Stellar Wind: CIA analysts didn’t use the NSA’s Spy program.

Uploaded on 2015-05-08 in NEWS-Cybersecurity News, INTELLIGENCE--USA, FREE TO VIEW

999a7aa36cab52b992c949e7e4f3fb62.jpg

A newly-released document from the Central Intelligence Agency’s (CIA) own internal watchdog found that the government’s controversial warrantless surveillance and bulk data collection program was so secretive that the agency was unable to make “full use” of its capabilities even several years after the September 11 attacks. Initially, only top-level CIA officials were cleared on its use, rather than rank-and-file "CIA analysts and targeting officers.”

STELLAR WIND, the code name for the highly secretive President’s Surveillance Program (PSP, or “The Program”), was created in the wake of the September 11 attacks. The legal justification for the PSP has changed multiple times over the years, and today it stands under the Foreign Intelligence Surveillance Act Amendments Act (FISA AA) of 2008, which remains law.

The CIA IG report writes that under the PSP, there were three "sets of data" collected.
The first set included the content of individually targeted telephone and e-mail communications. The second consisted of telephone dialing information—the date, time, and duration of calls; the telephone number of the caller; and the number receiving the call—collected in bulk. The third data set consisted of e-mail transactional data collected in bulk.

Several factors hindered the CIA in making full use of the capabilities of the PSP. Many CIA officers told us that too few CIA personnel at the working level were read into the PSP. Officials told us that CIA and targeting officers who were read in had too many competing priorities and too many other available information sources and analytic tools, many of which were more easily accessed and timely, to fully utilize the PSP. 
CIA officers also told us that the PSP would have been more fully utilized if and targeting officers had obtained a better understanding of the program's capabilities. Many CIA officers noted that there was insufficient training and legal guidance concerning the program's capabilities and the use of PSP-derived information. 
Ars Technica: http://bit.ly/1dzO2Z1

« France’s Intelligence Bill: legalising mass surveillance
Forget Hackers, The Biggest Internet Security Threat Is Closer to Home »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

RSA Conference

RSA Conference

RSA Conference conducts information security events around the globe that connect you to industry leaders and highly relevant information.

FIDO Alliance

FIDO Alliance

FIDO Alliance is a non-profit organization formed to address the lack of interoperability among strong authentication devices.

CyberScout

CyberScout

Cyberscout delivers the latest cybersecurity education, protection and resolutions services. We also provide swift incident response services around the world.

Swedish Civil Contingencies Agency (MSB)

Swedish Civil Contingencies Agency (MSB)

MSB's Information Assurance Department is responsible for supporting and coordinating work relating to Sweden's national societal information security.

Odyssey

Odyssey

Odyssey is an ISO 27001 certified, Cyber -Security, Infrastructure and Risk Management Solutions integrator and a Managed Security Services Provider.

Griffiss Institute (GI)

Griffiss Institute (GI)

GI's primary role is to advocate and facilitate the co-operation of private industry, academia, and the Air Force Research Laboratory in developing solutions to critical cyber security problems.

MagiQ Technologies

MagiQ Technologies

MagiQ produced the world’s first commercial quantum cryptography product that delivered advanced, future-proof network security.

Center for Infrastructure Assurance and Security (CIAS)

Center for Infrastructure Assurance and Security (CIAS)

CIAS is developing the world's foremost center for multidisciplinary education and development of operational capabilities in the areas of infrastructure assurance and security.

BOXX Insurance

BOXX Insurance

BOXX Insurance Inc. is a new type of insurance company for a new type of risk. Cyberboxx is the first fully-integrated cybersecurity and insurance solution for small-to-medium-sized businesses.

Cyber Security Authority (CSA) - Ghana

Cyber Security Authority (CSA) - Ghana

The Cyber Security Authority has been established to regulate cybersecurity activities in Ghana.

DigitalWell

DigitalWell

DigitalWell provide fully managed IT and communications solutions for a truly innovative end-to-end experience - for your customers and teams.

PagerDuty

PagerDuty

PagerDuty is the central nervous system for a company’s digital operations. We identify issues in real-time and bring together the right people to respond to problems faster.

Balance Theory

Balance Theory

Balance Theory provides the knowledge infrastructure and collaboration center for the cybersecurity community. A networked community to build better cybersecurity outcomes.

ArmorPoint

ArmorPoint

ArmorPoint redefines the traditional approach to cybersecurity by combining network operations, security operations, and SIEM technology in one platform.

Redefine

Redefine

Redefine are Crypto-Native, Cyber Experts, and Blockchain Believers. We are here to make Web3 anti-fragile, safe and accessible to all.

B&L PC Solutions

B&L PC Solutions

B&L PC Solutions deliver top cyber security services on Long Island and New York city to protect businesses from evolving online threats.