This page catalogs various revelations by Edward Snowden, regarding the United States’ surveillance activities.
Each disclosure is assigned to one of the following categories: tools and methods, overseas USG locations from which operations are undertaken, foreign officials and systems that NSA has targeted, encryption that NSA has broken, ISPs or platforms that NSA has penetrated or attempted to penetrate, and identities of cooperating companies and governments.
The page will be updated from time to time and is intended as a resource regarding Snowden and the debate over U.S. surveillance. Comments and suggestions thus are welcomed, and should be sent to staff.lawfare@gmail.com.
1. Tools and methods
- NSA uses implants in USB cables and small circuit boards, combined with a nearby relay station with a radio transmitter, to download data from and upload data to target computers even if they are not connected to the internet.
- NSA intercepts data from Microsoft Windows’ crash reporting tool to identify vulnerabilities in target computers.
- NSA sends spam email with links to infected websites to plant malware on target computers.
- NSA purchases software vulnerabilities from malware vendors.
- NSA and GCHQ use fake LinkedIn pages to place malware on target computers.
- NSA diverts packages containing target systems and installs malware on the systems before delivery.
- NSA has developed modified monitor cables to record information displayed on target computers.
- NSA uses its own GSM base stations to mimic cell phone towers, enabling it to monitor communications and locate phones.
- NSA prefers to install malware in BIOS, rather than on hard drives.
- NSA uses a combination of hardware implants placed inside a target room and a radio transmitter aimed at the room from the outside to collect information about the position of objects, sound, and information displayed on monitors inside the room.
- NSA has developed tools to insert malware packets for Microsoft Windows systems into wireless LAN networks from the outside.
- NSA has developed a system to map wireless LAN networks from a UAV.
- NSA has developed a tool to send an alert as soon as a particular cell phone enters its range.
- NSA has developed a keystroke logger that functions even when the target computer is not connected to the internet.
- NSA has developed a program to correlate American operations officers’ cell phone signals with other cell phone signals in the area, enabling NSA to identify foreign officers who might be tailing the American officers.
- NSA intercepts cell phone app advertising data to locate phones.
- NSA and GCHQ use cookies, including PREF cookies, to identify targets for cyber exploitation.
- US intelligence agencies conduct human intelligence operations within World of Warcraft and Second Life.
- NSA intercepts communications from the SEA-ME-WE-3 and SEA-ME-WE-4 undersea cable systems.
- NSA and GCHQ have used fake internet cafes to collect information about users.
2. Overseas USG locations from which operations are undertaken
- NSA has established two data centers in China to insert malware into target computers.
- A Tailored Access Operations liaison office is located at a US military base near Frankfurt.
- Special Collection Service offices are located at the US embassy in Rome and the US consulate in Milan.
- A Special Collection Service office was located at the US embassy in Berlin. This office closed after the media reported on it in October 2013.
- Special Collection Service offices are located at the US embassies in Paris, Madrid, and Prague, and the US mission in Geneva.
- Special Collection Service offices are located at the US embassies in Mexico City and Brasília.
3. Foreign officials and systems that NSA has targeted
- NSA penetrated the network of Mexico’s Secretariat of Public Security to collect information about drug and human trafficking along the US-Mexico border. This collection stopped after the media reported on it in October 2013.
- NSA and GCHQ have monitored the communications of a variety of charities and intergovernmental organizations, including the UN Development Programme, UNICEF, Médecins du Monde, the Economic Community of West African States, and the European Commission.
- NSA and GCHQ have monitored the communications of several Israeli officials, including the Prime Minister and Defense Minister.
- NSA and GCHQ have monitored the communications of the Thales Group, a defense contractor that is partially owned by the French government.
- NSA has monitored the communications of the Italian embassy in Washington.
- NSA has monitored the communications of UN Secretary General Ban Ki-moon.
- NSA tracks Israeli drones and Black Sparrow missiles.
- NSA has collected draft email messages written by leaders of the Islamic State of Iraq.
- NSA has monitored the communications of the Afghan Ministry of Foreign Affairs and UN officials in Afghanistan.
- NSA has monitored the communications of Venezuela’s Ministry of Planning and Finance.
- NSA and GCHQ have penetrated OPEC‘s network to collect economic data.
- NSA has monitored the communications of German Chancellor Angela Merkel.
- NSA has monitored the communications of the Italian leadership and Ministry of Defense.
- NSA has monitored the communications of the French embassy in Washington and the French mission in New York.
- NSA has monitored the communications of several Mexican and Brazilian officials, including the presidents of both countries.
- NSA has monitored the communications of Petrobas, an oil company that is partially owned by the Brazilian government.
- NSA has penetrated the network of the French Ministry of Foreign Affairs.
- NSA has monitored the communications of Al Jazeera.
- NSA has penetrated Aeroflot‘s reservation system.
- NSA has monitored the unencrypted communications of the Syrian military.
- NSA and GCHQ monitored the communications of several delegations to the 2009 G20 summit in London, including the South African, Turkish, and Russian delegations.
4. Encryption that NSA has broken
- NSA has broken the A5/1 encryption used by many GSM cell phones.
5. Identity of ISPs and platforms that NSA has penetrated or attempted to penetrate
- NSA has developed hardware and software implants for Juniper, Cisco, and Huaweil firewalls.
- NSA has developed software to target the firmware of Western Digital, Seagate, Maxtor and Samsung hard drives.
- NSA has developed hardware and software implants for Dell and HP servers.
- NSA has developed software to target users of Juniper and Huaweil routers.
- NSA has developed an implant for first-generation iPhones that enables downloading and uploading data, activating the phone’s microphone and camera, and locating the phone.
- NSA has developed modified Eastcom and Samsung cell phones, which can be swapped with a target’s own phone of the same model and then used to collect information.
- NSA and GCHQ have penetrated the Xbox Live gaming system to collect information about foreign targets.
- NSA and GCHQ have intercepted communications at communication links outside the United States that connect Google and Yahoo data centers.
- NSA has harvested email and instant messaging contact lists from Yahoo, Hotmail, Facebook, and Gmail.
- NSA and GCHQ have attempted to develop techniques to identify Tor users but have been largely unsuccessful.
- NSA has collected financial transaction information from Visa and SWIFT.
- NSA and GCHQ have developed capabilities to access user data from iPhone, BlackBerry, and Android devices.
6. Identities of cooperating companies and governments
- NSA entered into a contract with RSA to use an NSA formula as the default option for number generation in the Bsafe security software, enabling NSA to penetrate the software more easily. RSA asked consumers to stop using the formula after the Snowden leaks revealed its weaknesses.
- The Norwegian Intelligence Service cooperates with NSA to collect information about Russia, particularly Russian military activities in the Kola Peninsula and Russian energy policy.
- The Communications Security Establishment Canada has established listening posts in approximately twenty countries at NSA’s request.
- The Swedish Defence Radio Establishment cooperates with NSA to collect information about Russia.
- The Australian Signals Directorate has been more willing than other allies to share unminimized bulk metadata with NSA.
- The Communications Security Establishment Canada cooperated with NSA to collect information about the 2010 G20 summit in Toronto.
- The Australian Signals Directorate cooperated with NSA in an attempt to monitor the communications of senior Indonesian officials, including the President, the Vice President, and several ministers.
- As of 2009, NSA was considering establishing an intelligence-sharing relationship with Vietnam.
- NSA has an intelligence-sharing relationship with the Israeli SIGINT National Unit.
- The Communications Security Establishment Canada cooperated with NSA to monitor the communications of Brazil’s Ministry of Mines and Energy.
- NSA has collected international communications from Microsoft, Yahoo, Google, Facebook, PalTalk, YouTube, Skype, AOL, and Apple as part of its PRISM program.
Pingback: The American Panopticon: Why A Free Society Can’t Have Mass Surveillance - Government Denies Knowledge
Pingback: ZeroGov | The Cold Civil War by Bill Buppert