Read Body of Secrets: Anatomy of the Ultra-Secret National Security Agency Online
Authors: James Bamford
Tags: #United States, #20th Century, #History
At one
point, such operations possibly saved the life of Lieutenant General Creighton
W. Abrams, the deputy chief of the U.S. military command in Vietnam. As Abrams
was about to board a helicopter on a flight north from Saigon to Phu Bai near
Hue, the details of the mission, including the time, altitude, and route, and
the names of the passengers, were transmitted in the clear. Comsec monitors
overheard the transmission and reported it immediately. As a result, the flight
plan was changed. North Vietnamese intercept operators also overheard the
transmission. Although Abrams flew by a different route, one of the other
helicopters scheduled to make the trip was not told of the change. As a result,
"it was shot at the whole way from Saigon to Phu Bai—an unusual effort by
the VC who did not usually shoot at helicopters on such flights," said an
NSA report on the incident. "This I believe was a certain example of enemy
Sigint use."
North
Vietnamese Sigint experts were also able to pass false and deceptive
information over U.S. communications links and at other times were able to
trick American personnel into passing sensitive information to them over the
phone. NSA called such "imitative communications deception (ICD)" the
"capstone of the enemy's Sigint operations." During one period, at
least eight American helicopters were downed as a result of ICD.
At the
U.S. air base in Da Nang, a Vietcong guerrilla killed an American base guard
and then picked up his phone. Speaking English, he announced that the far end
of the base was being attacked. When the guards rushed off to the far end of
the field, the Vietcong attacked with little resistance. The damage to the base
and its planes was estimated to be around $15 million. The incident could have
been prevented if the guards had simply used a proper authentication system.
At another
point, guerrillas were able to lure American helicopters into a trap by
breaking into their frequencies, using correct call signs, and then directing
the choppers to a landing spot where they were ambushed. There were also
numerous times in which American air and artillery strikes were deliberately
misdirected to bomb or fire on friendly positions. At other times, the
guerrillas were able to halt attacks by giving false cease-fire orders.
Even the
best NSA encryption systems then available were potentially vulnerable. These
included the KY-8 for secure voice communications and the KW-7 for highly
sensitive written messages. "All of our primary operational communications
were passed on KW-7 secured circuits," one U.S. commander in Vietnam told
NSA. "Thus, for the more important traffic, we had good security."
But both
the KW-7 and the KY-8 were captured by North Korea and turned over to Russia in
1968, and for years, until long after the Vietnam War ended, the Soviets were
also getting up-to-date keylists for the machines from the Walker spy ring.
This has led to speculation that the Soviets passed some of this information to
the North Vietnamese.
Former KGB
Major General Boris A. Solomatin, chief of station at the Soviet Embassy in
Washington from 1965 to 1968, denies that Walker contributed to America's
defeat: "Walker is not responsible for your failures in bombing in North
Vietnam." Solomatin, who retired from the KGB and still lives in Moscow,
added, "If you decide that the information from Walker was not handed over
to the North Vietnamese or our other allies, you will be making the correct
one."
But
Solomatin's deputy at the time, KGB Major General Oleg Kalugin, who defected to
the United States and now lives in Washington, disagrees. Although the machines
and their keylists were considered far too sensitive to turn over to the North
Vietnamese, the Russians certainly helped the North Vietnamese whenever they
could. "We certainly provided the Vietnamese with some of the product we
had obtained through John Walker, and ultimately with the
Pueblo's
stuff
we had from the North Koreans," said Kalugin. "The Soviet military
were . . . quite involved in Vietnam. Not only in terms of providing military
equipment, hardware and weapons, but also in helping the Vietnamese to conduct
military operations, and to brief them on certain issues which the Soviets thought
would have winning implications for the Vietnamese side." Kalugin added,
"By providing the intelligence we had obtained . . . I'm sure we would
help the Vietnamese. I'm sure we did."
The
Soviets also provided help in other ways. On June 18, 1965, on a runway on
Guam, twenty-seven Strategic Air Command B-52 bombers lined up like a rehearsal
for doomsday. They were a fearsome sight: planes as long as sixteen-story
buildings, their swept-back, fuel-laden wings spanning more than half the
length of a football field and drooping so close to the ground that they needed
to be supported by bicycle-like outriggers. Weighing them down were eight Pratt
& Whitney J-57 turbojets capable of generating more than 100,000 pounds of
earth-shaking thrust. Their cavernous bomb bays were roomy enough to house
limousine-size nuclear bombs.
In the
cockpit of the lead aircraft, the gloved right hand of the pilot grasped the
eight throttles, one for each engine. Slowly, in a single motion, he shoved
them forward, hurling the mighty machine ever faster down the runway. Seconds
later the plane lifted into the sky from Anderson Air Force Base, bearing
fifty-one conventional bombs totaling sixteen tons. More than two dozen
Stratofortresses followed, flying to a point over the measureless Pacific Ocean
where they rendezvoused with a fleet of KG-135 tankers. There, through long
steel straws, they took in fuel at 6,000 pounds a minute while performing a
delicate ballet five miles above the sea at 300 miles an hour.
Codenamed
Operation Arc Light, their mission was to lay waste South Vietnam—the country
the U.S. was trying to save. The targets were Vietcong guerrilla bases, which
were to be bombed back into the days of flint and stone axes. Launched on their
nonstop, 5,000-mile round-trip missions, the B-52s cratered the South
Vietnamese countryside like the face of the moon. Twelve hours after taking
off, they would land back on Guam. Month after month, 8,000 tons of iron rain
fell on South Vietnam, spreading death, dismemberment, and destruction on whomever
and whatever it touched. An average of 400 pounds of TNT exploded somewhere in
the small country every second of every hour for months on end.
As
preparations got under way days in advance for each mission, a growing cloud of
electrons would form over Guam. Messages would have to go out requisitioning
new bomb fuses and brake pads, target recommendations would flow back and
forth, authorizations and go orders would be transmitted. The volume of signals
would increase every day, like a bell curve.
Shortly
after the Tonkin Gulf Resolution was passed, a Soviet trawler, the
Izmeritel,
took up residence three miles off Apra, Guam's major harbor. Like a seagull
hovering around a fish factory, the antenna-covered Sigint boat was scavenging
for signals. With the start of the Arc Light missions, the feeding became a
frenzy. Guam served as a key communications center for many of the Navy's
operations in Southeast Asia, and during the early part of the war was the only
staging area for B-52 bombing missions over Vietnam. Soon after the beginning
of Arc Light, mission planners began noticing that on many occasions the
element of surprise had been lost. It would be more than a year before they
began to understand why.
Bobbing
innocently in the waves off Apra, the
Izmeritel
was able to gain a clear
picture of launch times for the B-52s. Through traffic analysis of pre-strike
encrypted transmissions, they were able to identify alerts from the indicators
that marked Flash messages. About an hour before launch, the short-range VHF
radio network would swell with clear-text transmission by aircraft and
munitions maintenance personnel. This increased volume tipped off the Soviets
to an impending launch like a signalman waving a flag. Also, thanks to radio
talk such as "652 must be ready by 0900," they were able to identify
the launch aircraft by tail numbers and even to learn the names of the crew.
Unencrypted weather forecasts by SAC over certain areas of the Pacific gave
away the aerial refueling locations.
Similar
Sigint operations by the Vietcong in South Vietnam would reveal the target
areas. And because the B-52s carried no encryption equipment, except for the
Triton codes for nuclear authorization, all their communications were in clear
voice. Captured enemy documents included a transcript of two and a half hours
of detailed discussion of a particular planned B-52 raid, including the exact
time of the attack and the coordinates of the target.
Only after
a highly secret NSA, Air Force, and Navy investigation at Guam and other
locations was it determined how the North Vietnamese and Vietcong were able to
eliminate Arc Light's element of surprise. The probe uncovered "a number
of insecure communications practices that made vital intelligence available to
the enemy."
The NSA
was also concerned about the Soviet trawler's ability to break its codes by
discovering a "bust." Known technically as
a cipher-signal
anomaly,
this is when an electrical irregularity occurs during encryption
that "might permit an alert enemy to recover plain language or other
data," according to an NSA document. Then, as now, it is a key way to
break an otherwise unbreakable cipher.
Even
without a bust, the Soviet trawler might still be able to defeat the cipher
systems by intercepting the radiation emitted from the cryptographic equipment.
For years NSA had worried about the amount of intelligence that might be gained
by monitoring the radiation emitted by sensitive communications and encryption
equipment—even by power cords. Through careful analysis, these radiated signals
might reveal the contents of a secret message as it was being typed on a cipher
machine—that is, before it was encrypted. Likewise, an incoming message might
be detected as it was being printed out, and thus at a time when its protective
ciphers have been stripped away. To help eliminate or at least decrease this
radiation, the agency has long had a program known as "Tempest testing."
An NSA
team was flown to Guam and put aboard the USS
Charles Kerry,
a
destroyer, which was then positioned near the
Izmeritel.
Working inside
a cramped Sigint van, the intercept operators began testing the electronic
environment to determine just what the Soviet trawler was capable of hearing.
Then the destroyer moved to other locations, eventually working its way around
the island, staying three miles offshore. During the course of the test, the
NSA team obtained over 77,000 feet of magnetic tape recordings. Happily, while
in the vicinity of the Sigint trawler, the team could detect no
"compromising cipher-signal anomalies," nor any Tempest problems.
Nevertheless, at every point around the island they were able to clearly hear
Air Force ground maintenance crews. "The communications were in plain
language," said the NSA report, "and the NSA analysts could thus
predict B-52 mission launchings at least two hours prior to take-off."
After
their seagoing survey, the NSA team tested the land-based circuits and found
that signals from teletypewriters that were rapping out decrypted, highly
secret messages were leaking onto unencrypted voice channels. Thus by
intercepting and then closely analyzing the voice communications, the Soviets
might be able to read the classified messages.
As a
result of the investigation, NSA conducted several other large-scale analyses
of communications leaks. One, codenamed Purple Dragon, determined that the
North Vietnamese were learning the locations of planned strikes by several
means, among them the monitoring of unencrypted radio traffic from the fleet of
KG-135 tankers.
To many at
NSA, the results were shocking. "U.S. air strikes were of dubious success
against an enemy who mysteriously faded from target areas," said a former
NSA deputy director for communications security, Walter G. Deeley. "Ground
sweeps seldom encountered more than the aged and the very young; and Marine
amphibious forces stormed virtually deserted shores. It was apparent that the
success of the enemy in evading our forces was probably predicated on advance
knowledge of our intentions."
More
shocking, said Deeley, was the fact that even after being informed by NSA of
the devastating security lapses, the military refused to take any corrective
action. U.S. military commanders in Vietnam frequently looked down on Comsec
and paid no attention to the warnings. And communications personnel referred to
them as "buddy fuckers" because they eavesdropped on American forces.
In such cases there was little NSA could do. "Comsec monitors and analysts
had an advisory role only and no power themselves to effect changes," said
an NSA report. "For a variety of reasons commanders frequently ignored, or
read sympathetically without action, the findings of the Comsec units."
The consequences were often deadly.
One U.S.
Army commander at 1st Infantry Division headquarters was talking over his desk
phone when someone came into his office and mentioned that a specific operation
was to take place in a location "35 kilometers north of here tomorrow."
A Comsec monitor, eavesdropping on the call, heard the mention of the location
of the operation and notified the officer. But the officer never bothered to
change the plans. "On landing, the assault force met unexpectedly heavy
resistance," said an NSA report. "U.S. losses were approximately 58
men killed and 82 wounded." The ASA commander on the scene "regarded
the outcome as the results of an enemy reaction to a security breach." The
number of deaths caused by poor U.S. communications security and successful
North Vietnamese Sigint became alarming. NSA spoke of "a veritable flood
of intelligence for enemy Sigint exploitation and tactical application, a flood
that spelled defeat or losses during many U.S. combat operations."