Saturday, August 24, 2013

GC-Wiki and the location of that secret base in the Middle East

First, some housekeeping chores: After you read this piece, please check out the remarkable revelation in the preceding article about the death of Michael Hastings. The story below that introduces the important topic of "GC-Wiki," which is the topic of our current investigation. Since the piece you are about to read contains actual original research (woo hoo!) on an important topic, I hope that you, gentle reader, can help publicize this post.

Sadly, publishing this research means delaying two very interesting articles on Larry Summers and Princess Di. All of that material will appear soon. I hope. (Apologies to readers D and B, who helped me with those stories.)

Are we going to get to that original research now? Nope. First, a recap.

On the 22nd, the Independent published a piece about the NSA's ability to tap into undersea cables in the Middle East. The opening paragraphs suggested, but did not state, that the information came from NSA whistleblower Ed Snowden. Snowden responded angrily, claiming that he has never spoken to anyone from the Independent. Moreover, none of his stories have compromised operations in the Middle East.

(Nevertheless, many articles -- including this one from UPI -- have falsely claimed that Snowden was the source for the Independent's reportage.)

Those (few) who read deeply into the Independent's story learned that their writers got their information about undersea cables from a secret "spooks only" website called GC-Wiki. The "GC" is short for GCHQ, which is the British equivalent of the NSA. (The NSA and GCHQ have worked very closely together for many years.) The Independent then offered, en passant, a bombshell revelation: That Ed Snowden got a treasure trove of documents from GC-Wiki.
Information about the project was contained in 50,000 GCHQ documents that Mr Snowden downloaded during 2012. Many of them came from an internal Wikipedia-style information site called GC-Wiki. Unlike the public Wikipedia, GCHQ’s wiki was generally classified Top Secret or above.
I still don't understand how the Independent knew that about Snowden. But Snowden did not deny that claim; he simply denied working with the Independent.

The Independent story marked the very first mention of GC-Wiki anywhere in the "normal" online universe. Literally within minutes of the appearance of that story, a Wikipedia editor named Gareth Kegg put up a new entry devoted to GC-Wiki. (Thanks, B, for your help here.)

And yet it appears that certain journalists have known all about GC-Wiki for some time.

In an earlier stage of the Snowden controversy, I directed your attention to a little-noticed mystery. The Washington Post and the Guardian published what purported to be the same image from the same pdf report on the now-infamous NSA operation known as Prism. Thanks to the Independent, we now know that Snowden downloaded this material from GC-Wiki. (Apparently, the NYT is now going to have access to this same cache.)

But there was an odd discrepancy, first noted by Cryptome. The two images -- one published in the Washington Post, one published by the Guardian -- were not the same. And based on the Independent's revelations, the difference now seems crucial.

Let's take a close look at those images again -- and remember, these are supposed to be the same image:


I think you should have no problem spotting the difference. The WP image has been re-drawn to convey the impression that the NSA is tapping into cables solely within America's territorial waters. The Guardian image -- surely the original version, probably taken from GC-Wiki -- indicates that British and US spooks have tapped into cables all over the world.

We can play a subtler game of "spot the difference" if we take a closer look at the Independent story. 
One of the areas of concern in Whitehall is that details of the Middle East spying base which could identify its location could enter the public domain.
We are, in fact, going to identify the location of that secret base in this very post. Keep reading.

But first things first...
The data-gathering operation is part of a £1bn internet project still being assembled by GCHQ. It is part of the surveillance and monitoring system, code-named “Tempora”, whose wider aim is the global interception of digital communications, such as emails and text messages.
This is not the first mention of Tempora. As many of you already know, there was a flurry of Tempora stories toward the end of June. But these stories indicated that the Tempora project was restricted to the interception of cable traffic in and around the UK. See, for example, this piece and this article in the Atlantic. (Actually, the latter article indicates that cable interception is global, but does not specify the Middle East.)

I would also note that both President Obama and the New York Times have denounced Ed Snowden as a "hacker." Previously, I couldn't understand what Obama was talking about, since hacking played no role in any of the Guardian stories. However, now that we know that Snowden's documents came from GC-Wiki, we may surmise that he may not have had authorization to download them.

So why has everyone -- including Snowden! -- been so desperate to cover up the Middle East surveillance operation?

Hypocrisy plays a certain role here. Americans want the NSA to spy on that part of the world. We just don't want the NSA to read our emails.

But I suspect that a deeper reason has to do with the "cable cut" mystery of 2008, a once-hot controversy which everyone now seems to have forgotten.

I find it curious that the average person can read these words...
The station is able to tap into and extract data from the underwater fibre-optic cables passing through the region
...without asking how the NSA (or GCHQ) gained access to cables placed under the sea. Let's have another look at our "cable cut" post from 2008:
The "cable cut" mystery -- the strange destruction of undersea cables carrying internet traffic in the Middle East -- cannot be ignored. We now have a fifth incident.
Quoting TeleGeography and describing the effect the cuts had on the Internet world, Mahesh Jaishanker, executive director, Business Development and Marketing, du, said, “The submarine cable cuts in FLAG Europe-Asia cable 8.3km away from Alexandria, Egypt and SeaMeWe-4 affected at least 60 million users in India, 12 million in Pakistan, six million in Egypt and 4.7 million in Saudi Arabia.”

A total of five cables being operated by two submarine cable operators have been damaged with a fault in each.

These are SeaMeWe-4 (South East Asia-Middle East-Western Europe-4) near Penang, Malaysia, the FLAG Europe-Asia near Alexandria, FLAG near the Dubai coast, FALCON near Bandar Abbas in Iran and SeaMeWe-4, also near Alexandria.
James Bond used to say that "three times is enemy action." What would he say about five incidents?
My instincts tell me that the purpose of inflicting this kind of damage would be to have the "right" people conduct the repair operations. The NSA may find it a whole lot easier to tap into the data stream once the patch job is complete.
Looks like my instincts may have been right. Of course, the repair crew may have come from GCHQ, not the NSA -- but the basic operation comes to the same thing.

There's another reason why everyone (including Snowden) has been so hesitant to talk about surveillance operations in the Middle East: The Israeli connection.

(Everyone is afraid to talk about the Israelis -- except, as we shall see, the French.)

The Independent says "Britain runs a secret internet-monitoring station in the Middle East..." yet refuses to identify the location. In fact, we are told that the British government is desperate to keep the location secret.

Naturally, my first suspicions ran toward Unit 8200, Israel's much-vaunted version of the NSA.

My research suggests that this secret "station" is located within the Urim SIGINT base run by Unit 8200. From Wikipedia:
Urim is located in the Negev desert approximately 30km from Beersheba, a couple of kilometres north of the kibbutz of Urim. Until articles were published about the base in 2010, it was not known to the outside world.
The directions given above are not quite correct. If you look up Urim, Israel, on Google Earth, you will easily find the "secret" base -- replete with an impressive array of Satellite dishes -- roughly 2 km east of the kibbutz.

The following comes from Wikipedia (with emphasis added by me):
Created decades ago to monitor Intelsat satellites that relay international telephone calls, Urim was expanded to cover maritime communications (Inmarsat), and kept being expanded to intercept the signal communications of ever more communications satellites. Duncan Campbell, an intelligence specialist speculated that Urim is "akin to the UK-USA pact's Echelon satellite interception ground stations."[1] The Echelon system was set up by the United States, Britain, Canada, Australia and New Zealand as a global network of signal interception stations.
The reference to "Inmarsat" probably refers to the International Mobile Satellite Organization. However, the hyperlink in the Wikipedia entry goes to another article on a private British satellite company, also called Inmarsat. (It's almost as though someone at Wikipedia wanted a guy like me to go down this very research trail.)

Here's more on Urim, via Le Monde. Unlike the Brits and the Americans, French journalists are perfectly willing to talk about Israel's secrets:
The base, hidden until now, has rows of satellite dishes that covertly intercept phone calls, emails and other communications from the Middle East, Europe, Africa and Asia. Its antennas monitor shipping and would have spied on the aid ships in the days before they were seized...
A large circle in the farmland shows the site of a direction-finding antenna (HF/DF) for monitoring shipping.
I've noted similar circles near secret facilities in the US (as seen via Google Earth). Now we know their purpose.
The Urim base targets many nations, friend and foe. A former analyst at Unit 8200, a military service conscript, said she worked full time translating intercepted calls and emails from English and French into Hebrew. It was “interesting” work, studying routine communications to find the nuggets. Her section listened mostly to “diplomatic traffic and other off-shore [international] signals”.
And now for the "Tah-dah!" moment...
The Urim base, said our sources, is the centre of a spying network that taps undersea cables (notably Mediterranean cables linking Israel to Europe via Sicily) and has covert listening posts in Israeli embassy buildings abroad.
Do you think that Urim hosts the super-secret GCHQ/NSA listening post mentioned in the Independent report? I do.

7 comments:

Anonymous said...

http://cannonfire.blogspot.com/2013/06/sick-think-and-ed-snowden.html

Joseph. Nice work. Still suspicious about Snowden?

Mossad---'natch

Ben

Stephen Morgan said...

Isn't it meant to be a GCHQ base? I would expect it to be the old SIGINT station in Cyprus, whence was broadcast the old Lincolnshire Poacher numbers station. The cables go through Cyprus, you say, after all.

I assume the upcoming stories about Summers and Lady Di are about the Endgame memo and the wholly disreputable claims of "Soldier N".

Michael said...

I'm a bit confused about this GC-Wiki thing.

Is it behind the NSA firewall? Or out in the open? Is it legit or not? What's its pupose? Who has access? Is it accessible to natsec media? Is it hosting top secret NSA docs? If it had the docs and natsec media could access it, why wasn't the NSA surveillance exposed before Snowden/Greenwald drew attention? Is the natsec media complicit in hiding the scandal from the public?

b said...

A corker of a short and succinct article here: "According to Business Insider, Israeli Unit 8200 is running, or at the very least, driving a global tech boom. (...) In short, there’s very little difference between tracking consumers and tracking terrorists." Sourced back to here.

To Facebook, Twitter, etc., add Wikipedia. And for that matter, Google.

I realised the GCHQ staff 'charity work for Palestinians in Gaza' was a sop, but...GCHQ in the Negev? Employing how many Brits?

For sure, for global elint capacity, lots of people are needed (GCHQ has many more staff than MI5 and MI6 combined), and also bases around the world. Israelis like to keep the number of permanent employees of Mossad small, being able to call on as many sayanim as they need, whenever they need them. Elint is different. I wonder where else in the world 8200 might have a presence? The obvious places would be in the big US or UK elint bases: Fort Meade, Menwith Hill, Cyprus.

Andy Tyme said...

I have long maintained that Assange, Snowden, and even that tragic(?) gender-shifter Manning are NOT what the corporate media portray them to be, namely free agents/loose "canons" motivated mainly by personal agendae. Pawns in the Great Game -- that's the suspicion to which I am partisan.

Now I am pleased to see that your resistance to this "paranoid" hunch is, at least, fracturing about the edges -- and perhaps will soon crumble, thanks to your daring to mention that "SLC" behind the pale blue and white curtain.

We should never forget just WHAT the CONDUITS are through which we have been fed our daily doses of (never-anything-exposing-9/11) Wikileaks propaganda/drama, repeatedly touting the purported omnipotence of the spooks' network of all-seeing-eyes and all-hearing ears.

THE NEW YORK TIMES???

THE WASHINGTON POST???

Both have long been essentially "speaking tubes for the CIA" (as Webster Tarpley so aptly puts it).
And ol' Webster regularly denounces THE GUARDIAN as the "mouthpiece of the 'liberal' faction of MI6".

Just why should we believe that they have lately shifted into leopard's spots-changing mode and are suddenly acting INDEPENDENTLY and in OUR INTEREST???

Come on now...

As a famous wise-ass once brayed:

"Fool me once, Shame on you; Fool me twice.... er... ahh... ahh...

DON'T GET FOOLED AGAIN!!!"

Brian de Ford said...

What puzzles me is how few people wonder if Obama, Congress, etc. are also being monitored.

Of course they are. And enough of them will have guilty secrets that they'll then lie about the spying.

As J Edgar Hoover proved, if it can be abused then it will be abused.

Michael said...

You got a mention from Emptywheel:

http://www.emptywheel.net/2013/08/26/are-the-brits-trying-to-protect-british-telecom/?utm_source=feedly