Echelon: Surveillance techniques

Telecommunications security expert in Germany, Manfred Fink, tells ZDNet exactly what individuals and companies have to fear from covert surveillance
Written by Susanne Rieger, Contributor

ZDNet:How long have you known about Echelon?

Fink: Experts have known for years that we are systematically being monitored. It's the first time, however, that the problem is being perceived as a reality, now that the European Parliament and Deutscher Bundestag -- German Parliament -- are getting involved.

What reasons lie behind the secrecy surrounding Echelon?

Fink: There are two reasons: on the one side, prosecutors have no interest in having their entire operation laid out in the open. There is no disclaimer. One simply doesn't say anything.

On the other side, any... German officials with the power to say something has until now remained quiet in order to prevent putting any inter-governmental projects at risk. The government didn't want to jeopardise the NATO alliance. But both France and England have their own spy satellites, as does China. This... weighs greatly upon EU partnerships.

What kind of costs are associated with Echelon's activities?

Fink: The budget granted for these kinds of operations amount to billions of dollars a year. Estimates as to how many people work for the National Security Agency (NSA) vary between 140,000 and 170,000. They of course employ only top people, the best mathematicians, used in unimaginable hacking/calculus centres.

Hardware isn't an issue there either. Though secret services of this sort have their own chip factories, it is only with "normal hardware" and parallel switching from one to another that they obtain their efficiency. The real problem lies in the software. The text recognition programmes used on office computers are simple waste products of military programming. Imagine your phone socket has been tapped with a control device. This means that each time you use that line your call is monitored. But the real spying only comes into play once a particular "hit-word" has been pronounced. The quantity of data would simply be too large to cope with otherwise. As long as the system is used in the fight against terrorism and frail regimes no one has a problem with it. It is only criticised when it is used for industrial espionage.

What makes a person a target? Who is likely to be spied on?

Fink: There is a lot of abuse in the relationships between European allies. Ordinary individuals are unlikely to be a target, but companies will be. The size of the firm being targeted is relatively unimportant, but international companies will be monitored no matter what.

Whether you own a small company of just 20 employees, have a specific product that only you offer worldwide or have only one competitor who sits in the US, you are bound to be of interest.

Is there anyway of knowing you are being monitored?

Fink: No.

To whom do you recommend the installation of high-tech security?

I recommend that all companies set up solid security. One must ask the question: "Would it be serious if they got hold of a third of the information in this communication?" Whoever replies "Yes" should make a security decision.

If the secret services have such efficient hacking machines, does it make any sense at all to use cryptography?

Fink: Information is perishable. If it takes months or years to obtain it, it often loses its value. This is the absolute starting point for defence: setting the threshold so high that the circumstances no longer require the information to be obtained.

Is it true that the radiation generated by monitors can be picked up and reproduced from as far as a hundred metres away?

Fink: Yes, whether it is a Word document with twelve point text font, an Excel spreadsheet or a CAD-image, you can pick it up via the monitor's radiation. Equipment to do this is available for DM250,000 (£8,000).

To prevent this you can either shield your monitor and hard drive or isolate entire rooms. This is how it is done in large calculus centres. Another method is to overwrite the emissions with a jamming signal so that the receiver will see nothing but a snow flurry on the screen.

Mobile phones must be easy to monitor. Is this true?

Fink: Mobile phones are actually better than we think. The air interface to base station is quite safe unless you happen to be standing opposite a news station. The rest runs on directional radio and public networks. These are indeed relatively easy to pick up.

Rumours from the US secret services claim there is a transantlantic fibreglass cable that picks up and retrieves data. Is this a modern fairy-tale or is it true?

Fink: No. In fact it's an entire underwater station held by cables made of copper. Other than that, it's correct. I have seen photos of it and these were no fakes.

When am I being careful and when am I being paranoid?

Fink: I would say that if you begin to assess yourself wrongly and miss out on the things that really matter, then you're being over-careful. One must not forget that the whole surveillance system is aimed at fighting the worst cases of crime and terrorism. Private people are then only of moderate interest.

Go to ZDNet's Echelon Special

Rupert Goodwins reckons we've allowed a state surveillance system to be built that would be the envy of any dictator, and we've allowed it to flourish unseen and uncontrolled. What we must do now is to start building pressure for a wholesale reform of Echelon: not to shut it down and render ourselves deaf to real threats but to improve its efficiency and make it ours again, not the plaything of nameless people. Go to AnchorDesk UK for the news comment.

The British are keeping a stiff upper lip, the US simply avoid mentioning it and the French believe it has been stealing secrets from France for years. Go to the TalkBack forum to tell us what you know and think about Echelon.

Editorial standards