Stellar Wind: CIA analysts didn’t use the NSA’s Spy program.

Uploaded on 2015-05-08 in NEWS-News Analysis, INTELLIGENCE--USA, FREE TO VIEW

999a7aa36cab52b992c949e7e4f3fb62.jpg

A newly-released document from the Central Intelligence Agency’s (CIA) own internal watchdog found that the government’s controversial warrantless surveillance and bulk data collection program was so secretive that the agency was unable to make “full use” of its capabilities even several years after the September 11 attacks. Initially, only top-level CIA officials were cleared on its use, rather than rank-and-file "CIA analysts and targeting officers.”

STELLAR WIND, the code name for the highly secretive President’s Surveillance Program (PSP, or “The Program”), was created in the wake of the September 11 attacks. The legal justification for the PSP has changed multiple times over the years, and today it stands under the Foreign Intelligence Surveillance Act Amendments Act (FISA AA) of 2008, which remains law.

The CIA IG report writes that under the PSP, there were three "sets of data" collected.
The first set included the content of individually targeted telephone and e-mail communications. The second consisted of telephone dialing information—the date, time, and duration of calls; the telephone number of the caller; and the number receiving the call—collected in bulk. The third data set consisted of e-mail transactional data collected in bulk.

Several factors hindered the CIA in making full use of the capabilities of the PSP. Many CIA officers told us that too few CIA personnel at the working level were read into the PSP. Officials told us that CIA and targeting officers who were read in had too many competing priorities and too many other available information sources and analytic tools, many of which were more easily accessed and timely, to fully utilize the PSP. 
CIA officers also told us that the PSP would have been more fully utilized if and targeting officers had obtained a better understanding of the program's capabilities. Many CIA officers noted that there was insufficient training and legal guidance concerning the program's capabilities and the use of PSP-derived information. 
Ars Technica: http://bit.ly/1dzO2Z1

« France’s Intelligence Bill: legalising mass surveillance
Forget Hackers, The Biggest Internet Security Threat Is Closer to Home »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

National Trading Standards eCrime Team (NTSeCT)

National Trading Standards eCrime Team (NTSeCT)

The National Trading Standards eCrime Team tackles online consumer scams, rip-offs and fraud, as well as those committed by text or email.

CLUSIF

CLUSIF

Clusif is the reference association for digital security in France. Its mission is to promote the exchange of ideas and feedback through working groups, conferences and publications.

Deductive Labs

Deductive Labs

Deductive Labs consulting services help customers with their technology, security and automation challenges.

Industrial Cyber Security

Industrial Cyber Security

Industrial Cyber Security provides specialist consulting services in enterprise and SCADA system security.

DomainTools

DomainTools

DomainTools helps security analysts turn threat data into threat intelligence.

Ideagen

Ideagen

Ideagen provides information management, safety, risk and compliance software solutions that allow organisations to achieve operational excellence, regulatory compliance and reduce risk.

Preempt Security

Preempt Security

The Preempt Platform delivers adaptive threat prevention that continuously preempts threats based on identity, behavior and risk.

ODSC

ODSC

ODSC is a security systems integrator that provides services and expertise in identity management and access.

Cybertonica

Cybertonica

Cybertonica is a FinTech company which detects and prevents fraudulent transactions and reduces risk for financial services organisations.

Barbara IoT

Barbara IoT

Barbara is an industrial device platform specifically designed for IoT deployments.

GV

GV

GV provides venture capital funding to bold new companies in the fields of life science, healthcare, artificial intelligence, robotics, transportation, cyber security and agriculture.

ITsMine

ITsMine

ITsMine’s Beyond DLP™? solution is a leading Data Loss Prevention (DLP) solution used by organizations to protect against internal and external threats automatically.

Cyber Gate Defense (CyberGate)

Cyber Gate Defense (CyberGate)

CyberGate is an Emirati establishment founded with an objective to provide cyber security services that would improve the overarching cyber security posture of the UAE.

Senserva

Senserva

Senserva delivers a deep analysis for security user accounts and applications within the Microsoft cloud environment.

Speedinvest

Speedinvest

Speedinvest is one of Europe’s most active early-stage investors with a focus on Deep Tech, Fintech, Industrial Tech, Network Effects, and Digital Health.

AirEye

AirEye

AirEye is a leader in Network Airspace Protection (NAP). Block attacks against your corporate network launched from wireless devices in your corporate network airspace.

UncommonX

UncommonX

UncommonX offers enterprise-class cybersecurity protection for mid-size organizations by combining adaptive threat and intelligence software with 24/7 industry experts.