Intelligence intercepts that suggested Russia’s Metrojet airliner might have been bombed show how surveillance by US and British spies can be used to shed light on suspected militant attacks, experts say.
The US National Security Agency (NSA) and Britain’s GCHQ accumulate massive amounts of intercepted telephone and electronic communications, as revealed by US whistleblower Edward Snowden, which has raised fears over privacy and civil liberties.
While their work together with satellite imagery can hardly ever prevent an attack, it can help to piece together events afterwards.
The Times and the Daily Telegraph reported Friday that the NSA and GCHQ had intercepted telephone calls recorded before the plane catastrophe last Saturday.
They concluded from the intercepts that it was possible that an attack by the Egyptian branch of the Islamic State group, known as Sinai Province, had brought down the plane after it took off from Sharm el-Sheikh.
On Friday, a source close to the investigation said the black boxes recovered from the Saint Petersburg-bound jet pointed to a bomb attack, apparently confirming suspicions expressed by US President Barack Obama and British Prime Minister David Cameron.
“What the NSA is doing is effectively trawler fishing, trawling all the information,” a former head of the French intelligence services told AFP, speaking on condition of anonymity.
The technique is known as “bulk collection”.
“They take everything they can. The ideal thing is to be able to connect all that up and to put it together with other types of information to be able to prevent anything happening.
“(But) experience shows that preventing this kind of thing is very difficult, even impossible.”
Egypt’s foreign minister Sameh Shoukry said Saturday that the foreign intelligence on the bombing theory had not been shared with his government.
While his country is not dismissing any possible scenarios, he said the Egypt-led probe investigating the disaster has as yet no “hypothesis” for what happened.
‘Hide their traces’
Satellite images recording a flash when a plane crashes or explodes — like that reportedly picked up by the US military at the time of the Egypt crash — can also be crucial to an investigation, a former French foreign intelligence agency official said.
The picture can be fed into a super-computer used to compare thousands of pieces of information.
“It may not have been evident at the time, but after the event, information is collated and it makes sense,” he said.
However, governments’ claims about the gains made through mass surveillance should be approached with caution, according to Shashank Joshi, senior research fellow at the London-based Royal United Services Institute.
“In the last few years, since the Edward Snowden revelations, we have seen some pretty big claims from intelligence agencies like GCHQ and NSA,” he added.
Such claims, he said, included “all the things they have foiled and all the things they wouldn’t be able to do if they didn’t have ‘bulk powers’ or they didn’t have the ability to break encryption,” Joshi told AFP.
“In practice, a lot of those claims have turned out to be a lot more feeble when examined in more detail.
“That’s why I think we have to be very sceptical about assuming that dragnet analysis has been key to these things.”
It is possible, Joshi said, that in the aftermath of the plane incident “GCHQ devoted particular resources to hoovering up communications from a localised area, perhaps from known Sinai Province sites in Egypt”.
“That wouldn’t necessarily have to have been a dragnet approach,” he said.
The initial information that the Russian jet in which 224 people were killed was downed by an attack could also have come from an agent on the ground in the Sinai Peninsula.
But the security services would never admit that and so “hid their tracks” by claiming it stemmed from intercepted calls, Joshi said.
In October 2010, a Saudi agent who had infiltrated Al-Qaeda in the Arabian Peninsula helped to foil an attack aimed at bringing down two cargo planes flying from Yemen to Chicago, using bombs hidden in printer cartridges.
The agent supplied the numbers of the packages in which the bombs were packed, allowing them to be intercepted before they could do any damage. No intelligence service had got a sniff of the plot until then.
