First, some housekeeping chores: After you read this piece, please check out the remarkable revelation in the preceding article about the death of Michael Hastings. The story below that
introduces the important topic of "GC-Wiki," which is the topic of our current investigation. Since the piece you are about to read contains actual original research
) on an important topic, I hope that you, gentle reader, can help publicize this post.
Sadly, publishing this research means delaying two very interesting articles on Larry Summers and Princess Di. All of that material will appear soon. I hope. (Apologies to readers D and B, who helped me with those stories.)
Are we going to get to that original research now? Nope. First, a recap.
On the 22nd, the Independent published a piece
about the NSA's ability to tap into undersea cables in the Middle East. The opening paragraphs suggested, but did not state, that the information came from NSA whistleblower Ed Snowden. Snowden responded angrily, claiming that he has never spoken to anyone from the Independent. Moreover, none of his stories have compromised operations in the Middle East.
(Nevertheless, many articles -- including this one from UPI
-- have falsely claimed that Snowden was the source for the Independent's reportage.)
Those (few) who read deeply into the Independent's story learned that their writers got their information about undersea cables from a secret "spooks only" website called GC-Wiki. The "GC" is short for GCHQ, which is the British equivalent of the NSA. (The NSA and GCHQ have worked very closely together for many years.) The Independent then offered, en passant
, a bombshell revelation: That Ed Snowden got a treasure trove of documents from GC-Wiki.
Information about the project was contained in 50,000 GCHQ documents that Mr Snowden downloaded during 2012. Many of them came from an internal Wikipedia-style information site called GC-Wiki. Unlike the public Wikipedia, GCHQ’s wiki was generally classified Top Secret or above.
I still don't understand how the Independent knew
that about Snowden. But Snowden did not deny that claim; he simply denied working with the Independent.
The Independent story marked the very first mention of GC-Wiki anywhere in the "normal" online universe. Literally within minutes of the appearance of that story, a Wikipedia editor named Gareth Kegg
put up a new entry devoted to GC-Wiki. (Thanks, B, for your help here.)
And yet it appears that certain journalists have known all about GC-Wiki for some time.
In an earlier stage of the Snowden controversy, I directed your attention to a little-noticed mystery
. The Washington Post and the Guardian published what purported to be the same image from the same pdf report on the now-infamous NSA operation known as Prism. Thanks to the Independent, we now know that Snowden downloaded this material from GC-Wiki. (Apparently, the NYT
is now going to have access to this same cache.)
But there was an odd discrepancy, first noted by Cryptome. The two images -- one published in the Washington Post, one published by the Guardian -- were not the same. And based on the Independent's revelations, the difference now seems crucial.
Let's take a close look at those images again -- and remember, these are supposed to be the same
I think you should have no problem spotting the difference. The WP image has been re-drawn to convey the impression that the NSA is tapping into cables solely within America's territorial waters. The Guardian image -- surely the original version, probably taken from GC-Wiki -- indicates that British and US spooks have tapped into cables all over the world
We can play a subtler game of "spot the difference" if we take a closer look at the Independent story.
One of the areas of concern in Whitehall is that details of the Middle East spying base which could identify its location could enter the public domain.
We are, in fact, going to identify the location of that secret base in this very post. Keep reading.
But first things first...
The data-gathering operation is part of a £1bn internet project still being assembled by GCHQ. It is part of the surveillance and monitoring system, code-named “Tempora”, whose wider aim is the global interception of digital communications, such as emails and text messages.
This is not the first mention of Tempora. As many of you already know, there was a flurry of Tempora stories toward the end of June. But these stories indicated that the Tempora project was restricted to the interception of cable traffic in and around the UK. See, for example, this piece
and this article
in the Atlantic. (Actually, the latter article indicates that cable interception is global, but does not specify the Middle East.)
I would also note that both President Obama and the New York Times have denounced Ed Snowden as a "hacker." Previously, I couldn't understand what Obama was talking about, since hacking played no role in any of the Guardian stories. However, now that we know that Snowden's documents came from GC-Wiki, we may surmise that he may not have had authorization to download them.
So why has everyone -- including Snowden! -- been so desperate to cover up the Middle East surveillance operation?
Hypocrisy plays a certain role here. Americans want
the NSA to spy on that part of the world. We just don't want the NSA to read our
But I suspect that a deeper reason has to do with the "cable cut" mystery of 2008, a once-hot controversy which everyone now seems to have forgotten.
I find it curious that the average person can read these words...
The station is able to tap into and extract data from the underwater fibre-optic cables passing through the region
...without asking how
the NSA (or GCHQ) gained access to cables placed under the sea. Let's have another look at our "cable cut" post from 2008
The "cable cut" mystery -- the strange destruction of undersea cables carrying internet traffic in the Middle East -- cannot be ignored. We now have a fifth incident.
Quoting TeleGeography and describing the effect the cuts had on the Internet world, Mahesh Jaishanker, executive director, Business Development and Marketing, du, said, “The submarine cable cuts in FLAG Europe-Asia cable 8.3km away from Alexandria, Egypt and SeaMeWe-4 affected at least 60 million users in India, 12 million in Pakistan, six million in Egypt and 4.7 million in Saudi Arabia.”
James Bond used to say that "three times is enemy action." What would he say about five incidents?
A total of five cables being operated by two submarine cable operators have been damaged with a fault in each.
These are SeaMeWe-4 (South East Asia-Middle East-Western Europe-4) near Penang, Malaysia, the FLAG Europe-Asia near Alexandria, FLAG near the Dubai coast, FALCON near Bandar Abbas in Iran and SeaMeWe-4, also near Alexandria.
My instincts tell me that the purpose of inflicting this kind of damage would be to have the "right" people conduct the repair operations. The NSA may find it a whole lot easier to tap into the data stream once the patch job is complete.
Looks like my instincts may have been right. Of course, the repair crew may have come from GCHQ, not the NSA -- but the basic operation comes to the same thing.
There's another reason why everyone (including Snowden) has been so hesitant to talk about surveillance operations in the Middle East: The Israeli connection.
(Everyone is afraid to talk about the Israelis -- except, as we shall see, the French.)
The Independent says "Britain runs a secret internet-monitoring station in the Middle East..." yet refuses to identify the location. In fact, we are told that the British government is desperate to keep the location secret.
Naturally, my first suspicions ran toward Unit 8200, Israel's much-vaunted version of the NSA.
My research suggests that this secret "station" is located within the Urim SIGINT base run by Unit 8200. From Wikipedia
Urim is located in the Negev desert approximately 30km from Beersheba, a couple of kilometres north of the kibbutz of Urim. Until articles were published about the base in 2010, it was not known to the outside world.
The directions given above are not quite correct. If you look up Urim, Israel, on Google Earth, you will easily find the "secret" base -- replete with an impressive array of Satellite dishes -- roughly 2 km east
of the kibbutz.
The following comes from Wikipedia (with emphasis added by me):
Created decades ago to monitor Intelsat satellites that relay international telephone calls, Urim was expanded to cover maritime communications (Inmarsat), and kept being expanded to intercept the signal communications of ever more communications satellites. Duncan Campbell, an intelligence specialist speculated that Urim is "akin to the UK-USA pact's Echelon satellite interception ground stations." The Echelon system was set up by the United States, Britain, Canada, Australia and New Zealand as a global network of signal interception stations.
The reference to "Inmarsat" probably refers to the International Mobile Satellite Organization. However, the hyperlink in the Wikipedia entry goes to another article on a private British
satellite company, also called Inmarsat. (It's almost as though someone at Wikipedia wanted
a guy like me to go down this very research trail.)
Here's more on Urim
, via Le Monde. Unlike the Brits and the Americans, French journalists are perfectly willing to talk about Israel's secrets:
The base, hidden until now, has rows of satellite dishes that covertly intercept phone calls, emails and other communications from the Middle East, Europe, Africa and Asia. Its antennas monitor shipping and would have spied on the aid ships in the days before they were seized...
A large circle in the farmland shows the site of a direction-finding antenna (HF/DF) for monitoring shipping.
I've noted similar circles near secret facilities in the US (as seen via Google Earth). Now we know their purpose.
The Urim base targets many nations, friend and foe. A former analyst at Unit 8200, a military service conscript, said she worked full time translating intercepted calls and emails from English and French into Hebrew. It was “interesting” work, studying routine communications to find the nuggets. Her section listened mostly to “diplomatic traffic and other off-shore [international] signals”.
And now for the "Tah-dah!"
The Urim base, said our sources, is the centre of a spying network that taps undersea cables (notably Mediterranean cables linking Israel to Europe via Sicily) and has covert listening posts in Israeli embassy buildings abroad.
think that Urim hosts the super-secret GCHQ/NSA listening post mentioned in the Independent report? I do.