Results
17 Total
0.0
DEFIANTWARRIOR and the NSA’s Use of Bots
Document
Release Date:
2015-01-17
Document Date:
2010-05-24
This 24 May 2010 NSA presentation describes the ways the agency uses botnets (“bot herding”): see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL USA, FVEY
DEFIANTWARRIO R 7
/ //and the ;
NSA's Uè^ojÆotá/
Overall Classification: TOP SECRET//COMINT//REL FVEY
Current As Of: 24 May 2010
Derived From: NSA/CSS...
DEFIANTWARRIOR, FREEFLOW-compliant, INCENSER, ISLANDTRANSPORT (IT), OLYMPUS, PUZZLECUBE, QUANTUMBOT, TREASUREMAP (TM), TURBINE, TURBULENCE (TU), UNITEDRAKE, XKEYSCORE (XKS), STELLABLUE
0.0
APEX Active/Passive Exfiltration
Document
Release Date:
2015-01-17
Document Date:
2009-08-01
This NSA TURBULENCE presentation dated August 2009 explains the APEX method of combining passive with active methods to exfiltrate data from networks attacked: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Active/Passive Exfiltration
"go apex"
STDP: S32354 & T112, NCSC/C91
August 2009
OP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123
TOP SECRET//COMHMT//REL TO USA. AUS. CAN....
0.0
Black Budget entry on Computer Network Operations GENIE project
Document
Release Date:
2015-01-17
Document Date:
2012-02-18
This extract from the US Intelligence Community’s Congressional Budget Justification for the Fiscal Year 2013 (the “Black Budget”) provides the budget for GENIE the project “which underpins NSA/CSS’ Computer Network Operations (CNO) Endpoint capabilities conducted by the Tailored Access Operations (TAO) Group: see the Der Spiegel article The Digital Arms Race: NSA Preps America for […]
TOP SECRET//SI/TK//NOFORN
(U) COMPUTER NETWORK OPERATIONS
(U) GENIE
This Exhibit is SECRET//NOFORN
FY 20111 Actual FY 2012 Enacted FY 2013 Request FY 2012 - FY 2013
Base...
0.0
QUANTUMTHEORY
Document
Release Date:
2014-03-12
Document Date:
2010-01-01
This presentation from the 2010 SIGDEV Conference describes the contribution made by GCHQ to the development of Quantum techniques: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, FVEY//20320108
TOP SECRET//COMINT//REL TO USA, FVEY//20320108
SIGDEV: Discovery in the Cyber Ag>
TOP SECRET//COMINT//REL TO USA, FVEY//20320108
(U) Clas...
0.0
LONGHAUL
Document
Release Date:
2014-12-28
This undated NSA wiki page describes LONGHAUL, an “end-to-end attack orchestration and key recovery service for Data Network Cipher and Data Network Session Cipher traffic”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
LONG HAUL - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON/PROPIN
/RELIDO/REL TO USA, FVEY *
TOP SECRET//SI//REL TO USA, FVEY
(U) ...
0.0
QFIRE pilot report
Document
Release Date:
2013-12-29
Document Date:
2011-06-03
This NSA presentation from 3 June 2011 describes QFIRE, “a consolidated QUANTUMTHEORY platform”, that links the NSA’s enormous passive monitoring operation (TURMOIL) with the active hacking of systems undertaken by the agency’s Tailored Acess Operations division (TURBINE): see the Der Spiegel article, Inside TAO: Documents Reveal Top NSA Hacking Unit, 29 December 2013.
image-584092-galleryV9-icxm.jpg:
Getting Close to the
Forward-based Defense with QFIRE
June 3, 2011
QFIRE Pilot Lead
NSA/Technology Directorate
Derived From: NSA/CSSM 1-52
Dated: 20...
0.0
ANT Product Data
Document
Release Date:
2013-12-30
These pages from an NSA internal catalogue describe the tools available to the agency in 2008: see the Der Spiegel article NSA’s Secret Toolbox: Unit Offers Spy Gadgets for Every Need, 30 December 2013
S3222_DEITYBOUNCE.jpg:
SECRET//COMINT//REL TO USA, FVEY
DEITYBOUNCE
ANT Product Data
(TS//SI//REL) DEITYBOUNCE provides software application persistence on Dell
PowerEdge servers by exp...
ANGRYNEIGHBOR, ARKSTREAM, BANANAGLEE, BLINDDATE, BULLDOZER, CANDYGRAM, CHIMNEYPOOL, CONJECTURE, COTTONMOUTH (CM), CROSSBEAM, CYCLONE Hx9, DANDERSPRITZ, DEITYBOUNCE, DROPOUTJEEP, ENTOURAGE, GENESIS, GENIE, GOPHERSET, GOTHAM, GOURMETTROUGH, HALLUXWATER, HEADWATER, HOLLOWPOINT, HOWLERMONKEY (HM), IRATEMONK, JETPLOW, JUNIORMINT, KONGUR, LOUDAUTO, MOCCASIN, MONKEYCALENDAR, NIGHTSTAND, NIGHTWATCH, OLYMPUS, PHOTOANGLO, PICASSO, QUANTUM, RAGEMASTER, ROCKYKNOB, SOUFFLETROUGH, SPECULATION, SWAP, TAWDRYYARD, TOTECHASER, TOTEGHOSTLY, TRINITY, TURBOPANDA, TURBULENCE (TU), TWISTEDKILT, TYPHON, TYPHON HX, UNITEDRAKE, VAGRANT, VIEWPLATE, WATERWITCH, WISTFULTOLL, ZESTYLEAK
0.0
Turmoil VPN Processing
Document
Release Date:
2014-12-28
Document Date:
2009-10-27
This NSA presentation dated 27 October 2009 outlines the use of intercepted IPSec VPN data within the agency: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TURMOIL VPN PROCESSING
27 October 2009
The overall classification for this brief is:
[TOPSECRET//COMINT//REL TO USA, FVEY]
TOP SECRET//COMINT//REL TO USA FVEY
Agenda
• VPN Technolo...
0.0
Dealing With a ‘Tsunami’ of Intercept
Document
Release Date:
2015-05-05
Document Date:
2006-08-29
This 29 August 2006 post from the internal NSA newsletter SIDToday explains how the Human Language Technology analysts working on speech-to-text technology within the agency understand their role in dealing with large amounts of intercepted data: see the Intercept article The Computers are Listening: How the NSA Converts Spoken Words Into Searchable Text, 5 May […]
(S//SI) Dealing With a 'Tsunami' of Intercept
FROM:
Human Language Technology (S23)
Run Date: 08/29/2006
(S//SI) Everyone knows that analysts have been drowning in a tsunami of intercept...
0.0
UTT Configuration README
Document
Release Date:
2015-07-01
This undated NSA technical document provides information about the Universal Targeting Tool (UTT), “a mission critical component of the TURBULENCE architecture”: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
utt-config-readme-p1-normal.gif:
SECRET//REL TO USA, FVEY
(U) UTT Configuration
README
(U) Overview
(S//SI//REL) The Unified Targeting Tool (UTT) makes it possible to transition from to...
0.0
Selector types
Document
Release Date:
2014-03-12
This slide lists the range of selectors the Turmoil infrastructure at UK base Menwith Hill can use to identify targets, many of which show the ability of Five Eyes agencies to piggyback on commercial services: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, FVEY
Selector Types
Machine IDs
- Cookies
• Hotmail GUIDs
• Google prefIDs
• YahooBcookies
• mallruMRCU
• yandexUid
• twitter Hash
• r...
0.0
QUANTUMINSERT
Document
Release Date:
2014-03-12
These diagrams describe the operation of the NSA’s Quantum Insert attack: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TS//REL
QUANTUM INSERT
TS//REL
QUANTUM INSERT
TS//REL
QUANTUM INSERT
TS//REL
QUANTUM INSERT
TS//REL
QUANTUM INSERT
0.0
VPN and VOIP Exploitation With HAMMERCHANT and HAMMERSTEIN
Document
Release Date:
2014-03-12
Slides from an NSA Turbulence presentation describe two of the agency’s specialised implants, aimed at compromising virtual private networks (VPNs) and online telephony (VOIP): see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123
APEX VPN Phases
► VPN Phase 1: IKE Metadata Only (Spin 15)
- IKE packets are exfiled to TURMOIL APEX.
■ APEX reconstructs/r...
0.0
OSINT Fusion Project
Document
Release Date:
2015-07-01
This undated presentation from NSA’s UK-based Menwith Hill station describes the various uses of open source intelligence (OSINT) in computer network operations, including the monitoring of hacker forums and spotting opportunities for so-called “Fourth Party Collection”: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, FVEY
OSINT FUSION PROJECT
Lockheed Martin IS&GS Intelligence
LOCKHEED MARTIN
TOP SECRET//COMINT//REL TO USA, FVEY
TOP SECRET//COMINT//REL TO USA,...
0.0
Some Key (SSO) Cyber Milestone Dates Since Fall 2005
Document
Release Date:
2015-06-04
Document Date:
2012-01-25
This NSA slide from a 2012 presentation on Cyber 702 Authorities shows that the agency’s authority to undertake warantless wiretapping of US persons’ internet traffic was extended over the course of 2012: see the New York Times article Hunting for Hackers, N.S.A. Secretly Expands Internet Spying at U.S. Border, 4 June 2015.
> Spring 2008 - CNCI FYDP Becomes Real.
> July 2008 - FISA Amendments Act; CT Cert, first, Foreign Governments Cert in Sept.
> 5.
> 2010 to 2011 - Low-Profile TURMOIL @ 10 Gbps deployed w...
0.0
Fielded Capability: End-to-End VPN SPIN 9 Design Review
Document
Release Date:
2014-12-28
This undated NSA presentation describes the Spin 9 system for decrypting VPN data: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
The overall classification for this brief is:
TOPSECRET//COMINT//REL USA, AUS, CAN, GBR, NZL//20320108
SPIN 9 Design Review
TOP SECRET//COMINT//REL USA, AUS, CAN, GBR, NZL//20320108
VPN ...
0.0
VALIANTSURF WikiInfo page
Document
Release Date:
2014-12-28
This undated page from NSA’s internal WikiInfo describes VALIANTSURF “the coverterm for the development of Data Network Cipher (DNC) exploitation capabilities in TURMOIL”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
VALIANTSURF - Wikiinfo
The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON/PROPIN/RELIDO/REL TO USA, FVEY *
TOP SECRET1/SI/10RCON1REL TO USA, FVEY
...
USJ-759, USJ-759A, US-3150, USD-1001TEC, USF-787, USJ-759, USJ-759A, US-3150, US-3301, US-3167, DS-200B, USF-787