Ibrahim Erdogan Columnist JTW printable version send your friend

Monday, 5 January 2009

Throughout history, intelligence has claimed an indispensable role in realising national security and survival. Due to the costs involved in establishing and maintaining working organizational structures and successful operations, intelligence has usually been assumed as a systematic enterprise consigned to the state level. To bring this point into perspective consider that in the last few decades two-third of the US national intelligence program spending ($25-30 billion) has been earmarked for intelligence hardware. More specifically, a sizeable share of intelligence budget has gone into technical systems which are essential for operations of, such as, collecting/processing of imagery and intercepting/deciphering communications[1].

However, the recent rapid developments in the field of information technology seem to drastically change the view that “intelligence is an expensive affair” and several other long-held central assumptions. For, a single person or a group, with the right talent and/or training, could now accomplish various asymmetrical intelligence tasks despite the least available resources. The technological advancement is mind-blowing; microprocessor performance doubles about every eighteen months; the cost of electronic data storage drops by about %95 every four years; and a new version of software is introduced for personal computers at approximately the same instant as one masters the old.

One recent incident reported in Turkey seems to provide a suitable example to test the above contention. During a police raid against the sellers of stolen goods in Diyarbakır on the 9th of November 2008, a man, named R.Ç, was stopped while carrying a laptop and searched[2]. He was then taken into custody on suspicion of theft and a coincidental search in his laptop revealed a document titled as MIT (acronym for Milli Istihbarat Teskilat-Turkish National Intelligence Agency). As part of further research the police raided R.Ç.’s home and found more classified files belonging to the MIT, military and other state institutions. When admitted to being a hacker working for the terrorist Kurdistan Workers’ Party (PKK), R.Ç. was later arrested for possession of state secrets and confidential documents[3].

In his testimony to the state prosecutor, R.Ç., a high school dropout and a self-taught computer genius, described in detail how he entered security forces and intelligent units’ computers using a virus named Poison Ivy, which he had developed. He then explained the method used for passing on the sensitive information to the PKK[4]. So far nothing much has appeared in the press over the extent of the leak which can possibly come after an analysis on the volume and degree of secrecy of the seized documents. The fact that Turkey’s two critical institutions, MIT and military, were exposed is sufficient warrant for further examination of the case.

R.Ç. admitted that he had implanted the virus into porn and game web-sites and, thus, gained control of the computers either belonging to the intelligence and military staff or to the smaller army units outside the central network in Ankara. That statement is critical as it meant that; first, some intelligence and military members may have been using their personal computers to access unreliable web-sites while their hard drives stored sensitive information about their institutions; second, smaller army unit computers and/or networks may have been used for accessing such sites while lacking credible defences; third, the central network may not have strict control on the users who try to access from outside and on the information which should only be available through a check of security clearances.

To test the first possible scenario, it is quite doubtful that sensitive documents could have been revealed as a result of a personal slip-up. For, both the MIT and military are known to follow a rigorous screening process when recruiting and one of the very first austere reminder made to the newcomers is to remain discrete in their professional as well as personal life. It is highly unlikely that either a fresh recruit to these institutions could have been trusted with sensitive documents or an experienced staff may have been too inept in exposing secretive information.

As for the second scenario, one needs to realize that both the MIT and military have traditionally been blessed with a significant portion of Turkey’s defence and security spending. The fight with the Kurdish terrorism in South Eastern Anatolia has been one of the primary reasons of that. Turkey has also held membership to NATO in the last 50 years or so and its military has been an essential force in forming the backbone of the alliances’ southern flank. Essentially for those reasons Turkey has been at the receiving end of substantial NATO assistance whether that be technical, organizational or hardware backing. In view of all these it is hard to believe that even at a smaller army level a computer network would be left without sufficient defences so that an amateur computer user would be allowed to hack into the system.

When it comes to the central network and the information available to users, the issue of control and security becomes considerably problematic. Central networks are expected to be under extreme protection and control in terms of the people who can access them and the level of secrecy applied upon the documents available. As in the US case, access to principal networks, under normal circumstances, is allowed to those people who have prior security clearances and the timing of accession and type of the documents retrieved are recorded automatically in a file. Such files are later reviewed by specialized personnel to track and evaluate for any kind of illicit activity.

So far no official announcement has been made either by the MIT or military over the question of whether there had been an unauthorized access to their networks. Two potential suppositions follow that; there is no strict control over the central networks so that nobody knows if there had been an outside access; indeed someone who had prior clearance accessed and retrieved secret and sensitive documents. The prospect of the latter turning out to be true is more problematic since it means that someone from the inside has caused the leak.

Finally, although it is still unknown whichever scenario would bring the most proximate explanation of the truth, one fact remains that a self-taught computer user has managed to get hold of critical documents. Whether that be due to a personal slip-up or lack of strict control and/or defence of networks, an asymmetrical intelligence task was accomplished by means of simple and cheap hardware which could easily be obtained by anyone from the market.