Filtered By
NSA X
Agency [filter]
United States (USA/US) X
Countries Mentioned [filter]
Computer Network Operations X
Document Topic [filter]
Top Secret X
Classification [filter]
Results
21 Total
0.0

DEFIANTWARRIOR and the NSA’s Use of Bots

Document

Release Date: 2015-01-17 Document Date: 2010-05-24
This 24 May 2010 NSA presentation describes the ways the agency uses botnets (“bot herding”): see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL USA, FVEY DEFIANTWARRIO R 7 / //and the ; NSA's Uè^ojÆotá/ Overall Classification: TOP SECRET//COMINT//REL FVEY Current As Of: 24 May 2010 Derived From: NSA/CSS...
0.0

BYZANTINE HADES: An Evolution of Collection

Document

Release Date: 2015-01-17 Document Date: 2010-06-01
This June 2010 NSA presentation for the SIGDEV conference describes efforts to trace a suspected Chinese cyber attack: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL (S//REL)BYZANTINE HADES: An Evolution of Collection NTOC, V225 SIGINT Development Conference June 2010 TOP SECRET//COMINT//REL TO...
0.0

TUTELAGE

Document

Release Date: 2015-01-17
This undated NSA presentation describes techniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA, TOP SECRET//COMINT//REL TO USA, FVEY Before TUTELAGE... AFTERk INTRUSION Manual Analysis of Reporting Lo...
0.0

TRANSGRESSION Overview for Pod58

Document

Release Date: 2015-01-17 Document Date: 2010-02-07
This 7 February 2010 NSA presentation outlines techniques to “discover, understand, evaluate, and exploit foreign CNE/CNA exploits”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOPSECRET//COMINT//REL TO USA, FVEY TRANSGRESSION Overview for Pod58 S31177 7 Feb 2010 DERIVED FROM: NSA/CSSM 1-52 DATED 08 JAN 2007 DECLASSIFY ON: 20320108 TOPSECRET//COMINT//REL T...
0.0

CNE Presence in CT10 Status Report

Document

Release Date: 2015-01-17
This undated NSA paper describes a project to recognise and process data that comes from third party attacks on computers: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//NOFORN//20291123 CNE Presence in CT10 Status Report Authors: SNIP Intern 1LT (U//FOUO) Executive Summary (S//SI//REL USA, FVEY) This paper discusses the work ...
0.0

CyberCOP

Document

Release Date: 2015-01-12 Document Date: 2013-04-11
These three slides, taken from a 11 April 2013 NSA presentation show screenshots from a tool called CyberCOP, which appears to monitor botnets and the DDOS attacks they perform: see the NDR.de article Cyberkrieg: Wie gefährdet ist Deutschland?, 12 January 2015.
TOP SECRET//SI//REL TO USA, FVEY CYBER COP CDOSG Apr 11, 2013 CyberCOP Product Manager Overall Classification: TOP SECRET//SI//REL TO USA,FVEY TOP SECRET//SI//REL TO USA, FVEY ...
0.0

SIGINT Development Support II Program Management Review

Document

Release Date: 2016-08-19 Document Date: 2013-04-24
Four slides taken from a 24 April 2013 NSA presentation detail how SECONDDATE man-in-the-middle attacks were used against targets in Pakistan and Lebanon: see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
TOP SECRET//SI//NOFORN The overall classification of this brief is (U) SIGINT Development Support II Program Management Review ► 24 April 2013 TOP SECRET//COMINT//NOFORN Derived Fro...
0.0

Fourth Party Opportunities

Document

Release Date: 2015-01-17
This undated NSA presentation describes the process of Fourth Party collection – “I drink your milkshake”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, FVEY (U) Fourth Party Opportunities O TOP SECRET//COMINT//REL TO USA, FVEY SECRET//COMINT//REL TO USA, FVEY (U) What is 4th Party ..................
0.0

Is there “fifth party” collection?

Document

Release Date: 2015-01-17 Document Date: 2011-01-01
This undated post from an NSA discussion board describes “fourth party collection” – piggybacking on another state’s computer network exploitation operation: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
(TS//SI//REL) Is there "fifth party" collection? | Round Table Dynamic Page - Highest Possible Classification is TOP SECRET // SI / TK // REL TO USA, FVEY (TS//SI//REL) Is there "fifth part...
0.0

Case Studies of Integrated Cyber Operation Techniques

Document

Release Date: 2014-03-12
This undated NSA SIGINT presentation describes nine varieties of QUANTUM malware attack, their operational status and success in the field: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL USA, FVEY Case Studies of Integrated Cyber Operation Techniques NSA/CSS Threat Operations Center VS TOP SECRET//COMINT//REL USA, FVEY (U//FOUO) TUiT0t.EÄ,©i...
0.0

Iran – Current Topics, Interaction with GCHQ

Document

Release Date: 2015-02-10 Document Date: 2013-04-12
This NSA talking points memo dated 12 April 2013 notes that Iran “has demonstrated a clear ability to learn from the capabilities and actions of others”: see the Intercept article NSA Claims Iran Learned from Western Cyberattacks, 10 February 2015.
TOP SECRET//COMINT//NOFORN (U) Topic: Iran - Current Topics, Interaction with GCHQ (U) Director's Talking Points: * (TS//SI//REL TO USA, FVEY) Emphasize that we have successfully worked mu...
0.0

Computer Network Exploitation (CNE) Classification Guide / 2-59

Document

Release Date: 2014-10-10 Document Date: 2010-03-01
This 2010 NSA classication guide outlines the sensitivity of aspects of the agency’s hacking activities: see the Intercept article Core Secrets: NSA Saboteurs in China and Germany, 10 October 2010.
TOP SECRET//SI//REL TO USA, FVEY (U) CLASSIFICATION GUIDE TITLE/NUMBER: Computer Network Exploitation (CNE) Classification Guide / 2-59 (U) PUBLICATION DATE: 1 March 2010 (U) OFFICE OF O...
0.0

QUANTUMTHEORY

Document

Release Date: 2014-03-12 Document Date: 2010-01-01
This presentation from the 2010 SIGDEV Conference describes the contribution made by GCHQ to the development of Quantum techniques: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, FVEY//20320108 TOP SECRET//COMINT//REL TO USA, FVEY//20320108 SIGDEV: Discovery in the Cyber Ag> TOP SECRET//COMINT//REL TO USA, FVEY//20320108 (U) Clas...
0.0

SPINALTAP: Making Passive Sexy for Generation Cyber

Document

Release Date: 2015-01-17
This undated NSA Menwith Hill presentation describes SPINALTAP, a project to combine data from active operations and passive signals intelligence: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, FVEY / '■%.^ (U//FOUO) SPINALTAP: Making Passive Sexy for Generation Cyber TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA, FVE...
0.0

TURMOIL

Document

Release Date: 2014-03-12
These slides from an NSA presentation show how the automated malware deployment tool Turbine depends on a network of passive collection sensors (Turmoil), installed at locations including Fort Meade in Maryland, Misawa in Japan and Menwith Hill in the UK: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, […]
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 Sensors: Passive Collection \ Internet * Cloud Internet 1 Cloud Internet <1 Cloud pUttMQJ.l I (S//SI//REÜ High-spe...
0.0

Selector types

Document

Release Date: 2014-03-12
This slide lists the range of selectors the Turmoil infrastructure at UK base Menwith Hill can use to identify targets, many of which show the ability of Five Eyes agencies to piggyback on commercial services: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, FVEY Selector Types Machine IDs - Cookies • Hotmail GUIDs • Google prefIDs • YahooBcookies • mallruMRCU • yandexUid • twitter Hash • r...
0.0

VPN and VOIP Exploitation With HAMMERCHANT and HAMMERSTEIN

Document

Release Date: 2014-03-12
Slides from an NSA Turbulence presentation describe two of the agency’s specialised implants, aimed at compromising virtual private networks (VPNs) and online telephony (VOIP): see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 APEX VPN Phases ► VPN Phase 1: IKE Metadata Only (Spin 15) - IKE packets are exfiled to TURMOIL APEX. ■ APEX reconstructs/r...
0.0

OSINT Fusion Project

Document

Release Date: 2015-07-01
This undated presentation from NSA’s UK-based Menwith Hill station describes the various uses of open source intelligence (OSINT) in computer network operations, including the monitoring of hacker forums and spotting opportunities for so-called “Fourth Party Collection”: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, FVEY OSINT FUSION PROJECT Lockheed Martin IS&GS Intelligence LOCKHEED MARTIN TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA,...
0.0

Kaspersky User-Agent Strings

Document

Release Date: 2015-06-22 Document Date: 2008-09-22
This NSA research paper from September 2008 shows that the agency was aware that users of Kaspersky antivirus software could be uniquely identified using the information Kaspersky sent to its own servers: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL NATIONAL SECURITY AGENCY CENTRAL SECURITY SERVICE DRAFT (C//REL) Kaspersky User-Agent Strings By S3T/TECH/xxx/2008 September 20...
0.0

FOXACID SOP for Operational Management of FOXACID Infrastructure

Document

Release Date: 2016-08-19
This draft NSA report on using the agency’s FOXACID system confirms that malware code released by the ShadowBrokers did, in fact, originate from the NS see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL D R A F T NATIONAL SECURITY AGENCY CENTRAL SECURITY SERVICE FORT GEORGE G. MEADE, MARYLAND FOXACID SOP FOR OPERATIONAL MANAGEMENT...
0.0

Classification guide for ECI Pawleys (PAW)

Document

Release Date: 2014-10-10 Document Date: 2006-11-14
This 2006 NSA classification guide outlines the sensitivity of the agency’s clandestine human and electronic access to systems in order to “obtain cryptographic information and material”: see the Intercept article Core Secrets: NSA Saboteurs in China and Germany, 10 October 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 NATIONAL SECURITY AGENCY CENTRAL SECURITY SERVICE 0^ftUJDt54 SD7 AôEWf b<Kf' DTBb3LP HDEYI D0<XS«X 0*YR Jfi! (55^ BUH 5654 ...

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh