This 2005 post from the NSA’s internal newsletter SIDToday describes a major target-discovery operation that took place in the wake of the London 7/7 bombings – a major search of phone metadata looking for connections abroad: see the Intercept article How London’s 7/7 Bombings Led to “Unprecedented” Surveillance Tactics, 1 March 2018.
This 2005 post from the NSA’s internal newsletter SIDToday features an interview with the deputy chief of the Middle East and North Africa product line. In light of a personnel shortage, he believes that new communications technology presents an advantage to the NSA, as the agency can spy on more intimate, firsthand communications from targets: see the Intercept article NSA Used Porn to “Break Down Detainees” in Iraq — and Other Revelations From 297 Snowden Documents, 1 March 2018.
This March 2008 post from the internal NSA newsletter SIDToday, describes the Menwith Hill station’s success in intercepting the video feeds from Israeli F-16 fighter jets and drones: see the Intercept article Spies in the Sky: Israeli Drone Feeds Hacked by British and American Intellience, 29 January 2016.
This two-page extract from a longer, undated, GCHQ document describing its presence in Cyprus, states that “Under the ECHELON Agreement, NSA provides 50% of the funding for the SOUNDER Comsat facility”: see the Intercept article GCHQ and Me: My Life Unmasking British Eavesdroppers, 3 August 2015.
This undated presentation from NSA’s UK-based Menwith Hill station describes the various uses of open source intelligence (OSINT) in computer network operations, including the monitoring of hacker forums and spotting opportunities for so-called “Fourth Party Collection”: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
This excerpted GCHQ newsletter from March 2010 describes ongoing surveillance operations against Argentina: see the Intercept article Britain Used Spy Team to Shape Latin American Public Opinion on Falklands, 2 April 2015.
This short extract from a GCHQ Network Analysis Centre report covering the period July-September 2011 describes “offensive cyber operations” against Iran, Argentina and Libya: see the Intercept article Britain Used Spy Team to Shape Latin American Public Opinion on Falklands, 2 April 2015.
This post from the NSA’s internal SIDToday newsletter, dated 6 May 2010 and attributed to the Menwith Hill station describes NSA, CSEC and GCHQ’s acquisition of emails already exfiltrated by another actor: see the Intercept article Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise, 4 February 2015.
This 7 January 2008 post from NSA Menwith Hill Station’s internal Horizon newsletter describes the practice of piggybacking on other states’ computer network exploitation operations: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
This undated NSA Menwith Hill presentation describes SPINALTAP, a project to combine data from active operations and passive signals intelligence: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.