This undated NSA presentation describes techniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.

Four slides taken from a 24 April 2013 NSA presentation detail how SECONDDATE man-in-the-middle attacks were used against targets in Pakistan and Lebanon: see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.

This undated NSA SIGINT presentation describes nine varieties of QUANTUM malware attack, their operational status and success in the field: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.

This CSE presentation from 2011 describes some of the cyber warfare tools at the agency’s disposal: see the article Communication Security Establishment’s cyberwarfare toolbox revealed, 23 March 2015.

This presentation from the 2010 SIGDEV Conference describes the contribution made by GCHQ to the development of Quantum techniques: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.

This undated NSA presentation describes SKIDROWE, a FORNSAT operation that surveils signals being sent to and from satellites: see the Intercept article Titanpointe: The NSA’s Spy Hub in New York, Hidden in Plain View, 16 November 2016.

This undated page from the NSA’s internal WikiInfo site describes QUANTUMSHOOTER, an implant that allows computers to be controlled remotely: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.

This GCHQ presentation from 2011 provides the background to the agency’s hacking attack on Belgacom: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014. gchq-mobile-networks-in-my-noc-world

This 2011 presentation, created by GCHQ’s Network Analysis Centre describes new techniques for gathering reconnaissance on the IT personnel of targeted organisations (their “Network Operations Centres”), using Belgacom as an example in several slides: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014. Download […]

This NSA presentation from 3 June 2011 describes QFIRE, “a consolidated QUANTUMTHEORY platform”, that links the NSA’s enormous passive monitoring operation (TURMOIL) with the active hacking of systems undertaken by the agency’s Tailored Acess Operations division (TURBINE): see the Der Spiegel article, Inside TAO: Documents Reveal Top NSA Hacking Unit, 29 December 2013.

These pages from an NSA internal catalogue describe the tools available to the agency in 2008: see the Der Spiegel article NSA’s Secret Toolbox: Unit Offers Spy Gadgets for Every Need, 30 December 2013

This Booz Allen Hamilton presentation on the NSA’s Quantum tools describes the different kinds of malware attacks available to workgroups within the agency, the procedure an analyst must follow in order to make use of them and the way the systems themselves work, using a “man-on-the-side” attack from TAO’s FOXACID server. It also describes the […]

This short excerpt from an April 2013 NSA presentation given to Five Eyes partners provides evidence of Sweden’s involvement in the “trilat” behind Quantam malware operations: see the SVT article FRA part of top-secret hacker project, 11 December 2013.

This short extract from an April 2011 NSA document describes the operation of the agency’s QUANTUMHAND tool: see the Intercept article Compare the NSA’s Facebook Malware Denial to its Own Secret Documents, 15 March 2014.

This extract from an NSA document describes research into Quantum tools being performed at Menwith Hill in the UK: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.

This extract from an undated NSA document describes the planned capability of the automated malware injection system Turbine as extending to “potentially millions of implants”: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.

This slide from a 2009 presentation from the NSA’s Technology Directorate explains how Turbine’s “high-level tasking” effectively automates much of the agency’s offensive operations: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.

This CSEC presentation for a November 2010 conference outlines CSEC capabilities in the recognition of trojans and other “network based anomolies”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.

This GCHQ research paper dated 12 November 2010 discuss some of the agency’s attacks against iPhone handsets: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.

This NSA classification guide dated 21 September 2011 describes the objectives of the agency’s quantum computing research efforts: see the Washington Post article NSA seeks to build quantum computer that could crack most types of encryption, 2 January 2014.

This draft NSA report on using the agency’s FOXACID system confirms that malware code released by the ShadowBrokers did, in fact, originate from the NS see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.

This undated GCHQ presentation gives an overview of the agency’s use of hacking techniques, including an explanation of what it perceived the legal position to be at the time: see the Intercept

These extracts from a 2009 NSA presentation describes the agency’s system for automated malware injection on an “industrial-scale”: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.

In this extract from an NSA presentation dated 17 September 2004, growth for the agency’s Tailored Access Operations is envisaged to the point where “thousands” of malware implants could be managed at any one time. The agency’s aims would grow steadily more abitious over the next decade: see the Intercept article How the NSA Plans […]

This excerpt from the Black Budget explains how quantum computing development efforts fit in with NSA projects that aim to break strong encryption (Penetrating Hard Targets) and facilitate offensive operations to compromise target networks (Owning The Net or OTN): see the Washington Post article NSA seeks to build quantum computer that could crack most types […]

A series of casual posts written by a single author stationed in the NSA’s Signals Intelligence Directorate and posted on the agency’s intranet in 2012. Several posts written in December of that year describe the rationale and methodology of targeting systems administrators: see the Intercept article Inside the NSA’s Secret Efforts to Hunt and Hack […]

This internal NSA document from April 2013 provides a progress report on projects where the NSA’s Signals Intelligence Directorate (SID) strategy involves a foreign partner. A paragraph on Sweden indicates that GCHQ’s participation in Quantum malware operations “may be in jeopardy” but that making the project a joint US-Swedish one has been “NSA’s goal all […]