47.
  10. Glenn Greenwald, Ewen MacAskill, Laura Poitras, Spencer Ackerman, and Dominic Rushe, "Microsoft handed the NSA access to encrypted messages", The Guardian, July 12, 2013