An inability to translate clear signals is perhaps the most interesting lesson I’ve found from an analysis of North Korea’s 1968 capture of the USS Pueblo spy ship.
The ship would gain little insight or warning from monitoring the North’s clear-voice communications because the rusty language skills of two Korean linguists belatedly assigned to the ship’s SIGINT detachment were not up to the job of rapidly translating fast-moving tactical traffic. At a tactical level, NSA observed that had the linguists been qualified they would have understood a full 20 minutes before the first shots were fired at Pueblo that North Korean patrol boats were maneuvering to fire.
The CIA might be making a subtle yet very poignant argument that all the best high-tech in the world doesn’t amount to a hill of beans when basic skills and wisdom for placement and use are missing.
As a corollary, someone thought it a good idea to mount exposed machine guns on the high deck of this “oceanographic research” vessel — too small to defend against threats, too large to be denied, and completely exposed to ice and enemy fire in a way nobody ever could want to use in bone-chilling hostile waters.
The CIA also has pointed out key material for stolen cryptography machines were leaked to the KGB around the same time by a US Navy Chief Warrant Officer, John Walker.
For a KGB station chief personally to meet a prospective agent was unprecedented, but Solomatin spent the next two hours talking privately with Walker. The American favorably impressed him by saying nothing about love for communism, which most phonies emphasized. This was strictly business.
That wasn’t a backdoor risk from engineering, but rather a front-door insider threat, made possible due to weakness in key management processes.
Because the KW-7 used key-lists it was considered expendable as long as the monthly key-list cards themselves were not compromised. […] KW-7 cryptographic machines were most certainly lost prior to the unit that was aboard
Pueblo. […] he one thing that the Soviets or the East Germans did not obtain was the key-lists. They may have possessed a few key-cards at various times but John Walker provided the constant flow that was needed to make penetration of US Naval communications by the Soviets such a continuing success. […] The flaw in the system was the assumption that the outdated key-cards had been destroyed. Walker certified he had destroyed the cards, when in actuality he simply took them and gave them to the Soviets. No one verified that Walker had indeed destroyed the previous month’s cards.
I find this all worth consideration today given how journalists repeatedly cast a negative light on the chief of security at platforms like Facebook (e.g. Alex Stamos), who clearly and repeatedly failed to deploy basic proficiency in spaces where information risks were known to be the highest.
Did the NSA come to any similar conclusions as the CIA about this fundamental failure in risk monitoring (skill for clear-voice translation), let alone management of how and where crypto should sail or not?
As I stood there Don Peppard came up behind me and asked if I had any idea of where we were. I said that I didn’t have the foggiest idea. When we’d left Japan and headed north, my knowledge of geography must have been on hold — it simply never dawned on me that the only countries west of us had to be China, Korea or Russia. Where were we?
That rosy picture of risk definitely wasn’t carried into the 2015 CIA files, which argue significant damage was done by compromise of intelligence gathering materials as well as the link to Walker.
Congress was on to these things right away in their 1969 “Inquiry Into the U.S.S. Pueblo and EC-121 Plane Incidents: Hearings, Ninety-first Congress, First Session” (US Government Printing Office, page 729):
The National Security Agency, which questioned the risk of the Pueblo mission, had neither the responsibility nor the authority to do so. […] There is a great difference of opinion at high intelligence levels as to whether or not the loss of the Pueblo was very serious in terms of our national security and national intelligence effort.
The NSA today offers readers a raft (no pun intended) of related documents available to the public, which purports to be lessons learned.
Indeed, much of this history is directly relevant to the nature of problems faced by security officers today.
I just don’t see the clear-eyed analysis from the NSA. And in current context I wonder if anyone at Facebook security (often hired out of the NSA) thought about the Pueblo incident before claiming they didn’t anticipate basic translation skill or insider threats would be so important given all their fancy communication equipment being repurposed today in hostile countries.