These Days, No Witch Is Too Small to Hunt
As I write this week's column, a tech is working on my laptop.
I can't see him. I don't know where he's located.
In fact, until he requested that I reboot my machine, I had no idea he had started the work.
If that doesn't make you paranoid, how about this?
During the July 31 NCUA board meeting, the action memo regarding the mid-year budget adjustment included this statement: “To comply with the higher-level security requirements mandated by federal statutory requirements, NCUA's electronic surveillance system requires specialized and dedicated telecommunications equipment.”
What electronic surveillance system?
NCUA Public Affairs Specialist John Fairbanks explained that line item merely refers to an upgrade to the agency's security cameras and card readers. The memo used the term telecommunications because the cameras are a networked system, he added.
While I have no reason not to believe him, I’m not sure I completely buy that rationale. Or maybe I’m just paranoid.
The NCUA said its Sensitive Compartmented Information Facility was required by both executive order and legislation, and the agency is among the last to have such a facility.
The NCUA said it needs the room to support the agency's role in protecting the nation's economy and ensuring public confidence in its financial systems.
I can appreciate that in the event of a terrorist attack or financial catastrophe, the NCUA would participate in a federal stabilization effort. The Pentagon lies between the NCUA's headquarters and downtown Washington. Attacks like those on 9/11 would make it impossible for NCUA officials to travel to other agencies for briefings.
However, Fairbanks also said SCIF would be used on a regular basis, because employees with appropriate clearances must engage in secure communications with other federal agencies and law enforcement during the normal course of business.
What in the world is the NCUA doing in the normal course of business that would require that?
Coordinating embezzlement investigations and conservatorships with the FBI? Who would intercept that? I can't imagine the average credit union embezzler hacking into the NCUA's system to avoid being caught forging loan documents.
What about DDoS attacks and cyber warfare aimed at our financial system? That's a legit threat, but how could the NCUA monitor the industry without remotely accessing credit union computer systems?
And if it came to that, where would that power end? What's to stop someone at the NCUA from hacking into the email accounts of credit union leaders who challenge the regulator? (Yes, Mr. Blaine, I’m looking at you.)
Or for that matter, what about CU Times editors and reporters?
Remember, at one time, we were told the NSA's Terrorist Surveillance Program would only be used to track suspected terrorists. If you believe the whistleblowers, the NSA has instead recorded every single U.S. phone call.
That doesn't surprise me. A programmer friend who has done contract work for the State Department warned me 10 years ago to never say anything over the phone I wouldn't want used against me in court.
That same friend freaked out when we published a FOIA document after a reader discovered the redacted words could be revealed with a copy and paste treatment.
Don't do that, my friend urged. Those people don't mess around.
I laughed. The NCUA isn't the State Department, I countered.
Maybe not, he said, but they all collaborate more than you think.
Or maybe he's just paranoid.
Back when I was covering the corporate meltdown, I’d frequently hear the “click-click” sound portrayed in movies that indicate a tapped phone line. Was my phone tapped? Or was the connection in my aging neighborhood just poor?
I tend to believe the latter. But then last year it was revealed that the Justice Department seized the phone records of Associated Press reporters. The security threat had to do with a story reporting a foiled airline bombing plot.
CU Times doesn't cover terrorism. But if the NCUA needs to spend a million dollars on surveillance equipment to ensure public confidence in the financial system, who's to say we won't someday be considered worthy of investigation?
Who's to say we haven't already?
Heather Anderson is executive editor of CU Times. She can be reached at firstname.lastname@example.org.