The Shady Role of Start-ups in the NSA's War on Cyber Terror
BY Eric Markowitz
How Silicon Valley tech companies are slowly being sucked into the NSA's cyber-industrial complex.
James Bamford recently toldThe New Yorker that he has a love-hate relationship with the NSA.
"I love them, and they hate me," he joked.
With good reason. Bamford is best known as the secret agency's most prolific scourge, the journalist and author behind Wired's fascinating and dizzying July cover story on the NSA's director, the highly-decorated, four-star United States general, Keith Alexander.
Bamford's 5,000-word story, well worth the read, explores the NSA's rapid growth within the last few years. Funded with $4.7 billion from the Pentagon for "cyberspace operations," the NSA is expanding like crazy:
In May, work began on a $3.2 billion facility housed at Fort Meade in Maryland. Known as Site M, the 227-acre complex includes its own 150-megawatt power substation, 14 administrative buildings, 10 parking garages, and chiller and boiler plants. The server building will have 90,000 square feet of raised floor--handy for supercomputers--yet hold only 50 people. Meanwhile, the 531,000 square-foot operations center will house more than 1,300 people. In all, the buildings will have a footprint of 1.8 million square feet. Even more ambitious plans, known as Phase II and III, are on the drawing board. Stretching over the next 16 years, they would quadruple the footprint to 5.8 million square feet, enough for nearly 60 buildings and 40 parking garages, costing $5.2 billion and accommodating 11,000 more cyberwarriors.
The physical expansion is all part of what Bamford calls the cyber-industrial complex, "a burgeoning sector made up of many of the same defense contractors who grew rich supplying the wars in Iraq and Afghanistan."
Not surprisingly, with so much government cash being tossed around, the cyber-industrial complex has attracted a few notable Silicon Valley start-ups. One of them is Endgame Systems--an Atlanta-based company that's raised about $80 million from venture capitalists. Expect to start hearing more about them.
Why? Well, here's what they do, according to their site:
The risk is unseen threats and lost opportunities. Deploy breakthrough visualization and analytic technologies to blast through sensor overload and turn the most challenging cyber problems into opportunities.
Confused? You're not alone. Bamford breaks it down:
Endgame is developing ways to break into Internet-connected devices through chinks in their antivirus armor. Like safecrackers listening to the click of tumblers through a stethoscope, the "vulnerability researchers" use an extensive array of digital tools to search for hidden weaknesses in commonly used programs and systems, such as Windows and Internet Explorer. And since no one else has ever discovered these unseen cracks, the manufacturers have never developed patches for them.
The company's main product, Bonesaw, basically allows any client to access virtually any Internet-connected device around the world.
"The buying and using of such a subscription by nation-states could be seen as an act of war," Bamford writes.
According to some recent Edgar filings, it's clear that Endgame is the real deal. Listed among the company's directors are some of the most powerful and influential players in the world of cyber security. There's Christopher Darby, the CEO of In-Q-Tel, the venture firm behind some of the CIA's most secretive technology programs; David Cowan, a managing partner at Bessemer; and investors from Paladin Capital Management and Columbia Capital. Nathaniel Fick, a former marine and sometimes movie reviewer, is the company's CEO. (Endgame is hiring, too, if you can pass the company-administered polygraph test.)
All of which to say: In the midst of Silicon Valley's libertarianismboom, companies like Endgame present an awkward conundrum. On one hand, they're a natural home for the technical elite--the company offers technically challenging work and competitive compensation packages for software engineers. Palantir, a secretive, Palo Alto-based start-up is another of the same ilk. Palantir develops data-modeling tools for intelligence analysts and contracts with the U.S. Special Operations Command and Department of Defense. Both companies offer the typical accoutrements of VC-backed start-ups, such as free catered lunches and regular poker tournaments.
But on the other hand, there's the whole cyber-warfare aspect of working at these companies, where the job description might be considered decidedly less desirable for the typical Silicon Valley software engineer.
When Google and Facebook were implicated in last week's scandal, the tech community was livid. Why? Because more than in any other industry, and more than in any other place, there's an implicit understanding in the Valley that tech companies and goverment are willfully separate. To many, the notion that Google surreptitiously colluded with the government to allow them access to user data--whether true or not--was downright blasphemy.
The Pentagon now spends more on the NSA than it does on the CIA. That's a fact. For entrepreneurs and investors, that also presents a massive opportunity. But as the cyber-industrial complex continues to grow, it will take with it some of the brightest entrepreneurial minds of Silicon Valley. Should it?