Inside the FBI highlights news, cases, and people from around the Bureau—in audio form. For more information, visit fbi.gov.
[The episode begins with a musical track that feels dark and intense. It's driven pulsing synthesizers.]
Jennifer-Leigh Oprihory: Did you know that leads generated by the FBI helped our U.S. government partners—including the National Security Agency—locate Osama bin Laden following the September 11 terror attacks?
Episode One of the NSA’s new series, No Such Podcast, breaks down the concept of signals intelligence [SIGINT] and explains how the agency used it to track down one of the masterminds behind 9/11.
On this special installment of our show, we’re bringing you that first episode in full.
I’m Jennifer-Leigh Oprihory, and this is Inside the FBI.
[The Inside the FBI jingle kicks in. It's a bright and driving track.]
***
[An intense track, driven by strings, begins.]
Jon Darby: Osama bin Laden was a SIGINT target. We did have some collection on him in the past using a satellite phone.
Natalie Laing: There has to be a requirement to go after that signal for some reason of national security.
Darby: We recognized that this was such a complex problem that we weren't going to be able to do it by ourselves. You know, and a story this sensational, if it leaked, and he is in that compound, he could very well leave.
Other Voice: Yep.
Darby: And it's going to take 10 years to find him again.
[A new, technological-feeling track seemingly driven by crashing percussion and synthesizers begins.]
Christy Wicks: Welcome to No Such Podcast. My name is Christy Wicks. I am one of your hosts, and this is my co-host.
Cam Potts: Cam Potts.
Wicks: And we are joined today by the current director of operations here at NSA, Natalie Laing, and former director of operations, Mr. Jon Darby. Welcome.
Laing: Thank you.
Wicks: Welcome to No Such Podcast. Natalie, please introduce yourself.
Laing: Sure. So, Natalie Laing, as you said. I joined NSA 27 years ago from private industry, and so, I have always been based in what's now called the Directorate of Operations, which is responsible for our entire signals intelligence production cycle, which I believe we're going to talk about today.
And, so, most of that time has been in operations, but I've also spent some time outside of the building as one of our NSA representatives to the Pentagon, running one of our operational sites overseas, and also running our directorate that's responsible for all the external engagement outside of NSA.
Wicks: OK. Jon.
Darby: Well, thank you. It's a privilege to be here and be part of this conversation. I appreciate it. And I have to say, as a former NSAer, anything I say are my personal views, and not that of the agency.
So, I worked for the Intelligence Community for 39 years.
The majority of that time was with NSA. As part of that Intelligence Community career, I had served overseas for a while. I've done a whole lot of different things to include spending the better part of 10 years, from 9/11 to 2011, working in the counterterrorism arena.
My final four and a half years was as the director of operations.
Wicks: OK. And today, we're going to talk about NSA's bread and butter: SIGINT, or signals intelligence. What does that mean?
Laing: So, let's start with the most basic definition. What is a signal? 'Cause that underpins everything. So, in its basic form, a signal is a current, or a pulse, or a radio wave—something that transmits information and data between systems and between networks. So, each signal—think of a phone call or a text, or even communicating over the internet—these things create a digital footprint that we would call a signal.
There are other digital footprints or signals we're interested in, like weapon signals, radars, missiles. So, all of those are signals.
Then, if you take it and make it signals intelligence—or what we shorten to SIGINT—there are two very important qualifiers that make something SIGINT, the first of which is the most important one: foreign.
The second thing is, there has to be a requirement. So, from the president, or the White House, or the director of national intelligence, there has to be a requirement to go after that signal for some reason of national security and importance. So, at its most basic, that's what the signal world is, and that's what signals intelligence is: that data that rides on the signal that we are interested in for national security purposes.
Potts: So, Natalie, you mentioned making a phone call, making a text, or communicating over the internet.
That reminds me of music. When someone records a song, they could be singing or playing some type of instrument. They record it, they press stop, and they go to play it on some type of device. You actually can see the waveform audio, right? You can see the sound.
And so, while it may not necessarily be communicating a hello or goodbye, a message is still being communicated. As we know the phrase, "when words fail, music speaks."
But, be that recording music, making a phone call, sending a text, or communicating over the internet, waves have the ability of interacting with the physical world.
Within the context of intelligence, though, we have the ability of setting things up in the physical world to interact with waves.
So, tell us about foreign signals intelligence. What is it, what is the process, and why is it important to national security?
Laing: Yeah, so I mentioned two very important qualifiers: Foreign and we need a requirement. But "foreign" is still a very vast amount of signals.
So, we need—you're correct—a very specific process to go through all this to determine what we want to collect, are we able to keep it, and then what do we do with it? So, briefly, we call that the production cycle.
And there'd be five phases that I can briefly describe of what that cycle consists of.
So, it starts with the target itself. We have what's called the National Intelligence Priority Framework, the NIPF. We make acronyms for everything, so it's the NIPF. That framework, though, what's most important to know about that is that's what drives where to start looking in that vast sea of waves that you described, you know. So, that targeting goes through this framework, and that's the start of the cycle.
The second piece of the cycle then is, we have these places around the world where we actually go and collect it. We gather those signals that we've been authorized to do and that we find of interest for national security.
Once you collect it though, you can imagine the volume—given how digital the world is—you can imagine the volume coming in. So we need to process that data. This is, perhaps, one of the most complicated and biggest tasks we do as part of that cycle.
So, processing it needs the experts who can come in and say, "What makes this readable for an analyst? What makes this processable by our machines?"
Once that happens, we move into the analysis phase. And, so, we have a deep cadre of experts who say, "Everything that's happened so far, I'm going to take that data that that produced from those original waves and signals and make some sense of it—not only based on individual target knowledge, but also based on what we know our national policymakers need, our military leaders need to do their jobs and keep the nation secure."
And the way that we inform those policymakers and military leaders is through the last step of the production cycle, which is reporting.
This—I think we'll talk about this probably later in the podcast—but this has a very specific regime tied to it. But it's the most important way that we get our product out of the building. That's how we actually share the information in a very tailored and curated way as the end of that whole cycle that you described.
Wicks: And you share that information with other Intelligence Community partners, other agencies, even the private sector at times, depending on what the information is.
Laing: That's exactly right.
Wicks: Yeah.
Laing: So, I mentioned policymakers and military leaders. Those are sort of, you know, top shelf because they are really making the decisions, but we absolutely share with multiple other partners in the government who are also looking to protect the United States, with our allies, with our Five Eyes partners, with many nations who are also looking to protect against joint threats.
And then with industry, that is a big piece of our cybersecurity side. We have foreign intelligence and cybersecurity as our two bases of operations at NSA. And, so, it's very important to have that exchange with private industry when we see where malicious actors are in all of our systems, when we see ransomware attacks, or when we're not sure where they are in our systems, and we need to partner and share information to say, "are we casting the net wide enough and making sure we're looking for them in the right ways at the right time?" So, yes, we share all of that and more.
Wicks: Absolutely, and that can restart the intelligence cycle once you share that information with industry or partners.
Laing: That's exactly right. One of the biggest changes that we've seen in the last couple years as part of our national security memorandum and our responsibilities there is that we can do bi-directional sharing. And, by we, I mean our cybersecurity directorate. We can do bi-directional sharing with industry. So, that is the ability to ingest some of this data, not just collect it and put it out. Both are equally important.
Wicks: Now, we talked about the steps of the intelligence cycle. How do you follow the rules? How do you stay compliant when you are following targets and collecting signals intelligence on these targets?
Laing: So, for every aspect of that production cycle that I went through, compliance is our number one focus. That has to underpin everything we do at the agency, and it, in fact, does underpin everything we do at the agency.
So, the bottom line, what we're looking for there is respect for the law. Obviously, we follow the law and our authorities, but also respect for privacy and civil liberties. At its most basic, that's what our compliance program is.
But, of course, it's more than that in day-to-day activities.
So, there's the law. There are authorities that actually drive what we do, and we know them, we know them clearly. We apply them every day. But, then, there's ways to trust, but verify. So, every year, we test our analytic cadre to make sure they have the most recent and current understanding of the laws and authorities that govern us and of our policies, our internal NSA policies that we derive from those laws and authorities.
Darby: And you even get tested.
Laing: And I get tested.
Darby: Yeah.
Laing: Yeah, so when I say analytic cadre, really anybody touching all of this sensitive information.
And, then, in addition to the testing every year, we do auditing. So, we have random checks and we have purposeful checks of, "we said we were compliant, were we, really?" So, there's fail-safe methods there.
And, then, finally we have a very robust overseer framework. So, that starts in Congress. We have several committees that are solely focused on the Intelligence Community and how we are conducting—and lawfully conducting—our missions.
Then we, also have a very specific body called the FISC. This stands for the Foreign Intelligence Surveillance Court. And they oversee one of our most important and impactful authorities on national security and in keeping the nation safe. And that's called FISA. So it's Foreign Intelligence Surveillance Act.
And then there's a specific section, 702, of that act that really underpins so much that we do at the agency. And it's such a key authority that we have a specific court focused just on that authority to do all the things I just said: auditing and testing and overseeing.
But that whole regime makes up what we say when we say "compliance."
So it sounds a simple thing to say, "Yes, we are compliant. We have a compliance program."
It is matched with every step of that production cycle that I laid out.
Potts: So with foreign signals intelligence, the process, and then being compliant every step of the way, I've been curious to know what are some of the examples where SIGINT has been used in the NSA mission?
Laing: So, I would offer three, very current. And let's start with Russia-Ukraine.
So, those signals that we've been talking about, we collected those signals and we were able to see that Russia had the plans and intentions to invade Ukraine before they invaded.
And, so, we were able to take this SIGINT intelligence, contribute it to the whole of government—the U.S. government's entire approach to deter and try to defeat Russian aggression in that space.
NSA also shared the results of those signals with our close partner, United States Cyber Command. Cyber Command was able to send—before the invasion, again—a small team over to Ukraine to help them look through their networks and point to some activity that seemed to be Russian activity there so they could shore up their networks from a cybersecurity perspective, even again, before the invasion.
So that's the first one. Russia-Ukraine would be a very current crisis, right?
The second one I'd offer is China and specifically the People's Republic of China.
So SIGINT—these signals—informed our understanding—the U.S. government's understanding—of the Chinese origins of a chemical used to synthesize fentanyl, which is a clearly recognized national issue.
This information was derived from the authority we talked about earlier, Section 702 of the Foreign Intelligence Surveillance Act, FISA. So, this is important—in our estimation—because NSA plays a key role in keeping all communities in the U.S. safe.
And then, finally, a third example: cybersecurity. So SIGINT helps us defend our nation's critical infrastructure, to include our defense industrial base.
And NSA has used SIGINT actually to identify multiple foreign ransomware attacks. That intelligence has helped us—the U.S. government—to respond to and actually, in some cases, to fully prevent significant attacks on U.S. networks.
One specific example is an Iranian attack in 2022. So, SIGINT enabled the U.S. government to not only respond to that attack, also to recover the organization's information without paying the ransom, and all of that within one week.
Male Voice: A week
Laing: So, those are three examples I would offer of pretty current application of signals intelligence.
Wicks: And ransomware attacks happen so often now—
Male voice: It does.
Wicks: —to not have to pay a ransom and intercept that foreign intelligence and to stop that attack or to intercede to make sure that these companies don't have to pay and they're protected, their networks are protected.
Laing: Agreed. Unfortunately, this is a common occurrence.
Wicks: Yeah.
Male Voice: Uh huh.
Wicks: Yeah, you hear it all the time.
Male Voice: Yeah
Wicks: It's always in the news.
Laing: Exactly.
Wicks: Now we're going to get into each of those steps once we talk about our feature story today, but Jon, over to you.
Let's talk about September 11 and how Osama bin Laden was one of the targets and the role you played in bringing him down.
Darby: Well, I'll start with, kind of, who is bin Laden—not everybody knows the whole story—and then go from there.
So, Osama bin Laden was the founder of al-Qaida, the terrorist group. It started up, organized shortly after the Soviets left Afghanistan.
And al-Qaida, as an organization led by Osama bin Laden, launched a holy war against the West. And the U.S. was their primary adversary, in their mind.
So, they carried out a series of attacks through the ‘90s, you know, actually attacked the World Trade Center in 1993, carried out attacks on [the] USS Cole in the late ‘90s, attacks on US embassies in Africa in August of ‘98. And, then, of course the big, the 9/11 attack that we've all heard about, killed nearly 3,000 people here.
So, Osama bin Laden was a SIGINT target, you know, for a while. Clearly, he was of interest. He was leading an organization that intend to inflict harm in the United States.
We did have some interesting collection on him in the past using a satellite phone.
Unfortunately, that got published in the media that we were collecting him off that satellite phone. From that moment on, no more electronic communications from him.
So, we had to be creative, you know, how to get to him.
So, let's take from 9/11 on. So, at least everybody has a story. You know, those that remember, you know, 9/11, where were they, what was going on. My story is, I slept through the whole thing—
Potts: Oh, okay.
Darby: —because I was on a business trip down in Australia—
Potts: Okay.
Darby: —At the time. The way I figured, I was probably went, fell asleep about the same time that the first plane hit the building, woke up the next morning, saw what had happened.
You know, I was grounded in Australia. All federal employees were told,"you had to stay where you are," because we didn't know what else was going to happen. Were there going to be more plane attacks? We were, as a government, worried something else was going to happen.
So, I was basically stranded in Australia for a week. And, I kept busy by helping our Australian partner agency. Natalie mentioned we partner with our Five Eyes agencies. Australia is one of those key partners. That's who I happened to be visiting on the business trip, so I was helping them, you know, kind of basically liaise with NSA, who was trying to figure out what to do and helping Australia figure out how they can help us.
So, stuck for a week or so in Australia, came back to NSA on about the 20 or 21, somewhere in there, walked into my office—and I share an office with my boss—and I walked in, and he says, "You have a new job as of right now."
Potts and Wicks: Wow.
Darby: "Report up to the sixth floor, to the counterterrorism organization."
So, okay. I went up to that, the head of the counterterrorism organization's office, and said, "I'm here. What am I supposed to do?"
And, he basically said, "You're going to be in charge of SIGINT development, you know, for counterterrorism, and your job is to build an organization and figure out all the different ways that al-Qaida communicates."
Wicks: Wow.
Darby: So, that's what, you know, how I got into the counterterrorism world directly.
Wicks: Okay.
Darby: So, and, then, we started the, you know, SIGINT development cycle, you know. And Natalie mentioned that the process, the cycle, it kind of all kind of starts with developing a target—understanding who you're trying to collect on and the different methodologies to get after that individual.
Potts: Yes, so I was going to say, tell us more about SIGINT development as it relates to bin Laden.
Darby: Okay.
Potts: What did that process even look like? Paint the picture for us.
Darby: All right. So I'm going to break it into two pieces.
Potts: Okay.
Darby: There's, because there's overlap between the two.
Potts: Okay.
Darby: There's understanding how al-Qaida communicates. You know, our number-one mission, number-one job was to prevent another attack here in the United States.
Potts: Of course.
Darby: And it wasn't just bin Laden. I mean, there are many other leaders in the al-Qaida organization. We had to worry about that.
So, let's start with that: al-Qaida communications. How do we discover and disrupt terrorist plots, you know, targeting the U.S. or elsewhere?
So, we had leads. You know, we could get leads from—let's say, materials that the 9/11 hijackers had used, that FBI had. We could get leads from other agencies, and so on.
And we recognized that this was such a complex problem that we weren't going to be able to do it by ourselves. We were going to have to team with other agencies, whether it be CIA or the military or others, that could have leads and bits of information to feed us.
We could provide bits of, you know, data, information, to them to help with their, let's say CIA's information to, you know, recruit assets within the al-Qaida organization to get after, to discover these emerging, evolving threats.
So, building teams. And part of that was we actually started a process to send NSA analysts down to work at CIA and to go overseas.
Female voice: Wow.
Darby: And, you know, and the team developed this dynamic, you know, multiple agencies working together—whether it's at NSA headquarters, CIA headquarters, or overseas, that team evolved into a really tight team. And if you fast forward after the bin Laden takedown, if you sat down the core analysts from the different agencies, you'd be hard pressed to say, "Is that an NSA person or a CIA person?"
Potts: Wow. Wow.
Darby:—because they were so tightly working and passing information back and forth as it developed.
So, back for the broader al-Qaida mission, building that team, you know—and I mentioned for bin Laden, but this applied across all of al-Qaida, trying to understand it. And what I'd like to say, it's operationalizing that relationship. You know, it's one thing to just provide intelligence to somebody, but, you know, something that I often said is, "We're not in this business to produce libraries. We're in this business to support operations."
And what that means is building that relationship with these operational communities—whether it's the military, who can do things, whether it's FBI, who can do things within their authorities, or CIA and others.
So, building that team with the operational community was really critical in developing that mindset that, we're not just, you know, pushing out intel.
Potts: Yeah.
Darby: It's about—
Potts: Close collaboration
Darby: —follow it to the next level. What are you going to do? How do you work with that agency to arrest that terrorist, for example? How do you, you know, how are you working with that agency to disrupt that plot?
So that's kind of the broader al-Qaida mission, and there's similarities with, we look at Bin Laden himself. And I'll tell you, the fall of 2001, that's when we started really looking for bin Laden.
And I remember late night meetings in the fall of 2001, we'd sit around a table and say, "how do we find him?" And one of the early theories was a courier—somebody that's going to be taking care of him, so. But that was, you know, 2001.
Potts: Okay, yeah.
Darby: So, over time, you know, you're, we're developing leads and lots of false leads. You run down rabbit holes and this wouldn't pan out, but the analysts never gave up. And you can imagine, everybody had a good idea.
Potts: Right.
Darby: But we say the good idea fairy keeps pushing out ideas, and the analysts, you know, felt obligated to check them out. But still at the core, they're thinking, "this courier route could be probably our most valuable, but who is the courier? How do we find him and things, you know, how do we develop out that courier target?"
Potts: Of course.
Darby: So, with that team that had been developed, you know, there were leads passed on. Here's a potential, this could be a potential for the courier. Ultimately, one thing led to another, SIGINT, you know, human intelligence, and kind of honed us in on, who turned out to be the courier and the caretaker for bin Laden in Pakistan.
Wicks: Wow. So Jon, how did you pull all that intelligence together and pinpoint where bin Laden was?
Darby: Well, it's, you know, it wasn't a huge amount of data. That's the thing.
Wicks: Okay.
Darby: It's just bits and pieces.
Wicks: Wow.
Darby: And I mean, I often use the analogy for, Intel is like building a jigsaw puzzle. But it's a jigsaw puzzle with a twist.
And what I mean by that, this particular jigsaw puzzle, you may have a few pieces on the table in front of you. You may have some on the carpet. The dog’s eating some. Some are on the other side of the street. Some are on the other side of town. Some are at the bottom of the ocean. Some don't exist.
Your job, as an intel analyst, is to find as many of those pieces as you can, by whatever methodology you can, working with partners or others. And, then, you've got to put together those pieces without a box top telling you how they go together.
So it's really, it's a, was a mosaic of different data pieces being pulled together to present the likelihood that bin Laden could very well be in that compound. And we didn't know for 100% certainty until actually the raid took place.
Potts: And that close collaboration is definitely the key here in being able to properly get to the answer. So, we have the fall of 2001, and then you talk about the raid. How long did it take to find bin Laden?
Darby: Ten years.
Wicks: Uh huh.
Darby: (Laughs)
Potts: Ten years.
Darby: Yeah, nine and a half years or so, and it was, you know, and it went in fits and starts.
Potts: Okay.
Darby: You know, that there was always the mission to find him. You know, and it was hard. You know, there was long periods where there wasn't, there weren't any leads.
Potts: Right.
Darby: And then some things would pick up. You know, let's, here's another lead, let's run that down. And there were plenty of people that came to me at the time when I was the head of the analytic counterterrorism organization, saying, "Why are you spending any resources on this? You know, he's dead, you're not going to find him."
And, you know, we said, "No, we will. If he is alive, we will find him. You know, the U.S. government will find him. That's not an option just to give up." So, the analysts really were persistent, running down all the different leads, you know, over a number of years. And things didn't really accelerate to, about the compound until late 2010—
Potts: Okay.
Darby: —or so.
Wicks: So, it ramps up in 2010. I know talking about specific collection on bin Laden is very sensitive. What can you tell us about that specific collection on bin Laden that can be talked about?
Darby: Well, let's start with kind of the first, when it became clear this, there may be something to this. And this is, you know, fall-ish 2010.
And one of the lead analysts came to me, said, "hey, this looks like a good lead, the best that we've had for, you know, for years that actually may go somewhere."
So, at that point, figured, all right, this looks like a good lead. But at that point, it's a lead. You know, we'd had how many dozens of leads in the past. So we didn't really know how this would play out or not.
You know, fast forward a couple of months, and we did read in a couple of, you know, this is an ultra-compartmented, you know, operation. We read in a couple of technical folks into what we—when I say we, U.S. government—were trying to do and working closely with CIA and others. And they looked at, you know, came up with some creative options to potentially get some collection.
I really can't get into specifics about, you know, the specific collection operations that took place there. But, suffice it to say that we were joined up with, certainly CIA and the other intel agencies to really, you know, get as complete a picture about what is going on in the compound is. You know, there were kind of two threads: Is bin Laden in that compound? And the second thread is, how do we support whatever the U.S. is going to do about that compound?
Potts: So, when you talk about those being read-in to this specific compartment, what does that mean?
Darby: So, I'll back up into what does it mean by a compartment?
Potts: Okay.
Darby: You know that everybody that works at NSA has what we call a top secret special compartmented, TS/SCI clearance.
Potts: Yes.
Darby: That's kind of the baseline.
But there are any number of additional clearances on top of that, to include compartments for special projects, for example.
So, this was, you know—and then, Natalie and I both had numerous compartments over the years in special operations—this one was different.
And what I mean by that is, you know ultra-compartmented. I mean, there was at one point I got a call from a very senior official at CIA who's telling me, "you realize this is the most, you know, the top secret in the United States government right now." And I got it. You know, so it's super-secret.
But really it's, just to kind of demonstrate how secret this is, think about NSA, how big NSA is. Tens of thousands of people. The day of the raid, there were no more than 50 people that knew what was going—
Potts: Fifty!
Darby: —on.
Potts: Fifty!
Darby: Fifty.
Potts: Ok.
Darby: And we were very, you know—
Wicks: Tight-lipped, I'm sure.
Darby: —Very tight-lipped and had, kept close tabs on who actually knew what was going on.
Even updates, we handled that in hard copy. We weren't emailing anything around about it.
So it was, as I say, Natalie and I have been involved with a lot of compartmented operations. I'll say this was the most-compartmented that I've ever been a part of.
And it makes sense because we'd been trying to find him for 10 years. You know, and a story this sensational, you know if it leaked—and we knew al-Qaida paid attention to the Western press. If it leaked, and he is in that compound—again, which we didn't know for sure—he could very well leave.
Wicks: Yeah.
Potts: That's right.
Darby: And then, it’s going to take 10 years to find him again? I don't know. So it was really critical to keep a lid on what the US government was doing.
Wicks: So partnership sounds like basically the epitome of everything that you guys were working on and working with and HUMINT [human intelligence], SIGINT—everybody just came together at the table to make sure this man was caught, that the people who lost loved ones, they deserve that justice. Let's pivot to you, Natalie. Talk to us about that processing of the SIGINT chain.
Laing: Sure. So we talked in the beginning about the production cycle, but I covered that pretty high level.
Wicks: Yes.
Laing: As you can imagine, there's a lot of connective tissue in between all those steps.
So, one of the things you mentioned: processing. I'll anchor on that for a minute.
So, one of the main things we need to do when we do that collection and processing is make this understandable for the folks that are going to be working this. So, that's intelligence analysts, that's language analysts.
And so you might be looking at a signal or a big grouping of signals that are very complicated, highly technical, or encrypted—or all three of those things.
So, it is our job to not only undo the complexity to get to the meat of the data so that the analysts can use that, but also, we have to establish the right thresholds for how to go through that data.
So there's a lot of discernment that goes on.
So to use a, one very small, but specific, example, Jon was talking about the couriers as we were targeting UBL [Osama bin Laden]. If we were to go through all this collection and see anything that relates to that courier, obviously that's something we would discern is of foreign intelligence value. We will keep following up on that.
If it was, for example, a signal that was right next to that one, of a local taxi driver near you, okay, that's not something we would discern—
Wicks: Right.
Potts: Right, okay.
Laing:—we need to follow. So, that's one way that we start to parse out this collection so it's usable and meaningful 'cause the volume is pretty significant. Now, it wasn't necessarily significant on UBL, but when they're working a bunch of other things, we need to make this discernible for them.
We have to have thresholds built in throughout that process that say, "Is the foreignness still there? Is this, it's interesting, but is it part of a requirement for us to work from national security perspective?"
So, all of that needs to be worked in the process for every piece of that production cycle.
Pair that with constant new technologies coming up, new means of transmitting data coming up.
Potts: Yes.
Laing: We need to stay on top of that. I'm not going to ask an analyst to stay on top of that. It's our job to stay on top of that technical environment so the analyst can do what those brains are, you know, so cultivated to do, which is get after those hard target problems like the UBL and many, many others.
So, that's what processing really looks like at high level.
Potts: Certainly, so if you thought you found something of relevant to national security interests, or let's say it's a priority by the president. You dug a bit further into it, but it's nothing there. You stop?
Laing: That's correct.
Potts: Okay.
Laing: No need to pursue further.
Potts: Okay.
Wicks: Okay, so let's just say you have the right technology, you figured out the right signal complex. Talk about encryption and how that plays a role in signals intelligence.
Laing: So, I'll say two things to start about encryption.
One, at its most basic, it's our ability to secure communications and control access to sensitive data. That's the easy part.
The hard part: It's very hard math that underlies this—so hard that I'm not qualified to explain to you the math—but what I can tell you is that there are very smart people that work this and they enable computers to do some of this because to do this in a reasonable amount of time to decrypt something, code break, we need a computer to do that or maybe we need to do computer work for the entire thing.
So, it's a simple thing to explain. It's a very hard and complex thing to unpack when you talk about encryption. And, so, you need very tailored, what we call STEM or technical skills, along with very powerful computers.
And, so, it also needs to be a very wide team. So, we talk about the crypto mathematicians. We talk about the computer scientists. It needs a very wide skillset that can actually come in and say, "we know how to do this."
Now, that said, there are still codes we can't break. We try to do this every day, new codes. But NSA is the world leader in what we call "cryptography." So, it's everything that's wrapped around encryption. And so that is the ability to, of course, protect ourselves from adversaries who want to get past our encryption to get to our sensitive national security data. But it also involves our world-class ability to break the codes of our adversaries or terrorist communications or malicious actors that we've seen. So, that ability at NSA is really world-class, and we're super proud of that talent.
Potts: Breaking code, making code.
Laing: Exactly.
Wicks: Absolutely.
Potts: Cryptanalysis sounds quite amazing, almost like mathematical magic.
Wicks: [Laughs]
Laing: It is mathematical magic.
Potts: Yes, and it speaks to NSA being home to some of the nation's greatest and best mathematicians.
Laing: Correct. And we've been doing that magic, honestly, for 72 years now, even prior to World War II.
I'm going to share a couple examples that are declassified now that predate World War II and go past World War II.
So, everyone's familiar with D-Day, of course, spring of 1944. The U.K. and the U.S. allies were planning a big invasion, as we all knew.
The Germans were tracking this, as were the Japanese, for about a year.
What they were not tracking is that we were reading their encrypted communications. We were reading exactly how all of their troops were set up on the beachheads there. We were reading what they shared with the Japanese, as far as how strong or how not strong their defenses were there.
Potts: Wow.
Laing: So, obviously, D-Day still involved massive loss of life, but advantage: Allies, for our ability to read those encrypted communications and know what we were facing and it definitely gave the competitive edge to the Allies that day, without question.
And then, if you fast forward a little bit to after the war and the Cold War era, we were able to decrypt—so break the code in your terms, Cam—of Soviet, both espionage communications and diplomatic communications, from 1952 to 1980.
Again, huge competitive advantage for our national security.
Potts: Certainly, certainly.
Laing: And then, as part of our role for a combat support agency, in Vietnam, we were able to prepare the troops based on decrypting and breaking some code for the 1968 Tet Offensive.
So, looking out for our troops in harm's way and, again, being able to encrypt plans and intentions and share that as part of our military support role.
Wicks: And we still do that today.
Laing: We still do that today. We are, at our core, a combat support agency.
Wicks: So, we talked about it: decryption. So, once you get that intelligence, it's decrypted, it falls into the hands of cryptanalysts. What happens after that? Does it start that intelligence cycle over again?
Laing: It does, but what really comes out is a very specific point here.
When we talked about as part of the intelligence cycle, who's doing what? So that processing of what the language analysts are doing, what the intelligence analysts are doing. So, this is a lot of work that we put on top of them.
So from a language analyst perspective, again, we want to get this into a readable form. But what, then, they have to do, it's not just the literal translation. This is of course foreign language, so we need to translate it. But we have to remember what we're asking the analysts to do.
They can't ask any clarifying questions on this piece of information that came in. They just have to work with what they have. And, so, whether you're a language analyst or an intelligence analyst, we're saying, "take what's there." Yes, we have to do the literal translation. But then they have to apply all these years of analytic method training, knowledge of their target.
And for language analysis, that's sometimes, "What's the sound of the voice? Have you ever heard this person talking to that person before? Why are they talking about it right now, do you think?"
So, we need to report what's literally—we can't report things that aren't in those signals that we collect. But wrapping that expertise around is what's really critical.
And, so, us, of course, providing technology that enables that processing and the intelligence analysis and the language analysis to happen is a key piece of that whole production cycle.
Wicks: That's amazing. I'm sure you've helped mitigate many threats, just disseminating products.
Laing: Correct. There's big readership for NSA's SIGINT, or NSA's "products," as we call them.
Potts: All right, and now moving to, let's say, the last step in our SIGINT process: reporting. We can actually send directly to the president?
Laing: We can.
Potts: Okay.
Laing: And we do.
Potts: All right.
Laing: And to many, many other people.
So hourly—probably every minute, frankly—there are these SIGINT products, these SIGINT reports going out. So, certainly, they go to the White House. They go to the National Security Council, they go to all of our national policy makers, senior military leaders, all of our allies, our customers in the U.S. government, our partners in the U.S. government, very wide readership of reports.
But what's behind the report might be a little bit, might be good to unpack here.
And, so, what's behind that is, first of all, there's a lot of information to synthesize. And, so, getting it out the door to the right person at the right time needs to be very crisp. It also needs to be very timely, of course, but it needs to adhere to what we call "analytic integrity standards," AIS.
There are very specific standards that cover what we can report and the structure we need to report it in. That includes, of course, no embellishment or opinion—includes SIGINT fact, right, first of all.
But it also includes not mentioning or naming any of the sources or methods of how we got this data. That is the most critical thing through all this to protect. We need to get that insight out there, but we don't need to share in every report the source of that.
The other thing that's good to know behind that whole report-production chain is there are multiple sets of eyes on every report. Natalie Laing does not sit down, write a report, and pop it out the door. Multiple sets of eyes to make sure that I have been compliant in not naming sources, the integrity and the analytic standards are there, and it is the right formatting of the SIGINT data—which can be, frankly, very technical. So it needs to be the data and the reporting that most closely matches some of those national security requirements we talked about in the very beginning.
And, so, reporting encompasses everything in between, as you can imagine—many, many targets sets going out—but I will tell you that this is our product, if you will. If we were a company, a private company, this is our product, and it is exquisite, and it is extremely impactful on the national security front.
Darby: Can I foot stomp something, Nat, about the reporting?
Wicks: Absolutely, Jon.
Darby: We talked about target development and follower leads and cryptanalysis, and all that's really cool and difficult and hard to do, but none of it means anything without the reporting—
Wicks: Absolutely.
Darby:—at the end. So that is, you know, some people kind of pooh-pooh and focus on the cool stuff. That reporting is absolutely essential. So, saying this agency wouldn't live without the ability to turn all these leads into something that's usable for policymaker or military commander and the like.
Wicks: Absolutely. And Jon, let's talk about the operation. You've done it. What did it feel like the moment Osama bin Laden was taken down during that operation?
Darby: Let me back up a little bit to the day of the raid—
Wicks: Okay.
Darby:—itself. So, it was a Sunday out here.
And, you know, I was here at Fort Meade and walking—I still remember to this day, walking across the parking lot to come into the building that morning thinking this raid was going to take place and said, "I really, really think he's there—
Wicks: Uh huh.
Darby: —but I don't know that I'd bet my annual salary."
Wicks: [laughs]
Darby: You know, that kind of, but I mean, the stakes were really high 'cause there was not certainty that he was there.
And, even as the raid took place and the first helicopter, you know, landed hard, you know, it was like, "Oh no, here's a situation, you know, it's going to go bad."
So, anyway, for the—Natalie mentioned earlier about NSA's role as a combat-support agency. And, you know, NSA had sent folks out to Iraq and Afghanistan for a number of years to support military operations there.
Our role, I mentioned that, you know, the kind of the two threads:
"Is Osama bin Laden there?"; and
The other: How do we support whatever the US government decides to do?
So, the government had decided to carry out this special forces raid.
So what's NSA's role at that point?
Our job is to make sure there are no threats to those choppers that are flying in and on the way out.
So we had people poised, you know, ready to provide any indications and warning of threats to those helicopters.
Anyway, I came into work, and NSA had a little command center set up, and there were about six or seven folks in the command center. And we had the audio feed from Adm. McRaven, who was the leader of the operation and he was out in Afghanistan, who was relaying things, you know, the audio about, you know, as the operation taking place, because the assault team lead was relaying it back to him.
And then he would convey the audio link to many folks across the [Washington,] D.C. area and elsewhere about what was going on.
So when he did say, you know, "HVT number one, you know, was spotted, you know, high value target." And I remember thinking, oh my gosh, he really is there. And then shortly after, you know, EKIA, you know, enemy killed in action and say, "wow, it worked."
And I just remember it felt very surr—you know, it was surreal as the operation was taking place and thinking "this could be a really big deal." And, then, when it actually, you know, turned out it was him, I was just saying, it felt very surreal.
But, we knew it wasn't over 'cause the team had to get out. That's where NSA's job still wasn't over. It was to make sure the choppers were going to get out of Pakistan in one piece.
Wicks: You played a key role. You're able to talk about that now. You made history. What does that feel like?
Darby: [Laughs.] Well, it was, you know, I was just part of a bigger team, you know. And there were, I mentioned not a lot of folks were cleared for the entire operation, but there were hundreds of folks across NSA that were playing a role in providing, you know, answering the question, you know, "is he there?" Providing the support during the operation itself. Many of those folks didn't know what the purpose was.
Potts: Okay.
Darby: We basically said, "You need to do X, Y, and Z." And they did it because we're used to living in a world of secrets and protecting things.
So, I just happened to be fortunate enough to be in the job at the time that you're liaised with the other agencies at the senior levels and was there, you know, hearing things as it played out.
You know, it was an entire team that played that out.
I will, you know, share a little personal story. The night of that raid, you know, the president made a statement, and I wound up staying at work all night, you know, putting together briefings and, you know, emails to folks telling what had happened. And that Monday night, I got home and my wife had put two and two together because I'd been out all weekend. And I did call her up on Sunday night, woke her up, and said, "You may want to turn on the TV, you know, and see the president's going to make a statement."
But I came back in and then she goes, "Oh, wow, you know, you must have played a part in this. Do you want a steak dinner or anything?"
Potts: Oh, steak dinner? Okay.
Darby: And I said, you know, all I want is a pizza. And then I sat down and literally cried my eyes out. I mean, total, you know, shoulder-shaking, you know, let it all out, just crying my guts out.
Potts: Yes.
Darby: And it was just such an emotional release.
And even before that, the night of the, after the raid had taken place, I actually walked up to one of the analytic shops that had been working around the clock for a couple of weeks and told them what had happened. You know, this raid just took place. We got Osama bin Laden. And everybody in that office just started, you know, cheering and crying and, you know, hugging each other. And that was a pretty emotional time just to see that reaction.
And there were other parts of the NSA enterprise that heard what had happened, and they were like, "Okay, you know, check that box. Let's move on to the next thing." So, very business-like, professional, let's keep moving forward.
So, you had the whole range of emotions about it.
As you say, for me, it was, seemed very surreal from the outset that it actually happened all the way to that total emotional meltdown, you know, 24 hours later.
Potts: Certainly. I was going to ask what was the reaction because I know that there were many that didn't necessarily know what they were actually working on. They just provided the intelligence that they needed to and just went from there.
But to hear the reaction of someone that actually was a part of this mission success and even just being at this, you know, this table being able to talk about it is amazing.
Wicks: That's why we come to work here every day, for that impact.
Natalie, over to you: What do you remember about that day when Osama bin Laden was taken down? And can you kind of reflect on what it means to you?
Laing: So I completely agree with Jon's assessment of it being a surreal experience. But it was also a very impactful experience, both personally, professionally, for our nation, for those who had loved ones that died on 9/11, impactful for so many reasons.
But those impactful things stick with you.
I also remember it's a Sunday. The day of the week doesn't matter, but I remember that, as well.
And just to underscore: A big piece of this, what made this a success was how compartmented it was. And, so, I was serving at the time as the chief of operations for all of our analysis and reporting parts of that cycle we talked about, and I didn't know about this raid until a couple days before.
And I came in the day of to, of course, support from authorizations and operationally. But it just shows the intense collaboration and trying to keep this as tight as possible to protect the people and then protect the outcome happening, which of course did.
So, I do remember, you know, us having a sense of, this is kind of what it's like to live through a very important moment of history.
Potts: Yes.
Laing: A very impactful moment of history. And, so, I'd certainly say those are some of my biggest memories from that day.
Wicks: Absolutely. SIGINT is our bread and butter. What does that look like today, in today's society?
Laing: Let me say this: Here's what's changed and here's what hasn't about SIGINT.
Here's what hasn't changed: Our ability to impact in a positive way our nation's national security—to defend our nation? That has not changed.
The tremendous talent from before World War II—before we existed—to when we started to exist in 1952, every day, I am a little gobsmacked at the talent that we have at this agency and the things they are able to do.
So, that's that talent and tenacity produces things like supporting the UBL raid successfully and so many other intelligence outcomes for this nation and our allies.
That absolutely has not changed.
And what else hasn't changed is we can't tell people about it, generally.
Potts: Right.
Laing: So, laboring at these, you know, really important things for our nation and our security, and you can't talk about them, yet what you know is amazing.
And so it's just an interesting spot to be.
But what has changed is, I'd say, how we do all of this work and the environment around us.
So, if you look at how fast technology is developed and the pace that it changes today, the velocity and volume of information that has changed drastically, the way everything is interconnected outside of NSA, and just from a digital innovation, digital world? It's all interconnected.
This has changed the way that we need to do compliance. And, so, we can't just say, hey, what worked for compliance 30 years ago when we had analog signals. That is not going to work for today.
So we need to figure out, to adapt our ability to maintain privacy and civil liberties along with all of these new interconnected technologies. So, that has significantly changed over the course of our 72-year existence.
Wicks: Okay.
Darby: Can I add on one thing more about the talent, which is one of the big reasons why I worked at NSA for so long was the skill and dedication and motivation of folks across NSA.
Potts: Yes.
Darby: You know, it can be reflected in the persistence of the analysts in the bin Laden operation. But as Natalie said, it applies across so many, you know hundreds—if not thousands—of other targets and operations ongoing every day.
And I really, I reflect back on a comment that our former director, Gen. Nakasone, made at one point with a visitor. And he said, "If you want the impossible, come to NSA."
You know, and NSA—again and again—
[A bright, but intense, technological-feeling music fades in in the episode's background.]
Darby: —does things that folks say, "Oh my gosh. You know, I didn't think that was possible."
But NSA has come through. And it's the people that really, you know, we've got all the computers and technology and all that, but all that is meaningless without the people underneath.
Potts: That's right.
Darby: And it's just I was, felt really privileged to spend the time I did with the folks here at NSA.
Wicks: Natalie, Jon: Thank you so much for joining us. Thank you for sharing your stories.
Laing: Thanks for having us.
Darby: Thank you.
Wicks: This has been an amazing, amazing podcast episode.
Potts: Yes, it has.
Wicks: Again, I am Christy Wicks, one of your hosts. And this is again...
Potts: ...Cam Potts.
Wicks: Thank you for joining us for No Such Podcast.
John Parker: Thanks for listening—
[The sound of an old-school slide projector becomes audible, in addition to the background music.]
John Parker: —to this episode of No Such Podcast from the National Security Agency. If you enjoyed the show, please leave us a review and make sure you're subscribed so you don't miss our next episode. For show transcripts and other information, please visit nsa.gov/podcast.
[Strings-driven music gets louder and then wraps suddenly. The slide projector then seemingly runs for a moment or two before shutting off.]
***
[The episode's pulsing-synthesizer-driven opening track restarts.]
Oprihory: To learn about the FBI’s Section 702 authorities and how foreign signals intelligence supports our counterterrorism investigations, visit fbi.gov/702 or listen to our August 2023 episode on all-things Section 702.
Next, you can learn more about our role in investigating and preventing terror attacks at home and abroad at fbi.gov/counterterrorism. You can also visit fbi.gov/binladen to read more about the U.S. government’s search for Osama bin Laden.
Finally, you can check out fbi.gov/history to learn more about famous cases from our 116-plus years of protecting the American people and upholding the U.S. Constitution.
This has been another production of Inside the FBI. You can follow us on your favorite podcast player, including Spotify, Apple Podcasts, or YouTube. You can also subscribe to email alerts about new episodes at fbi.gov/podcasts.
I’m Jennifer-Leigh Oprihory from the FBI’s Office of Public Affairs. Thanks for listening.
[The music gets a bit louder before fading out]