DocumentRelease Date: 2015-07-01 Document Date: 2009-06-24
This NSA presentation from 24 June 2009 explains how to use the email search functionality within XKeyScore: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20291123 vs User Activity 24 June 2009 "»Ol 01 t » «4 Ha#f* IWt De rived From: NSA/CSSM 1-52 ...
DocumentRelease Date: 2016-08-19 Document Date: 2011-04-15
This 15 April 2011 article from the NSA’s internal newsletter Special Source Operations News discusses the delivery of malware to a target in Pakistan while they were using Facebook: see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
(TS//SI//NF) DGO Enables Endpoint Implants via QUANTUMTHEORY By [[REDACTED]] on 2011-09-26 1548 (TS//SI//NF) In another example of the emerging collaboration between the Endpoint and Midpoint ...
DocumentRelease Date: 2016-08-19 Document Date: 2013-04-24
Four slides taken from a 24 April 2013 NSA presentation detail how SECONDDATE man-in-the-middle attacks were used against targets in Pakistan and Lebanon: see the Intercept article The NSA Leak is Real, Snowden Documents Confirm, 19 August 2016.
TOP SECRET//SI//NOFORN The overall classification of this brief is (U) SIGINT Development Support II Program Management Review ► 24 April 2013 TOP SECRET//COMINT//NOFORN Derived Fro...
DocumentRelease Date: 2016-11-16 Document Date: 2013-04-23
This NSA technical memo from April 2013 describes deployments of agency personnel to the facility codenamed TITANPOINTE: see the Intercept article Titanpointe: The NSA’s Spy Hub in New York, Hidden in Plain View, 16 November 2016.
TOP SECRET//COMINT//REL TO USA, FVEY (Report generated on:4/23/2013 7:00:17AM ) Blarney-40-12 Work in Progress ECP Lead: Title of Change: DNI Processing of RINGBILL Access Site(s): TIT...
DocumentRelease Date: 2016-06-07 Document Date: 2011-03-09
This two-page extract from a larger GCHQ document dated 9 March 2011 describes MILKWHITE, the codename under which metadata gathered by the agency is shared with other branches of the British government: see the Intercept article Facing Data Deluge, Secret U.K. Spying Report Warned of Intelligence Failure, 7 June 2016.
TOP SECRET STRAP1 9 March 2011 DISCOVER ID 5100181 E. MILKWHITE Enrichment Service (MES) Programme In FY11/12 the MES Programme will continue to support the Home Office Communications Ca...
DocumentRelease Date: 2018-01-19 Document Date: 2006-11-09
This 2006 NSA technical presentation discusses the agency’s Voice RT system for real-time voice recognition and the role voice recordings from US conflict theatres played in developing the system: see the Intercept article Finding Your Voice, 19 January 2018.
TOP SECRET//COMINT//REL RT10 Initiative Overview Dr. James Heath Program Management & Advisors: COL Bob Harms / COL Barb Trent / Michelle Gerhard Architects: / Mark Ross Prese...
DocumentRelease Date: 2014-12-28
This undated NSA document gives information on ongoing development of attacks against VPNs: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL//20320108 DRAFT SPIN 15 VPN Story VPN has two thrusts, one has high mission impacts and the other has high performance and functionalit...
DocumentRelease Date: 2014-12-28
These three undated NSA slides provide an overview of the VALIANTSURF system: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, FVEY VALIANTSURF (VS): VALIANTSURF Capability Level Beneficiaries CES & LONGHAUL OTP & SSG TOPIs Link Access CES A Key Recovery, no on-site decrypti...
DocumentRelease Date: 2014-12-28
This undated presentation from NSA’s Digital Network Crypt Applications (DNCA) concerns the GALLANTWAVE tool, which decrypts VPN traffic within LONGHAUL: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET//COMINT//REL TO USA, AUS, CAN, GBR, NZL GALLANTWAVE@scale GALLANTWAVE @ volume Requirements @Scale Deploy more widely - Leverage peering with partner @Volume Increas...
DocumentRelease Date: 2013-12-09 Document Date: 2008-01-01
An NSA document from 2008 shows that efforts to collect data from players of World of Warcraft started that year with the development of specialised exploits by GCHQ. The operation was based at Menwith Hill in the UK: see the New York Times article Spies’ Dragnet Reaches a Playing Field of Elves and Trolls, 9 […]
TOP SECRET//COMINT//REL TO USA, FVEY (TS//SI//REL) MHS and GCHQ “Get in the Game” with Target Development for World of Warcraft Online Gaming (TS//SI//REL) Although online gaming may seem...
DocumentRelease Date: 2014-06-18 Document Date: 2011-11-21
This NSA classification guide, dated 21 November 2011, covers signals intelligence material that as to be kept secret for more than the standard 60 years: see the Der Spiegel article The NSA in Germany: Snowden’s Documents Available for Download, 18 June 2014.
TOP SECRET//SjyTK//NOFÜRN NATIONAL SECURITY AGENCY CENTRAL SECURITY SERVICE (U) CLASSIFICATION GUIDE FOR SIGINT Material Dating from 16 August 1945 *31 December 1967 Effects Dale: 21 De...
Albania (ALB/AL), Algeria (DZA/DZ), Austria (AUT/AT), Belgium (BEL/BE), Bulgaria (BGR/BG), Cambodia (KHM/KH), China (CHN/CN), Denmark (DNK/DK), France (FRA/FR), Germany (DEU/DE), Hungary (HUN/HU), Israel (ISR/IL), Italy (ITA/IT), Japan (JPN/JP), Jordan (JOR/JO), North Korea (PRK/KP), Korea (KOR/KR), Netherlands (NLD/NL), Norway (NOR/NO), Pakistan (PAK/PK), Poland (POL/PL), Romania (ROU/RO), Saudi Arabia (SAU/SA), Singapore (SGP/SG), Sweden (SWE/SE), Taiwan (TWN/TW), Tunisia (TUN/TN), Turkey (TUR/TR), United Kingdom (GBR/GB), United States (USA/US), Vietnam (VNM/VN)
DocumentRelease Date: 2014-05-13 Document Date: 2010-06-01
A June 2010 report from the NSA internal newsletter SIDtoday, authored by the chief of the agency’s Access and Target Development, describes the interdiction and backdooring of “shipments of computer network devices (servers, routers, etc.)”: see the book No Place To Hide, 13 May 2014.
TOP SECRET//COMINT//NOFORN June 2010 (U) Stealthy Techniques Can Crack Some of SIGINT’s Hardest Targets By: (U//FOUO)| 1, Chief, Access and Target Development (S3261) (TS//SE/NF)...
DocumentRelease Date: 2014-04-30 Document Date: 2013-04-01
This internal NSA document from April 2013 gives background information to prepare for the then GCHQ Director’s visit on 30 April and 1 May; included topics include access to PRISM data, FLAME malware, Iran, Syria and Israel: see the Intercept article British Spy Chiefs Secretly Begged to Play in NSA’s Data Pools, 30 April 2014. […]
TOPSECRET//SI//NOFORN VISIT PRÉCIS Sir Iain Lobban, KCMG, CB Director, Government Communications Headquarters (GCHQ) 30 April 2013 - 1 May 2013 GEN A Hosted Dinner: 30 April 2013//1...
DocumentRelease Date: 2014-04-04
This presentation, prepared by GCHQ’s Joint Threat Research Intelligence Group (JTRIG) for the 2010 SIGDEV conference describes the agency’s “effects” operations – including the use of social media for propaganda purposes: see the Intercept article: The “Cuban Twitter” Scam Is a Drop in the Internet Propaganda Bucket, 4 April 2014.
UK TOP SECRET STRAP 1 GCHQ Full-Spectrum Cyber Effects name redacted jTMii Head of JTRIG name redacted SD Effects Lead SIGINT Development as an enabler for GCHQ’s “Effects” m...
DocumentRelease Date: 2014-03-12 Document Date: 2012-12-01
This extract from an NSA document dated December 2012 shows the agency’s concern that other nation-state actors are adopting similar techniques: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
(TS//SI//REL) Happy Friday my esteemed and valued Intelligence Community colleagues! There has been a topic of conversation that has started to rumble beneath the surface of the Cyber-scene latel...
DocumentRelease Date: 2014-01-30 Document Date: 2012-05-10
This CSEC presentation dated 10 May 2012 describes the agency’s techniques for tracking a single IP address and details an experiment carried out at a Canadian airport with the help of an unspecified special source provider: see the CBC article, CSEC used airport Wi-Fi to track Canadian travellers: Edward Snowden documents, 30 January 2014. Download […]
TOP SECRET ■ ■ Communications Security Establishment Canada IP Profiling Analytics & Mission Impacts Tradecraft Developer CSEC - Network Analysis Centre May 10, 2012 SIGINT ...
DocumentRelease Date: 2014-11-25
This undated screenshot from GCHQ’s internal GCWiki provides details of INCENSER, “a GERONTIC delivery from the NIGELLA access” – in other words, a supply of data arranged by Cable & Wireless from a rival company’s infrastructure: see the Süddeutsche Zeitung article Snowden-Leaks: How Vodafone-Subsidiary Cable & Wireless Aided GCHQ’s Spying Efforts, 25 November 2014. Download […]
TOP SECRET STRAP 1 COMINT The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report inappropriate content. For GCWiki help contact: page PTC Glossary F...
DocumentRelease Date: 2014-10-10
This undated selection of seven NSA slides highlights the activities the agency regards as its “core secrets”: see the Intercept article Core Secrets: NSA Saboteurs in China and Germany, 10 October 2014.
TOP SECRET//COMINT//NOFORN NSA/CSS and JFCC-NW National Initiative Task - Security Framework SAP Authority NSA/CSS/JFCC-NW SAPS DNI CNE DoD CND CNA wm Information Released to...
DocumentRelease Date: 2014-08-04 Document Date: 2008-01-01
This short extract from a GCHQ planning document from 2008 makes clear concerns about Israel’s “less desirable activities”: see the Intercept article Cash, Weapons and Surveillance: the U.S. is a Key Party to Every Israeli Attack, 4 August 2014.
TOP SECRET STRAP 1 Israel. Policy makers remain deeply concerned over the potential threat that Israel poses to a peaceful resolution of the Iran problem, and to some of Israel’s less desirab...
DocumentRelease Date: 2014-07-25 Document Date: 2013-04-08
This NSA information paper dated 8 April 2013 details the agency’s deepening signals intelligence relationship with Saudi Arabia: see the Intercept article The NSA’s New Partner in Spying: Saudi Arabia’s Brutal State Police, 25 July 2014.
TOP SECRET//SI//NOFORN National Security 8 April 2013 Agency/Central Security Service Information Paper (S//SI//REL TO USA, SAU) Subject: NSA Intelligence Relationship with Saudi Ara...
DocumentRelease Date: 2014-12-28
This undated presentation from GCHQ’s PTD (Penetrating Target Defences) unit gives an overview of BULLRUN efforts to defeat encryption: see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
TOP SECRET STRAP1 BULLRUN PTD Lead for Special Operations and Policy PTD "We penetrate targets' defences." This information is exempt from disclosure under the Freedom of Information A...
DocumentRelease Date: 2013-09-05
This undated GCHQ document provides a classification guide for BULLRUN – NSA and GCHQ’s attempts to weaken or defeat cryptographic protocols – and specifies some of its achievements: see the ProPublica article Revealed: The NSA’s Secret Campaign to Crack, Undermine Internet Security, 5 September 2013.
TOP SECRET STRAP1 COMINT BULLRUN Col - Briefing Sheet Introduction 1. The ability to exploit targets’ encrypted communications is extremely fragile and is often enabled through sensiti...
DocumentRelease Date: 2014-12-13 Document Date: 2011-01-01
This 2011 presentation by the head of GCHQ’s Network Analysis Centre outlines the agency’s interest in exploiting telecommunications companies, namely to “get at the data before it is encrypted”: see the Intercept article Operation Socialist: The Inside Story of How British Spies Hacked Belgium’s Largest Telco, 13 December 2014.
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL ------m/\cz NETWORK ^IM^ySIS CSfSJTRe Making Network Sense of the encryption problem Roundtable Head of GCHQ NAC This info...
Belgium (BEL/BE), Botswana (BWA/BW), El Salvador (SLV/SV), United Kingdom (GBR/GB), United States (USA/US)
DocumentRelease Date: 2014-12-04 Document Date: 2011-03-09
This extract from a GCHQ document dated 9 March 2011 describes WOLFRAMITE, an agency project to defeat the A5/3 GSM cipher: see the Intercept article Operation Auroragold: How the NSA Hacks Cellphone Networks Worldwide, 4 December 2014.
TOP SECRET STRAP 1 Strategic Objective Goal/Aim Programme Outcomes Target Capability deliveries for 2011/12 Meet the Mobile Broadband challenge. • Scaling up the exploitation of handse...
DocumentRelease Date: 2017-04-24 Document Date: 2004-10-04
An overview of TRAFFICTHIEF, a service that connects several different collection systems, "from active, passive, and warranted SIGINT accesses via a central messaging service" to provide near real-time alerts about targets. It started in July 2003 as a prototype and has been deployed since February 2004. It "has helped enable the capture of several high-priority Counter-terrorism targets." There are several major enhancements that TRAFFICTHIEF could also do in the future, and the TRAFFICTHIEF team is hard at work making them a reality.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS<br>TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL <br><br>(U//FOUO) The Intelligent SIGINT Network of the Future<br>FROM: <br>Network Analysi...
DocumentRelease Date: 2016-12-07 Document Date: 2004-08-03
Anecdote about the author and his wife moving to Moscow to start a two-year intelligence tour. After a weekend spent exploring the city, they woke up Monday morning to a coup. Gorbachev was missing; Yeltsin rose to power.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS<br>TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL <br><br>(U//FOUO) InSIDer's View of History: Quite a Welcome!<br>FROM:<br>Chief European/Ce...
DocumentRelease Date: 2017-04-24 Document Date: 2004-07-29
A progress report on the construction of the Interim Mission Assurance Facility reveals that the second of four phases is complete. The site will protect SID's assets against catastrophic destruction.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS<br>TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL <br><br>(S//REL) Mission Assurance Facility Phase 2 Completed<br>FROM:<br>Unknown<br>Run Da...
DocumentRelease Date: 2017-04-24 Document Date: 2004-07-28
Three linguists received awards for their contributions in establishing standards and in working on Russian and South American targets.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS<br>TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL <br><br>(U) Crypto-Linguistic Association Presents This Year's Career Honors<br>FROM: SIGIN...
DocumentRelease Date: 2016-08-10 Document Date: 2003-11-12
Canada’s Communications Security Establishment hosted an annual SIGINT bilateral, including discussions on support to military operations in Afghanistan, homeland security issues, and counterterrorism in Southeast Asia.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS<br>TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL<br><br>(U//FOUO) 2003 CSE/NSA SIGINT Bilateral<br>FROM:<br>Deputy SUSLO in Ottawa<br>Run Da...
DocumentRelease Date: 2016-08-10 Document Date: 2003-11-06
NSA collects “medical SIGINT” from the communications of NGOs and treaty-monitoring organizations and is collaborating with the DIA’s Armed Forces Medical Intelligence Center at the Army’s bioweapons research facility at Fort Detrick for expertise in epidemiology.
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS<br>TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL<br><br>(U//FOUO) DIA - Swimming Upstream in the SIGINT System<br>FROM:<br>Account Manager f...