The Israeli Code on U.S. Government Computers

by Christopher Bollyn 


16 June 2006

The most critical computer and communication networks used by the U.S. government and military are secured by encryption software written by an Israeli "code breaker" tied to an Israeli state-run scientific institution.

The National Security Agency (NSA), the U.S. intelligence agency with the mandate to protect government and military computer networks and provide secure communications for all branches of the U.S. government uses security software written by an Israeli code breaker whose home office is located at the Weizmann Institute in Israel.

A Bedford, Massachusetts-based company called RSA Security, Inc. issued a press release on March 28, 2006, which revealed that the NSA would be using its security software.  "U.S. Department of Defense Agency Selects RSA Security Encryption Software" was the headline of the company's press release which announced that the National Security Agency had selected its encryption software to be used in the agency's "classified communications project." RSA stands for the names of the founders of the company: Ronald L. Rivest, Adi Shamir, and Leonard M. Adleman. Adi Shamir, the lead theoretician, is an Israeli citizen and a professor at the Weizmann Institute, a scientific institution tied to the Israeli defense establishment.

"My main area of research is cryptography, making and breaking codes," Shamir's webpage at the Weizmann Institute says. "It is motivated by the explosive growth of computer networks and wireless communication. Without cryptographic protection, confidential information can be exposed to eavesdroppers, modified by hackers, or forged by criminals."

The NSA/Central Security Service defines itself as America's cryptologic organization, which "coordinates, directs, and performs highly specialized activities to protect U.S. government information systems and produce foreign signals intelligence information."  The fact that the federal intelligence agency responsible for protecting the most critical computer systems and communications networks used by all branches of the U.S. government and military is using Israeli-made encryption software should come as no surprise. The RSA press release is just the icing on the cake; the keys to the most critical computer networks in the United States have long been held in Israeli hands.

I inquired with the NSA about its use of Israeli-made security software for classified communications projects and asked why such outsourcing was not seen as a national security threat. Why is "America's cryptologic organization" using Israeli encryption codes?  NSA spokesman Ken White said that the agency is "researching" the matter and would respond in the coming week.

Previously, I have reported that scores of "security software" companies spawned and funded by the Mossad, the Israeli military intelligence agency, have proliferated in the United States. The "security" software products of many of these usually short-lived Israeli-run companies have been integrated into the computer products which are provided to the U.S. government by leading suppliers such as Unisys.

Unisys integrated Israeli security software, provided by the Israel-based Check Point Software Technologies and Eurekify, into its own software, so that Israeli software, written by Mossad-linked companies, now "secures" the most sensitive computers in the U.S. government and commercial sector.

The Mossad-spawned computer security firms typically have an office in the U.S. while their research and development is done in Israel. The Mossad start-up firms usually have short lives before they are acquired for exaggerated sums of money by a larger company, enriching their Israeli owners in the process and integrating the Israeli directors and their Mossad-produced software into the parent company.

RSA, for example, an older security software company, acquired an Israeli-run security software company, named Cyota, at the end of 2005 for $145 million.  In January 2005, Cyota, "the leading provider of online security and anti-fraud solutions for financial institutions" had announced that "security expert" Amit Yoran, had joined the company's board of directors. Prior to becoming a director at Cyota, Yoran, a 34-year old Israeli, had already been the national "Cyber Czar," having served as director of the Department of Homeland Security's National Cyber Security Division.  Yoran had been appointed "Cyber Czar" at age 32 by President George W. Bush in September 2003.

Before joining DHS, Yoran had been vice president for worldwide managed security services at Symantec. Prior to that, he had been the founder, president and CEO of Riptech, Inc., an information security management and monitoring firm, which Symantec acquired in 2002 for $145 million.

Yoran and his brother Naftali Elad Yoran are graduates of the U.S. Military Academy at Westpoint. Elad graduated in 1991 and Amit in 1993. Along with their brother Dov, the Yoran brothers are key players in the security software market. Amit has also held critical positions in the U.S. government overseeing computer security for the very systems that apparently failed on 9-11.

Before founding Riptech in 1998, Amit Yoran directed the vulnerability-assessment program within the computer emergency response team at the US Department of Defense. Yoran previously served as an officer in the United States Air Force as the Director of Vulnerability Programs for the Department of Defense's Computer Emergency Response Team and in support of the Assistant Secretary of Defense's Office.

In June 2005, Yoran joined the board of directors of Guardium, Inc., another Mossad-spawned "provider of database security solutions" based in Waltham, Massachusetts. Guardium is linked with Ptech, an apparent Mossad "cut out" computer security company linked with the 9-11 attacks.

Ptech, a computer software company in Quincy, Mass., was supposedly a small start-up company founded by a Lebanese Muslim and funded by a Saudi millionaire. Yet Ptech's clients included all the key federal governmental agencies, including the U.S. Army, the U.S. Air Force, the U.S. Naval Air Command, Congress, the Department of Energy, the Federal Aviation Administration, the Internal Revenue Service, NATO, the Federal Bureau of Investigation, the Secret Service and even the White House.

The marketing manager at Ptech, Inc. when the company started in the mid-1990s, however, was not a Muslim or an Arab, but an American Jewish lawyer named Michael S. Goff who had suddenly quit his law firm for no apparent reason and joined the Arab-run start-up company. Goff was the company's information systems manager and had single-handedly managed the company's marketing and "all procurement" of software, systems and peripherals. He also trained the employees. Goff was obviously the key person at Ptech.

In the wake of 9-11, during the Citizens' Commission hearings in New York, Indira Singh, a consultant who had worked on a Defense Advanced Research Project, pointed to Ptech and MITRE Corp. being involved in computer "interoperability issues" between the FAA and NORAD. At this time Ptech's ties to Arabs was the focus, and Goff was out of the picture.
"Ptech was with MITRE Corporation in the basement of the FAA for two years prior to 9-11," Singh said. "Their specific job is to look at interoperability issues the FAA had with NORAD and the Air Force in the case of an emergency. If anyone was in a position to know that the FAA -- that there was a window of opportunity or to insert software or to change anything, it would have been Ptech along with MITRE."

The Mossad-run Guardium company is linked with Ptech through Goff Communications, the Holliston, Mass.-based public relations firm previously run by Michael S. Goff and his wife Marcia, which represents Guardium. Since being exposed in 2005, however, Michael's name no longer appears on the company website.

Photo: Amit Yoran, the Israeli "Cyber Security Czar" appointed by President George W. Bush in 2003. Yoran has held various positions since the 1990s in which he oversaw computer security for the Dept. of Defense computers.