On Sept. 12, 2001 senior managers and technical experts crammed into the narrow and stuffy conference room of the National Security Agency's Signals Intelligence (SIGINT) director. Each was trying to make sense of what had just happened the previous morning when two jets slammed into the World Trade Center in New York. The obvious questions were: Who had done this? How could we lift the spirits of the demoralized counterterrorism division? And more importantly, how could we find and track the people responsible for this attack?
Our sensors were trained on some of al-Qaida's lieutenants, but there were no signs of an impending attack. Years ago, we listened to the communications of Osama bin Laden, but they went off the air when this source was leaked to the press. NSA was a ghost town the afternoon of 9/11; employees were sent home in case of another attack. Only the most senior managers stayed at their desks to ponder the next step.
Much of the conversation the morning after focused on phone calls, a technology that NSA was long familiar with. But about 15 minutes in, someone opined, what about the Internet? This was a relatively new technology, one that some in NSA feared would cause the agency to "go blind" because of the dazzling volumes of information and endless variety of new and emerging communications modes such as chat, email, and even telephone calls over the Internet. There was a collective sigh as each manager slumped in their chair. The Internet was a brave new world for NSA, and it was leaving the agency behind in its dust.
"How do we know they're even using it?" the head of the data collection directorate asked. Several years ago we had sampled communications channels looking for al-Qaida and had not found a trace.
"They are," a senior analyst responded. "They're saying so in their phone calls."
This revelation drove a serious effort to find al-Qaida on the Internet. Just two months later, sometime in November, after adjusting our sensors and rifling through thousands of foreign communications, we found our first lead to those responsible for the World Trade Center attacks. All it took was a single lead, and within six months, we had developed a huge network of al-Qaida affiliates in numerous foreign countries. What was surprising to us was just how many terrorists were using the Internet.
This was a huge SIGINT success. We were able to quickly expand our knowledge of terrorism, terrorist intentions and the location of our enemies. Some now doubt whether all this collection stops terrorist attacks. But this is like the debates that have endured for years over whether breaking the German Ultra code during World War II had any impact. None less than Winston Churchill believed that "it was thanks to Ultra that we won the war."
So now the country is engaged in painful soul-searching about whether NSA has gone too far and whether we should invite leaker Edward Snowden back for a ticker-tape parade. On the latter, Mr. Snowden has set the agency back perhaps a decade or more through the unrelenting disclosure of sources and methods. He and his supplicants at major press outlets here and abroad publish his revelations as if the national security of this country and the U.K. matter little. (To President Vladimir Putin: Give us Snowden. You already know everything from him.) One NSA slide from Mr. Snowden, for example, depicted an alleged NSA relationship with Skype. If there were terrorist communications on Skype, they are long gone, just like when NSA lost Osama bin Laden's communications through press leaks in 1998.
On the former — has NSA gone too far? — a thoughtful scrutiny is in order and continues. But NSA doesn't defend itself well out of a constant fear of giving away secrets. The real question is whether the agency could pull off another major SIGINT success like it did after 9/11. Probably not. Mr. Snowden has done enough damage. A few changes in the law based on challenges from numerous groups and senators will do the rest.
Jack Israel is the former technical director for NSA's analysis & production directorate. His email is email@example.com.
To respond to this commentary, send an email to firstname.lastname@example.org. Please include your name and contact information.