NSA encryption no smoking gun, says drone net contractor

KG-340 - NSA Certified.pngAn NSA encryption box that secures the US military’s global drone network has become the focus for UK officials deciding whether a telecoms contractor should be pulled up under international rules on corporate ethics.

British Telecommunications Plc, which faces a formal investigation of its contract to supply part of the US military network, told UK officials they should disregard the NSA encryptor and drop the case.

It had been cited in evidence by legal charity Reprieve, in a bid to make BT meet an obligation to assess whether it was responsible for human rights atrocities after supplying part of the network the US has used to target a calamitous drone assassination programme against suspected armed opponents of its military offensives in the Middle East.

BT told officials the NSA encryptor – called a KG-340 – was the only part of Reprieve’s case that had not already been thrown out as insubstantial, and it was irrelevant anyway.

Thumbnail image for Miles Jobling - BT Solicitor.jpg“BT did not provide or install any KG-340 encryption device,” said a legal brief BT solicitor Miles Jobling sent to UK officials at the Department for Business, Innovation and Skills.

“The KG-340 encryption devices were to be provided by and managed by the US government,” it said.

Officials deciding whether to let BT off an international obligation to look into human rights atrocities have hinged their judgement on whether it looked likely on the face of it that BT’s work for the US military was related to drone strikes.

They threw the case out once already, saying the evidence was thin. But Reprieve made them look again after a Computer Weekly investigation showed BT had provided a major trunk of the global military network the US used to conduct drone operations.

Thumbnail image for KG-340.pngThe KG-340 encryptor had been just one small part of the extraordinary “network-centric warfare” system the US has been building for the last 15 years, and which culminated with its “targeted killing” programme: which pulled disparate intelligence sources together on a network to remotely track and kill people on its suspect list.

Its design overseen by the US National Security Agency (NSA), the KG-340 was built to transmit classified intelligence and military communications down this network’s high-speed backbone – and at “ultra-low” latency, so it could transmit critical combat mission communications without delay.

KG-340 for Net-Centric Warfare on the Global Information Grid.pngAs a “Type 1” encryptor, NSA certified the KG-340 under its Commercial COMSEC Evaluation Program (CCEP) to transmit comms classified “Top Secret”. It had been a primary building block of the Global Information Grid (GIG) – the network system that drove the US net-centric warfare systems – and the high-grade backbone that underpinned the whole thing: the Defense Information Systems Network (DISN).

The US military’s contract notice for BT’s part of that backbone said it would be capped with KG-340 encryptors, removing any doubt about its purpose.

BT told officials: “The KG-340 is an off-the-shelf product that simply protects the integrity of secure communications.”

“Mere knowledge that the US government uses KG-340 cannot of itself impose any burden on BT,” it said.

The British telco had insisted it should be able to remain ignorant of what its customers did with its services, in contrast with international rules on corporate social responsibility.

The KG-340 was acquired by defense contractor Raytheon in 2012 when it bought the government division of SafeNet, its original manufacturer. The latter had developed it under the NSA’s Commercial COMSEC Evaluation Program.