Thursday, November 1, 2018

GCHQ Anniversary

99 years ago on 1 November 1919 Britain established GCHQ, the
'Government Communications Headquarters' that provided SIGINT and crypto protection for the armed forces plus diplomats and spies of the UK. Prior to that each service had their own SIGINT & Crypto silos, MI-1 for the British Army and Room-40 for the Royal Navy.  Picture on the right is the first home of the British GCHQ, it was known as Watergate House.

The British centralization of SIGINT and Crypto preceded the American effort to do the same by at least 30 years.  The US founded AFSA, the 'Armed Forces Security Agency' in 1949.  But that effort was never completely centralized as there were several exceptions within plankholder Army and Navy intel units, plus it never coordinated with civilian agencies such as the State Department, the CIA, and the FBI.  So it took another three years before the NSA, also known as 'No Such Agency', was formed.  In my opinion one thing the Brits did very much better than the US was that they placed GCHQ under their Foreign Secretary, while we poor cousins still have the NSA as part of DoD.

During WW2 GCHQ was moved out of London into Bletchley Park about 70 kilometers NW of London in Buckinghamshire. Made famous by many books and movies it is now a museum open to the public.  You can spend the day gazing at an 'Enigma', or the Turing/Welchman 'Bombe' machine. Perhaps even 'Colossus', the world's first electronic, programmable digital computer, that broke the Lorenz cipher and was reading orders to the field from OKW and sometimes Adolf himself.
https://bletchleypark.org.uk/

Nowadays GCHQ is based in the Doughnut in suburban Cheltenham in Gloucestershire.  5800(?) employees compared to 30 to 40000 for NSA; and they have only a fraction of NSA's budget.  But they reportedly still do a decent job - specialization by the crafty Sassenach boffins I assume.  Plus they have much closer relationships to similar intel organizations in former commonwealth countries.  I don't believe they'll let you visit though. 


Director since March 2017 is Jeremy Fleming formerly of MI-5, the US semi-equivalent of the FBI. 
https://www.dailymail.co.uk/news/article-4332290/What-know-Britain-s-new-chief-spy.html 
Director Fleming denied strongly the spurious allegation by Fox News and later by Trumpy himself  that GCHQ spied on Trump Tower for President Obama.

12 comments:

  1. I never got a chance to visit GCHQ while I was stationed in the UK and I was never a SIGINT guy, but I read many GCHQ reports and products. They were a great compliment to what the NSA produced.

    ReplyDelete
  2. The bit of SIGINT history I always end up shaking my head over is the extraordinary extent the German commo people went to - in both world wars - to deny that anyone was capable of reading their mail.

    Some of that must have had to do with the way the British (and Allies, in WW2) kept their cryptanalyses secrets; it must have been hard for the German signals people to believe that the enemy security was THAT good they'd get no hint whatsoever.

    But a huge part seems to have been some sort of deliberate arrogance, the assumption that nobody was as good as German encryption was, that they really did have unbreakable codes...

    I've always assumed that the Soviets, more paranoid as well as more aware of their technical limitation, were less arrogant.

    One thing I've always wondered, tho. The "story", the anecdotal version, always brings in the rise of SIGINT and the NSA as having the effect of degrading U.S. HUMINT skills. Supposedly the NSA was so good at gathering intel that old-fashioned spying fell out of fashion in the U.S. agencies. As the commo spooks got better the motivation to maintain HUMINT skills went astray.

    You don't hear the same tale told of MI-5 or MI-6, tho. Why? Certainly MI-6 didn't live up to its James Bond mythos in the postwar years. I just read a bio of Kim Philby, and it was pretty scathing (mind, the CIA didn't come off looking that brilliant, either...) re: British tradecraft...but the blame seemed largely on old-boy-ism rather than an overreliance on SIGINT. So is the SIGINT/HUMINT story just that, a tale, or is there something there..?

    ReplyDelete
    Replies
    1. I think the change in sigint vs humint had more to do with technology and how people used it than anything else. As communication generally became more and more electronic it naturally displaced some amount of communication that was only available to humint (ie. getting people on the inside or intercepting written communications).

      There's also volume. There's only so much one person can do, but tap one cable and you can read everything going to an entire base.

      But, as a generalist myself, I don't discriminate and wish all my analysis could have benefited from intel from each collection discipline.

      Delete
    2. @FDC - "So is the SIGINT/HUMINT story just that, a tale, or is there something there..?"

      I cannot speak directly to spying vs SIGINT. But my experience in Vietnam was that SIGINT was believed by some G2s and Commanders over any other type of intel. Did not matter whether the 'other' was imagery, recon reports, aerial observers, reports from POWs, debriefs of villagers, contact reports by either US or ARVN or RF-PF, etc. I believe that was a disservice. When SIGINT reports came in they were never identified as SIGINT, but only identified as a "Usually Reliable Source" (they were the original URL long before the internet). When a G2 or S2 saw that URL they would disregard any rival intel. Not a good thing IMHO. My father used to tell me that you cannot build a house with just a hammer, so use every tool in the toolbox. I am most likely overstating the case. There were some good G2s that made sure all the evidence was weighed. I worked for one of them.

      In the South the SIGINT reports were rare. I think that was probably due to: 1] reliance on wire and messengers within VC/NVA units; 2] typically radio was only used at regimental level or above but sometimes with independent battalions; 3] very few VC units had transmitters and those that did typically used non-military shortwave or home-made sets or captured PRC-25s; 4] NVA had mostly Chinese radios but used good radio discipline.

      American and ARVN radio discipline left a lot to be desired. Some units toed the line but many ignored comms OPSEC procedures. Arrogance maybe? But the North Viets took advantage of it. They had SIGINT units that used captured PRC-25s to monitor our frequencies. That advance warning of US or ARVN ops allowed them to move and sometimes resulted in a useless envelopment of an objective that had been recently deserted. Or perhaps an artillery TOT on a vacant jungle camp.

      Delete
    3. Thanks Mike, that's very interesting history!

      Delete
    4. The old-boy network was not just in Brit intel agencies. Early CIA recruiting was done by Ivy League professors, especially at Yale. I think they reach out more now.

      https://www.cia.gov/careers/opportunities

      But they still manage to screw up.

      Delete
    5. Andy -

      That tale on NVA use of SIGINT that I mentioned was only at the tactical level. That was all they could do with the captured PRC-25s which were primarily short range backpack radios.

      But I did read somewhere years ago, cannot recall where, that the SAM sites in the north were tipped off by Russian or Chinese SIGINT when B-52s took off from airbases in the Marianas. Something similar undoubtedly happened when USAF Alpha Strike packages took off from airbases in Thailand. Plus there were many Viet refugees in eastern Thailand at that time so probably a few agents among them just outside those airfields could have easily tipped off Hanoi when there were multiple takeoffs.

      Delete
    6. I remember reading about Russian/Chinese tipping somewhere too.

      At the tactical level, today it's the cell phone. Think of the Blackhawk down movie, where some kid makes a call when the strike team's helo's start spinning up.

      Cell phones have been a game-changer, especially in the parts of the world with poor infrastructure.

      Delete
  3. One of the most fun parts of researching the GFT post on the Scarborough Raid was the story of Room 40 and the twisted tale of how the British laid hands on the three separate code books they needed to break the Kriegsmarine codes. Real-life adventure story...

    But...it also provided a very revealing glimpse into the pluses and minuses of the way SIGINT analyses can impact military affairs.

    So the tl:dr version is that the German naval strategy for 1914 turned on using their battlecruiser squadron to bombard ports on Britain's east coast to lure elements of the Royal Navy's Grand Fleet into the guns of the lurking Hochseeflotte.

    The British, OTOH, looked to trap the raiders by using their SIGINT to anticipate the German battlecruisers' arrival and trap THEM.

    The first part worked great; Room 40 intercepted transmissions ordering the German battlcruiser unit to sail, and the RN sortied their own BCs as well as a unit of fast battleships to crush the raiders.

    BUT...the German main fleet kept perfect radio silence, and the RN made the mistake of assuming that the absence of evidence meant evidence of absence. The Hochseeflotte WAS out in the North Sea that day, and it was pure luck that prevented the British squadrons from being overwhelmed by a massively superior enemy...

    The moral being that your SIGINT is only as good as your analyst..!

    ReplyDelete
    Replies
    1. Great example.

      That reminds me of something we called collection bias. Essentially, at various times and for various reasons we'd adjust the amount of collection on a target country (and not just for sigint). Increasing our collection posture could make it appear the target country was more active during that period of heightened collection. This could especially be a problem in crises - we increase collection to monitor the crisis, which increases the amount of reporting and also the fidelity of the reporting. This causes a "spike" in reporting that can make it appear that said country is suddenly more active, conducting more patrols, or whatever it is you're monitoring. But usually it was just because we were looking more closely and therefore "seeing" more.

      Good analysts will know to account for that, but it's sometimes hard to explain and convince decisionmakers about collection bias.

      Delete
  4. Who needs Nazis when you have Belgians:

    http://www.brusselstimes.com/business/technology/12931/british-intelligence-hacked-belgacom-then-sabotaged-investigation

    ReplyDelete
    Replies
    1. Anon -

      My wild ass guess is that GCHQ was probably looking for links between al Qaeda and the blood diamond trade. Antwerp still is "where 80% of all rough diamonds, 50% of all cut diamonds and more than 50% of all rough, cut and industrial diamonds combined are handled." But the Brits IMO should also be checking the diamond centers in Dubai and Surat.
      http://thegreenerdiamond.org/zimbabwes-blood-diamonds-flood-dubai/
      https://en.wikipedia.org/wiki/Surat

      Delete