DocumentRelease Date: 2014-03-12
These slides from an NSA presentation show how the automated malware deployment tool Turbine depends on a network of passive collection sensors (Turmoil), installed at locations including Fort Meade in Maryland, Misawa in Japan and Menwith Hill in the UK: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, […]
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 Sensors: Passive Collection \ Internet * Cloud Internet 1 Cloud Internet <1 Cloud pUttMQJ.l I (S//SI//REÜ High-spe...
DocumentRelease Date: 2015-07-01
This undated presentation from NSA’s UK-based Menwith Hill station describes the various uses of open source intelligence (OSINT) in computer network operations, including the monitoring of hacker forums and spotting opportunities for so-called “Fourth Party Collection”: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, FVEY OSINT FUSION PROJECT Lockheed Martin IS&GS Intelligence LOCKHEED MARTIN TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA,...
DocumentDocument Date: 2010-01-01Release Date: 2015-06-04
This 2010 presentation and speaking notes from the NSA’s Office of Legal Counsel explains the legal authorities governing the agency’s computer network operations (CNO) activities: see the New York Times article Hunting for Hackers, N.S.A. Secretly Expands Internet Spying at U.S. Border, 4 June 2015.
^îcvr/7 ¿Musc* (U//FOUO) CNO LEGAL AUTHORITIES Office of General Counsel Classification: SECRET//COMINT//Rel 4 EYES//20291123 1 Objectives for Today's Brief • Overview of SIG...
DocumentDocument Date: 2013-01-01Release Date: 2014-06-18
This background paper briefs issues to be discussed for a visit of senior BND personnel to Fort Meade, including Special Source Operations collaboration on a cable tap codenamed WHARPDRIVE: see the Der Spiegel article New NSA Revelations: Inside Snowden’s Germany File, 18 June 2014. media-34117
TOP SEC RET//SI//NOFORN VISIT PRÉCIS Hr. Dietmar Director S1GINT Analysis and Production Germait Fédéral Intelligence Service (BND) 30 April - 1 May 2013 SID DIR Courtesy Cal: 30 Apr...
DocumentDocument Date: 2012-04-18Release Date: 2015-01-17
This April 2012 training presentation produced by Navy Information Operations Command Maryland states that “the next major conflict will start in cyberspace”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
NIOC MARYLAND ADVANCED COMPUTER NETWORK OPERATIONS COURSE Coordinated by -- NAVIOCOM Maryland Center of Excellence for Non-Kinetic Options — 1 SECRET//REL TO USA, / Title • C...
DocumentDocument Date: 2013-04-29Release Date: 2014-06-18
This internal document prepares for a visit of senior officers from Germany’s BND: see the Der Spiegel article New NSA Revelations: Inside Snowden’s Germany File, 18 June 2014.
SECRËT//NOFORN Date/Time of Visit: Visitor: Title: Countr y/Organ ¡¿a tjon; Equivalency: Accompanied by: FINAL AGENDA a 2013/II 417 Protocol Rep: Visit manager: (U) 30...
DocumentRelease Date: 2014-12-28
This undated NSA wiki page describes LONGHAUL, an “end-to-end attack orchestration and key recovery service for Data Network Cipher and Data Network Session Cipher traffic”: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
LONG HAUL - Wikiinfo The accredited security level of this system is: TOP SECRET//SI-GAMMA/TALENT KEYHOLE//ORCON/PROPIN /RELIDO/REL TO USA, FVEY * TOP SECRET//SI//REL TO USA, FVEY (U) ...
DocumentRelease Date: 2014-03-12
This undated NSA SIGINT presentation describes nine varieties of QUANTUM malware attack, their operational status and success in the field: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL USA, FVEY Case Studies of Integrated Cyber Operation Techniques NSA/CSS Threat Operations Center VS TOP SECRET//COMINT//REL USA, FVEY (U//FOUO) TUiT0t.EÄ,©i...
BOXINGRUMBLE, CLOUDSHIELD, DEFIANTWARRIOR, FOXACID (FA?), QUANTUM, QUANTUMBISCUIT, QUANTUMBOT, QUANTUMCOPPER, QUANTUMDNS, QUANTUMHAND, QUANTUMINSERT (QI), QUANTUMPHANTOM, QUANTUMSKY, TUTELAGE
DocumentDocument Date: 2013-04-19Release Date: 2014-06-18
This internal NSA briefing document from 19 April 2014 supplies background information for a Strategic Planning Meeting with senior BND officers to discuss future collaboration between Germany and the US: see the Der Spiegel article Spying Together: Germany’s Deep Cooperation with the NSA, 18 June 2014.
TOP SECRET//SI//NOFORN Talking Point Topics Proposai Name and Title of Visitor: (U//FOUO) Hr. Dietmar E^^^^Bchief Analysis and Production, German Federal Intelligence Service (BND) and Hr. ...
DocumentRelease Date: 2014-09-14
This undated NSA presentation sets out the network-mapping tool Treasure Map, and supplies information on some of the agency’s collection access points: see the Intercept article New Zealand Launched Mass Surveillance Project While Publicly Denying It, 15 September 2014.
Bad guys are everywhere, good guys are somewhere! NSA/CSS Threat Operations Center (NTOC) NTOC Technology Development TS//SI//REL TO USA, FVEY (U) NTOC • (U//FOUO) Operates under bot...
ASSOCIATION, BLACKPEARL, BYZANTINE, CERNET, DISCOROUTE, HYDROCASTLE, JOLLYROGER, LEAKYFAUCET, MASTERSHAKE, PACKAGEDGOODS (PG), RADIUS, ROUTEVIEWS, RUSTICBAGGAGE, SEASIDEFERRY, SOCIALSTAMP, S-TRICKLER, TOYGRIPPE, TREASUREMAP (TM), TUTELAGE, VITALAIR2, XKEYSCORE (XKS)
Argentina (ARG/AR), Austria (AUT/AT), Brazil (BRA/BR), China (CHN/CN), Denmark (DNK/DK), Germany (DEU/DE), India (IND/IN), Indonesia (IDN/ID), Latvia (LVA/LV), Malaysia (MYS/MY), New Zealand (NZL/NZ), Pakistan (PAK/PK), Poland (POL/PL), Russia (RUS/RU), Singapore (SGP/SG), South Africa (ZAF/ZA), Taiwan (TWN/TW), Thailand (THA/TH), Ukraine (UKR/UA), United States (USA/US)
DocumentDocument Date: 2009-08-01Release Date: 2015-01-17
This NSA TURBULENCE presentation dated August 2009 explains the APEX method of combining passive with active methods to exfiltrate data from networks attacked: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Active/Passive Exfiltration "go apex" STDP: S32354 & T112, NCSC/C91 August 2009 OP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TOP SECRET//COMHMT//REL TO USA. AUS. CAN....
DocumentDocument Date: 2011-06-03Release Date: 2013-12-29
This NSA presentation from 3 June 2011 describes QFIRE, “a consolidated QUANTUMTHEORY platform”, that links the NSA’s enormous passive monitoring operation (TURMOIL) with the active hacking of systems undertaken by the agency’s Tailored Acess Operations division (TURBINE): see the Der Spiegel article, Inside TAO: Documents Reveal Top NSA Hacking Unit, 29 December 2013.
image-584092-galleryV9-icxm.jpg: Getting Close to the Forward-based Defense with QFIRE June 3, 2011 QFIRE Pilot Lead NSA/Technology Directorate Derived From: NSA/CSSM 1-52 Dated: 20...
DocumentRelease Date: 2015-01-17
This undated NSA presentation describes techniques for detecting botnets: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
P SECRET//COMINT//REL TO USA, FVEY HIDDENSALAMANDER Alerting and Characterization of _____iyiissiQr\] CAPABILIT, ES Botnet Activity in TURMOIL Briefers: SECRET//REL TO USA, FV...
DocumentRelease Date: 2015-01-17
This undated NSA presentation describes tecniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET II COMINT ■ Communications Security Establishment Canada Centre de la sécurité des télécommunications Canada CSEC SIGINT Cyber Discovery: Summary of the current effort ...