This undated NSA presentation, presented together with speaking notes, provides an introduction to the main cable access programmes facilitated by the agency’s corporate partners and specifies the relevant SIGADs: see the book No Place to Hide, 13 May 2014.
These screenshots from GCHQ’s internal GCWiki describe progress on the MTI (Mastering the Internet) cable access project, also known as Tempora. Prominent within these reports is the close cooperation with corporate partner Cable & Wireless / Vodafone, codenamed GEROTIC: see the Süddeutsche Zeitung article Snowden-Leaks: How Vodafone-Subsidiary Cable & Wireless Aided GCHQ’s Spying Efforts, 25 November 2011.
This document supplies then NSA Director General Keith Alexander’s talking points for a 2012 meeting with officials from the Danish Defense Intelligence Service (DDIS). These include a long-running joint cable access programme: see the Intercept article How Secret Partners Expand NSA’s Surveillance Dragnet, 18 June 2014.
Selected slides, some with speaking notes, drawn from a 2010 NSA presention, describe the aims of the agency’s operations against Chinese company Huawei: see the New York Times article N.S.A. Breached Chinese Servers Seen as Security Threat, 22 March 2014.
These slides from an NSA presentation show how the automated malware deployment tool Turbine depends on a network of passive collection sensors (Turmoil), installed at locations including Fort Meade in Maryland, Misawa in Japan and Menwith Hill in the UK: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
This NSA presentation from 3 June 2011 describes QFIRE, “a consolidated QUANTUMTHEORY platform”, that links the NSA’s enormous passive monitoring operation (TURMOIL) with the active hacking of systems undertaken by the agency’s Tailored Acess Operations division (TURBINE): see the Der Spiegel article, Inside TAO: Documents Reveal Top NSA Hacking Unit, 29 December 2013.
This partially redacted report dated 14 February 2013 summarises a meeting between the NSA and the Dutch intelligence agencies MIVD and AIVD: see the NRC Handelsblad article Dutch intelligence agency AIVD hacks internet fora, 30 November 2013.
This slide from a 2012 presentation shows the distribution of NSA collection points worldwide, including 80+ Special Collection Services (SCS) points based at embassies and consulates; 50,000 gained by Computer Network Exploitation (CNE) malware attacks and 20 “major accesses” from undersea cables: see the NRC Handelsblad article NSA infected 50,000 computer networks with malicious software, 23 November 2013.
This presentation gives an overview of the NSA’s programmes targeting the fibre optic cables that carry much of the world’s internet traffic. One slide gives a breakdown of which data sources form the basis of Presidential daily briefings. Another shows that the access point used to collect Yahoo and Google cloud data (MUSCULAR) is operated by GCHQ on UK territory. Slides detailing RAMPART cable accesses were published by the Intercept on 18 June 2014: see the Washington Post article How we know the NSA had access to internal Google and Yahoo cloud data, 4 November 2013.