The Soviet Union continues to intercept U.S. domestic microwave
telecommunications systems from their Embassy and other diplomatically
immune locations in Washington, D.C., San Francisco, and New York City.
We are also seriously concerned about their intercept activities of U.S.
Domestic satellites from their collection site in Cuba and from vessels
off each of our coasts operating in international waters. (TS)
You may recall that the U.S. Government instituted a program called
DUCKPINS which moved selected leased government circuits from microwave
to underground cable facilities. When these targets dried up, [less than 1 line not declassified] reported the
movement of Soviet targeting to other government agencies, economic
targets and Defense contractors. The DOD was alerted and they began looking at possible
solutions. (TS)
The fact that Defense contractors were now a prime Soviet target was
verified in the 1979 Threat Assessment I asked Stan Turner to conduct,3 the specifics of which were
briefed to the subcommittee by Admiral Inman in July 1979.4
Defense gave an initial briefing to the subcommittee in August
concerning how they would approach a countermeasures program. They very
candidly advised that this area would require considerable time and
study since a more complex dimension was now added to our protection
concerns. I expect Defense to have their protection strategy plan
available for review by mid-July and will
[Page 819]
convene the PD/NSC–24 Subcommittee to
hear their briefing soon thereafter. After your review of the attached
report I recommend you forward the Executive Summary to the President
and you authorize distribution to all Subcommittee members. (TS)
Attachment
Paper Prepared in the Office of Science and Technology Policy5
Washington,
April 15,
1980
[Omitted here is the title page and table of contents.]
EXECUTIVE SUMMARY
The Soviet Union is intercepting U.S. domestic microwave
telecommunications from diplomatically immune locations in
Washington, D.C., New York City and San Francisco. Exploitation of
U.S. common carrier domestic satellite communications is also of
serious concern. Presidential Directive PD/NSC–24 was issued
with the objective of enhancing the protection of United States
communications, the intercept and exploitation of which may be
useful to a foreign adversary. Primary emphasis was placed on
protecting government information of value to the USSR. (TS)
The Presidential Directive assigned Executive Agent responsibilities
to the Departments of Defense and Commerce. The Secretary of Defense
is the Executive Agent for Communications Security (COMSEC) to protect
government-derived classified information and government-derived
unclassified information which relates to national security. The
Secretary of Commerce is the Executive Agent for the protection of
government-derived information not related to national security and
for dealing with the commercial and private sector to enhance their
communications protection and privacy capabilities. The State
Department, the Manager, National Communications System (NCS), and the General Services
Administration (GSA), were also
given specific on-going responsibilities. Revised guidance was given
to
[Page 820]
the Executive Agents in
a November 26, 1979 Implementation Decision Memorandum to clarify
their role relationships.6 (U)
MAJOR ACTIVITIES IN 1979
—PROJECT DUCKPINS—A government program to minimize Soviet
interception of telephone conversation over domestic microwave radio
by transferring selected U.S. government voice circuits from
microwave to underground cable facilities in Washington, D.C., New
York City and San Francisco. Circuits actually under this protection
number 17,347 with another 1,067 on order. A third phase has been
initiated by DOD which is
responsive to both this program and the SCC–CI guidance of October 22, 1979.7 The National Security Agency
proposed a cable fix for 22 high priority defense contractors which
were designated as “Most Sensitive.” Defense plans to route all of
these leased circuits, which carry information of value to an
adversary, by cable in the three Protected Communications Zones
(PCZs), by the end of 1980. The Agency has also been tasked to brief
these high priority contractors on the domestic intercept threat,
and provide the Manager, NCS,
assistance in circuit identification and selection, necessary for
the implementation of protective cable routing. These contractors,
however, represent only a fraction of the total problem. In addition
to proposing Defense Contractor protection fixes, an overall DOD plan, still in the formative
stages, will be forwarded to the Special Subcommittee, for decision
and will include a broader, system-wide series of proposals which
will in large part deny the Soviets the information they are
targeting. (S)
—EXECUTIVE SECURE VOICE NETWORK (ESVN)—The Assistant Secretary of Defense for C3I
declared the ESVN fully
operational. This network was subsequently renamed the Federal
Secure Telephone Service; its capability and electronic
cryptographic key distribution was expanded as well as additional
secure voice terminals being installed. There are now 249
operational terminals as compared to 90 reported last year. (C)
—GSA BULK PROTECTION PROGRAM—With
the assistance and approval of the NSA the General Services Administration has: Closed
bids for proposals for FTS voice service to Alaska,
Seattle-Anchorage, 72 circuits, Seattle-Juneau, 24 circuits and San
Francisco
[Page 821]
and Washington,
D.C., 192 circuits. The initial implementation plan uses the DOD developed CY–104 systems which
bulk encrypts in 24 channel increments. Contract awards on the
procurements are planned to begin the second quarter of 1980. Since
September 1979, GSA has been using
19 of 24 bulk protected voice channels of the DOD satellite system between Hawaii
and California. In addition to the protection, this sharing reduces
costs for the circuits by approximately sixty thousand dollars a
year. With the cooperation of various international carriers GSA moved 12 circuits normally routed
over unprotected satellites between Hawaii and Puerto Rico to the
U.S. Mainland to less vulnerable cable routes. (C)
—BRIEFING PROGRAM—Telecommunications carriers and government
contractors were to be briefed on the nature of the threat. The
National Security Agency has thus far briefed a total of 33 Defense
contractors on the domestic intercept threat—sixteen briefings were
done in 1979 with additional ones planned for the January–March 1980
time frame. The NTIA conducted a series of unclassified briefings
with 12 of the major common carriers. (C)
—SOVIET TARGETING OF U.S. CITIZENS—The 1979 Threat Assessment
contained no evidence to suggest that private
citizens have become targets. (S)
—REAL ESTATE ACQUISITION BY COMMUNIST COUNTRIES—The Real Property
Committee, an interagency group chaired by State was established by
PD–24 to review and if necessary
deny Soviet and communist bloc property acquisitions that present a
serious potential threat to U.S. telecommunications security. The
committee met seven times; initially in February with Ambassador
Leonard of the USUN to ensure that he was fully cognizant of the
technical and political background concerning the Soviet interests
in New York property acquisitions. On the advice of the FBI and NSA, the Committee interposed no objection to a
possible Bulgarian purchase of property for a chancery at the
International Center on Connecticut Avenue and Van Ness Street.
Since 1973 the State Department had been encouraging the PRC to acquire properties in the open
marketplace without a requirement for prior Department approval. On
May 10 the Committee discussed a building which the FBI had learned that the PRC planned to acquire, and considered
again the question of requiring the PRC to obtain State Department approval before
buying.8 The Committee concluded that it was
insufficiently instructed to make decisions on either the specific
building in question or on its future role in the broader question
of bringing PRC property
acquisitions under U.S. control. Based on this circumstance the
PRC Embassy in Washington was
advised that
[Page 822]
the State
Department should be kept informed of PRC plans to acquire property. This was reiterated in a
diplomatic note of October 26 which stated the necessity to obtain
the Department’s approval prior to the acquisition or occupancy of
diplomatic, consular, or other property in the United States.9 The Chinese have advised that
in the future it will comply with the request. (TS)
—NATIONAL COMMUNICATIONS SECURITY COMMITTEE—The publication of NSC/PD–24 rescinded the 1968 NSC United States Communications Security Board (USCSB) directive10 and necessitated the
construction of a supporting interagency advisory committee to
replace the former USCSB. The
National Communications Security Directive, established the National
COMSEC Committee (NCSC) to
advise and assist the Executive Agent in formulating and
implementing policy and was signed by the Secretary of Defense on
June 20, 1979.11 This
directive delineates, under the Secretary of Defense, the COMSEC responsibilities of the
NCSC, the Director, NSA, and
department and agency heads. (U)
—INFORMATION ASSESSMENT (GOVERNMENT)—A series of information
assessments were conducted in 1979. Among others, the National
Security Agency (NSA) completed a
COMSEC threat report for
Federal Reserve and Treasury International Communications with
Foreign officials. The study was undertaken by the NSA following a formal request from
the Federal Reserve Systems Board of Governors. They evaluated the
specific threat to the security of voice and printed (TELEX)
communications between either the Federal Reserve or Treasury on one
hand and foreign governments or central banks on the other. Treasury
has initiated several thorough investigations to assess the value of
information processed by the department which could benefit an
adversary. Vulnerabilities, thought to be non-existent, have been
identified, and personnel involved have reacted positively. The
level of awareness has been raised significantly. As a direct result
of one survey concerning the Bureau of Government Financial
Operations, Treasury Financial Communications System they are now in
the process of encrypting the system with Data Encryption Standard
(DES) based equipment. The Special Project Office of NTIA completed
five
[Page 823]
telecommunications
and information vulnerability surveys in the Federal civil sector
and had three more in progress. Each survey performed by NTIA
documents specific findings and offers NTIA’s recommendations for
corrective action. The eight survey projects involved a range of
Federal civil governmental activities including agencies
specializing in socioeconomic matters, transportation, scientific
matters, law enforcement, a regulatory agency, and an organization
involved with national financial activities. Each was an in-depth
study of agency telecommunications resources and included interviews
with operations, telecommunications, and management personnel.
Agencies who have participated in this project have given NTIA “high
marks” for their thoroughness, professionalism and excellence of the
survey findings and recommendations. (U)
PROGRAM OVERVIEW
DUCKPINS continues to be our most potent countermeasure with a
limited in-place bulk encryption effort trailing behind. NSA’s bulk protection technology
development progresses slowly due to a variety of national network
problems which must be overcome. Lack of secure voice terminals
continues to hamper fulfilling our end-to-end voice security and
protection requirements. Overall progress toward implementing
“fixes” to deny the Soviets information or access to information has
been undeniably slow. This has been due in part to technology
problems and in part to an inability to identify information
requiring protection. (S)
As previously reported the difficulty of defining or accurately
determining what unclassified information is, or may be useful to a
foreign adversary or whether it is, or is not national security
related continues to plague us and obscure executive agent
responsibilities. This situation is further compounded by the
recognition that classes and categories of information can be, and
in many instances, are “moving targets.” That is, information can
rapidly gravitate from one category to another for a host of reasons
depending upon national or international conditions. One thing is
clear, however, only the originator of the information operating
within departmental guidelines can legitimately decide whether his
or her information should be protected from interception while in
transmission. (U)
The briefing programs by both Executive Agents are noteworthy and
continued without abatement. Similarly the information vulnerability
studies being done by the NTIA have been extremely successful. All
department and agencies should avail themselves of this service.
(U)
After discussions with the Director, NSA and Administrator, NTIA, an Implementation Decision
Paper was issued in late 1979 in an attempt
[Page 824]
to clarify executive agent responsibilities;
it has in some respects helped the situation. (U)
PLANS AND PROJECTIONS FOR
1980
- —
- The COMSEC Threat Report
program to determine and disseminate foreign SIGINT threats to
U.S. telecommunications and the vulnerability analysis program
of both U.S. civil and military communications will continue and
will provide for the subsequent establishment of COMSEC standards and doctrine.
(S)
- —
- The remaining contractors from the list of 22 “Most Sensitive
Contractors” will be briefed on the intercept threat to their
communications. (S)
- —
- Field trials of the LADNER equipment will be conducted on the
terrestrial microwave systems of the Other Common Carriers
(OCCs) to verify compliance with a system performance and
operating requirements. (S)
- —
- Develop a Federal policy concerning the protection
requirements for leased, commercial or government-owned
communications satellite circuits. (U)
- —
- COMSEC doctrine will be
developed for unclassified DES applications; however, the
absence of a comprehensive data base on computer security will
make progress both difficult and slow. (C)
- —
- The Phase I PCZ Pilot Program and the FSTS will continue
operation and expansion as various implementation levels are
approved. (S)
- —
- Procedures to verify compliance of commercial DES equipments
with FS–1027 for unclassified national security-related
applications should be finalized. (U)
- —
- The position paper on public cryptography will be compiled,
coordinated, and submitted. (U)
- —
- The security evaluations of the six DES-based equipments for
NTIA will continue and should be completed during 1980. (S)
- —
- Complete the DUCKPINS III Program by December 1980. (S)
- —
- Emphasis will be placed on the bulk protection of FTS circuits
transmitted over satellite and terrestrial microwave systems.
Commercial cryptography will be used whenever appropriate,
available and cost effective. (C)
- —
- Develop an options paper for a Federal policy which authorizes
and provides for selected unclassified information which, when
so marked, must be protected during electrical transmission.
(U)
- —
- Complete arrangements for the sharing satellite capacity on
two or more wideband systems which will provide FTS protected
service for Guam to Hawaii and Puerto Rico to the CONUS communications. (C)
- —
- Develop a program to facilitate procurement and distribution
of all appropriate department and agency secure voice equipment
(STU II) which may permit the government to take advantage of
large order procurements and resulting economies of scale.
(C)
- —
- Initiate procurement actions for commercial cryptographic
systems to replace CY–104 systems where cost-effective and
technically feasible. The National Bureau of Standards (NBS) Data Encryption Standard
(DES) will be used until a certification process is established
and other technologies made available. (C)
- —
- Expand the KY–70 to KY–3 interface from two to four ports to
improve intersystem communications by eliminating queing
problems. Both should be operational by July 1980. (C)