Results
259 Total
0.0
HIMR Data Mining Research Problem Book
Document
Release Date:
2016-02-02
Document Date:
2011-09-20
This GCHQ research report dated 20 September 2011, cowritten by researchers at Heilbronn Institute for Mathematical Research based at the University of Bristol, concerns the use of data mining techniques to develop usable intelligence as well as the contradictions that arise from the use of algorithms to identify wrong doers, or potential wrong doers. The […]
UK TOP SECRET STRAP1 COMINT
AUS/CAN/NZ/UK/US EYES ONLY
Reference: OPC-M/TECH.A/455 (v1.0, r206)
Date: 20 September 2011
Copy no:
HIMR Data Mining Research Problem Book
OPC-MCR, G...
0.0
MHS FISINT Successfully Collects Israeli F-16 Heads Up Display
Document
Release Date:
2016-01-29
Document Date:
2008-02-01
This March 2008 post from the internal NSA newsletter SIDToday, describes the Menwith Hill station’s success in intercepting the video feeds from Israeli F-16 fighter jets and drones: see the Intercept article Spies in the Sky: Israeli Drone Feeds Hacked by British and American Intellience, 29 January 2016.
TOP SECRET//COMINT/TALENT KEYHOLE// REL TO USA, FVEY
published March 2008
MHS FISINT Successfully Collects Israeli F-16 Heads-Up Display
(S//SI//REL)
, Menwith Hill Station (F77)
(S...
0.0
Assessment of Intelligence Opportunity – Juniper
Document
Release Date:
2015-12-23
Document Date:
2011-02-03
This GCHQ report dated 3 February 2011 and written by a seconded NSA staff member, alludes to the agencies’ capabilities against 13 models of firewalls produced by Juniper Networks, Inc: see the Intercept article NSA Helped British Spies Find Security Holes In Juniper Firewalls, 23 December 2015.
TOP SECRET STRAP1
ASSESSMENT OF INTELLIGENCE OPPORTUNITY - JUNIPER
03 February 2011
Executive Summary
Background
• Juniper Networks, Inc. headquartered in Sunnyvale, California, USA is...
Australia (AUS/AU), Barbados (BRB/BB), Canada (CAN/CA), Cayman Islands (CYM/KY), China (CHN/CN), Hong Kong (HKG/HK), France (FRA/FR), Germany (DEU/DE), India (IND/IN), Japan (JPN/JP), Netherlands (NLD/NL), Pakistan (PAK/PK), Saudi Arabia (SAU/SA), United Kingdom (GBR/GB), United States (USA/US), Yemen (YEM/YE)
0.0
DEFIANTWARRIOR and the NSA’s Use of Bots
Document
Release Date:
2015-01-17
Document Date:
2010-05-24
This 24 May 2010 NSA presentation describes the ways the agency uses botnets (“bot herding”): see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL USA, FVEY
DEFIANTWARRIO R 7
/ //and the ;
NSA's Uè^ojÆotá/
Overall Classification: TOP SECRET//COMINT//REL FVEY
Current As Of: 24 May 2010
Derived From: NSA/CSS...
DEFIANTWARRIOR, FREEFLOW-compliant, INCENSER, ISLANDTRANSPORT (IT), OLYMPUS, PUZZLECUBE, QUANTUMBOT, TREASUREMAP (TM), TURBINE, TURBULENCE (TU), UNITEDRAKE, XKEYSCORE (XKS), STELLABLUE
0.0
BYZANTINE HADES: An Evolution of Collection
Document
Release Date:
2015-01-17
Document Date:
2010-06-01
This June 2010 NSA presentation for the SIGDEV conference describes efforts to trace a suspected Chinese cyber attack: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL
(S//REL)BYZANTINE HADES: An
Evolution of Collection
NTOC, V225
SIGINT Development Conference
June 2010
TOP SECRET//COMINT//REL TO...
0.0
TUTELAGE
Document
Release Date:
2015-01-17
This undated NSA presentation describes techniques for repurposing third party attack tools: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//REL TO USA,
FVEY
TOP SECRET//COMINT//REL TO USA,
TOP SECRET//COMINT//REL TO USA,
FVEY
Before TUTELAGE...
AFTERk
INTRUSION
Manual Analysis of Reporting Lo...
0.0
SNOWGLOBE: From Discovery to Attribution
Document
Release Date:
2015-01-17
Document Date:
2011-01-01
This 2011 CSEC presentation describes how the agency analysed SNOWGLOBE, which it considered “to be a state-sponsored CNO effort, put forth by a French intelligence agency”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
Overall Classification: TOP SECRET II COMINT II REL TO CAN, AUS, GBR, NZL, USA
■ ■ Communications Security
Establishment Canada
SNOWGLOBE:
From Discovery to Attribution
CSEC CNT/Cyb...
0.0
TRANSGRESSION Overview for Pod58
Document
Release Date:
2015-01-17
Document Date:
2010-02-07
This 7 February 2010 NSA presentation outlines techniques to “discover, understand, evaluate, and exploit foreign CNE/CNA exploits”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOPSECRET//COMINT//REL TO USA, FVEY
TRANSGRESSION Overview for Pod58
S31177
7 Feb 2010
DERIVED FROM: NSA/CSSM 1-52
DATED 08 JAN 2007
DECLASSIFY ON: 20320108
TOPSECRET//COMINT//REL T...
0.0
CNE End Point Requirements
Document
Release Date:
2015-01-17
This undated GCHQ reference document enumerates the processes and tools analysts use for computer network exploitation: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET STRAP1 COMINT
CNE End Point Requirements
CATEGORY O Experimt O Refinemer O Bug Fix O ALL REQTYPE O Capability O Convergenc O Query O Taskir O Viewe Oall PRIOR...
0.0
CNE Presence in CT10 Status Report
Document
Release Date:
2015-01-17
This undated NSA paper describes a project to recognise and process data that comes from third party attacks on computers: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
TOP SECRET//COMINT//NOFORN//20291123
CNE Presence in CT10 Status Report
Authors:
SNIP Intern
1LT
(U//FOUO) Executive Summary
(S//SI//REL USA, FVEY) This paper discusses the work ...
0.0
CyberCOP
Document
Release Date:
2015-01-12
Document Date:
2013-04-11
These three slides, taken from a 11 April 2013 NSA presentation show screenshots from a tool called CyberCOP, which appears to monitor botnets and the DDOS attacks they perform: see the NDR.de article Cyberkrieg: Wie gefährdet ist Deutschland?, 12 January 2015.
TOP SECRET//SI//REL TO USA, FVEY
CYBER
COP
CDOSG
Apr 11, 2013
CyberCOP Product Manager
Overall Classification: TOP SECRET//SI//REL TO USA,FVEY
TOP SECRET//SI//REL TO USA, FVEY
...
0.0
TLS Trends: A roundtable discussion on current usage and future directions
Document
Release Date:
2014-12-28
This CSEC presentation from 2012 outlines the agency’s capabilities against SSL encryption at that point: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//SI//REL TO CAN, AUS, GBR, NZL, USA
rs
TLS Trends:
A roundtable discussion on current
usage and future directions
Communications Security Establishment Canada (CSEC)
...
0.0
United Nations DNI Collection Enabled
Document
Release Date:
2015-08-15
Document Date:
2012-04-18
This 18 April 2012 post from the NSA internal newsletter SSO Weekly reveals that AT&T (FAIRVIEW) cooperated with the NSA, under the terms of a FISA court order, to enable the agency to surveil the internet traffic going to and from the United Nations headquarters in New York: see the New York Times article AT&T […]
(TS//SI//NF) United Nations DNI Collection Enabled
By on 2012-04-18 0853
(TS//SI//NF) FAIRVIEW and BLARNEY engineers collaborated to enable
the delivery of 700Mbps of paired packet switched t...
0.0
FAIRVIEW Tour
Document
Release Date:
2015-08-15
Document Date:
2012-03-28
This 28 March 2012 post from the NSA internal newsletter SSO Weekly describes the agency’s relationship with AT&T (FAIRVIEW) as “highly collaborative”: see the New York Times article AT&T Helped U.S. Spy on Internet on a Vast Scale, 15 August 2015.
(TS//SI//REL FVEY) FAIRVIEW Tour
By
on 2012-03-28 1333
(TS//SI//REL FVEY) On 23 March, S3 and GAO Technical Directors: S3
- and
HHHH7an^b^blGINT Lom^^nce and Arcnl^^U^e Lead
I, a...
0.0
NSA Extended Enterprise Report: July 2008
Document
Release Date:
2015-04-02
Document Date:
2008-07-08
This extract from a July 2008 NSA document describes Argentina as GCHQ’s “primary interest” in Latin America: see the Intercept article Britain Used Spy Team to Shape Latin American Public Opinion on Falklands, 2 April 2015.
TOP SECRET//REL TO USA, AUS, CAN, GBR, NZL//20291123
Extended Enterprise Report: July 2008
This document summarises key activities of interest to GCHQ at the NSA
Regional Cryptologic Center...
0.0
SUSLOW monthly report for March 2013
Document
Release Date:
2015-03-10
Document Date:
2013-03-01
This NSA document from March 2013 gives an update on GCSB activities, including the use of WARRIOR PRIDE malware against an ASEAN country and the Kim Dotcom case: see the New Zealand Herald article NZ’s spy reach stretches across globe, 11 March 2015.
TOP SECRET//SI//REL TO USA, FVEY
(U//FOUO) SUSLOW Monthly Report for March 2013
(U) March highlights:
- (U) Intelligence update:
o (TS//SI//REL TO USA, FVEY) GCSB has a WARRIORPRIDE ca...
0.0
Continued effort against the South Pacific region
Document
Release Date:
2015-03-05
Document Date:
2009-06-06
This extract from the NSA’s minutes of a June 2009 meeting at the agency’s headquarters in Fort Meade, where a GCSB officer was present: see the New Zealand Herald article The price of the Five Eyes club: Mass spying on friendly nations, 5 May 2015.
TOP SECRET//COMINT//REL10 USA, AUS, CAN, GBR, NZL
Continued effort against the South Pacific region - GCSB s access development
activities will be focused on the South Pacific region and entai...
0.0
PCS Harvesting at Scale
Document
Release Date:
2015-02-19
Document Date:
2010-04-27
This April 2010 GCHQ report proposes an automated approach to seizing large numbers of mobile phone encryption keys: see the Intercept article The Great SIM Heist: How Spies Stole the Keys to the Encryption Castle, 19 February 2015.
TOP SECRET STRAP 1
Reference: OPC-TDSD/TECH/21
Date: 27th April 2010
PCS Harvesting at Scale
(OPC-TDSD)
(OPC-TDSD)
(OPC-CAP)
(OPC-TDSD)
Summary
This report explores the ...
Afghanistan (AFG/AF), Bangladesh (BGD/BD), Dominica (DMA/DM), French Guiana (GUF/GF), Gabon (GAB/GA), Guadeloupe (GLP/GP), Iceland (ISL/IS), India (IND/IN), Indonesia (IDN/ID), Iran (IRN/IR), Italy (ITA/IT), Martinique (MTQ/MQ), Montenegro (MNE/ME), Namibia (NAM/NA), Pakistan (PAK/PK), Saint Lucia (LCA/LC), Serbia (SRB/RS), Somalia (SOM/SO), Tajikistan (TJK/TJ), Turkmenistan (TKM/TM), United Kingdom (GBR/GB), Vietnam (VNM/VN), Yemen (YEM/YE), Zimbabwe (ZWE/ZW)
0.0
Computer-Network Exploitation Successes South of the Border
Document
Release Date:
2013-10-20
Document Date:
2010-11-15
This extract from a 15 November 2010 NSA memo reveals that the agency has been able to access Mexican President Felipe Calderon’s email account: see the Der Spiegel article NSA Accessed Mexican President’s Email, 20 October 2013.
(TS//SI//REL) Computer-Network Exploitation Successes South of the Border
I FROM: .* BA.
Chief, NSA-Texas TAO/Requiremcnts & Targeting (FTS327)
Run Date: 11/15/2010
rS//SI//REL) TAO-en...
0.0
Roger Dingledine at NSA NOV 2007
Document
Release Date:
2013-10-04
Document Date:
2007-11-01
This NSA memo summarises a talk given by Roger Dingledine of the Tor Project on 1 November 2007: see the Secret NSA documents show campaign against Tor encrypted network, 4 October 2013.
TOP SECRET // COMINT // REL TO USA, AUS, CAN, GBR, NZL
Roger Dingledine at NSA NOV 2007
From PE
Contents
* 1 (U) Talk by Roger Dingledine at NSA, 11/01/2007 at R&E (Sponsored by NSA RT)
o 1...
0.0
LEVIATHAN and the FFU Hypothesis
Document
Release Date:
2015-01-28
Document Date:
2012-01-01
This CSE (then CSEC) presentation from 2012 describes the Canadian agency’s file download monitoring operation: see the Intercept article Canada Casts Global Surveillance Dragnet Over File Downloads, 28 January 2015. cse-presentation-on-the-levitation-project
TOP SECRET//SI//REL CAN, AUS, GBR, NZL, USA
LEVITATION and
the FFU Hypothesis
cse-cst.gc.ca
TOP SECRET//SI//REL CAN, AUS, GBR, NZL, USA
What is LEVITATION?
A behaviour-based target...
Bahrain (BHR/BH), Brazil (BRA/BR), Canada (CAN/CA), Germany (DEU/DE), Iraq (IRQ/IQ), Jordan (JOR/JO), Kenya (KEN/KE), Kuwait (KWT/KW), Morocco (MAR/MA), Qatar (QAT/QA), Saudi Arabia (SAU/SA), Senegal (SEN/SN), Spain (ESP/ES), United Arab Emirates (ARE/AE), United Kingdom (GBR/GB), United States (USA/US), Yemen (YEM/YE)
0.0
Graph theory in the operational environment
Document
This undated presentation from GCHQ’s Information and Communications Technology Research department discusses the agency’s efforts in finding “closed loops” of cheap burner phones, a major focus for the agency in the wake of the 7/7 London bombings: see the Intercept article How London’s 7/7 Bombings Led to “Unprecedented” Surveillance Tactics, 1 March 2018.
TOP SECRET STRAP1
Graph theory in the operational
environment
TOP SECRET STRAP1
What I will cover
Finding operational closed loops:
- The reality of target behaviour
- ...
0.0
OAKSTAR Travel Handbook: A Guide for Traveling
Document
Release Date:
2018-03-20
Document Date:
2013-03-01
This internal document for NSA employees dated 1 March 2013 provides a guide for visiting facilities related with the OAKSTAR programme,which are largely based in the United States, save for the MONKEYROCKET source, which has information forwarded to the European Technical Center in Germany: see the Intercept article The NSA Worked To “track Down” Bitcoin […]
TOP SECRET//COMINT//NOFORN
(U) OAKSTAR Travel Handbook:
A Guide for Traveling
Initials
Revision
20060925
Initial draft template
20061124
Initial draft for site
20061130
...
0.0
OAKSTAR Weekly Update – 5 April 2013
Document
Release Date:
2018-03-20
Document Date:
2012-04-01
This internal NSA technical update from March 2013 provides metrics about the information from the access point codenamed MONEYROCKET, which was the NSA’s source for tracking Bitcoin users: see the Intercept article The NSA Worked To “track Down” Bitcoin Users, Snowden Documents Reveal, 20 March 2018.
TOP SECRET//COMINT//NOFORN
OAKSTAR Weekly Update
Program Highlights Week of: March 30-April 5,
2013
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20320108
TOP SECRET//CO...
0.0
OAKSTAR Weekly Update – 15 March 2013
Document
Release Date:
2018-03-20
Document Date:
2013-03-01
This internal NSA technical newsletter states that the source of information codenamed MONEYROCKET is collecting information on “senders and receivers of bitcoin” and users Liberty Reserve: see the Intercept article The NSA Worked To “track Down” Bitcoin Users, Snowden Documents Reveal, 20 March 2018.
TOP SECRET//COMINT//NOFORN
OAKSTAR Weekly Update
Program Highlights Week of: March 9-15, 2013
ETS:
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20320108
TOP SECRET//C...
0.0
ISA-94: Application for renewal of warrant GPW/1160 in respect of activities which involve the modification of commercial software
Document
Release Date:
2015-06-22
Document Date:
2008-06-13
This GCHQ application for warrant renewal from June 2008 shows that the agency has been engaged in the reverse engineering of commercial antivirus software for the purposes of facilitating its hacking operations: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
TOP SECRET STRAP2 UK EYES ONLY
Date: 13 June 2008
GCHQ Reference: A/9014/9105/55
Sian MacLeod
Mariot Leslie
Foreign Secretary
ISA-94: APPLICATION FOR RENEWAL OF WARRANT GPW/1160 IN...
0.0
GCSB has identified an MFA data link
Document
Release Date:
2015-04-19
Document Date:
2013-04-01
This short extract from an April 2013 NSA document describes a “verbal agreement” between GCSB and NSA to proceed with the FROSTBITE / BASILHAYDEN project to infiltrate a Chinese diplomatic data link: see the New Zealand Herald article Leaked papers reveal NZ plan to spy on China for US, 19 April 2015.
(TS//SI//NF) New Zealand: GCSB has identified an MFA data link between the
Chinese Consulate and Chinese Visa Office in Auckland. NSA and GCSB have
verbally agreed to move forward with a coopera...
0.0
SUSLOW monthly report for March 2013
Document
Release Date:
2015-04-19
Document Date:
2013-03-01
This monthly report from the NSA’s Special US Liaison Officer in Wellington outlines progress on FROSTBITE (BASILHAYDEN) – a project to infiltrate the Chinese diplomatic computer network: see the New Zealand Herald article Leaked papers reveal NZ plan to spy on China for US, 19 April 2015.
| TOP SECRET//SI//REL TO USA, FVEY
(U//FOUO) SUSLOW Monthly Report for March 2013
(U) March highlights:
(U) Intelligence update:
o (S//SI//REL TO USA, FVEY) GCSB project FROSTBITE / TA...
0.0
Tracking Targets on Online Social Networks
Document
Release Date:
2014-05-13
Document Date:
2009-09-01
This September 2009 NSA presentation outline some of the insights that analysts can gather from online social networks (OSNs) and show the XKeyScore interface for performing such searches: see the book No Place To Hide, 13 May 2014.
TOP SECRET//COMINT//REL TO USA, FVEY
(S//SI//REL) Tracking
Targets on Online
Social Networks
The overall classification of this briefing to TOP SECRET//COMINT//REL TO USA, FVEY
Online...
0.0
HTTP Activity in XKEYSCORE
Document
Release Date:
2015-07-01
Document Date:
2009-03-01
This NSA presentation from March 2009 explains how agency analysts can exploit HTTP data through XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123
HTTP Activity in
XKEYSCORE
March 2009
Derived From: NSA/QSSM 1-52
Dated: 200701 (T
Declassify On: 202911
...