DocumentDocument Date: 2008-01-01Release Date: 2014-08-04
This short extract from a GCHQ planning document from 2008 makes clear concerns about Israel’s “less desirable activities”: see the Intercept article Cash, Weapons and Surveillance: the U.S. is a Key Party to Every Israeli Attack, 4 August 2014.
TOP SECRET STRAP 1 Israel. Policy makers remain deeply concerned over the potential threat that Israel poses to a peaceful resolution of the Iran problem, and to some of Israel’s less desirab...
DocumentDocument Date: 2006-02-26Release Date: 2014-08-25
This NSA Point Paper dated 22 February 2006 provides a history of the CRISSCROSS and PROTON information sharing systems that preceded ICREACH: see the Intercept article The Surveillance Engine: How the NSA Built Its Own Secret Google, 25 August 2014.
TOP SECRET//COMINT//ORCON/NOFORN//MR POINT PAPER SUBJECT: CRISSCROSS/PROTON PURPOSE: Provide DIRNSA information on subject. BACKGROUND: 22 Feb 06 (U) History of CRISSCROSS/PROTON...
DocumentDocument Date: 2009-01-01Release Date: 2014-08-31
This GCHQ document from 2009 sets out surveillance priorities from a meeting of the G20’s Finance Ministers, which include the personal surveillance of the then Turkish Finance Minister Mehmet Simsek, who also holds UK and Turkish dual citizenship: see the Intercept article How the NSA Helped Turkey Kill Kurdish Rebels, 31 August 2014.
TOP SECRET STRAP 1 COMINT Turkey at the G20 pre-meeting in London September 2-5 2009 Contents ■ 1 (520 pre-meeting in London <#G20_pre-meeting_in_London> ■ 2 Objective <#Objective> ...
DocumentDocument Date: 2005-07-05Release Date: 2014-07-09
This excerpt from a 2005 NSA document demonstrating to personnel how to format internal memos shows how anti-Muslim prejudice has found its way into official documents: see the Intercept article Meet the Muslim-American Leaders the FBI and NSA Have Been Spying On, 9 July 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZLV/20291123 05 July 2005 E-mail: address: badASGguy@holmail.com Identity: Mohammed Raghcad (ASG Sales Associate) ASG background (below is...
DocumentDocument Date: 2006-11-14Release Date: 2014-10-10
This 2006 NSA classification guide outlines the sensitivity of the agency’s clandestine human and electronic access to systems in order to “obtain cryptographic information and material”: see the Intercept article Core Secrets: NSA Saboteurs in China and Germany, 10 October 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 NATIONAL SECURITY AGENCY CENTRAL SECURITY SERVICE 0^ftUJDt54 SD7 AôEWf b<Kf' DTBb3LP HDEYI D0<XS«X 0*YR Jfi! (55^ BUH 5654 ...
DocumentRelease Date: 2013-09-05
This undated GCHQ document provides a classification guide for BULLRUN – NSA and GCHQ’s attempts to weaken or defeat cryptographic protocols – and specifies some of its achievements: see the ProPublica article Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security, 5 September 2013.
TOP SECRET STRAP1 COMINT BULLRUN Col - Briefing Sheet Introduction 1. The ability to exploit targets’ encrypted communications is extremely fragile and is often enabled through sensiti...
DocumentRelease Date: 2014-12-28
This undated presentation from GCHQ’s PTD (Penetrating Target Defences) unit gives an overview of BULLRUN efforts to defeat encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET STRAP1 BULLRUN PTD Lead for Special Operations and Policy PTD "We penetrate targets' defences." This information is exempt from disclosure under the Freedom of Information A...
DocumentDocument Date: 2009-09-18Release Date: 2014-12-04
This extract from a September 2009 GCHQ document describes a project codenamed OPULENT PUP, intended to clear the way for exploitation of the A5/3 GSM cipher: see the Intercept article Operation Auroragold: How the NSA Hacks Cellphone Networks Worldwide, 4 December 2014.
TOP SECRET STRAP1 TALKS Pnase 2 Test & TTO Plan SMO/00007CPO/4524/P02003/000/05 18 September 2009 3.6 A5/3 crypt attack proof-of-concept demonstrator 3.6.1 Scope To successfully pr...
DocumentDocument Date: 2011-01-01Release Date: 2014-12-13
This GCHQ presentation from 2011 provides the background to the agency’s hacking attack on Belgacom: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014. gchq-mobile-networks-in-my-noc-world
TOP SECRET STRAP 2 Mobile Networks in World Head of GCHQ NAC n/\c This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemptio...
DocumentRelease Date: 2014-12-28
This undated GCHQ presentation proposes a deanonymisation attack against Tor users based on the collection of data from exit nodes owned by the agency: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
UK TOP SECRET STRAP1 COMINT A potential technique to deanonymise users of the TOR network OPC-MCR, GCHQ This information is exempt from disclosure under the Freedom of Information Act 20...
DocumentDocument Date: 2010-09-13Release Date: 2014-12-28
This 13 September 2010 presentation from the NSA’s OTP VPN Exploitation Team explains the work of the division: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL Intro to the VPN Exploitation Process OTP VPN Exploitation Team S31176 September 13, 2010 TOP SECRET//COMINT//REL USA, AUS, CAN, G...
AGILITY, BLEAKINQUIRY, CADENCE, CORALREEF, FOURSCORE, MAILORDER, PINWALE, SCISSORS, TOYGRIPPE, TURTLEPOWER, XKEYSCORE (XKS)
Afghanistan (AFG/AF), China (CHN/CN), India (IND/IN), Indonesia (IDN/ID), Iran (IRN/IR), Iraq (IRQ/IQ), Japan (JPN/JP), North Korea (PRK/KP), Korea (KOR/KR), Mexico (MEX/MX), Nigeria (NGA/NG), Pakistan (PAK/PK), Russia (RUS/RU), Saudi Arabia (SAU/SA), Somalia (SOM/SO), Turkey (TUR/TR), United States (USA/US)
DocumentRelease Date: 2014-12-28
These four undated NSA slides show a workflow for defeating VPN encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL VS MALIBU IKE And ESP Metadata Flows /20291123 TUBE TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TOP SECRET//COMIN...
DocumentRelease Date: 2014-11-25
This undated screenshot from GCHQ’s internal GCWiki provides details of INCENSER, “a GERONTIC delivery from the NIGELLA access” – in other words, a supply of data arranged by Cable & Wireless from a rival company’s infrastructure: see the Süddeutsche Zeitung article Snowden-Leaks: How Vodafone-Subsidiary Cable & Wireless Aided GCHQ’s Spying Efforts, 25 November 2014. Download […]
TOP SECRET STRAP 1 COMINT The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report inappropriate content. For GCWiki help contact: page PTC Glossary F...
DocumentDocument Date: 2007-11-01Release Date: 2013-10-04
This NSA memo summarises a talk given by Roger Dingledine of the Tor Project on 1 November 2007: see the Secret NSA documents show campaign against Tor encrypted network, 4 October 2013.
TOP SECRET // COMINT // REL TO USA, AUS, CAN, GBR, NZL Roger Dingledine at NSA NOV 2007 From PE Contents * 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT) o 1...
DocumentDocument Date: 2013-03-01Release Date: 2015-03-10
This NSA document from March 2013 gives an update on GCSB activities, including the use of WARRIOR PRIDE malware against an ASEAN country and the Kim Dotcom case: see the New Zealand Herald article NZ’s spy reach stretches across globe, 11 March 2015.
TOP SECRET//SI//REL TO USA, FVEY (U//FOUO) SUSLOW Monthly Report for March 2013 (U) March highlights: - (U) Intelligence update: o (TS//SI//REL TO USA, FVEY) GCSB has a WARRIORPRIDE ca...
DocumentRelease Date: 2015-01-17
This undated NSA presentation describes tecniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET II COMINT ■ Communications Security Establishment Canada Centre de la sécurité des télécommunications Canada CSEC SIGINT Cyber Discovery: Summary of the current effort ...
DocumentDocument Date: 2010-01-01Release Date: 2015-02-25
This 2010 CSEC document complete with speakers’ notes shows that visits to Canadian government websites were monitored, and hundreds of thousands of emails to government email addresses retained every day, for cybersecurity purposes: see the CBC News article CSE monitors millions of Canadian emails to government, 25 February 2015.
TOP SECRET 1^1 Communications Security Centre de la sécurité Establishment Canada des télécommunications Canada CSEC ITS/N2E Cyber Threat Discovery I DISCOCON 2010 m/4 ...
DocumentDocument Date: 2007-01-01Release Date: 2014-05-13
This short extract, taken from a 2007 NSA report on the history of intelligence cooperation between the US and Israel, describe some of the difficulties of that relationship: see the book No Place To Hide, 13 May 2014.
(TS//S1//NF) As close as the ISNU relationship has become, it has not been without tension. The Jonathan Pollard incident is one example that had a negative, albeit temporary, impact to the S1G1...
DocumentDocument Date: 2008-07-15Release Date: 2015-06-22
This GCHQ document last updated on 15 June 2008 describes the purpose of the agency’s attempts to reverse engineer commercial antivirus software: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
TOP SECRET Software Reverse Engineering Network Defence performs reverse engineering both of malicious and of non- malicious code - i.e,.code is translated from machine-readable to human-re...
ISA-94: Application for renewal of warrant GPW/1160 in respect of activities which involve the modification of commercial software
DocumentDocument Date: 2008-06-13Release Date: 2015-06-22
This GCHQ application for warrant renewal from June 2008 shows that the agency has been engaged in the reverse engineering of commercial antivirus software for the purposes of facilitating its hacking operations: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
TOP SECRET STRAP2 UK EYES ONLY Date: 13 June 2008 GCHQ Reference: A/9014/9105/55 Sian MacLeod Mariot Leslie Foreign Secretary ISA-94: APPLICATION FOR RENEWAL OF WARRANT GPW/1160 IN...
DocumentDocument Date: 2009-04-01Release Date: 2015-07-01
This NSA presentation from April 2009 explains how analysts can make use of document metadata available through XKeyScore, together with worked examples and screenshots: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 Finding and Querying on Document Metadata tooz|/ 1 Booz|Allen| Hamilton Sigint Development Support / SIGINT Technica...
DocumentDocument Date: 2012-03-23Release Date: 2015-06-04
This NSA memo from 23 March 2012 presentation describes the agency’s proposal for a fourth FAA 702 certification that would allow it to target hackers “tied to malicious cyber activity”: see the New York Times article Hunting for Hackers, N.S.A. Secretly Expands Internet Spying at U.S. Border, 4 June 2015.
(TS//SI//NF) New FAA702 Certification in the Works - Cyber Threat By on 2012-03-23 1423 (TS//SI//NF) NSA has drafted a new FAA702 Certification to target Cyber Threats. It is close to being r...
DocumentDocument Date: 2009-06-19Release Date: 2015-07-01
This NSA presentation from 19 June 2009 explains the metadata capabilities of XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL m V HTTP Activity vs User Activity 19 June 2009 Derived From: NSA/CSSM 1-52 Bated :l2007i MM TOP SEC...
DocumentDocument Date: 2010-05-01Release Date: 2015-07-01
This 61-page NSA presentation from May 2010 provides analysts with a guide to tracking individuals within XKeyScore using the system’s fingerprint capability: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL Introduction to Context Sensitive Scanning with X-KEYSCORE Fingerprints May 2010 TOP SECRET //COMINT //REL TO USA, AUS, CAN, GBR, NZL ...
DocumentDocument Date: 2012-03-28Release Date: 2015-08-15
This 28 March 2012 post from the NSA internal newsletter SSO Weekly describes the agency’s relationship with AT&T (FAIRVIEW) as “highly collaborative”: see the New York Times article AT&T Helped U.S. Spy on Internet on a Vast Scale, 15 August 2015.
(TS//SI//REL FVEY) FAIRVIEW Tour By on 2012-03-28 1333 (TS//SI//REL FVEY) On 23 March, S3 and GAO Technical Directors: S3 - and HHHH7an^b^blGINT Lom^^nce and Arcnl^^U^e Lead I, a...
DocumentDocument Date: 2012-04-18Release Date: 2015-08-15
This 18 April 2012 post from the NSA internal newsletter SSO Weekly reveals that AT&T (FAIRVIEW) cooperated with the NSA, under the terms of a FISA court order, to enable the agency to surveil the internet traffic going to and from the United Nations headquarters in New York: see the New York Times article AT&T […]
(TS//SI//NF) United Nations DNI Collection Enabled By on 2012-04-18 0853 (TS//SI//NF) FAIRVIEW and BLARNEY engineers collaborated to enable the delivery of 700Mbps of paired packet switched t...
DocumentDocument Date: 2012-01-01Release Date: 2016-01-29
This GCHQ presentation from 2012 describes the Troodos (Cyprus) station’s successes in intercepting signals from drones, including Israeli-made drones “carrying weapons” and Iranian-made drones being used in Syria, which were the subject of “presidential” interest: see the Intercept article Spies in the Sky: Israeli Drone Feeds Hacked by British and American Intellience, 29 January 2016. […]
TOP SECRET STRAP1 Significant TRF TROODOS stories over past 6 months I TOP SECRET STRAP1 Success against Syria • 17th Feb 2012 collection on an undocumented frequency of 120...
DocumentDocument Date: 2008-02-01Release Date: 2016-01-29
This March 2008 post from the internal NSA newsletter SIDToday, describes the Menwith Hill station’s success in intercepting the video feeds from Israeli F-16 fighter jets and drones: see the Intercept article Spies in the Sky: Israeli Drone Feeds Hacked by British and American Intellience, 29 January 2016.
TOP SECRET//COMINT/TALENT KEYHOLE// REL TO USA, FVEY published March 2008 MHS FISINT Successfully Collects Israeli F-16 Heads-Up Display (S//SI//REL) , Menwith Hill Station (F77) (S...
DocumentDocument Date: 2010-03-01Release Date: 2016-02-02
This GCHQ document from March 2010 presents a checklist of factors analysts should consider before going ahead with an operation to infiltrate a communications network, by physical or other means. Among the concerns raised is the risk that British actions may enable US authorities to conduct operations “which we would not consider permissible”: see the […]
TOP SECRET STRAP 1 What’s the worst that could happen? This document contains examples of specific risk which may affect operations and which may need to be considered when writing submissi...
DocumentDocument Date: 2011-09-20Release Date: 2016-02-02
This GCHQ research report dated 20 September 2011, cowritten by researchers at Heilbronn Institute for Mathematical Research based at the University of Bristol, concerns the use of data mining techniques to develop usable intelligence as well as the contradictions that arise from the use of algorithms to identify wrong doers, or potential wrong doers. The […]
UK TOP SECRET STRAP1 COMINT AUS/CAN/NZ/UK/US EYES ONLY Reference: OPC-M/TECH.A/455 (v1.0, r206) Date: 20 September 2011 Copy no: HIMR Data Mining Research Problem Book OPC-MCR, G...