PRISM: Tip of the Cyber Intel Iceberg

Tuesday, July 16, 2013

Don Eijndhoven


PRISM Slide 1When Edward Snowden published information on PRISM – a rather drastic intelligence gathering program in which several (assume All) government agencies such as the FBI and the NSA draw intelligence from major tech companies such as Microsoft, Skype and Facebook – he was immediately revered and reviled by the general populace. Especially within the US armed forces community, the general sentiment seems to be that he's a traitor and someone needs to go fetch a rope. But really, how much of this is new or even unexpected?

Right after the 2nd World War in March of 1946, a multilateral agreement between the UK, the US, Canada, Australia and New Zealand was signed in which they agreed to cooperate and share intelligence. This was originally intended to be mostly Signals intelligence, but has long since been extended to include much more. This intelligence alliance between those five nations has become known as Five Eyes. It was a secret treaty (allegedly even kept from the Australian PM's until '73) but has been exposed for quite some time now. In fact, Canadian Brigadier-General James S. Cox (RET) wrote a rather salacious paper on this treaty, and to illustrate just how well this treaty is working out can be gleaned from the following paragraph in the executive summary of said paper (emphasis mine):

 "The Five Eyes intelligence community grew out of twentieth-century British-American intelligence cooperation. While not monolithic; the group is more cohesive than generally known. Rather than being centrally choreographed, the Five Eyes group is more of a cooperative, complex network of linked autonomous intelligence agencies, interacting with an affinity strengthened by a profound sense of confidence in each other and a degree of professional trust so strong as to be unique in the world." – "Canada and the Five Eyes Intelligence Community" by Brig-Gen James S. Cox (RET).

This profound sense of confidence in each other likely stems from the fact that they've been doing this for over 60 years, and I would hazard that this partnership has had its strength tested a few times. Successfully, from the looks of it. Either way, I think it is a safe assumption that the UK, Canada, New Zealand and Australia are as much to blame for PRISM as the Americans. Funny how none of them have mentioned their unfettered access to this raw data, hmm?

What boggles my mind is how little people seem to care. Maybe the name ECHELON rings a bell? This was an expansion on collection and analysis in the 60's to this same Five Eyes program. I should stress that the actual gathered (and shared) intelligence included much more than just signals intelligence. We're talking raw internet data. Raw, meaning absolutely everything that passed through, without any kind of filter. If you said it through any kind of internet-connected medium, through any American provider, service or product, you have definitely been logged there. And even not using any of said American providers, services or products, your traffic could still have been routed through PRISM, depending on where you are, where the servers are that you connected with, or how traffic was routed. And that's just assuming that this traffic was really only collected in the US, which may not be the case now that we've established that at least 4 other countries were actively in on this program.

Now that we've firmly established the "who" part of this whodunit –or at least establish who benefits-, its time to look a little closer at what happened.

So what happened with PRISM?
Simply put, since somewhere as early as 2007 the various US intelligence and Law Enforcement agencies used the law to gain access to information harvested by tech giants such as Microsoft, Google, Apple, Yahoo, Facebook, Skype and Youtube. This means that they had access to a multitude of heavily used social media sites such as Facebook, Skype, Twitter and Youtube, but also cloud services such as iCloud, Google Drive and Dropbox. This was all done legally under US laws. Their alleged goal was to monitor foreign communications that take place on US servers, but of course it couldn't hurt that what they collected included everything under the virtual sun – including stuff on American citizens and US allies.

Edward Snowden brought to light just exactly what is going on, and how it's done. For those of us who have an IT-technical background, it doesn't take much imagination. It can be done easily, and not to my surprise, this is what they did. Snowden published a PowerPoint presentation containing 41 slides on this, but interestingly only 5 of those slides were published. The remaining slides are, apparently, so "hot" that nobody wants to burn themselves by publishing it. Both the Guardian’s Glenn Greenwald and the Post’s Barton Gellman have made it clear that the rest of the PowerPoint is dynamite stuff which we’re not going to be seeing any time soon. “If you saw all the slides you wouldn’t publish them,” wrote Gellman on Twitter, adding in a second tweet: “I know a few absolutists, but most people would want to defer judgment if they didn’t know the full contents.”. I think that I speak for most Europeans when I say that I disagree strongly with Gellman, and would very much like to see the remaining slides.

Although the slides that have been published can be easily found without my help, I would be remiss in not adding them here for your enjoyment. Much of the international outrage can be explained by these pictures. And by outrage, I mean by the people, not the other governments. Any outrage on their behalf is geopolitical theatre, because every government in the world is either doing this, or would very much like to. You only have to look at the recently unveiled DGSE (French secret service) surveillance program which operates in exactly the same vein as PRISM.

Without further ado, here are the slides that were published from Snowden's originally 41 slides:

PRISM Slide 1


PRISM Slide 2

PRISM Slide 3

PRISM Slide 4


PRISM Slide 5

About the author: Don Eijndhoven is the Founder and CEO of Argent Consulting, a Dutch firm that offers strategic management consulting and education services in the areas of Cyber Security, Intelligence and Warfare. He is the founder of the Dutch Cyber Warfare Community and a founding boardmember of the Netherlands Cyber Doctrine Institute. He has a Bachelors' degree in Computer Science and is currently working on an Executive MBA at Nyenrode (NL). Follow Don Eijndhoven on Twitter: @argentconsultin

Cross-posted from

Possibly Related Articles:
Federal General Legal
NSA PRISM Edward Snowden
Post Rating I Like this!
Gregory MacPherson No disagreement with the facts as stated, but it's that pesky "American Exceptionalism" that matters here. America is a nation of laws. Specifically, the Fourth Amendment to the Constitution of the United States of America states in part that "The right of the people to be secure in their persons, houses, papers, and effects, against unreasonable searches and seizures, shall not be violated, ..." Despite the fact that AT&T, Sprint, T-Mobile, and Verizon copy off every voice and text message of every cellular phone in America, that data is supposed to remain privileged and NOT shared with the government (or any of their intelligence agencies) without legal "due process". Edward Snowden signed an agreement with Booz Allen Hamilton (an agent of the Federal government) saying that he would keep the government’s secrets. By going public, he violated that agreement, which (in US contract law) constitutes breach (and makes him liable to criminal prosecution besides). The telcos should not give the government access to our voice and text data without a warrant, and Snowden should not have broken his agreement to keep the programs a secret.
Don Eijndhoven Hi Gregory,

Thanks immensely for taking the time to read my article. I thought to respond because your reaction is one that I have seen very often the last few weeks, and that is that Snowden is somehow more important than the fact that the US absolutely violated every internet-connected person on the planet.

US citizens should realize that the rest of the world is getting ready to lynch them over this. My advice would be to look OUTSIDE first, and repair the damage that you've done to your international reputation BEFORE looking at how to deal with Snowden.

The fact is, Gregory, that outside of the US absolutely *nobody* cares about US law and how they apply to Snowden or not.
Don Eijndhoven Please note that I updated the main article with 4 additionally released slides that I had missed. You can find them here:
Gregory MacPherson Don,

First, appreciate the perspective - traveling outside America has become more difficult in recent years.

At the risk of appointing myself spokesperson to the world, the world must realize that there are now two Americas. One - mine - agrees with you that our foreign policy is clumsy and managed by buffoons (like Clinton and Kerry). If we had our way, Netherlands (not "Holland") and other countries would be left alone. The people in "my" America don't want to meddle with allies. However there is a second America, and those people are in charge now. It is analagous to the situation in the Twentieth Century where leaders said and did one thing while the majority of the population disagreed, yet followed out of fear or apathy. This is the second America - the one that "thinks they know better than you". Over here we call them "Socialists", "Progressives", and "Statists". I fight them - metaphorically now, but I suspect in the future that fight will become very much corporeal.

Lastly, yes America is a country of laws, and yes, our law should stop at our borders. Sovereignty - ours and yours - is important, but only to me and "my America". I recommend you give that other America, the one currently in power, a great deal of scrutiny before you trust them. I have found them to be less than trustworthy, as the current topic well illustrates.

The views expressed in this post are the opinions of the Infosec Island member that posted this content. Infosec Island is not responsible for the content or messaging of this post.

Unauthorized reproduction of this article (in part or in whole) is prohibited without the express written permission of Infosec Island and the Infosec Island member that posted this content--this includes using our RSS feed for any purpose other than personal use.