Filtered By
United States (USA/US) X
Countries Mentioned [filter]
Computer Network Operations X
Document Topic [filter]
Results
67 Total
0.0

Interview with an SID “Hacker” — Part 2: Hacker Culture and Worker Retention

Document

Release Date: 2015-06-11 Document Date: 2012-07-13
This 12 July 2012 post from the NSA newsletter SIDToday describes the internal culture of Tailored Access Operations (TAO) from the perspective of a practitioner: see the Intercept article What the Snowden Files Say About the Osama Bin Laden Raid, 18 May 2015.
sidtoday-interview-with-a-sid-hacker-p1-normal.gif: DYNAMIC PAGE - HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL Welcome! Saturday, 10 Nov 2012 •...
0.0

Assessment of Intelligence Opportunity – Juniper

Document

Release Date: 2015-12-23 Document Date: 2011-02-03
This GCHQ report dated 3 February 2011 and written by a seconded NSA staff member, alludes to the agencies’ capabilities against 13 models of firewalls produced by Juniper Networks, Inc: see the Intercept article NSA Helped British Spies Find Security Holes In Juniper Firewalls, 23 December 2015.
TOP SECRET STRAP1 ASSESSMENT OF INTELLIGENCE OPPORTUNITY - JUNIPER 03 February 2011 Executive Summary Background • Juniper Networks, Inc. headquartered in Sunnyvale, California, USA is...
0.0

Another Successful Olympics Story

Document

Release Date: 2015-09-29 Document Date: 2004-10-06
This post from the NSA’s internal SIDToday newsletter, dated 6 October 2004, reviews the agency’s operations for the recently-concluded Athens Olympics: see the Intercept article A Death in Athens: Did a Rogue NSA Operation Cause the Death of a Greek Telecom Employee?, 29 September 2015.
id-863-redacted-formatted-p1-normal.gif: DYNAMIC PAGE - HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL (U) Another Successful Olympics Story FROM:...
0.0

DEFIANTWARRIOR and the NSA’s Use of Bots

Document

Release Date: 2015-01-17 Document Date: 2010-05-24
This 24 May 2010 NSA presentation describes the ways the agency uses botnets (“bot herding”): see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL USA, FVEY DEFIANTWARRIO R 7 / //and the ; NSA's Uè^ojÆotá/ Overall Classification: TOP SECRET//COMINT//REL FVEY Current As Of: 24 May 2010 Derived From: NSA/CSS...
0.0

Chinese Exfiltrate Sensitive Military Technology

Document

Release Date: 2015-01-17
These three undated NSA slides describe alleged Chinese cyberattacks against US military targets, codenamed BYZANTINE HADES: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
(U) Acquired radar design - (U) Numbers and types of modules (U) Detailed engine schematics (U) Methods for cooling gases (U) Leading and trailing edge treatments (U) Aft deck he...
0.0

BYZANTINE HADES: An Evolution of Collection

Document

Release Date: 2015-01-17 Document Date: 2010-06-01
This June 2010 NSA presentation for the SIGDEV conference describes efforts to trace a suspected Chinese cyber attack: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL (S//REL)BYZANTINE HADES: An Evolution of Collection NTOC, V225 SIGINT Development Conference June 2010 TOP SECRET//COMINT//REL TO...
0.0

TUTELAGE

Document

Release Date: 2015-01-17
This undated NSA presentation describes techniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, FVEY TOP SECRET//COMINT//REL TO USA, TOP SECRET//COMINT//REL TO USA, FVEY Before TUTELAGE... AFTERk INTRUSION Manual Analysis of Reporting Lo...
0.0

SNOWGLOBE: From Discovery to Attribution

Document

Release Date: 2015-01-17 Document Date: 2011-01-01
This 2011 CSEC presentation describes how the agency analysed SNOWGLOBE, which it considered “to be a state-sponsored CNO effort, put forth by a French intelligence agency”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Overall Classification: TOP SECRET II COMINT II REL TO CAN, AUS, GBR, NZL, USA ■ ■ Communications Security Establishment Canada SNOWGLOBE: From Discovery to Attribution CSEC CNT/Cyb...
0.0

TRANSGRESSION Overview for Pod58

Document

Release Date: 2015-01-17 Document Date: 2010-02-07
This 7 February 2010 NSA presentation outlines techniques to “discover, understand, evaluate, and exploit foreign CNE/CNA exploits”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOPSECRET//COMINT//REL TO USA, FVEY TRANSGRESSION Overview for Pod58 S31177 7 Feb 2010 DERIVED FROM: NSA/CSSM 1-52 DATED 08 JAN 2007 DECLASSIFY ON: 20320108 TOPSECRET//COMINT//REL T...
0.0

‘4th Party Collection’: Taking Advantage of Non-Partner Computer Network Exploitation Activity

Document

Release Date: 2015-01-17 Document Date: 2008-01-07
This 7 January 2008 post from NSA Menwith Hill Station’s internal Horizon newsletter describes the practice of piggybacking on other states’ computer network exploitation operations: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
SIDToday - '4th Party Collection': Taking Advantage of Non-Partner Computer Network Exploitation Activity DYNAMIC PAGE - HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA ...
0.0

Moving Data Through Disconnected Networks

Document

Release Date: 2015-01-17 Document Date: 2012-06-18
This June 2012 NSA presentation describes methods to exfiltrate data, even from networks that are apparently offline: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Moving Data Through Disconnected Networks Delay-Tolerant Networking and the IC (U//FOUO) June ; The overall classification of this briefing is: TOP SECRET//COMINT//REL TO USA, FVEY ...
0.0

Mobile apps doubleheader: BADASS Angry Birds

Document

Release Date: 2015-01-17
This undated joint GCHQ/CSEC presentation provides an overview of “exploring and exploiting leaky mobile apps”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Mobile apps doubleheader: BADASS Angry Birds From 6 weeks to 6 minutes: protocols exploitation in a rapidly changing world Exploring and Exploiting Leaky Mobile Apps with BADASS GTE/GCHQ GA...
0.0

CNE Presence in CT10 Status Report

Document

Release Date: 2015-01-17
This undated NSA paper describes a project to recognise and process data that comes from third party attacks on computers: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//NOFORN//20291123 CNE Presence in CT10 Status Report Authors: SNIP Intern 1LT (U//FOUO) Executive Summary (S//SI//REL USA, FVEY) This paper discusses the work ...
0.0

CyberCOP

Document

Release Date: 2015-01-12 Document Date: 2013-04-11
These three slides, taken from a 11 April 2013 NSA presentation show screenshots from a tool called CyberCOP, which appears to monitor botnets and the DDOS attacks they perform: see the NDR.de article Cyberkrieg: Wie gefährdet ist Deutschland?, 12 January 2015.
TOP SECRET//SI//REL TO USA, FVEY CYBER COP CDOSG Apr 11, 2013 CyberCOP Product Manager Overall Classification: TOP SECRET//SI//REL TO USA,FVEY TOP SECRET//SI//REL TO USA, FVEY ...
0.0

NATO Civilian Intelligence Council – Cyber Panel – Talking Points

Document

Release Date: 2015-02-04 Document Date: 2011-09-14
This US National Intelligence Council memo dated 14 September 2011 provides US talking points for a forthcoming NATO meeting and includes the assessment that the threat presented by Anonymous and hacktivist activity is “minimal”: see the Intercept article Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise, 4 February 2015.
SECRET//REL TO USA, NATO NIM/Cyber 14 September 2011 Talking Points Subject: (S//REL NATO) NATO Civilian Intelligence Council—Cyber Panel National Input A. Threat Overview (U) (U...
0.0

SIGINT Development Support II Program Management Review

Document

Release Date: 2016-08-19 Document Date: 2013-04-24
Four slides taken from a 24 April 2013 NSA presentation detail how SECONDDATE man-in-the-middle attacks were used against targets in Pakistan and Lebanon: see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
TOP SECRET//SI//NOFORN The overall classification of this brief is (U) SIGINT Development Support II Program Management Review ► 24 April 2013 TOP SECRET//COMINT//NOFORN Derived Fro...
0.0

Making Network Sense of the encryption problem

Document

Release Date: 2014-12-13 Document Date: 2011-01-01
This 2011 presentation by the head of GCHQ’s Network Analysis Centre outlines the agency’s interest in exploiting telecommunications companies, namely to “get at the data before it is encrypted”: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014.
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL ------m/\cz NETWORK ^IM^ySIS CSfSJTRe Making Network Sense of the encryption problem Roundtable Head of GCHQ NAC This info...
0.0

Fourth Party Opportunities

Document

Release Date: 2015-01-17
This undated NSA presentation describes the process of Fourth Party collection – “I drink your milkshake”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, FVEY (U) Fourth Party Opportunities O TOP SECRET//COMINT//REL TO USA, FVEY SECRET//COMINT//REL TO USA, FVEY (U) What is 4th Party ..................
0.0

Is there “fifth party” collection?

Document

Release Date: 2015-01-17 Document Date: 2011-01-01
This undated post from an NSA discussion board describes “fourth party collection” – piggybacking on another state’s computer network exploitation operation: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
(TS//SI//REL) Is there "fifth party" collection? | Round Table Dynamic Page - Highest Possible Classification is TOP SECRET // SI / TK // REL TO USA, FVEY (TS//SI//REL) Is there "fifth part...
0.0

The FASHIONCLEFT Protocol

Document

This NSA presentation dated 16 October 2008 describes the FASHIONCLEFT protocol used to exfiltrate data from trojans and implants to the agency: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
The Fashioncleft .. Protocol Hi STDP, S32354 “go Itiny-url?q=p5atn” October 16, 2008 TOP SECRET//COMINT//RELTO USA,FVEY 1 | TOP SECRET//COMINT//RELTO USA,FVEY Definition...
0.0

APEX Active/Passive Exfiltration

Document

Release Date: 2015-01-17 Document Date: 2009-08-01
This NSA TURBULENCE presentation dated August 2009 explains the APEX method of combining passive with active methods to exfiltrate data from networks attacked: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Active/Passive Exfiltration "go apex" STDP: S32354 & T112, NCSC/C91 August 2009 OP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 TOP SECRET//COMHMT//REL TO USA. AUS. CAN....
0.0

Case Studies of Integrated Cyber Operation Techniques

Document

Release Date: 2014-03-12
This undated NSA SIGINT presentation describes nine varieties of QUANTUM malware attack, their operational status and success in the field: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
TOP SECRET//COMINT//REL USA, FVEY Case Studies of Integrated Cyber Operation Techniques NSA/CSS Threat Operations Center VS TOP SECRET//COMINT//REL USA, FVEY (U//FOUO) TUiT0t.EÄ,©i...
0.0

Black Budget entry on Computer Network Operations GENIE project

Document

Release Date: 2015-01-17 Document Date: 2012-02-18
This extract from the US Intelligence Community’s Congressional Budget Justification for the Fiscal Year 2013 (the “Black Budget”) provides the budget for GENIE the project “which underpins NSA/CSS’ Computer Network Operations (CNO) Endpoint capabilities conducted by the Tailored Access Operations (TAO) Group: see the Der Spiegel article The Digital Arms Race: NSA Preps America for […]
TOP SECRET//SI/TK//NOFORN (U) COMPUTER NETWORK OPERATIONS (U) GENIE This Exhibit is SECRET//NOFORN FY 20111 Actual FY 2012 Enacted FY 2013 Request FY 2012 - FY 2013 Base...
0.0

Using XKEYSCORE to Enable TAO

Document

Release Date: 2015-07-01 Document Date: 2009-07-16
This NSA presentation from 16 July 2009 explains how the XKeyScore system supports the agency’s Tailored Access Operations: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
using-xks-to-enable-tao-p1-normal.gif: TOP SECRET//COMINT//REL TO USA. AUS, CAN. GBR. NZL//20291123 Ait* tuv. Using XKEYSCORE to Enable TAO Booz I AJIen l Hamilton SDS Analyst 16 July ...
0.0

Expeditionary Access Operations: NSA’s Close Access Network Exploitation Program

Document

Release Date: 2016-08-19
This undated presentation from the NSA’s Expeditionary Access Operations discusses how malware techniques are used in the field: see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
EXPEDITIONARY ACCESS OPERATIONS NSA’s Close Access Network Exploitation Program Expeditionary Access Operations (S//SI//REL) S3283 is the expeditionary arm of TAO which conducts worldwide...
0.0

SIGDEV: Is It Time for a ‘Target Reboot’?

Document

Release Date: 2015-11-18 Document Date: 2011-03-23
This 23 March 2011 article from the internal NSA newsletter SIDToday describes an analyst’s surprise at discovering that the agency was collecting internal communications from Venezuelan energy company Petróleos de Venezuela (PDVSA): see the Intercept article Overwhelmed NSA Surprised To Discover Its Own Surveillance “Goldmine” on Venezuela’s Oil Executives, 18 November 2015.
sigdev-is-it-time-for-a-target-reboot-p1-normal.gif: DYNAMIC PAGE - HIGHEST POSSIBLE CLASSIFICATION IS TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL Welcome! Saturday, 10 Nov 2012 ...
0.0

Exploiting Foreign Lawful Intercept (LI) Roundtable

Document

Release Date: 2015-09-29 Document Date: 2012-01-01
This NSA presentation from 2012 discusses techniques for subverting “lawful intercept” systems used abroad: see the Intercept article A Death in Athens: Did a Rogue NSA Operation Cause the Death of a Greek Telecom Employee?, 29 September 2015.
2012-lawful-intercept-redacted2-p1-normal.gif: TOP SECRET//SI//REL TO USA, FVEY (S//SI//REL) Exploiting Foreign Lawful Intercept (LI) Roundtable S31122 TOP SECRET//SI//REL TO USA, FVEY...
0.0

Iran – Current Topics, Interaction with GCHQ

Document

Release Date: 2015-02-10 Document Date: 2013-04-12
This NSA talking points memo dated 12 April 2013 notes that Iran “has demonstrated a clear ability to learn from the capabilities and actions of others”: see the Intercept article NSA Claims Iran Learned from Western Cyberattacks, 10 February 2015.
TOP SECRET//COMINT//NOFORN (U) Topic: Iran - Current Topics, Interaction with GCHQ (U) Director's Talking Points: * (TS//SI//REL TO USA, FVEY) Emphasize that we have successfully worked mu...
0.0

Computer Network Exploitation (CNE) Classification Guide / 2-59

Document

Release Date: 2014-10-10 Document Date: 2010-03-01
This 2010 NSA classication guide outlines the sensitivity of aspects of the agency’s hacking activities: see the Intercept article Core Secrets: NSA Saboteurs in China and Germany, 10 October 2010.
TOP SECRET//SI//REL TO USA, FVEY (U) CLASSIFICATION GUIDE TITLE/NUMBER: Computer Network Exploitation (CNE) Classification Guide / 2-59 (U) PUBLICATION DATE: 1 March 2010 (U) OFFICE OF O...
0.0

Bad guys are everywhere, good guys are somewhere!

Document

Release Date: 2014-09-14
This undated NSA presentation sets out the network-mapping tool Treasure Map, and supplies information on some of the agency’s collection access points: see the Intercept article New Zealand Launched Mass Surveillance Project While Publicly Denying It, 15 September 2014.
Bad guys are everywhere, good guys are somewhere! NSA/CSS Threat Operations Center (NTOC) NTOC Technology Development TS//SI//REL TO USA, FVEY (U) NTOC • (U//FOUO) Operates under bot...

e-Highlighter

Click to send permalink to address bar, or right-click to copy permalink.

Un-highlight all Un-highlight selectionu Highlight selectionh