The Watchers (16 page)

The agency wanted to fly two agents to Philadelphia right away. The State Department wanted to know more about Karic and had asked the CIA to find out. The agents would come to Weldon's home, a hotel, the airport, whatever he wanted.

They could wait. “The FBI already asked for that information,” Weldon replied. “We can do it together on Monday afternoon.”

Once again, Weldon found himself in an improbable spot: sitting in his Washington office with two G men and a pair of spooks who were begging
him
for information on an elusive Serbian banker. At the time, Weldon and his colleagues on the House's International Relations Committee were preparing for a hearing on diplomatic relations with Yugoslavia, at which Pickering was slated to testify. Apparently State had realized this Karic guy was interesting after all.

Weldon laid it all out for the agents. Karic. The brothers. The missile sales, the house, the wives. Weldon had been a schoolteacher before coming to Washington. When he'd finished the lecture, he asked, “Now, do you know where I got this information?”

The answer seemed obvious to the agents. From the Russians, and from Karic himself.

The congressman was delighted. “No,” he said. “I got this from the Information Dominance Center.”

The agents looked at him and at each other quizzically. “What's the Information Dominance Center?” one of them ventured to ask.

“They're the people who gave me eight pages,” Weldon said. “The CIA gave me a paragraph.”

He told the agents that both their organizations had come up short. And now, here they were asking a congressman to brief them, so they could report to the State Department.

“This is ridiculous,” Weldon said.

 

NATO planes bombed Milošević's forces for seventy-seven days. The campaign convinced him of the alliance's resolve, and that Russia wasn't coming to his rescue. By mid-June he had withdrawn from Kosovo, under an agreement hammered out by the United States, the Russians, and the G8. Weldon had briefed the administration on the aborted Vienna agreement, and he told himself that it had provided a framework for the ultimate pact. He'd done his job.

But the encounter with the agents had left Weldon peeved. The Miloševićs of the world, and all the other big problems, were only going to get bigger. Human analysts slogged through swamps of data about an array of threats—warring ethnic factions in Albania, ascendant capitalists in China, dissident Saudi expatriates in Sudan. No one could keep it all straight, much less reach deeper conclusions about how the United States should act in this volatile world. Technology was the answer. Computers could do what humans couldn't—ingest heaps of data, then digest sensible, instructive information. The IDC was the next generation of intelligence, Weldon thought. He became its biggest congressional patron, singing the analysts' praises at the highest echelons of the Defense Department. And despite Weldon's outsized reputation, people listened.

Over at the Pentagon, word was getting around about the IDC's exploits. The armed services committee had been talking them up. And the military services, as well. Rumor was, the IDC could do amazing things. New things.

The men who ran the Defense Department decided it was time to put the tiny band of analysts through their paces, but this time on a bigger problem than Balkan businessmen.

 

 

 

 

John Hamre, the number two man at the Pentagon, had a big problem: Somehow, U.S. military secrets were ending up in Chinese hands. And he wasn't certain how.

The Defense Department had been aware for some time that hostile intelligence services were running agents against U.S. government facilities and military contractors, and Hamre, as the deputy secretary of defense, was actively trying to stop one aimed at the U.S. industrial base. But the scale and scope of clandestine operations were broader and more frightening than almost anyone outside the government knew.

In January 1999, a special congressional committee revealed that since at least the late 1970s, Chinese spies had stolen design information about advanced thermonuclear warheads from the U.S. national laboratories, a rich repository of military hardware secrets. The pilfered cache covered seven warheads, including all those currently deployed on U.S. ballistic missiles, as well as plans for the apocalyptic neutron bomb, which was designed to wipe out whole population centers with a massive dose of radiation. Chinese agents also had obtained other vital missile and satellite technology from U.S. companies allegedly doing unauthorized business with the Chinese government. The espionage was ongoing and heading toward a crucial point: The commission predicted that China had enough information to base the next generation of its nuclear arsenal on U.S. designs.

Hamre didn't really need a congressional investigation to tell him that the country's most sensitive secrets were up for grabs, and that the countermeasures in place to stop such a massive step were faltering. With the demise of the Soviet Union Congress and the administration had cut back intelligence budgets dramatically, a multibillion-dollar savings known as the “peace dividend.” The agencies, along with the national labs and defense contractors, were becoming blind to the security threats arrayed against them, and in some cases appeared to unwittingly assist their adversaries. The very fiber of secrecy was disintegrating. So, Hamre decided to do something dramatic.

The government needed a new
counter
intelligence center for the post-cold war and national threats, he decided. And their first order of business should be to understand precisely how spies were “exfiltrating,” in the parlance of the trade, so many technology assets. Hamre wanted to create a “threat mapping model” of the military technology supply chain. It should show all the security weak points, the conduits through which an individual could move secrets out of the country, physically or electronically. It wasn't enough to know that the labs or contractors writ large were vulnerable. How did the spies obtain access to those labs in the first place? Did they have contacts on the inside? Did they pose as legitimate researchers? And which technologies were most at risk of theft? In a losing game of Spy vs. Spy, Hamre wanted to know the bad guys' avenues of approach.

The question was, how? The intelligence agencies with their traditional craft had come up relatively empty. Hamre wondered whether this new counterintelligence unit needed to get ahead of the curve. A few months after the China report was released, Curt Weldon, who sat on the congressional committee that authorized it, recommended to Hamre that he pay a visit to the Information Dominance Center. He needed to see how these high-tech detectives were outrunning the CIA and others.

Hamre went down to Fort Belvoir. Not long after, he reported his impressions back to Weldon: “It's amazing what they're doing down there.”

 

August was Washington's slow season, but Erik Kleinsmith was barely catching his breath from the Karic episode and the crush of a normal workday at the IDC. Requests were coming in from a range of customers now at the military command level. But when the call came down from Hamre's office, Kleinsmith snapped to attention.

The Pentagon had a challenge: Use advanced data-mining techniques to determine paths and avenues for hostile intelligence services. Hamre wanted to know whether he should invest in these cutting-edge tools for the new Joint Counterintelligence Assessment Group, or JCAG. Officially, what Hamre asked the IDC to do was just an experiment. But Kleinsmith saw a perfect opportunity to impress the Pentagon brass.
Let's show them what we've got.

The rules of the game were simple. The IDC should pick a sensitive military technology, and then map out how individuals, working together or collectively, could gain access to U.S. facilities, obtain sensitive information, and then take it back to China. They should nail down, in as much detail as possible, which labs or companies had been compromised, which organizations were behind the theft, and—perhaps most important—which facilities were most at risk. This wasn't an investigation of past abuses. Congress had taken care of that. This was now about preemption. Kleinsmith and his team would have access to a limited number of classified databases, but they could also mine the Internet.

The IDC had a range of technologies to choose from for their experiment, but it was really an arbitrary point. The tools and techniques would work just the same. Kleinsmith and his team decided to focus on component technologies in the Joint Strike Fighter, a stealth aircraft then in development and upon which the military had pinned much of its future fighting strategy. A small group of three analysts started with wide search strings, looking for pairings of their target technology with “China,” “espionage,” “export.” They stretched digital reapers through the classified databases and across the fertile field of the Internet, pulling in thousands of Web pages containing potentially relevant information. They retrieved an enormous harvest.

Next, Kleinsmith and the analysts took a first pass with their mining tools, separating potential leads from dead ends, wheat from chaff. Typically, some connections just seemed implausible on their face, or obviously coincidental, and the analysts used their common sense to help them sort things out. The initial take showed tantalizing correlations among universities, national laboratories, and Chinese nationals, all of which popped up as references in news articles, intelligence reports, and other sources in the harvest. This was just a first step, but it hadn't taken Kleinsmith very long.

The beauty of the IDC's approach, Kleinsmith had always thought, wasn't its ability to collect information. Vacuuming up the Internet or a database was a crude technique compared with what he did next: convert all that information into a picture.

Kleinsmith ran a collection of now filtered information through a “visualization tool.” In a matter of seconds it read all the information, which consisted of news stories, Web pages, classified cable traffic, and other documents, and then pulled out pieces of information such as names, places, and actions. Something discernible, with a clear point of reference in the harvest.

Then the tool plotted each document as a small point on a graphic map. A trade press article about satellite acquisitions by the Chinese military, say. Or a cable from the embassy in Beijing about a space research delegation visiting universities in California. Documents with similar subjects appeared close together. Then the tool created peaks, signaling a high concentration of documents about a specific topic. This was the visual component. The distance between two peaks showed how closely those topics were related.

As Kleinsmith stepped back and took in the entire map, he could see the landscape of information. And with that, he could start to ask questions. What does the harvest say? Who are the most important people? Where were the gaps in his intelligence base? The tool let an analyst click on a specific data point and pull up the underlying report, to read it in full and put it in context. One could suddenly not just see the forest but zoom in on a single tree.

This kind of production, from beginning to end, would have taken large teams of analysts weeks, if not months, to complete. They'd have to manually collect the data first, or use proprietary searching tools that only let them scan one or a few databases. Then they'd have to draw all the links themselves. And they certainly would not have used the Internet for source material.

Kleinsmith's approach offered liberation. It was as if he and his analysts had grown wings, and slipped the coil of gravity that kept their colleagues toiling in a vineyard of data. They soared over the terrain, dove down into the valleys, rested on peaks. Although Kleinsmith's rapid-fire version of analysis would, only a few years later, essentially be available to the masses through Internet search engines and online collaboration sites, at the time, in 1999, his approach was something marvelous.

And rather dangerous.

As Kleinsmith and his team worked through their China harvest, the pervasiveness of the espionage startled them. But the fact that they had discovered it with relative ease, that the clues were out there for the taking, surprised none of them.

The harvest had gotten them only so far. This high-tech analysis was not magic, as Kleinsmith often reminded his customers, particularly when they came calling in desperation. At some point the analysts had to put their own skills to work.

The analysis indicated that Chinese agents had access to the target technology through the labs and research facilities of a number of U.S. universities. Kleinsmith wanted to know which ones they should focus on first, as they might represent the weakest points. Armed with that threat-mapping model, as Hamre wanted, counterintelligence agents could get to work plugging leaks.