Results
27 Total
0.0
TUTELAGE
Document
Release Date:
2015-01-17
This undated NSA presentation describes techniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA,
FVEY
TOP SECRET//COMINT//REL TO USA,
TOP SECRET//COMINT//REL TO USA,
FVEY
Before TUTELAGE...
AFTERk
INTRUSION
Manual Analysis of Reporting Lo...
0.0
SIGINT Development Support II Program Management Review
Document
Release Date:
2016-08-19
Document Date:
2013-04-24
Four slides taken from a 24 April 2013 NSA presentation detail how SECONDDATE man-in-the-middle attacks were used against targets in Pakistan and Lebanon: see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
TOP SECRET//SI//NOFORN
The overall classification of this brief is
(U) SIGINT Development Support II
Program Management Review
► 24 April 2013
TOP SECRET//COMINT//NOFORN
Derived Fro...
0.0
Case Studies of Integrated Cyber Operation Techniques
Document
Release Date:
2014-03-12
This undated NSA SIGINT presentation describes nine varieties of QUANTUM malware attack, their operational status and success in the field: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL USA, FVEY
Case Studies of Integrated Cyber
Operation Techniques
NSA/CSS Threat Operations Center
VS
TOP SECRET//COMINT//REL USA, FVEY
(U//FOUO) TUiT0t.EÄ,©i...
0.0
CSEC Cyber Threat Capabilities
Document
Release Date:
2015-03-23
Document Date:
2011-01-01
This CSE presentation from 2011 describes some of the cyber warfare tools at the agency’s disposal: see the article Communication Security Establishment’s cyberwarfare toolbox revealed, 23 March 2015.
■ ^ ■ Communications Security Centre de la sécurité TOP SECRET//COMINT//REL TO FVEY
Establishment Canada des télécommunications Canada
CSEC Cyber Threat Capabilities
SIGINT and ITS: an en...
0.0
QUANTUMTHEORY
Document
Release Date:
2014-03-12
Document Date:
2010-01-01
This presentation from the 2010 SIGDEV Conference describes the contribution made by GCHQ to the development of Quantum techniques: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, FVEY//20320108
TOP SECRET//COMINT//REL TO USA, FVEY//20320108
SIGDEV: Discovery in the Cyber Ag>
TOP SECRET//COMINT//REL TO USA, FVEY//20320108
(U) Clas...
0.0
SKIDROWE – Low Speed DNI Processing Solution Replacing WEALTHYCLUSTER2
Document
Release Date:
2016-11-16
This undated NSA presentation describes SKIDROWE, a FORNSAT operation that surveils signals being sent to and from satellites: see the Intercept article Titanpointe: The NSA’s Spy Hub in New York, Hidden in Plain View, 16 November 2016.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
Low Speed DNI processing solution
TOP SECRET//COMINT//
yJ
SKIDROWE
Components
WEALTHYCLUSTER to TURNWEALTHY
Capabilities o...
0.0
Quantum Shooter SBZ Notes
Document
Release Date:
2015-01-17
This undated page from the NSA’s internal WikiInfo site describes QUANTUMSHOOTER, an implant that allows computers to be controlled remotely: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
QUANTUM Shooter SBZ Notes - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT
KEYHOLE//ORCON/PROPIN/RELIDO/REL TO USA, FVEY *
TOP SECRET//SI//REL TO USA,...
0.0
Mobile Networks in MyNOC World
Document
Release Date:
2014-12-13
Document Date:
2011-01-01
This GCHQ presentation from 2011 provides the background to the agency’s hacking attack on Belgacom: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014. gchq-mobile-networks-in-my-noc-world
TOP SECRET STRAP 2
Mobile Networks in
World
Head of GCHQ NAC
n/\c
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemptio...
0.0
Automated NOC Detection
Document
Release Date:
2014-12-13
Document Date:
2011-01-01
This 2011 presentation, created by GCHQ’s Network Analysis Centre describes new techniques for gathering reconnaissance on the IT personnel of targeted organisations (their “Network Operations Centres”), using Belgacom as an example in several slides: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014. Download […]
TOP SECRET STRAP 2
Automated NOC
Detection
, Head of GCHQ NAC
Senior Network Analyst, CSEC NAC
n/\c
This information is exempt from disclosure under the Freedom of Information Act ...
0.0
QFIRE pilot report
Document
Release Date:
2013-12-29
Document Date:
2011-06-03
This NSA presentation from 3 June 2011 describes QFIRE, “a consolidated QUANTUMTHEORY platform”, that links the NSA’s enormous passive monitoring operation (TURMOIL) with the active hacking of systems undertaken by the agency’s Tailored Acess Operations division (TURBINE): see the Der Spiegel article, Inside TAO: Documents Reveal Top NSA Hacking Unit, 29 December 2013.
image-584092-galleryV9-icxm.jpg:
Getting Close to the
Forward-based Defense with QFIRE
June 3, 2011
QFIRE Pilot Lead
NSA/Technology Directorate
Derived From: NSA/CSSM 1-52
Dated: 20...
0.0
ANT Product Data
Document
Release Date:
2013-12-30
These pages from an NSA internal catalogue describe the tools available to the agency in 2008: see the Der Spiegel article NSA’s Secret Toolbox: Unit Offers Spy Gadgets for Every Need, 30 December 2013
S3222_DEITYBOUNCE.jpg:
SECRET//COMINT//REL TO USA, FVEY
DEITYBOUNCE
ANT Product Data
(TS//SI//REL) DEITYBOUNCE provides software application persistence on Dell
PowerEdge servers by exp...
ANGRYNEIGHBOR, ARKSTREAM, BANANAGLEE, BLINDDATE, BULLDOZER, CANDYGRAM, CHIMNEYPOOL, CONJECTURE, COTTONMOUTH (CM), CROSSBEAM, CYCLONE Hx9, DANDERSPRITZ, DEITYBOUNCE, DROPOUTJEEP, ENTOURAGE, GENESIS, GENIE, GOPHERSET, GOTHAM, GOURMETTROUGH, HALLUXWATER, HEADWATER, HOLLOWPOINT, HOWLERMONKEY (HM), IRATEMONK, JETPLOW, JUNIORMINT, KONGUR, LOUDAUTO, MOCCASIN, MONKEYCALENDAR, NIGHTSTAND, NIGHTWATCH, OLYMPUS, PHOTOANGLO, PICASSO, QUANTUM, RAGEMASTER, ROCKYKNOB, SOUFFLETROUGH, SPECULATION, SWAP, TAWDRYYARD, TOTECHASER, TOTEGHOSTLY, TRINITY, TURBOPANDA, TURBULENCE (TU), TWISTEDKILT, TYPHON, TYPHON HX, UNITEDRAKE, VAGRANT, VIEWPLATE, WATERWITCH, WISTFULTOLL, ZESTYLEAK
0.0
NSA QUANTUM Tasking Techniques for the R&T Analyst
Document
Release Date:
2013-12-29
This Booz Allen Hamilton presentation on the NSA’s Quantum tools describes the different kinds of malware attacks available to workgroups within the agency, the procedure an analyst must follow in order to make use of them and the way the systems themselves work, using a “man-on-the-side” attack from TAO’s FOXACID server. It also describes the […]
image-583967-galleryV9-quqn.jpg:
TOP SECRET//SI//REL USA, AUS, CAN, GBR, NZL
(TS) NSA QUANTUM Tasking Techniques
for the R&T Analyst
POC:
TAO RTD | Team
- Booz Allen Hamilton SDS2
...
0.0
Select Accomplishments: Production
Document
Release Date:
2013-12-11
Document Date:
2013-04-01
This short excerpt from an April 2013 NSA presentation given to Five Eyes partners provides evidence of Sweden’s involvement in the “trilat” behind Quantam malware operations: see the SVT article FRA part of top-secret hacker project, 11 December 2013.
TOP SECRET//COMINT//REL USA. AUS, CAN, GBR, NZL
Select Accomplishments: Production
Sweden: Realization of DZRNSA-proposed trilat to work Quantum.
0.0
QUANTUMHAND
Document
Release Date:
2014-03-15
Document Date:
2011-04-01
This short extract from an April 2011 NSA document describes the operation of the agency’s QUANTUMHAND tool: see the Intercept article Compare the NSA’s Facebook Malware Denial to its Own Secret Documents, 15 March 2014.
(TS//SI//NF) QUANTUMTHEORY (QT) is a set of CNO Man-on-the-Side capabilities that involve
real-time responses to passive collection. After the recent TURMOIL upgrade at SSO’s SARATOGA
access, TA...
0.0
MHS Leverages XKS for Quantum Against Yahoo and Hotmail
Document
Release Date:
2014-03-12
This extract from an NSA document describes research into Quantum tools being performed at Menwith Hill in the UK: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
(U) MHS Leverages XKS for QUANTUM Against Yahoo and Hotmail
TOP SECRET//SI//REL TO USA, FVEY
(TS//SI//REL) MHS Leverages XKEYSCORE Deep-Dive Packet Analysis to Identify Feasibility of QUANTU...
0.0
A new intelligent command and control capability
Document
Release Date:
2014-03-12
This extract from an undated NSA document describes the planned capability of the automated malware injection system Turbine as extending to “potentially millions of implants”: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
(TS//SI//REL) A new intelligent command and control capability designed to manage a very large number of covert implants for
active SIGINT and active Attack that reside on the GENIE covert infras...
0.0
Analysis of Converged Data
Document
Release Date:
2014-03-12
Document Date:
2009-01-01
This slide from a 2009 presentation from the NSA’s Technology Directorate explains how Turbine’s “high-level tasking” effectively automates much of the agency’s offensive operations: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TECHNOLOGY
DIRECTORATE
Analysis of Converged Data
Converged data leads to better analysis, which leads to more focused tasking
Note: Our goals for high-level tasking are to relieve the ...
0.0
CSEC SIGINT Cyber Discovery: Summary of the current effort
Document
Release Date:
2015-01-17
Document Date:
2010-11-18
This CSEC presentation for a November 2010 conference outlines CSEC capabilities in the recognition of trojans and other “network based anomolies”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET II COMINT
■ Communications Security
Establishment Canada
Centre de la sécurité
des télécommunications Canada
CSEC SIGINT Cyber Discovery:
Summary of the current effort
...
0.0
iPhone target analysis and exploitation with unique device identifiers
Document
Release Date:
2015-01-17
Document Date:
2010-11-12
This GCHQ research paper dated 12 November 2010 discuss some of the agency’s attacks against iPhone handsets: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET STRAP1
12th November 2010
ICTR-MCT Team (ICTR-MCT-GCHQ-dl)
MHE Team (MHETeam-GCHQ-dl)
OPDSDHQ^^^H
TEA
Benhall Records Centre
iPhone target analysis and exploitation wit...
0.0
Classification guide for NSA/CSS quantum computing research
Document
Release Date:
2014-01-02
Document Date:
2011-09-21
This NSA classification guide dated 21 September 2011 describes the objectives of the agency’s quantum computing research efforts: see the Washington Post article NSA seeks to build quantum computer that could crack most types of encryption, 2 January 2014.
TOP SECRET//SI//REL TO USA, AUS, CAN, GBR, NZL
NATIONAL SECURITY AGENCY
CENTRAL SECURITY SERVICE
(U) CLASSIFICATION GUIDE FOR
NSA/CSS QUANTUM COMPUTING RESEARCH
10-25
Effective Date:...
0.0
FOXACID SOP for Operational Management of FOXACID Infrastructure
Document
Release Date:
2016-08-19
This draft NSA report on using the agency’s FOXACID system confirms that malware code released by the ShadowBrokers did, in fact, originate from the NS see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
D R A F T
NATIONAL SECURITY AGENCY
CENTRAL SECURITY SERVICE
FORT GEORGE G. MEADE, MARYLAND
FOXACID SOP
FOR
OPERATIONAL MANAGEMENT...
0.0
Computer Network Exploitation
Document
Release Date:
2018-02-17
This undated GCHQ presentation gives an overview of the agency’s use of hacking techniques, including an explanation of what it perceived the legal position to be at the time: see the Intercept
TOP SECRET STRAP1
Contents
• What is CNE?
• Why do CNE?
• CNE Teams
• Partners
• Challenges
• Contacts
PTD "We penetrate targets' defences."
This information is exempt un...
0.0
TURBINE
Document
Release Date:
2014-03-12
Document Date:
2009-01-01
These extracts from a 2009 NSA presentation describes the agency’s system for automated malware injection on an “industrial-scale”: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOPSHJE17/COMINT7/RELIO USA, FVE/
(U) Automation
(TS73//FEL) TURBINEcan talkto active & passive sensors/shooters
■ (TS7S//REL) Maintenance tasks on routers
■ (TS7S//REL) Dynamic target...
0.0
Simultaneously managing thousands of implanted targets
Document
Release Date:
2014-03-12
Document Date:
2004-09-17
In this extract from an NSA presentation dated 17 September 2004, growth for the agency’s Tailored Access Operations is envisaged to the point where “thousands” of malware implants could be managed at any one time. The agency’s aims would grow steadily more abitious over the next decade: see the Intercept article How the NSA Plans […]
(S//SI) Building the operations floor and increasing the number of break-out rooms will enable us to grow from the current average of 20-25 of these
operations per day to over 100 per day and wil...
0.0
Penetrating Hard Targets and Owning The Net
Document
Release Date:
2014-01-02
This excerpt from the Black Budget explains how quantum computing development efforts fit in with NSA projects that aim to break strong encryption (Penetrating Hard Targets) and facilitate offensive operations to compromise target networks (Owning The Net or OTN): see the Washington Post article NSA seeks to build quantum computer that could crack most types […]
Excerpts from the "black budget," Volume 2, "Combined Cryptologic Program":
(U) RESEARCH & TECHNOLOGY (U) PENETRATING
HARD TARGETS
(U) Project Description
(S//SI//REL TO USA, FVEY) The...
0.0
I Hunt Sys Admins
Document
Release Date:
2014-03-20
Document Date:
2012-01-01
A series of casual posts written by a single author stationed in the NSA’s Signals Intelligence Directorate and posted on the agency’s intranet in 2012. Several posts written in December of that year describe the rationale and methodology of targeting systems administrators: see the Intercept article Inside the NSA’s Secret Efforts to Hunt and Hack […]
UHCLASSIFIED//FOUO
Copyright! (U) utility of "security conferences" HsFiH(hide)
2012.02.08- 09:53 am
Do not reuse
this image!
(U//F0U0) Caveat: it's been a couple years since I have a...
0.0
UK and Swedish involvement in Quantum
Document
Release Date:
2013-12-11
Document Date:
2013-04-01
This internal NSA document from April 2013 provides a progress report on projects where the NSA’s Signals Intelligence Directorate (SID) strategy involves a foreign partner. A paragraph on Sweden indicates that GCHQ’s participation in Quantum malware operations “may be in jeopardy” but that making the project a joint US-Swedish one has been “NSA’s goal all […]
TOP SECRET//SI//NOFORN
What You Wanted to Know
Review SID's goals for this quarterly.
Note that just about all of the accomplishments we are presenting respond to some aspect of SID's
st...