This September 2009 NSA presentation outline some of the insights that analysts can gather from online social networks (OSNs) and show the XKeyScore interface for performing such searches: see the book No Place To Hide, 13 May 2014.
This page from GCHQ’s internal GCWIki, last modified on 25 June 2012, enumerates open-source data sets that are available in various agency databases: see the Intercept article Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise, 4 February 2015.
This page from GCHQ’s internal GCWiki, last updated on 6 February 2012, describes progress on LOVELY HORSE, a tool that automates the monitoring of open-source information related to information security: see the Intercept article Western Spy Agencies Secretly Rely on Hackers for Intel and Expertise, 4 February 2015.
This presentation, prepared by GCHQ’s Joint Threat Research Intelligence Group (JTRIG) for the 2010 SIGDEV conference describes the agency’s “effects” operations – including the use of social media for propaganda purposes: see the Intercept article: The “Cuban Twitter” Scam Is a Drop in the Internet Propaganda Bucket, 4 April 2014.
This slide lists the range of selectors the Turmoil infrastructure at UK base Menwith Hill can use to identify targets, many of which show the ability of Five Eyes agencies to piggyback on commercial services: see the Intercept article How the NSA Plans to Infect ‘Millions’ of Computers with Malware, 12 March 2014.
This page from the NSA intranet dated July 2011 supplies advice from the NSA Offices of General Counsel (OGC) and Oversight and Compliance (NOC) on the admissibility of targeting strategies against the users of popular websites (including WikLeaks and the Pirate Bay): see the Intercept article Snowden Documents Reveal Covert Surveillance and Pressure Tactics Aimed at WikiLeaks and Its Supporters, 18 February 2014.
This GCHQ presentation from 2012 outlines the agency’s ability to monitor internet use major social media networks in real time, using tools called Squeaky Dolphin, Fire Ant and Anticrisis Girl: see the NBC News article Snowden docs reveal British spies snooped on YouTube and Facebook, 27 January 2014.
This Booz Allen Hamilton presentation on the NSA’s Quantum tools describes the different kinds of malware attacks available to workgroups within the agency, the procedure an analyst must follow in order to make use of them and the way the systems themselves work, using a “man-on-the-side” attack from TAO’s FOXACID server. It also describes the respective Quantum capabilities of the NSA and GCHQ. See the Der Spiegel article Inside TAO: Documents Reveal Top NSA Hacking Unit, 29 December 2013.