National Security Agency

(Redirected fromNSA)

TheNational Security Agency(NSA) is anintelligence agencyof theUnited States Department of Defense,under the authority of theDirector of National Intelligence(DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for foreign intelligence andcounterintelligencepurposes, specializing in a discipline known assignals intelligence(SIGINT). The NSA is also tasked with theprotectionof U.S. communications networks andinformation systems.[8][9]The NSA relies on a variety of measures to accomplish its mission, the majority of which areclandestine.[10]The NSA has roughly 32,000 employees.[11]

National Security Agency
Seal of the National Security Agency
Flag of the National Security Agency

NSA headquarters inFort Meade, Maryland,c. 1986
Agency overview
FormedNovember 4, 1952;72 years ago(1952-11-04)[1]
Preceding agency
  • Armed Forces Security Agency
HeadquartersFort Meade, Maryland,U.S.
39°6′32″N76°46′17″W/ 39.10889°N 76.77139°W/39.10889; -76.77139
Motto"Defending Our Nation. Securing the Future."
EmployeesClassified (est. 30,000–40,000)[2][3][4][5]
Annual budgetClassified (estimated $10.8 billion, 2013)[6][7]
Agency executives
Parent agencyDepartment of Defense
Websitensa.gov

Originating as a unit to decipher coded communications inWorld War II,it was officially formed as the NSA by PresidentHarry S. Trumanin 1952. Between then and the end of the Cold War, it became the largest of theU.S. intelligence organizationsin terms of personnel and budget, but information available as of 2013 indicates that theCentral Intelligence Agency(CIA) pulled ahead in this regard, with a budget of $14.7 billion.[6][12]The NSA currently conductsworldwide mass data collectionand has been known to physicallybugelectronic systems as one method to this end.[13]The NSA is also alleged to have been behind such attack software asStuxnet,which severely damagedIran's nuclear program.[14][15]The NSA, alongside the CIA, maintains a physical presence in many countries across the globe; the CIA/NSA jointSpecial Collection Service(a highly classified intelligence team) inserts eavesdropping devices in high-value targets (such as presidential palaces or embassies). SCS collection tactics allegedly encompass "close surveillance, burglary, wiretapping, [and] breaking".[16]

Unlike the CIA and theDefense Intelligence Agency(DIA), both of which specialize primarily in foreignhuman espionage,the NSA does not publicly conducthuman intelligence gathering.The NSA is entrusted with assisting with and coordinating, SIGINT elements for other government organizations—which are prevented by Executive Order from engaging in such activities on their own.[17]As part of these responsibilities, the agency has a co-located organization called theCentral Security Service(CSS), which facilitates cooperation between the NSA and other U.S. defensecryptanalysiscomponents. To further ensure streamlined communication between the signalsintelligence communitydivisions, theNSA Directorsimultaneously serves as the Commander of theUnited States Cyber Commandand as Chief of the Central Security Service.

The NSA's actions have been a matter of political controversy on several occasions, includingits spying on anti–Vietnam War leadersand the agency's participation ineconomic espionage.In 2013, the NSA had many of its secret surveillance programsrevealed to the publicbyEdward Snowden,a former NSA contractor. According to the leaked documents, the NSA intercepts and stores the communications of over a billion people worldwide, including United States citizens. The documents also revealed that the NSA tracks hundreds of millions of people's movements using cell phonesmetadata.Internationally, research has pointed to the NSA's ability to surveil the domestic Internet traffic of foreign countries through "boomerang routing".[18]

History

edit

Formation

edit

The origins of the National Security Agency can be traced back to April 28, 1917, three weeks after theU.S. Congressdeclared war on Germany inWorld War I.Acodeandcipherdecryption unit was established as the Cable and Telegraph Section, which was also known as the Cipher Bureau.[19]It was headquartered in Washington, D.C., and was part of the war effort under the executive branch without direct congressional authorization. During the war, it was relocated in the army's organizational chart several times. On July 5, 1917,Herbert O. Yardleywas assigned to head the unit. At that point, the unit consisted of Yardley and twocivilianclerks. It absorbed the Navy'scryptanalysisfunctions in July 1918. World War I ended onNovember 11, 1918,and the army cryptographic section of Military Intelligence (MI-8) moved to New York City on May 20, 1919, where it continued intelligence activities as the Code Compilation Company under the direction of Yardley.[20][21]

The Black Chamber

edit
Black Chamber cryptanalytic work sheet for solving Japanese diplomatic cipher, 1919

After the disbandment of theU.S. Armycryptographic section of military intelligence known as MI-8, the U.S. government created the Cipher Bureau, also known asBlack Chamber,in 1919. The Black Chamber was the United States' first peacetimecryptanalyticorganization.[22]Jointly funded by the Army and the State Department, the Cipher Bureau was disguised as aNew York Citycommercial codecompany; it produced and sold such codes for business use. Its true mission, however, was to break the communications (chiefly diplomatic) of other nations. At theWashington Naval Conference,it aided American negotiators by providing them with the decrypted traffic of many of the conference delegations, including theJapanese.The Black Chamber successfully persuadedWestern Union,the largest U.S.telegramcompany at the time, as well as several other communications companies, to illegally give the Black Chamber access to cable traffic of foreign embassies and consulates.[23]Soon, these companies publicly discontinued their collaboration.

Despite the Chamber's initial successes, it was shut down in 1929 by U.S. Secretary of StateHenry L. Stimson,who defended his decision by stating, "Gentlemen do not read each other's mail."[24]

World War II and its aftermath

edit

DuringWorld War II,theSignal Intelligence Service(SIS) was created to intercept and decipher the communications of theAxis powers.[25]When the war ended, the SIS was reorganized as theArmy Security Agency(ASA), and it was placed under the leadership of the Director of Military Intelligence.[25]

On May 20, 1949, all cryptologic activities were centralized under a national organization called the Armed Forces Security Agency (AFSA).[25]This organization was originally established within theU.S. Department of Defenseunder the command of theJoint Chiefs of Staff.[26]The AFSA was tasked with directing the Department of Defense communications and electronic intelligence activities, except those of U.S.military intelligenceunits.[26]However, the AFSA was unable to centralizecommunications intelligenceand failed to coordinate with civilian agencies that shared its interests, such as theDepartment of State,theCentral Intelligence Agency(CIA) and theFederal Bureau of Investigation(FBI).[26]In December 1951, PresidentHarry S. Trumanordered a panel to investigate how AFSA had failed to achieve its goals. The results of the investigation led to improvements and its redesignation as the National Security Agency.[27]

TheNational Security Councilissued a memorandum of October 24, 1952, that revisedNational Security Council Intelligence Directive (NSCID) 9.On the same day, Truman issued a second memorandum that called for the establishment of the NSA.[28]The actual establishment of the NSA was done by a November 4 memo byRobert A. Lovett,theSecretary of Defense,changing the name of the AFSA to the NSA, and making the new agency responsible for all communications intelligence.[29]Since President Truman's memo was aclassifieddocument,[28]the existence of the NSA was not known to the public at that time. Due to its ultra-secrecy, the U.S. intelligence community referred to the NSA as "No Such Agency".[30]

Vietnam War

edit

In the 1960s, the NSA played a key role in expanding U.S. commitment to theVietnam Warby providing evidence of aNorth Vietnameseattack on the American destroyerUSSMaddoxduring theGulf of Tonkin incident.[31]

A secret operation, code-named "MINARET",was set up by the NSA to monitor the phone communications of SenatorsFrank ChurchandHoward Baker,as well as key leaders of thecivil rights movement,includingMartin Luther King Jr.,and prominent U.S. journalists and athletes who criticized theVietnam War.[32]However, the project turned out to be controversial, and an internal review by the NSA concluded that its Minaret program was "disreputable if not outright illegal".[32]

The NSA mounted a major effort to secure tactical communications among U.S. forces during the war with mixed success. TheNESTORfamily of compatiblesecure voicesystems it developed was widely deployed during theVietnam War,with about 30,000 NESTOR sets produced. However, a variety of technical and operational problems limited their use, allowing the North Vietnamese to exploit and intercept U.S. communications.[33] : Vol I, p.79 

Church Committee hearings

edit

In the aftermath of theWatergate scandal,a congressional hearing in 1975 led by SenatorFrank Church[34]revealed that the NSA, in collaboration with Britain's SIGINT intelligence agency,Government Communications Headquarters(GCHQ), had routinely intercepted the international communications of prominent anti-Vietnam war leaders such asJane Fondaand Dr.Benjamin Spock.[35]The NSA tracked these individuals in a secret filing system that was destroyed in 1974.[36]Following the resignation of PresidentRichard Nixon,there were several investigations into suspected misuse of FBI, CIA and NSA facilities.[37]SenatorFrank Churchuncovered previously unknown activity,[37]such as a CIA plot (ordered by the administration of PresidentJohn F. Kennedy) to assassinateFidel Castro.[38]The investigation also uncovered NSA's wiretaps on targeted U.S. citizens.[39]

After the Church Committee hearings, theForeign Intelligence Surveillance Actof 1978 was passed. This was designed to limit the practice ofmass surveillance in the United States.[37]

From 1980s to 1990s

edit

In 1986, the NSA intercepted the communications of the Libyan government during the immediate aftermath of theBerlin discotheque bombing.TheWhite Houseasserted that the NSA interception had provided "irrefutable" evidence that Libya was behind the bombing, which U.S. PresidentRonald Reagancited as a justification for the1986 United States bombing of Libya.[40][41]

In 1999, a multi-year investigation by the European Parliament highlighted the NSA's role in economic espionage in a report entitled 'Development of Surveillance Technology and Risk of Abuse of Economic Information'.[42]That year, the NSA founded theNSA Hall of Honor,a memorial at theNational Cryptologic Museumin Fort Meade, Maryland.[43]The memorial is a, "tribute to the pioneers and heroes who have made significant and long-lasting contributions to American cryptology".[43]NSA employees must be retired for more than fifteen years to qualify for the memorial.[43]

NSA's infrastructure deteriorated in the 1990s as defense budget cuts resulted in maintenance deferrals. On January 24, 2000, NSA headquarters suffered a total network outage for three days caused by an overloaded network. Incoming traffic was successfully stored on agency servers, but it could not be directed and processed. The agency carried out emergency repairs for $3 million to get the system running again. (Some incoming traffic was also directed instead to Britain'sGCHQfor the time being.) DirectorMichael Haydencalled the outage a "wake-up call" for the need to invest in the agency's infrastructure.[44]

In the 1990s the defensive arm of the NSA—the Information Assurance Directorate (IAD)—started working more openly; the first public technical talk by an NSA scientist at a major cryptography conference was J. Solinas' presentation on efficientElliptic Curve Cryptographyalgorithms at Crypto 1997.[45]The IAD's cooperative approach to academia and industry culminated in its support for atransparent processfor replacing the outdatedData Encryption Standard(DES) by anAdvanced Encryption Standard(AES). Cybersecurity policy expertSusan Landauattributes the NSA's harmonious collaboration with industry and academia in the selection of the AES in 2000—and the Agency's support for the choice of a strong encryption algorithm designed by Europeans rather than by Americans—toBrian Snow,who was the Technical Director of IAD and represented the NSA as cochairman of the Technical Working Group for the AES competition, and Michael Jacobs, who headed IAD at the time.[46]: 75 

After theterrorist attacks of September 11, 2001,the NSA believed that it had public support for a dramatic expansion of its surveillance activities.[47]According toNeal KoblitzandAlfred Menezes,the period when the NSA was a trusted partner with academia and industry in the development of cryptographic standards started to come to an end when, as part of the change in the NSA in the post-September 11 era, Snow was replaced as Technical Director, Jacobs retired, and IAD could no longer effectively oppose proposed actions by the offensive arm of the NSA.[48]

War on Terror

edit

In the aftermath of theSeptember 11 attacks,the NSA created new IT systems to deal with the flood of information from new technologies like the Internet and cell phones.ThinThreadcontained advanceddata miningcapabilities. It also had a "privacy mechanism"; surveillance was stored encrypted; decryption required a warrant. The research done under this program may have contributed to the technology used in later systems. ThinThread was canceled when Michael Hayden choseTrailblazer,which did not include ThinThread's privacy system.[49]

Trailblazer Projectramped up in 2002 and was worked on byScience Applications International Corporation(SAIC),Boeing,Computer Sciences Corporation,IBM,andLitton Industries.Some NSAwhistleblowerscomplained internally about major problems surrounding Trailblazer. This led to investigations by Congress and the NSA and DoDInspectors General.The project was canceled in early 2004.

Turbulencestarted in 2005. It was developed in small, inexpensive "test" pieces, rather than one grand plan like Trailblazer. It also included offensive cyber-warfare capabilities, like injectingmalwareinto remote computers. Congress criticized Turbulence in 2007 for having similar bureaucratic problems as Trailblazer.[50]It was to be a realization of information processing at higher speeds in cyberspace.[51]

Global surveillance disclosures

edit

The massive extent of the NSA's spying, both foreign and domestic, was revealed to the public in a series of detailed disclosures of internal NSA documents beginning in June 2013. Most of the disclosures were leaked by former NSA contractorEdward Snowden.On 4 September 2020, the NSA's surveillance program was ruled unlawful by theUS Court of Appeals.The court also added that the US intelligence leaders, who publicly defended it, were not telling the truth.[52]

Mission

edit

NSA'seavesdroppingmission includes radio broadcasting, both from various organizations and individuals, the Internet, telephone calls, and other intercepted forms of communication. Its secure communications mission includes military, diplomatic, and all other sensitive, confidential, or secret government communications.[53]

According to a 2010 article inThe Washington Post,"every day, collection systems at the National Security Agency intercept and store 1.7 billion e-mails, phone calls and other types of communications. The NSA sorts a fraction of those into 70 separate databases."[54]

Because of its listening task, NSA/CSS has been heavily involved incryptanalyticresearch, continuing the work of predecessor agencies which had broken many World War IIcodesandciphers(see, for instance,Purple,Venona project,andJN-25).

In 2004, NSACentral Security Serviceand theNational Cyber Security Divisionof theDepartment of Homeland Security(DHS) agreed to expand the NSA Centers of Academic Excellence in Information Assurance Education Program.[55]

As part of theNational Security Presidential Directive54/Homeland Security Presidential Directive 23 (NSPD 54), signed on January 8, 2008, by President Bush, the NSA became the lead agency to monitor and protect all of the federal government's computer networks fromcyber-terrorism.[9]

A part of the NSA's mission is to serve as acombat support agencyfor the Department of Defense.[56]

Operations

edit

Operations by the National Security Agency can be divided into three types:

  • Collection overseas, which falls under the responsibility of the Global Access Operations (GAO) division.
  • Domestic collection, which falls under the responsibility of theSpecial Source Operations(SSO) division.
  • Hacking operations, which fall under the responsibility of theTailored Access Operations(TAO) division.

Collection overseas

edit

Echelon

edit

"Echelon" was created in the incubator of theCold War.[57]Today it is alegacy system,and several NSA stations are closing.[58]

NSA/CSS, in combination with the equivalent agencies in the United Kingdom (Government Communications Headquarters), Canada (Communications Security Establishment), Australia (Australian Signals Directorate), and New Zealand (Government Communications Security Bureau), otherwise known as theUKUSAgroup,[59]was reported to be in command of the operation of the so-calledECHELONsystem. Its capabilities were suspected to include the ability to monitor a large proportion of the world's transmitted civilian telephone, fax, and data traffic.[60]

During the early 1970s, the first of what became more than eight large satellite communications dishes were installed at Menwith Hill.[61]Investigative journalistDuncan Campbellreported in 1988 on the "ECHELON"surveillance program, an extension of theUKUSA Agreementon global signals intelligenceSIGINT,and detailed how the eavesdropping operations worked.[62]On November 3, 1999, the BBC reported that they had confirmation from the Australian Government of the existence of a powerful "global spying network" code-named Echelon, that could "eavesdrop on every single phone call, fax or e-mail, anywhere on the planet" with Britain and the United States as the chief protagonists. They confirmed that Menwith Hill was "linked directly to the headquarters of the US National Security Agency (NSA) at Fort Meade in Maryland".[63]

NSA's United States Signals Intelligence Directive 18 (USSID 18) strictly prohibited the interception or collection of information about "...U.S. persons,entities, corporations or organizations.... "without explicit written legal permission from theUnited States Attorney Generalwhen the subject is located abroad, or theForeign Intelligence Surveillance Courtwhen within U.S. borders. Alleged Echelon-related activities, including its use for motives other than national security, including political andindustrial espionage,received criticism from countries outside the UKUSA alliance.[64]

Protesters against NSA data mining inBerlinwearingChelsea ManningandEdward Snowdenmasks

Other SIGINT operations overseas

edit

The NSA was also involved in planning to blackmail people with "SEXINT",intelligence gained about a potential target's sexual activity and preferences. Those targeted had not committed any apparent crime nor were they charged with one.[65]

To support itsfacial recognitionprogram, the NSA is intercepting "millions of images per day".[66]

TheReal Time Regional Gatewayis a data collection program introduced in 2005 in Iraq by the NSA during theIraq Warthat consisted of gathering all electronic communication, storing it, then searching and otherwise analyzing it. It was effective in providing information about Iraqi insurgents who had eluded less comprehensive techniques.[67]This "collect it all" strategy introduced by NSA director,Keith B. Alexander,is believed byGlenn GreenwaldofThe Guardianto be the model for the comprehensive worldwide mass archiving of communications which NSA is engaged in as of 2013.[68]

A dedicated unit of the NSA locates targets for theCIAfor extrajudicial assassination in the Middle East.[69]The NSA has also spied extensively on the European Union, the United Nations, and numerous governments including allies and trading partners in Europe, South America, and Asia.[70][71]In June 2015,WikiLeakspublished documents showing that NSA spied onFrenchcompanies.[72]WikiLeaks also published documents showing that NSA spied on federal German ministries since the 1990s.[73][74]Even Germany's ChancellorAngela Merkel's cellphones and phones of her predecessors had been intercepted.[75]

Boundless Informant

edit

Edward Snowdenrevealed in June 2013 that between February 8 and March 8, 2013, the NSA collected about 124.8 billion telephone data items and 97.1 billion computer data items throughout the world, as was displayed in charts from an internal NSA tool codenamedBoundless Informant.Initially, it was reported that some of these data reflected eavesdropping on citizens in countries like Germany, Spain, and France,[76]but later on, it became clear that those data were collected by European agencies during military missions abroad and were subsequently shared with NSA.

Bypassing encryption

edit

In 2013, reporters uncovered a secret memo that claims the NSA created and pushed for the adoption of theDual EC DRBGencryption standard that contained built-in vulnerabilities in 2006 to the United StatesNational Institute of Standards and Technology(NIST), and theInternational Organization for Standardization(aka ISO).[77][78]This memo appears to give credence to previous speculation by cryptographers atMicrosoft Research.[79]Edward Snowdenclaims that the NSA often bypasses encryption altogether by lifting information before it is encrypted or after it is decrypted.[78]

XKeyscorerules (as specified in a file xkeyscorerules100.txt, sourced by German TV stationsNDRandWDR,who claim to have excerpts from its source code) reveal that the NSA tracks users of privacy-enhancing software tools, includingTor;an anonymous email service provided by theMIT Computer Science and Artificial Intelligence Laboratory(CSAIL) in Cambridge, Massachusetts; and readers of theLinux Journal.[80][81]

Software backdoors

edit

Linus Torvalds,the founder ofLinux kernel,joked during aLinuxConkeynote on September 18, 2013, that the NSA, who is the founder ofSELinux,wanted a backdoor in the kernel.[82]However, later, Linus' father, aMember of the European Parliament(MEP), revealed that the NSA actually did this.[83]

When my oldest son was asked the same question: "Has he been approached by the NSA about backdoors?" he said "No", but at the same time he nodded. Then he was sort of in the legal free. He had given the right answer, everybody understood that the NSA had approached him.

— Nils Torvalds,LIBECommittee Inquiry on Electronic Mass Surveillance of EU Citizens – 11th Hearing, 11 November 2013[84]

IBM Noteswas the first widely adopted software product to usepublic key cryptographyfor client-server and server–server authentication and encryption of data. Until US laws regulating encryption were changed in 2000, IBM andLotuswere prohibited from exporting versions of Notes that supportedsymmetric encryptionkeys that were longer than 40 bits. In 1997, Lotus negotiated an agreement with the NSA that allowed the export of a version that supported stronger keys with 64 bits, but 24 of the bits were encrypted with a special key and included in the message to provide a "workload reduction factor" for the NSA. This strengthened the protection for users of Notes outside the US against private-sectorindustrial espionage,but not against spying by the US government.[85][86]

Boomerang routing

edit

While it is assumed that foreign transmissions terminating in the U.S. (such as a non-U.S. citizen accessing a U.S. website) subject non-U.S. citizens to NSA surveillance, recent research into boomerang routing has raised new concerns about the NSA's ability to surveil the domestic Internet traffic of foreign countries.[18]Boomerang routing occurs when an Internet transmission that originates and terminates in a single country transits another. Research at theUniversity of Torontohas suggested that approximately 25% of Canadian domestic traffic may be subject to NSA surveillance activities as a result of the boomerang routing of CanadianInternet service providers.[18]

Hardware implanting

edit
Intercepted packages are opened carefully by NSA employees
A "load station" implanting a beacon

A document included in NSA files released withGlenn Greenwald's bookNo Place to Hidedetails how the agency'sTailored Access Operations(TAO) and other NSA units gain access to hardware. They interceptrouters,servers,and othernetwork hardwarebeing shipped to organizations targeted for surveillance and install covert implant firmware onto them before they are delivered. This was described by an NSA manager as "some of the most productive operations in TAO because they preposition access points into hard target networks around the world."[87]

Computers seized by the NSA due tointerdictionare often modified with a physical device known as Cottonmouth.[88]Cottonmouth is a device that can be inserted in the USB port of a computer to establish remote access to the targeted machine. According to the NSA's Tailored Access Operations (TAO) group implant catalog, after implanting Cottonmouth, the NSA can establish anetwork bridge"that allows the NSA to load exploit software onto modified computers as well as allowing the NSA to relay commands and data between hardware and software implants."[89]

Domestic collection

edit

NSA's mission, as outlined inExecutive Order 12333in 1981, is to collect information that constitutes "foreign intelligence or counterintelligence" whilenot"acquiring information concerning the domestic activities ofUnited States persons".NSA has declared that it relies on the FBI to collect information on foreign intelligence activities within the borders of the United States while confining its activities within the United States to the embassies and missions of foreign nations.[90]

The appearance of a 'Domestic Surveillance Directorate' of the NSA was soon exposed as a hoax in 2013.[91][92]

NSA's domestic surveillance activities are limited by the requirements imposed by theFourth Amendment to the U.S. Constitution.TheForeign Intelligence Surveillance Courtfor example held in October 2011, citing multiple Supreme Court precedents, that the Fourth Amendment prohibitions against unreasonable searches and seizures apply to the contents of all communications, whatever the means, because "a person's private communications are akin to personal papers."[93]However, these protections do not apply to non-U.S. persons located outside of U.S. borders, so the NSA's foreign surveillance efforts are subject to far fewer limitations under U.S. law.[94]The specific requirements for domestic surveillance operations are contained in theForeign Intelligence Surveillance Actof 1978 (FISA), which does not extend protection to non-U.S. citizens located outside ofU.S. territory.[94]

President's Surveillance Program

edit

George W. Bush,president during the9/11 terrorist attacks,approved thePatriot Actshortly after the attacks to take anti-terrorist security measures.Titles 1,2,and9specifically authorized measures that would be taken by the NSA. These titles granted enhanced domestic security against terrorism, surveillance procedures, and improved intelligence, respectively. On March 10, 2004, there was a debate between President Bush and White House CounselAlberto Gonzales,Attorney GeneralJohn Ashcroft,and Acting Attorney GeneralJames Comey.The Attorneys General were unsure if the NSA's programs could be considered constitutional. They threatened to resign over the matter, but ultimately the NSA's programs continued.[95]On March 11, 2004, President Bush signed a new authorization for mass surveillance of Internet records, in addition to the surveillance of phone records. This allowed the president to be able to override laws such as theForeign Intelligence Surveillance Act,which protected civilians from mass surveillance. In addition to this, President Bush also signed that the measures of mass surveillance were also retroactively in place.[96][97]

One such surveillance program, authorized by the U.S. Signals Intelligence Directive 18 of President George Bush, was the Highlander Project undertaken for the National Security Agency by the U.S. Army513th Military Intelligence Brigade.NSA relayed telephone (including cell phone) conversations obtained from ground, airborne, and satellite monitoring stations to various U.S. Army Signal Intelligence Officers, including the201st Military Intelligence Battalion.Conversations of citizens of the U.S. were intercepted, along with those of other nations.[98]

Proponents of the surveillance program claim that the President hasexecutive authorityto order such action[citation needed],arguing that laws such as FISA are overridden by the President's Constitutional powers. In addition, some argued that FISA was implicitly overridden by a subsequent statute, theAuthorization for Use of Military Force,although the Supreme Court's ruling inHamdan v. Rumsfelddeprecates this view.[99]

The PRISM program

edit
PRISM: aclandestinesurveillanceprograms under which the NSA collects large amounts of user data from companies such asFacebookandMicrosoft.

Under thePRISMprogram, which started in 2007,[100][101]NSA gathers Internet communications from foreign targets from nine major U.S. Internet-based communication service providers:Microsoft,[102]Yahoo,Google,Facebook,PalTalk,AOL,Skype,YouTubeandApple.Data gathered include email, videos, photos,VoIPchats such asSkype,and file transfers.

Former NSA director General Keith Alexander claimed that in September 2009 the NSA preventedNajibullah Zaziand his friends from carrying out a terrorist attack.[103]However, no evidence has been presented demonstrating that the NSA has ever been instrumental in preventing a terrorist attack.[104][105][106][107]

The FASCIA database

edit

FASCIAis adatabasecreated and used by the U.S. National Security Agency that contains trillions of device-location records that are collected from a variety of sources.[108]Its existence was revealed during the 2013global surveillance disclosurebyEdward Snowden.[109]

The FASCIA database stores various types of information, includingLocation Area Codes(LACs),Cell Tower IDs(CeLLIDs),Visitor Location Registers(VLRs),International Mobile Station Equipment Identity(IMEIs) andMSISDNs(Mobile Subscriber Integrated Services Digital Network-Numbers).[110][109]Over about seven months, more than 27terabytesof location data were collected and stored in the database.[111]

Hacking operations

edit

Besides the more traditional ways of eavesdropping to collect signals intelligence, the NSA is also engaged inhackingcomputers, smartphones, and their networks. A division that conducts such operations is theTailored Access Operations(TAO) division, which has been active since at least circa 1998.[112]

According to theForeign Policymagazine, "... the Office of Tailored Access Operations, or TAO, has successfully penetrated Chinese computer and telecommunications systems for almost 15 years, generating some of the best and most reliable intelligence information about what is going on inside the People's Republic of China."[113][114]

In an interview withWiredmagazine, Edward Snowden said the Tailored Access Operations division accidentally causedSyria's internet blackout in 2012.[115]

Organizational structure

edit
Timothy D. Haugh,the director of the NSA

The NSA is led by theDirector of the National Security Agency(DIRNSA), who also serves as Chief of theCentral Security Service(CHCSS) and Commander of theUnited States Cyber Command(USCYBERCOM) and is the highest-ranking military official of these organizations. He is assisted by aDeputy Director,who is the highest-ranking civilian within the NSA/CSS.

NSA also has anInspector General,head of the Office of the Inspector General (OIG);[116]aGeneral Counsel,head of the Office of the General Counsel (OGC); and a Director of Compliance, who is head of the Office of the Director of Compliance (ODOC).[117]TheNational Security Agency Office of Inspector Generalhas worked on cases in collaboration with theUnited States Department of Justiceand theCentral Intelligence Agency Office of Inspector General.[118]

Unlike other intelligence organizations such as theCIAorDIA,the NSA has always been particularly reticent concerning its internal organizational structure.[citation needed]

As of the mid-1990s, the National Security Agency was organized into five Directorates:

  • The Operations Directorate, which was responsible for SIGINT collection and processing.
  • The Technology and Systems Directorate, which develops new technologies for SIGINT collection and processing.
  • The Information Systems Security Directorate, which was responsible for NSA's communications andinformation securitymissions.
  • The Plans, Policy, and Programs Directorate, which provided staff support and general direction for the Agency.
  • The Support Services Directorate, which provided logistical and administrative support activities.[119]

Each of these directorates consisted of several groups or elements, designated by a letter. There were for example the A Group, which was responsible for all SIGINT operations against the Soviet Union and Eastern Europe, and the G Group, which was responsible for SIGINT related to all non-communist countries. These groups were divided into units designated by an additional number, like unit A5 for breaking Soviet codes, and G6, being the office for the Middle East, North Africa, Cuba, and Central and South America.[120][121]

Directorates

edit

As of 2013,NSA has about a dozen directorates, which are designated by a letter, although not all of them are publicly known.[122]

In the year 2000, a leadership team was formed consisting of the director, the deputy director, and the directors of the Signals Intelligence (SID), the Information Assurance (IAD) and the Technical Directorate (TD). The chiefs of other main NSA divisions became associate directors of the senior leadership team.[123]

After President George W. Bush initiated thePresident's Surveillance Program(PSP) in 2001, the NSA created a 24-hour Metadata Analysis Center (MAC), followed in 2004 by the Advanced Analysis Division (AAD), with the mission of analyzing content, Internet metadata and telephone metadata. Both units were part of the Signals Intelligence Directorate.[124]

A 2016 proposal would combine the Signals Intelligence Directorate with the Information Assurance Directorate into a Directorate of Operations.[125]

NSANet

edit
Behind the Green Door– Secure communications room with separate computer terminals for access toSIPRNet,GWAN,NSANet,andJWICS

NSANet stands for National Security Agency Network and is the official NSA intranet.[126]It is a classified network,[127]for information up to the level ofTS/SCI[128]to support the use and sharing of intelligence data between NSA and the signals intelligence agencies of the four other nations of theFive Eyespartnership. The management of NSANet has been delegated to theCentral Security ServiceTexas (CSSTEXAS).[129]

NSANet is a highly secured computer network consisting of fiber-optic and satellite communication channels that are almost completely separated from the public Internet. The network allows NSA personnel and civilian and military intelligence analysts anywhere in the world to have access to the agency's systems and databases. This access is tightly controlled and monitored. For example, every keystroke is logged, activities are audited at random, and downloading and printing of documents from NSANet are recorded.[130]

In 1998, NSANet, along withNIPRNetandSIPRNet,had "significant problems with poor search capabilities, unorganized data, and old information".[131]In 2004, the network was reported to have used over twentycommercial off-the-shelfoperating systems.[132]Some universities that do highly sensitive research are allowed to connect to it.[133]

The thousands of Top Secret internal NSA documents that were taken byEdward Snowdenin 2013 were stored in "a file-sharing location on the NSA's intranet site"; so, they could easily be read online by NSA personnel. Everyone with a TS/SCI clearance had access to these documents. As a system administrator, Snowden was responsible for moving accidentally misplaced highly sensitive documents to safer storage locations.[134]

Watch centers

edit

The NSA maintains at least two watch centers:

  • National Security Operations Center(NSOC), which is the NSA's current operations center and focal point for time-sensitive SIGINT reporting for the United States SIGINT System (USSS). This center was established in 1968 as the National SIGINT Watch Center (NSWC) and was renamed into National SIGINT Operations Center (NSOC) in 1973. This "nerve center of the NSA" got its current name in 1996.[citation needed]
  • NSA/CSS Threat Operations Center (NTOC), which is the primary NSA/CSS partner forDepartment of Homeland Securityresponse to cyber incidents. The NTOC establishes real-time network awareness and threat characterization capabilities to forecast, alert, and attribute malicious activity and enable the coordination of Computer Network Operations. The NTOC was established in 2004 as a joint Information Assurance and Signals Intelligence project.[135]

NSA Police

edit

The NSA has its police force, known asNSA Police(and formerly asNSA Security Protective Force) which provides law enforcement services, emergency response, and physical security to the NSA's people and property.[136]

NSA Police are armed federal officers. NSA Police has a K9 division, which generally conducts explosive detection screening of mail, vehicles, and cargo entering NSA grounds.[137]

NSA Police use marked vehicles to carry out patrols.[138]

Employees

edit

The number of NSA employees is officially classified[4]but there are several sources providing estimates. In 1961, the NSA had 59,000 military and civilian employees, which grew to 93,067 in 1969, of which 19,300 worked at the headquarters at Fort Meade. In the early 1980s, NSA had roughly 50,000 military and civilian personnel. By 1989 this number had grown again to 75,000, of which 25,000 worked at the NSA headquarters. Between 1990 and 1995 the NSA's budget and workforce were cut by one-third, which led to a substantial loss of experience.[139]

In 2012, the NSA said more than 30,000 employees worked at Fort Meade and other facilities.[2]In 2012,John C. Inglis,the deputy director, said that the total number of NSA employees is "somewhere between 37,000 and one billion" as a joke,[4]and stated that the agency is "probably the biggest employer ofintroverts."[4]In 2013Der Spiegelstated that the NSA had 40,000 employees.[5]More widely, it has been described as the world's largest single employer ofmathematicians.[140]Some NSA employees form part of the workforce of theNational Reconnaissance Office(NRO), the agency that provides the NSA with satellitesignals intelligence.

As of 2013 about 1,000system administratorswork for the NSA.[141]

Personnel security

edit

The NSA received criticism early on in 1960 after two agents had defected to theSoviet Union.Investigations by theHouse Un-American Activities Committeeand a special subcommittee of theUnited States House Committee on Armed Servicesrevealed severe cases of ignorance of personnel security regulations, prompting the former personnel director and the director of security to step down and leading to the adoption of stricter security practices.[142]Nonetheless, security breaches reoccurred only a year later when in an issue ofIzvestiaof July 23, 1963, a former NSA employee published several cryptologic secrets.

The very same day, an NSA clerk-messenger committedsuicideas ongoing investigations disclosed that he had sold secret information to the Soviets regularly. The reluctance of congressional houses to look into these affairs prompted a journalist to write, "If a similar series of tragic blunders occurred in any ordinary agency of Government an aroused public would insist that those responsible be officially censured, demoted, or fired."David Kahncriticized the NSA's tactics of concealing its doings as smug and the Congress' blind faith in the agency's right-doing as shortsighted, and pointed out the necessity of surveillance by the Congress to prevent abuse of power.[142]

Edward Snowden's leaking of the existence ofPRISMin 2013 caused the NSA to institute a "two-man rule",where two system administrators are required to be present when one accesses certain sensitive information.[141]Snowden claims he suggested such a rule in 2009.[143]

Polygraphing

edit
Defense Security Service(DSS) polygraph brochure given to NSA applicants

The NSA conductspolygraphtests of employees. For new employees, the tests are meant to discover enemy spies who are applying to the NSA and to uncover any information that could make an applicant pliant to coercion.[144]As part of the latter, historicallyEPQsor "embarrassing personal questions" about sexual behavior had been included in the NSA polygraph.[144]The NSA also conducts five-year periodic reinvestigation polygraphs of employees, focusing on counterintelligence programs. In addition, the NSA conducts periodic polygraph investigations to find spies and leakers; those who refuse to take them may receive "termination of employment", according to a 1982 memorandum from the director of the NSA.[145]

NSA-produced video on the polygraph process

There are also "special access examination" polygraphs for employees who wish to work in highly sensitive areas, and those polygraphs cover counterintelligence questions and some questions about behavior.[145]NSA's brochure states that the average test length is between two and four hours.[146]A 1983 report of theOffice of Technology Assessmentstated that "It appears that the NSA [National Security Agency] (and possibly CIA) use the polygraph not to determine deception or truthfulness per se, but as a technique of interrogation to encourage admissions."[147]Sometimes applicants in the polygraph process confess to committing felonies such as murder, rape, and selling of illegal drugs. Between 1974 and 1979, of the 20,511 job applicants who took polygraph tests, 695 (3.4%) confessed to previous felony crimes; almost all of those crimes had been undetected.[144]

In 2010 the NSA produced a video explaining its polygraph process.[148]The video, ten minutes long, is titled "The Truth About the Polygraph" and was posted to the Web site of theDefense Security Service.Jeff Stein ofThe Washington Postsaid that the video portrays "various applicants, or actors playing them—it's not clear—describing everything bad they had heard about the test, the implication being that none of it is true."[149]AntiPolygraph.org argues that the NSA-produced video omits some information about the polygraph process; it produced a video responding to the NSA video.[148][150]George Maschke, the founder of the Web site, accused the NSA polygraph video of being "Orwellian".[149]

A 2013 article indicated that afterEdward Snowdenrevealed his identity in 2013, the NSA began requiring polygraphing of employees once per quarter.[151]

Arbitrary firing

edit

The number of exemptions from legal requirements has been criticized. When in 1964 Congress was hearing a bill giving the director of the NSA the power to fire at will any employee,The Washington Postwrote: "This is the very definition of arbitrariness. It means that an employee could be discharged and disgraced based on anonymous allegations without the slightest opportunity to defend himself." Yet, the bill was accepted by an overwhelming majority.[142]Also, every person hired to a job in the US after 2007, at any private organization, state or federal government agency,mustbe reported to theNew Hire Registry,ostensibly to look forchild supportevaders,exceptthat employees of an intelligence agency may be excluded from reporting if the director deems it necessary for national security reasons.[152]

Facilities

edit

Headquarters

edit

History of headquarters

edit
Headquarters atFort Meadecirca 1950s

When the agency was first established, its headquarters and cryptographic center were in the Naval Security Station in Washington, D.C. The COMINT functions were located inArlington HallinNorthern Virginia,which served as the headquarters of theU.S. Army's cryptographic operations.[153]Because theSoviet Unionhad detonated a nuclear bomb and because the facilities were crowded, the federal government wanted to move several agencies, including the AFSA/NSA. A planning committee consideredFort Knox,butFort Meade,Maryland,was ultimately chosen as NSA headquarters because it was far enough away from Washington, D.C. in case of a nuclear strike and was close enough so its employees would not have to move their families.[154]

Construction of additional buildings began after the agency occupied buildings at Fort Meade in the late 1950s, which they soon outgrew.[154]In 1963 the new headquarters building, nine stories tall, opened. NSA workers referred to the building as the "Headquarters Building" and since the NSA management occupied the top floor, workers used "Ninth Floor" to refer to their leaders.[155]COMSEC remained in Washington, D.C., until its new building was completed in 1968.[154]In September 1986, the Operations 2A and 2B buildings, both copper-shielded to preventeavesdropping,opened with a dedication by PresidentRonald Reagan.[156]The four NSA buildings became known as the "Big Four."[156]The NSA director moved to 2B when it opened.[156]

National Security Agency headquarters in Fort Meade, 2013

Headquarters for the National Security Agency is located at39°6′32″N76°46′17″W/ 39.10889°N 76.77139°W/39.10889; -76.77139inFort George G. Meade,Maryland,although it is separate from other compounds and agencies that are based within this same military installation. Fort Meade is about 20 mi (32 km) southwest ofBaltimore,[157]and 25 mi (40 km) northeast of Washington, D.C.[158]The NSA has two dedicated exits offBaltimore–Washington Parkway.The Eastbound exit from the Parkway (heading toward Baltimore) is open to the public and provides employee access to its main campus and public access to the National Cryptology Museum. The Westbound side exit, (heading toward Washington) is labeled "NSA Employees Only".[159][160]The exit may only be used by people with the proper clearances, and security vehicles parked along the road guard the entrance.[161]

NSA is the largest employer in the state of Maryland, and two-thirds of its personnel work at Fort Meade.[162]Built on 350 acres (140 ha; 0.55 sq mi)[163]of Fort Meade's 5,000 acres (2,000 ha; 7.8 sq mi),[164]the site has 1,300 buildings and an estimated 18,000 parking spaces.[158][165]

NSA headquarters building inFort Meade(left),NSOC(right)

The main NSA headquarters and operations building is whatJames Bamford,author ofBody of Secrets,describes as "a modern boxy structure" that appears similar to "any stylish office building."[166]The building is covered with one-way dark glass, which is lined with copper shielding to prevent espionage by trapping in signals and sounds.[166]It contains 3,000,000 square feet (280,000 m2), or more than 68 acres (28 ha), of floor space; Bamford said that theU.S. Capitol"could easily fit inside it four times over."[166]

The facility has over 100 watchposts,[167]one of them being the visitor control center, a two-story area that serves as the entrance.[166]At the entrance, a white pentagonal structure,[168]visitor badges are issued to visitors and security clearances of employees are checked.[169]The visitor center includes a painting of the NSA seal.[168]

The OPS2A building, the tallest building in the NSA complex and the location of much of the agency's operations directorate is accessible from the visitor center. Bamford described it as a "dark glassRubik's Cube".[170]The facility's "red corridor" houses non-security operations such as concessions and the drug store. The name refers to the "red badge" which is worn by someone without a security clearance. The NSA headquarters includes a cafeteria, a credit union, ticket counters for airlines and entertainment, a barbershop, and a bank.[168]NSA headquarters has its own post office, fire department, and police force.[171][172][173]

The employees at the NSA headquarters reside in various places in theBaltimore-Washington area,includingAnnapolis,Baltimore, andColumbiain Maryland and the District of Columbia, including theGeorgetowncommunity.[174]The NSA maintains a shuttle service from theOdenton stationofMARCto its Visitor Control Center and has done so since 2005.[175]

Power consumption

edit
Due to massive amounts ofdata processing,NSA is the largest electricity consumer inMaryland.[162]

Following a major power outage in 2000, in 2003, and follow-ups through 2007,The Baltimore Sunreported that the NSA was at risk of electrical overload because of insufficient internal electrical infrastructure at Fort Meade to support the amount of equipment being installed. This problem was apparently recognized in the 1990s but not made a priority, and "now the agency's ability to keep its operations going is threatened."[176]

On August 6, 2006,The Baltimore Sunreported that the NSA had completely maxed out the grid and that Baltimore Gas & Electric (BGE, nowConstellation Energy) was unable to sell them any more power.[177]NSA decided to move some of its operations to a new satellite facility.

BGE provided NSA with 65 to 75megawattsat Fort Meade in 2007 and expected that an increase of 10 to 15 megawatts would be needed later that year.[178]In 2011, the NSA was Maryland's largest consumer of power.[162]In 2007, as BGE's largest customer, NSA bought as much electricity asAnnapolis,the capital city of Maryland.[176]

One estimate put the potential for power consumption by the newUtah Data CenteratUS$40 million per year.[179]

Computing assets

edit

In 1995,The Baltimore Sunreported that the NSA is the owner of the single largest group ofsupercomputers.[180]

NSA held a groundbreaking ceremony at Fort Meade in May 2013 for its High-Performance Computing Center 2, expected to open in 2016.[181]Called Site M, the center has a 150-megawatt power substation, 14 administrative buildings and 10 parking garages.[171]It cost $3.2 billion and covers 227 acres (92 ha; 0.355 sq mi).[171]The center is 1,800,000 square feet (17 ha; 0.065 sq mi)[171]and initially uses 60 megawatts of electricity.[182]

Increments II and III are expected to be completed by 2030 and would quadruple the space, covering 5,800,000 square feet (54 ha; 0.21 sq mi) with 60 buildings and 40 parking garages.[171]Defense contractorsare also establishing or expandingcybersecurityfacilities near the NSA and around theWashington metropolitan area.[171]

National Computer Security Center

edit

The DoD Computer Security Center was founded in 1981 and renamed the National Computer Security Center (NCSC) in 1985. NCSC was responsible for computer security throughout the federal government.[183]NCSC was part of NSA,[184]and during the late 1980s and the 1990s, NSA and NCSC publishedTrusted Computer System Evaluation Criteriain a six-foot highRainbow Seriesof books that detailed trusted computing and network platform specifications.[185]The Rainbow books were replaced by theCommon Criteria,however, in the early 2000s.[185]

Other facilities

edit
Buckley Space Force Basein Colorado
Utah Data Center

As of 2012, NSA collected intelligence from fourgeostationary satellites.[179]Satellite receivers were atRoaring Creek StationinCatawissa, PennsylvaniaandSalt Creek StationinArbuckle, California.[179]It operated ten to twentytapson U.S. telecom switches. NSA had installations in several U.S. states and from them observed intercepts from Europe, the Middle East, North Africa, Latin America, and Asia.[179]

NSA had facilities atFriendship Annex(FANX) inLinthicum, Maryland,which is a 20 to 25-minute drive from Fort Meade;[186]theAerospace Data FacilityatBuckley Space Force BaseinAurora,Colorado; NSA Texas in theTexas Cryptology CenteratLackland Air Force BaseinSan Antonio,Texas; NSA Georgia,Georgia Cryptologic Center,Fort Gordon (nowFort Eisenhower),Augusta, Georgia;NSA Hawaii,Hawaii Cryptologic CenterinHonolulu;theMultiprogram Research FacilityinOak Ridge, Tennessee,and elsewhere.[174][179]

On January 6, 2011, a groundbreaking ceremony was held to begin construction on the NSA's first Comprehensive National Cyber-security Initiative (CNCI) Data Center, known as the "Utah Data Center"for short. The $1.5B data center is being built atCamp Williams,Utah,located 25 miles (40 km) south ofSalt Lake City,and will help support the agency's National Cyber-security Initiative.[187]It is expected to be operational by September 2013.[179]Construction of Utah Data Center finished in May 2019.[188]

In 2009, to protect its assets and access more electricity, NSA sought to decentralize and expand its existing facilities in Fort Meade and Menwith Hill,[189]the latter expansion expected to be completed by 2015.[190]

TheYakima Herald-Republiccited Bamford, saying that many of NSA's bases for its Echelon program were alegacy system,using outdated, 1990s technology.[58]In 2004, NSA closed its operations atBad Aibling Station(Field Station 81) inBad Aibling,Germany.[191]In 2012, NSA began to move some of its operations at Yakima Research Station,Yakima Training Center,in Washington state to Colorado, planning to leave Yakima closed.[192]As of 2013, NSA also intended to close operations atSugar Grove, West Virginia.[58]

International stations

edit
RAF Menwith Hillhas the largest NSA presence in the United Kingdom.[190]

Following the signing in 1946–1956[193]of theUKUSA Agreementbetween the United States, United Kingdom, Canada, Australia and New Zealand, who then cooperated onsignals intelligenceandECHELON,[194]NSA stations were built atGCHQ BudeinMorwenstow,United Kingdom;Geraldton,Pine GapandShoal Bay,Australia;LeitrimandOttawa,Ontario, Canada;Misawa,Japan; andWaihopaiandTangimoana,[195]New Zealand.[196]

NSA operatesRAF Menwith Hillin North Yorkshire, United Kingdom, which was, according toBBC Newsin 2007, the largest electronic monitoring station in the world.[197]Planned in 1954, and opened in 1960, the base covered 562 acres (227 ha; 0.878 sq mi) in 1999.[198]

The agency'sEuropean Cryptologic Center(ECC), with 240 employees in 2011, is headquartered at a US military compound inGriesheim,nearFrankfurtin Germany. A 2011 NSA report indicates that the ECC is responsible for the "largest analysis and productivity in Europe" and focuses on various priorities, including Africa, Europe, the Middle East, and counterterrorism operations.[199]

In 2013, a new Consolidated Intelligence Center, also to be used by NSA, is being built at the headquarters of theUnited States Army EuropeinWiesbaden,Germany.[200]NSA's partnership withBundesnachrichtendienst(BND), the German foreign intelligence service, was confirmed by BND presidentGerhard Schindler.[200]

Thailand

edit

Thailandis a "3rd party partner" of the NSA along with nine other nations.[201]These are non-English-speaking countries that have made security agreements for the exchange of SIGINT raw material and end product reports.

Thailand is the site of at least two US SIGINT collection stations. One is at theUS EmbassyinBangkok,a joint NSA-CIASpecial Collection Service (SCS) unit. It presumably eavesdrops on foreign embassies, governmental communications, and other targets of opportunity.[202]

The second installation is a FORNSAT (foreign satellite interception) station in the Thai city ofKhon Kaen.It is codenamed INDRA, but has also been referred to as LEMONWOOD.[202]The station is approximately 40 hectares (99 acres) in size and consists of a large 3,700–4,600 m2(40,000–50,000 ft2) operations building on the west side of the ops compound and fourradome-enclosedparabolic antennas.Possibly two of the radome-enclosed antennas are used for SATCOM intercept and two antennas are used for relaying the intercepted material back to the NSA. There is also a PUSHER-type circularly-disposed antenna array (CDAA) just north of the ops compound.[203][204]

NSA activated Khon Kaen in October 1979. Its mission was to eavesdrop on the radio traffic ofChinese armyandair forceunits in southern China, especially in and around the city ofKunminginYunnanProvince. In the late 1970s, the base consisted only of a small CDAA antenna array that was remote-controlled via satellite from the NSA listening post atKunia, Hawaii,and a small force of civilian contractors fromBendix Field Engineering Corp.whose job it was to keep the antenna array and satellite relay facilities up and running 24/7.[203]

According to the papers of the late General William Odom, the INDRA facility was upgraded in 1986 with a new British-made PUSHER CDAA antenna as part of an overall upgrade of NSA and Thai SIGINT facilities whose objective was to spy on the neighboring communist nations of Vietnam, Laos, and Cambodia.[203]

The base fell into disrepair in the 1990s as China and Vietnam became more friendly towards the US, and by 2002 archived satellite imagery showed that the PUSHER CDAA antenna had been torn down, perhaps indicating that the base had been closed. At some point in the period since9/11,the Khon Kaen base was reactivated and expanded to include a sizeable SATCOM intercept mission. It is likely that the NSA presence at Khon Kaen is relatively small, and that most of the work is done by civilian contractors.[203]

Research and development

edit

NSA has been involved in debates about public policy, both indirectly as a behind-the-scenes adviser to other departments, and directly during and afterVice Admiral Bobby Ray Inman's directorship. NSA was a major player in the debates of the 1990s regarding theexport of cryptography in the United States.Restrictions on export were reduced but not eliminated in 1996. Its secure government communications work has involved the NSA in numerous technology areas, including the design of specialized communicationshardwareand software, production of dedicatedsemiconductorsat theFt. Meadechip fabrication plant), and advancedcryptographyresearch. For 50 years, the NSA designed and built most of its in-house computer equipment, but from the 1990s until about 2003 (when the U.S. Congress curtailed the practice), the agency contracted with the private sector in the fields of research and equipment.[205]

Data Encryption Standard

edit
FROSTBURGwas the NSA's firstsupercomputer,used from 1991 to 1997

NSA was embroiled in some controversy concerning its involvement in the creation of the Data Encryption Standard (DES), a standard and publicblock cipheralgorithmused by theU.S. governmentand banking community.[206]During the development of DES byIBMin the 1970s, NSA recommended changes to some details of the design. There was suspicion that these changes had weakened the algorithm sufficiently to enable the agency to eavesdrop if required, including speculation that a critical component—the so-calledS-boxes—had been altered to insert a "backdoor"and that the reduction in key length might have made it feasible for NSA to discover DES keys using massive computing power. It has since been observed that the S-boxes in DES are particularly resilient againstdifferential cryptanalysis,a technique that was not publicly discovered until the late 1980s but known to the IBM DES team.

Advanced Encryption Standard

edit

The involvement of the NSA in selecting a successor to the Data Encryption Standard (DES), the Advanced Encryption Standard (AES), was limited to hardware performance testing (seeAES competition).[207]NSA has subsequently certified AES for protection of classified information when used in NSA-approved systems.[208]

NSA encryption systems

edit
STU-IIIsecure telephones on display at theNational Cryptologic Museum

The NSA is responsible for the encryption-related components in these legacy systems:

The NSA oversees encryption in the following systems that are in use today:

The NSA has specifiedSuite AandSuite Bcryptographic algorithm suites to be used in U.S. government systems; the Suite B algorithms are a subset of those previously specified byNISTand are expected to serve for most information protection purposes, while the Suite A algorithms are secret and are intended for especially high levels of protection.[208]

The widely usedSHA-1andSHA-2hash functions were designed by NSA. SHA-1 is a slight modification of the weakerSHA-0algorithm, also designed by NSA in 1993. This small modification was suggested by the NSA two years later, with no justification other than the fact that it provides additional security. An attack for SHA-0 that does not apply to the revised algorithm was indeed found between 1998 and 2005 by academic cryptographers. Because of weaknesses and key length restrictions in SHA-1, NIST deprecates its use fordigital signaturesand approves only the newer SHA-2 algorithms for such applications from 2013 on.[218]

A new hash standard,SHA-3,has recently been selected through thecompetitionconcluded on October 2, 2012, with the selection ofKeccakas the algorithm. The process to select SHA-3 was similar to the one held in choosing the AES, but some doubts have been cast over it,[219][220]since fundamental modifications have been made to Keccak to turn it into a standard.[221]These changes potentially undermine the cryptanalysis performed during the competition and reduce the security levels of the algorithm.[219]

Clipper chip

edit

Because of concerns that widespread use of strong cryptography would hamper government use ofwiretaps,the NSA proposed the concept ofkey escrowin 1993 and introduced the Clipper chip that would offer stronger protection than DES but would allow access to encrypted data by authorized law enforcement officials.[222]The proposal was strongly opposed and key escrow requirements ultimately went nowhere.[223]However, NSA'sFortezzahardware-based encryption cards, created for the Clipper project, are still used within government, and NSA ultimately declassified and published the design of theSkipjack cipherused on the cards.[224][225]

Dual EC DRBG random number generator crypto trojan

edit

NSA promoted the inclusion of a random number generator calledDual EC DRBGin the U.S.National Institute of Standards and Technology's 2007 guidelines. This led to speculation of abackdoorwhich would allow NSA access to data encrypted by systems using thatpseudorandom number generator(PRNG).[226]

This is now deemed to be plausible based on the fact that output of next iterations of PRNG can provably be determined if relation between two internalElliptic Curvepoints is known.[227][228]Both NIST andRSAare now officially recommending against the use of this PRNG.[229][230]

Perfect Citizen

edit

Perfect Citizen is a program to performvulnerability assessmentby the NSA in the Americancritical infrastructure.[231][232]It was originally reported to be a program to develop a system of sensors to detect cyber attacks on critical infrastructure computer networks in both the private and public sector through anetwork monitoringsystem namedEinstein.[233][234]It is funded by theComprehensive National Cybersecurity Initiativeand thus farRaytheonhas received a contract for up to $100 million for the initial stage.

Academic research

edit

The NSA has invested many millions of dollars in academic research under grant code prefixMDA904,resulting in over 3,000 papers as of October 11, 2007.The NSA publishes its documents through various publications.

  • Cryptologis published monthly by PI, Techniques, and Standards, for the Personnel of Operations. Declassified issues are available online.[235]
  • TheCryptologic Almanacis a cryptologyacademic journalpublished internally by the NSA.[236]It publishes short vignettes about NSA or NSA-related topics. A selection of articles published are available to the public online.[237]
  • Cryptologic Quarterlywas the combined result of the merger ofNSA Technical JournalandCryptologic Spectrumin 1981. It expanded its coverage to cover a larger segment of NSA readership.
  • Cryptologic Spectrumwas acryptologyjournal published internally by the NSA.[236]It was established in 1969, until consolidation with theNSA Technical Journalin 1981. A selection of articles published between 1969 and 1981 are available to the public online.[237]The journal had beenclassifieduntil its tables of contents were published online in September 2006 following aFreedom of Information Actrequest in 2003.[238]
  • TheNSA Technical Journalwas established in 1954 byRalph J. Canineto "foster the exchange of ideas and create an 'intellectual community' within the Agency".[239]In 1981, the publication was consolidated withCryptologic Spectruminto a single publication, calledCryptologic Quarterly.

Despite this, the NSA/CSS has, at times, attempted to restrict the publication of academic research into cryptography; for example, theKhufu and Khafreblock ciphers were voluntarily withheld in response to an NSA request to do so. In response to aFOIAlawsuit, in 2013 the NSA released the 643-page research paper titled, "Untangling the Web: A Guide to Internet Research",[240]written and compiled by NSA employees to assist other NSA workers in searching for information of interest to the agency on the public Internet.[241]

Patents

edit

NSA can file for a patent from theU.S. Patent and Trademark Officeundergag order.Unlike normal patents, these are not revealed to the public and do not expire. However, if the Patent Office receives an application for an identical patent from a third party, they will reveal the NSA's patent and officially grant it to the NSA for the full term on that date.[242]

One of NSA's published patents describes a method ofgeographically locatingan individual computer site in an Internet-like network, based on thelatencyof multiple network connections.[243]Although no public patent exists, NSA is reported to have used a similar locating technology called trilateralization that allows real-time tracking of an individual's location, including altitude from ground level, using data obtained from cellphone towers.[244]

Insignia and memorials

edit

Theheraldicinsignia of NSA consists of aneagleinside a circle, grasping akeyin its talons.[245]The eagle represents the agency's national mission.[245]Its breast features a shield with bands of red and white, taken from theGreat Seal of the United Statesand representing Congress.[245]The key is taken from the emblem ofSaint Peterand represents security.[245]

When the NSA was created, the agency had no emblem and used that of the Department of Defense.[246]The agency adopted its first of two emblems in 1963.[246]The current NSA insignia has been in use since 1965, when then-Director,LTGMarshall S. Carter(USA) ordered the creation of a device to represent the agency.[247]

The NSA's flag consists of the agency's seal on a light blue background.

National Cryptologic Memorial

Crews associated with NSA missions have been involved in several dangerous and deadly situations.[248]TheUSSLibertyincidentin 1967 andUSSPuebloincidentin 1968 are examples of the losses endured during theCold War.[248]

The National Security Agency/Central Security Service Cryptologic Memorial honors and remembers the fallen personnel, both military and civilian, of these intelligence missions.[249]It is made of black granite, and has 171 names carved into it, as of 2013.[249]It is located at NSA headquarters. A tradition of declassifying the stories of the fallen was begun in 2001.[249]

Constitutionality, legality, and privacy questions regarding operations

edit

In the United States, at least since 2001,[250]there has been legal controversy over what signal intelligence can be used for and how much freedom the National Security Agency has to use signal intelligence.[251]In 2015, the government made slight changes in how it uses and collects certain types of data,[252]specifically phone records. The government was not analyzing the phone records as of early 2019.[253]The surveillance programs were deemed unlawful in September 2020 in a court of appeals case.[52]

Warrantless wiretaps

edit

On December 16, 2005,The New York Timesreported that underWhite Housepressure and with anexecutive orderfrom PresidentGeorge W. Bush,the National Security Agency, in an attempt to thwart terrorism, had been tapping phone calls made to persons outside the country, without obtainingwarrantsfrom theUnited States Foreign Intelligence Surveillance Court,a secret court created for that purpose under theForeign Intelligence Surveillance Act(FISA).[97]

Edward Snowden is a former American intelligence contractor who revealed in 2013 the existence of secret wide-ranging information-gathering programs conducted by the National Security Agency (NSA).[254]More specifically, Snowden released information that demonstrated how the United States government was gathering immense amounts of personal communications, emails, phone locations, web histories and more of American citizens without their knowledge.[255]One of Snowden's primary motivators for releasing this information was fear of a surveillance state developing as a result of the infrastructure being created by the NSA. As Snowden recounts, "I believe that, at this point in history, the greatest danger to our freedom and way of life comes from the reasonable fear of omniscient State powers kept in check by nothing more than policy documents... It is not that I do not value intelligence, but that I oppose. . . omniscient, automatic, mass surveillance.. . . That seems to me a greater threat to the institutions of free society than missed intelligence reports, and unworthy of the costs."[256]

In March 2014, Army GeneralMartin Dempsey,Chairman of the Joint Chiefs of Staff,told theHouse Armed Services Committee,"The vast majority of the documents that Snowden... exfiltrated from our highest levels of security... had nothing to do with exposing government oversight of domestic activities. The vast majority of those were related to our military capabilities, operations, tactics, techniques, and procedures."[257]When asked in a May 2014 interview to quantify the number of documents Snowden stole, retired NSA director Keith Alexander said there was no accurate way of counting what he took, but Snowden may have downloaded more than a million documents.[258]

Other surveillance

edit

On January 17, 2006, theCenter for Constitutional Rightsfiled a lawsuit,CCR v. Bush,against theGeorge W. Bushpresidency. The lawsuit challenged the National Security Agency's (NSA's) surveillance of people within the U.S., including the interception of CCR emails without securing a warrant first.[259][260]

In the August 2006 caseACLU v. NSA,U.S. District CourtJudgeAnna Diggs Taylorconcluded that NSA's warrantless surveillance program was both illegal and unconstitutional. On July 6, 2007, the6th Circuit Court of Appealsvacated the decision because the ACLU lacked standing to bring the suit.[261]

In September 2008, theElectronic Frontier Foundation(EFF) filed aclass actionlawsuit against the NSA and several high-ranking officials of theBush administration,[262]charging an "illegal and unconstitutional program of dragnet communications surveillance,"[263]based on documentation provided by formerAT&TtechnicianMark Klein.[264]

As a result of theUSA Freedom Actpassed byCongressin June 2015, the NSA had to shut down its bulk phone surveillance program on November 29 of the same year. The USA Freedom Act forbids the NSA to collect metadata and content of phone calls unless it has a warrant for terrorism investigation. In that case, the agency must ask thetelecom companiesfor the record, which will only be kept for six months. The NSA's use of large telecom companies to assist it with its surveillance efforts has caused several privacy concerns.[265]: 1568–69 

AT&T Internet monitoring

edit

In May 2008,Mark Klein,a formerAT&Temployee, alleged that his company had cooperated with NSA in installingNarushardware to replace the FBICarnivoreprogram, to monitor network communications including traffic between U.S. citizens.[266]

Data mining

edit

NSA was reported in 2008 to use its computing capability to analyze "transactional" data that it regularly acquires from other government agencies, which gather it under their jurisdictional authorities.[267]

A 2013 advisory group for the Obama administration, seeking to reform NSA spying programs following the revelations of documents released by Edward J. Snowden,[268]mentioned in 'Recommendation 30' on page 37, "...that the National Security Council staff should manage an interagency process to review regularly the activities of the US Government regarding attacks that exploit a previously unknown vulnerability in a computer application." Retired cybersecurity expertRichard A. Clarkewas a group member and stated on April 11, 2014, that NSA had no advance knowledge ofHeartbleed.[269]

Illegally obtained evidence

edit

In August 2013 it was revealed that a 2005 IRS training document showed that NSA intelligence intercepts and wiretaps, both foreign and domestic, were being supplied to theDrug Enforcement Administration(DEA) andInternal Revenue Service(IRS) and were illegally used to launch criminal investigations of US citizens. Law enforcement agents were directed to conceal how the investigations began and recreate a legal investigative trail by re-obtaining the same evidence by other means.[270][271]

Barack Obama administration

edit

In the months leading to April 2009, the NSA intercepted the communications of U.S. citizens, including a Congressman, although theJustice Departmentbelieved that the interception was unintentional. The Justice Department then took action to correct the issues and bring the program into compliance with existing laws.[272]United States Attorney GeneralEric Holderresumed the program according to his understanding of theForeign Intelligence Surveillance Actamendment of 2008, without explaining what had occurred.[273]

Polls conducted in June 2013 found divided results among Americans regarding NSA's secret data collection.[274]Rasmussen Reportsfound that 59% of Americans disapprove,[275]Gallupfound that 53% disapprove,[276]andPewfound that 56% are in favor of NSA data collection.[277]

Section 215 metadata collection

edit

On April 25, 2013, the NSA obtained a court order requiringVerizon's Business Network Services to providemetadataon all calls in its system to the NSA "on an ongoing daily basis" for three months, as reported byThe Guardianon June 6, 2013. This information includes "the numbers of both parties on a call... location data, call duration, unique identifiers, and the time and duration of all calls" but not "[t]he contents of the conversation itself". The order relies on the so-called "business records" provision of the Patriot Act.[278][279]

In August 2013, following the Snowden leaks, new details about the NSA's data mining activity were revealed. Reportedly, the majority of emails into or out of the United States are captured at "selected communications links" and automatically analyzed for keywords or other "selectors". Emails that do not match are deleted.[280]

The utility of such a massive metadata collection in preventing terrorist attacks is disputed. Many studies reveal the dragnet-like system to be ineffective. One such report, released by theNew America Foundationconcluded that after an analysis of 225 terrorism cases, the NSA "had no discernible impact on preventing acts of terrorism."[281]

Defenders of the program said that while metadata alone cannot provide all the information necessary to prevent an attack, it assures the ability to "connect the dots"[282]between suspect foreign numbers and domestic numbers with a speed only the NSA's software is capable of. One benefit of this is quickly being able to determine the difference between suspicious activity and real threats.[283]As an example, NSA director GeneralKeith B. Alexandermentioned at the annual Cybersecurity Summit in 2013, that metadata analysis of domestic phone call records after theBoston Marathon bombinghelped determine that rumors of a follow-up attack in New York were baseless.[282]

In addition to doubts about its effectiveness, many people argue that the collection of metadata is an unconstitutional invasion of privacy. As of 2015,the collection process remained legal and grounded in the ruling fromSmith v. Maryland(1979). A prominent opponent of the data collection and its legality isU.S. District JudgeRichard J. Leon,who issued a report in 2013[284]in which he stated: "I cannot imagine a more 'indiscriminate' and 'arbitrary invasion' than this systematic and high tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval...Surely, such a program infringes on 'that degree of privacy' that the founders enshrined in theFourth Amendment".

As of May 7, 2015, the United States Court of Appeals for the Second Circuit ruled that the interpretation of Section 215 of the Patriot Act was wrong and that the NSA program that has been collecting Americans' phone records in bulk is illegal.[285]It stated that Section 215 cannot be interpreted to allow government to collect national phone data and, as a result, expired on June 1, 2015. This ruling "is the first time a higher-level court in the regular judicial system has reviewed the NSA phone records program."[286]The replacement law known as theUSA Freedom Act,which will enable the NSA to continue to have bulk access to citizens' metadata but with the stipulation that the data will now be stored by the companies themselves.[286]This change will not have any effect on other Agency procedures—outside of metadata collection—which have purportedly challenged Americans' Fourth Amendment rights,[287]includingUpstream collection,a mass of techniques used by the Agency to collect and store American's data/communications directly from theInternet backbone.[288]

Under the Upstream collection program, the NSA paid telecommunications companies hundreds of millions of dollars in order to collect data from them.[289]While companies such as Google and Yahoo! claim that they do not provide "direct access" from their servers to the NSA unless under a court order,[290]the NSA had access to emails, phone calls, and cellular data users.[291]Under this new ruling, telecommunications companies maintain bulk user metadata on their servers for at least 18 months, to be provided upon request to the NSA.[286]This ruling made the mass storage of specific phone records at NSA datacenters illegal, but it did not rule on Section 215's constitutionality.[286]

Fourth Amendment encroachment

edit

In a declassified document it was revealed that 17,835 phone lines were on an improperly permitted "alert list" from 2006 to 2009 in breach of compliance, which tagged these phone lines for daily monitoring.[292][293][294]Eleven percent of these monitored phone lines met the agency's legal standard for "reasonably articulable suspicion" (RAS).[292][295]

The NSA tracks the locations of hundreds of millions of cell phones per day, allowing it to map people's movements and relationships in detail.[296]The NSA has been reported to have access to all communications made via Google, Microsoft, Facebook, Yahoo, YouTube,AOL,Skype, Apple and Paltalk,[297]and collects hundreds of millions of contact lists from personal email andinstant messagingaccounts each year.[298]It has also managed to weaken much of the encryption used on the Internet (by collaborating with, coercing, or otherwise infiltrating numerous technology companies to leave "backdoors" into their systems) so that the majority of encryption is inadvertently vulnerable to different forms of attack.[299][300]

Domestically, the NSA has been proven to collect and store metadata records of phone calls,[301]including over 120 million USVerizon subscribers,[302]as well as intercept vast amounts of communications via the internet (Upstream).[297]The government's legal standing had been to rely on a secret interpretation of thePatriot Actwhereby the entirety of US communications may be considered "relevant" to a terrorism investigation if it is expected that even a tiny minority may relate to terrorism.[303]The NSA also supplies foreign intercepts to theDEA,IRSand other law enforcement agencies, who use these to initiate criminal investigations. Federal agents are then instructed to "recreate" the investigative trail viaparallel construction.[304]

The NSA also spies on influential Muslims to obtain information that could be used to discredit them, such as their use of pornography. The targets, both domestic and abroad, are not suspected of any crime but hold religious or political views deemed "radical" by the NSA.[305]

According to a report inThe Washington Postin July 2014, relying on information provided by Snowden, 90% of those placed under surveillance in the U.S. are ordinary Americans and are not the intended targets. The newspaper said it had examined documents including emails, text messages, and online accounts that support the claim.[306]

Congressional oversight

edit
Excerpt of James Clapper's testimony before the Senate Select Committee on Intelligence

The Intelligence Committees of the US House and Senate exercise primary oversight over the NSA; other members of Congress have been denied access to materials and information regarding the agency and its activities.[307]TheUnited States Foreign Intelligence Surveillance Court,the secret court charged with regulating the NSA's activities is, according to its chief judge, incapable of investigating or verifying how often the NSA breaks even its own secret rules.[308]It has since been reported that the NSA violated its own rules on data access thousands of times a year, many of these violations involving large-scale data interceptions.[309]NSA officers have even used data intercepts to spy on love interests;[310]"most of the NSA violations were self-reported, and each instance resulted in administrative action of termination."[311][attribution needed]

The NSA has "generally disregarded the special rules for disseminating United States person information" by illegally sharing its intercepts with other law enforcement agencies.[312]A March 2009 FISA Court opinion, which the court released, states that protocols restricting data queries had been "so frequently and systemically violated that it can be fairly said that this critical element of the overall... regime has never functioned effectively."[313][314]In 2011 the same court noted that the "volume and nature" of the NSA's bulk foreign Internet intercepts was "fundamentally different from what the court had been led to believe".[312]Email contact lists (including those of US citizens) are collected at numerous foreign locations to work around the illegality of doing so on US soil.[298]

Legal opinions on the NSA's bulk collection program have differed. In mid-December 2013, U.S. District Judge Richard Leon ruled that the "almost-Orwellian" program likely violates the Constitution, and wrote, "I cannot imagine a more 'indiscriminate' and 'arbitrary invasion' than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval. Surely, such a program infringes on 'that degree of privacy' that the Founders enshrined in the Fourth Amendment. Indeed, I have little doubt that the author of our Constitution,James Madison,who cautioned us to beware 'the abridgment of the freedom of the people by gradual and silent encroachments by those in power,' would be aghast. "[315]

Later that month, U.S. District JudgeWilliam Pauleyruled that the NSA's collection of telephone records is legal and valuable in the fight against terrorism. In his opinion, he wrote, "a bulk telephony metadata collection program [is] a wide net that could find and isolate gossamer contacts among suspected terrorists in an ocean of seemingly disconnected data" and noted that a similar collection of data before 9/11 might have prevented the attack.[316]

Official responses

edit

At a March 2013Senate Intelligence Committeehearing, SenatorRon Wydenasked the Director of National IntelligenceJames Clapper,"Does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" Clapper replied "No, sir.... Not wittingly. There are cases where they could inadvertently perhaps collect, but not wittingly."[317]This statement came under scrutiny months later, in June 2013, when details of thePRISMsurveillance program were published, showing that "the NSA apparently can gain access to the servers of nine Internet companies for a wide range of digital data."[317]Wyden said that Clapper had failed to give a "straight answer" in his testimony. Clapper, in response to criticism, said, "I responded in what I thought was the most truthful, or least untruthful manner." Clapper added, "There are honest differences on the semantics of what—when someone says 'collection' to me, that has a specific meaning, which may have a different meaning to him."[317]

NSA whistle-blowerEdward Snowdenadditionally revealed the existence ofXKeyscore,a top-secret NSA program that allows the agency to search vast databases of "the metadata as well as the content of emails and other internet activity, such as browser history," with the capability to search by "name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used."[318]XKeyscore "provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst."[318]

Regarding the necessity of these NSA programs, Alexander stated on June 27, 2013, that the NSA's bulk phone and Internet intercepts had been instrumental in preventing 54 terrorists "events", including 13 in the US, and in all but one of these cases had provided the initial tip to "unravel the threat stream".[319]On July 31 NSA Deputy Director John Inglis conceded to the Senate that these intercepts had not been vital in stopping any terrorist attacks, but were "close" to vital in identifying and convicting four San Diego men for sending US$8,930 toAl-Shabaab,a militia that conducts terrorism in Somalia.[320][321][322]

The U.S. government has aggressively sought to dismiss and challengeFourth Amendmentcases raised against it, and has granted retroactive immunity to ISPs and telecoms participating in domestic surveillance.[323][324]

The U.S. military has acknowledged blocking access to parts ofThe Guardianwebsite for thousands of defense personnel across the country,[325][326]and blocking the entireGuardianwebsite for personnel stationed throughout Afghanistan, the Middle East, and South Asia.[327]

An October 2014 United Nations report condemned mass surveillance by the United States and other countries as violating multiple international treaties and conventions that guarantee core privacy rights.[328]

Responsibility for international ransomware attack

edit

An exploit dubbedEternalBlue,created by the NSA, was used in theWannaCry ransomware attackin May 2017.[329]The exploit had been leaked online by a hacking group, The Shadow Brokers, nearly a month before the attack. Several experts have pointed the finger at the NSA's non-disclosure of the underlying vulnerability, and their loss of control over the EternalBlue attack tool that exploited it. Edward Snowden said that if the NSA had "privately disclosedthe flaw used to attack hospitals when they found it, not when they lost it, [the attack] might not have happened ".[330]Wikipedia co-founder,Jimmy Wales,stated that he joined "with Microsoft and the other leaders of the industry in saying this is a huge screw-up by the government... the moment the NSA found it, they should have notified Microsoft so they could quietly issue apatchand really chivvy people along, long before it became a huge problem. "[331]

Activities of previous employees

edit

Former employee David Evenden, who had left the NSA to work for US defense contractor Cyperpoint at a position in theUnited Arab Emirates,was tasked with hacking UAE neighborQatarin 2015 to determine if they were funding terrorist groupMuslim Brotherhood.He quit the company after learning his team had hacked Qatari SheikhaMoza bint Nasser's email exchanges withMichelle Obama,just before she visitedDoha.[332]Upon Evenden's return to the US, he reported his experiences to theFBI.The incident highlights a growing trend of former NSA employees and contractors leaving the agency to start up their firms, and then hiring out to countries likeTurkey,Sudan,and evenRussia,a country involved innumerous cyberattacks against the US.[332]

2021 Denmark-NSA collaborative surveillance

edit

In May 2021, it was reported thatDanish Defence Intelligence Servicecollaborated with NSA to wiretap on fellow EU members and leaders,[333][334]leading to wide backlash among EU countries and demands for explanation from Danish and American governments.[335]

See also

edit

Notes

edit
  1. ^Burns, Thomas L. (1990)."The Origins of the National Security Agency"(PDF).United States Cryptologic History. National Security Agency. p. 97. Archived fromthe original(PDF)on March 22, 2016.RetrievedAugust 23,2016.
  2. ^ab"60 Years of Defending Our Nation"(PDF).National Security Agency. 2012. p. 3. Archived fromthe original(PDF)on 2013-06-14.RetrievedJuly 6,2013.On November 4, 2012, the National Security Agency (NSA) celebrates its 60th anniversary of providing critical information to U.S. decision makers and Armed Forces personnel in defense of our Nation. NSA has evolved from a staff of approximately 7,600 military and civilian employees housed in 1952 in a vacated school in Arlington, VA, into a workforce of more than 30,000 demographically diverse men and women located at NSA headquarters in Ft. Meade, MD, in four national Cryptologic Centers, and at sites throughout the world.
  3. ^Priest, Dana (July 21, 2013)."NSA growth fueled by the need to target terrorists".The Washington Post.Archivedfrom the original on February 16, 2014.RetrievedJuly 22,2013.Since the attacks of Sept. 11, 2001, its civilian and military workforce has grown by one-third, to about 33,000, according to the NSA. Its budget has roughly doubled.
  4. ^abcdTuutti, Camille (2012-04-16)."Introverted? Then the NSA wants you".Florida Championship Wrestling.Archived fromthe originalon 2020-11-06.Retrieved2013-07-01.
  5. ^abRosenbach, Marcel; Stark, Holger; Stock, Jonathan (June 10, 2013)."Prism Exposed: Data Surveillance with Global Implications".Spiegel Online.Spiegel Online International. p. 2.Archivedfrom the original on June 13, 2013.RetrievedJune 13,2013."How can an intelligence agency, even one as large and well-staffed as the NSA with its 40,000 employees, work meaningfully with such a flood of information?"
  6. ^abGellman, Barton; Greg Miller (August 29, 2013)."U.S. spy network's successes, failures and objectives detailed in 'black budget' summary".The Washington Post.p. 3.Archivedfrom the original on September 1, 2013.RetrievedAugust 29,2013.
  7. ^Shane, Scott (August 29, 2013)."New Leaked Document Outlines U.S. Spending on Intelligence Agencies".The New York Times.Archivedfrom the original on August 30, 2013.RetrievedAugust 29,2013.
  8. ^"About NSA: Mission".National Security Agency.Archivedfrom the original on September 18, 2014.RetrievedSeptember 14,2014.
  9. ^abEllen Nakashima (January 26, 2008)."Bush Order Expands Network Monitoring: Intelligence Agencies to Track Intrusions".The Washington Post.Archivedfrom the original on June 24, 2017.RetrievedFebruary 9,2008.
  10. ^Executive Order 134702008 Amendments to Executive Order 12333Archived2018-11-13 at theWayback Machine,United States Intelligence Activities, July 30, 2008 (PDF)
  11. ^Schorr, Daniel (January 29, 2006)."A Brief History of the NSA".NPR.Archivedfrom the original on September 15, 2021.RetrievedSeptember 15,2021.
  12. ^Bamford, James.Body of Secrets:Anatomy of the Ultra-Secret National Security Agency,Random House Digital, Inc.,December 18, 2007
  13. ^Malkin, Bonnie. "NSA surveillance: US bugged EU offices".The Daily Telegraph,June 30, 2013.
  14. ^Ngak, Chenda."NSA leaker Snowden claimed U.S. and Israel co-wrote Stuxnet virus"Archived2024-05-12 at theWayback Machine,CBS,July 9, 2013
  15. ^Bamford, James (June 12, 2013)."The Secret War".Wired.Archived fromthe originalon January 25, 2014.
  16. ^Lichtblau, Eric(February 28, 2001)."Spy Suspect May Have Revealed U.S. Bugging; Espionage: Hanssen left signs that he told Russia where top-secret overseas eavesdropping devices are placed, officials say".Los Angeles Times.p. A1. Archived fromthe originalon April 17, 2001.RetrievedApril 1,2015.
  17. ^Executive Order 134702008 Amendments to Executive Order 12333Archived2018-11-13 at theWayback Machine,United States Intelligence Activities,Section C.2, July 30, 2008
  18. ^abcObar, Jonathan A.; Clement, Andrew (July 1, 2013) [June 5–7, 2012]. Ross, P.; Shtern, J. (eds.).Internet Surveillance and Boomerang Routing: A Call for Canadian Network Sovereignty.TEM 2013: Proceedings of the Technology & Emerging Media Track – Annual Conference of theCanadian Communication Association.Victoria, British Columbia.doi:10.2139/ssrn.2311792.SSRN2311792.
  19. ^"The Black Chamber".nsa.gov.2021-08-20.Archivedfrom the original on 2021-11-04.Retrieved23 February2018.
  20. ^"Records of the National Security Agency/Central Security Service [NSA/CSS]".National Archives.Archivedfrom the original on October 14, 2006.RetrievedNovember 22,2013.
  21. ^"The Many Lives of Herbert O. Yardley"(PDF).Archived(PDF)from the original on July 1, 2016.RetrievedMay 26,2016.
  22. ^Yardley, Herbert O. (1931).The American Black Chamber.Annapolis, MD:Naval Institute Press.ISBN978-1-59114-989-7.
  23. ^James Bamford."Building America's secret surveillance state".Reuters.Archived fromthe originalon June 13, 2013.RetrievedNovember 9,2013.
  24. ^Hastedt, Glenn P.; Guerrier, Steven W. (2009).Spies, wiretaps, and secret operations: An encyclopedia of American espionage.ABC-CLIO.p. 32.ISBN978-1-85109-807-1.
  25. ^abcUSAICoE History Office (6 September 2013)."Army Security Agency Established, 15 September 1945".army.mil.United States Army.Archivedfrom the original on July 16, 2020.RetrievedNovember 9,2013.
  26. ^abcBurns, Thomas L."The Origins of the National Security Agency 1940–1952 (U)"(PDF).gwu.edu.National Security Agency. p. 60.Archived(PDF)from the original on November 29, 2020.RetrievedNovember 28,2020.
  27. ^"The Creation of NSA – Part 2 of 3: The Brownell Committee"(PDF).nsa.gov.National Security Agency. Archived fromthe original(PDF)on September 18, 2013.RetrievedJuly 2,2013.
  28. ^abTruman, Harry S. (October 24, 1952)."Memorandum"(PDF).nsa.gov.National Security Agency. Archived fromthe original(PDF)on August 21, 2013.RetrievedJuly 2,2013.
  29. ^Burns, Thomas L. (1990)."The Origins of the National Security Agency"(PDF).United States Cryptologic History. National Security Agency. pp. 107–08. Archived fromthe original(PDF)on March 22, 2016.RetrievedAugust 23,2016.
  30. ^Anne Gearan (June 7, 2013)."'No Such Agency' spies on the communications of the world ".The Washington Post.Archivedfrom the original on December 25, 2013.RetrievedNovember 9,2013.
  31. ^Shane, Scott (October 31, 2005)."Vietnam Study, Casting Doubts, Remains Secret".The New York Times.Archivedfrom the original on March 28, 2015.RetrievedJune 7,2024.The National Security Agency has kept secret since 2001 a finding by an agency historian that during the Tonkin Gulf episode, which helped precipitate the Vietnam War
  32. ^ab"Declassified NSA Files Show Agency Spied on Muhammad Ali and MLK Operation Minaret Set Up in the 1960s to Monitor Anti-Vietnam Critics, Branded 'Disreputable If Not Outright Illegal' by NSA Itself"Archived2013-09-26 at theWayback MachineThe Guardian,September 26, 2013
  33. ^Boak, David G. (July 1973) [1966].A History of U.S. Communications Security; the David G. Boak Lectures, Vol. 1(PDF)(2015 partial declassification ed.). Ft. George G. Meade, MD: U.S. National Security Agency.Archived(PDF)from the original on 2017-05-25.Retrieved2017-04-23.
  34. ^"Pre-Emption – The Nsa And The Telecoms – Spying On The Home Front – FRONTLINE – PBS".pbs.org.Archivedfrom the original on 2007-05-18.Retrieved2024-06-07.
  35. ^Cohen, Martin (2006).No Holiday: 80 Places You Don't Want to Visit.New York: Disinformation Company Ltd.ISBN978-1-932857-29-0.RetrievedMarch 14,2014.
  36. ^William Burr, ed. (September 25, 2017)."National Security Agency Tracking of U.S. Citizens –" Questionable Practices "from 1960s & 1970s".National Security Archive.Archivedfrom the original on January 3, 2020.RetrievedAugust 2,2018.
  37. ^abcBill Moyers Journal (October 26, 2007)."The Church Committee and FISA".Public Affairs Television.Archivedfrom the original on June 16, 2013.RetrievedJune 28,2013.
  38. ^"Book IV, Supplementary Detailed Staff Reports on Foreign and Military Intelligence (94th Congress, Senate report 94-755)"(PDF).United States Senate Select Committee on Intelligence. April 23, 1976. p. 67 (72). Archived fromthe original(PDF)on September 22, 2013.RetrievedJune 28,2013.
  39. ^"Book II, Intelligence Activities and the Rights of Americans (94th Congress, Senate report 94-755)"(PDF).United States Senate Select Committee on Intelligence. April 26, 1976. p. 124 (108). Archived fromthe original(PDF)on May 21, 2013.RetrievedJune 28,2013.
  40. ^Seymour M. Hersh (February 22, 1987)."Target Qaddafi".The New York Times.Archivedfrom the original on January 24, 2014.RetrievedJanuary 12,2014.
  41. ^David Wise (May 18, 1986)."Espionage Case Pits CIA Against News Media".The Los Angeles Times.Archivedfrom the original on January 13, 2014.RetrievedJanuary 12,2014.the President took an unprecedented step in discussing the content of the Libyan cables. He was, by implication, revealing that the NSA had broken the Libyan code.
  42. ^Peggy Becker (October 1999).Development of Surveillance Technology and Risk of Abuse of Economic Information(Report). STOA, European Parliament. p. 12. Archived fromthe originalon January 25, 2014.RetrievedNovember 3,2013.
  43. ^abcStaff (June 13, 2003)."NSA honors 4 in the science of codes".The Baltimore Sun.Tribune Company.Archivedfrom the original on June 14, 2013.RetrievedJune 11,2013.
  44. ^James Bamford (2007).Body of Secrets: Anatomy of the Ultra-Secret National Security Agency.Knopf Doubleday Publishing Group. p. 454.ISBN978-0-307-42505-8.
  45. ^Koblitz, Neal (2008).Random Curves: Journeys of a Mathematician.Springer-Verlag. p. 312.ISBN9783540740773.
  46. ^Landau, Susan (2015), "NSA and Dual EC_DRBG: Déjà Vu All Over Again?",The Mathematical Intelligencer,37(4): 72–83,doi:10.1007/s00283-015-9543-z,S2CID124392006
  47. ^Curtis, Sophie (13 November 2014)."Ex-NSA technical chief: How 9/11 created the surveillance state".The Daily Telegraph.Archivedfrom the original on 2022-01-11.
  48. ^"In 2002 Brian Snow was moved from the technical directorship of IAD to a different position within the NSA that had high status but little influence, particularly about actions that were being proposed by SIGINT; Mike Jacobs retired from the NSA the same year."Koblitz, Neal; Menezes, Alfred J. (2016), "A riddle wrapped in an Enigma",IEEE Security & Privacy,14(6): 34–42,doi:10.1109/MSP.2016.120,S2CID2310733Footnote 9 in the full version, see"A riddle wrapped in an Enigma"(PDF).Archived(PDF)from the original on 3 December 2017.Retrieved12 April2018.
  49. ^Gorman, Siobhan (May 17, 2006)."NSA killed system that sifted phone data legally".The Baltimore Sun.Tribune Company(Chicago, IL). Archived fromthe originalon September 27, 2007.RetrievedMarch 7,2008.The privacy protections offered by ThinThread were also abandoned in the post–September 11 push by the president for a faster response to terrorism.
  50. ^Bamford,Shadow Factory,pp. 325–340.
  51. ^Baltimore Sun (May 6, 2007)."Management shortcomings seen at NSA".baltimoresun.Archived fromthe originalon April 22, 2013.RetrievedJanuary 31,2013.
  52. ^ab"NSA surveillance exposed by Snowden ruled unlawful".BBC News.3 September 2020.Archivedfrom the original on 3 September 2020.Retrieved4 September2020.
  53. ^Bamford, James (December 25, 2005)."The Agency That Could Be Big Brother".The New York Times.Archivedfrom the original on February 3, 2012.RetrievedSeptember 11,2005.
  54. ^Dana Priest, William Arkin(July 19, 2010)."A hidden world, growing beyond control".The Washington Post.Archived fromthe originalon May 15, 2013.RetrievedApril 12,2015.
  55. ^"National Security Agency and the U.S. Department of Homeland Security Form New Partnership to Increase National Focus on Cyber Security Education"(Press release). NSA Public and Media Affairs. April 22, 2004. Archived fromthe originalon 2009-01-17.RetrievedJuly 4,2008.
  56. ^"Mission & Combat Support".nsa.gov.Archivedfrom the original on 2022-01-19.Retrieved2022-01-21.
  57. ^Hager, Nicky (1996).Secret Power: New Zealand's Role in the International Spy Network.Craig Potton Publishing.p. 55.ISBN978-0-908802-35-7.
  58. ^abc"It's kind of a legacy system, this whole idea, the Echelon," Bamford said. "Communications have changed a great deal since they built it." inMuir, Pat (May 27, 2013)."Secret Yakima facility may be outdated, expert says".Yakima Herald-Republic.Seattle Times. Archived fromthe originalon June 16, 2013.RetrievedJune 15,2013.
  59. ^Richelson, Jeffrey T.; Ball, Desmond (1985).The Ties That Bind: Intelligence Cooperation Between the UKUSA Countries.London:Allen & Unwin.ISBN0-04-327092-1
  60. ^Patrick S. Poole, Echelon: America's Secret Global Surveillance Network (Washington, D.C.:Free Congress Foundation,October 1998)
  61. ^Echelon "Archived2014-01-20 at theWayback Machine,60 Minutes,February 27, 2000
  62. ^Campbell, Duncan(August 12, 1988)."They've Got It Taped"(PDF).New Statesmanvia duncancampbell.org.Archived fromthe original(PDF)on June 14, 2013.RetrievedJune 19,2007.
  63. ^Bomford, Andrew (November 3, 1999)."Echelon spy network revealed".BBC.Archivedfrom the original on June 14, 2013.RetrievedJune 7,2013.
  64. ^"European Parliament Report on Echelon"(PDF).July 2001.Archived(PDF)from the original on June 28, 2019.RetrievedJuly 4,2008.
  65. ^Glenn Greenwald (November 26, 2013)."Top-Secret Documents Reveal NSA Spied on Porn Habits as Part of Plan to Discredit 'Radicalizers'".The Huffington Post.London.Archivedfrom the original on July 4, 2014.RetrievedMay 6,2014.
  66. ^James Risen; Laura Poitras (May 31, 2014)."N.S.A. Collecting Millions of Faces From Web Images".The New York Times.Archivedfrom the original on June 1, 2014.RetrievedJune 1,2014.
  67. ^Ellen Nakashima; Joby Warrick (July 14, 2013)."For NSA chief, terrorist threat drives passion to 'collect it all,' observers say".The Washington Post.Archivedfrom the original on March 1, 2017.RetrievedJuly 15,2013.Collect it all, tag it, store it.. . . And whatever it is you want, you go searching for it.
  68. ^Glenn Greenwald (July 15, 2013)."The crux of the NSA story in one phrase: 'collect it all': The actual story that matters is not hard to see: the NSA is attempting to collect, monitor, and store all forms of human communication".The Guardian.Archivedfrom the original on March 10, 2017.RetrievedJuly 16,2013.
  69. ^Greg Miller and Julie Tate, October 17, 2013, "Documents reveal NSA's extensive involvement in targeted killing programArchived2017-08-23 at theWayback Machine",The Washington Post.Retrieved October 18, 2013.
  70. ^Laura Poitras, Marcel Rosenbach, Fidelius Schmid und Holger Stark. "Geheimdokumente: NSA horcht EU-Vertretungen mit Wanzen ausArchived2024-05-18 at theWayback Machine".Der Spiegel(in German). Retrieved June 29, 2013.
  71. ^"US-Geheimdienst hörte Zentrale der Vereinten Nationen abArchived2024-05-12 at theWayback Machine".Der Spiegel(in German). Retrieved August 25, 2013.
  72. ^Spiegel.de: Wikileaks-Enthüllung, NSA soll auch französische Wirtschaft bespizelt haben (German)Archived2016-09-19 at theWayback Machine,June 2015
  73. ^"Wikileaks: Und täglich grüßt die NSA".Handelsblatt.July 9, 2015. Archived fromthe originalon October 18, 2017.RetrievedMarch 10,2017.
  74. ^Schultz, Tanjev (9 July 2015)."US-Spionage ist eine Demütigung für Deutschland".Süddeutsche.de.Archivedfrom the original on 23 February 2022.Retrieved23 February2022.
  75. ^"NSA tapped German Chancellery for decades, WikiLeaks claims".The Guardian.Reuters. 8 July 2015.
  76. ^France in the NSA's crosshair: phone networks under surveillanceArchived2024-05-12 at theWayback MachineLe Monde October 21, 2013
  77. ^Perlroth, Nicole (September 10, 2013)."Government Announces Steps to Restore Confidence on Encryption Standards".The New York Times(Bits blog).Archivedfrom the original on July 12, 2014.RetrievedJune 7,2024.
  78. ^abPerlroth, Nicole, Larson, Jeff, and Shane, Scott (September 5, 2013)."The NSA's Secret Campaign to Crack, Undermine Internet Security".ProPublica.Archivedfrom the original on February 21, 2020.RetrievedJune 7,2024.This story has been reported in partnership between The New York Times, the Guardian and ProPublica based on documents obtained by The Guardian. For the Guardian:James Ball,Julian Borger, Glenn Greenwald; For the New York Times: Nicole Perlroth, Scott Shane; For ProPublica: Jeff Larson{{cite news}}:CS1 maint: multiple names: authors list (link)
  79. ^"Schneier on Security: The Strange Story of Dual_EC_DRBG".Schneier. November 15, 2007.Archivedfrom the original on April 23, 2019.RetrievedOctober 9,2013.
  80. ^J. Appelbaum; A. Gibson; J. Goetz; V. Kabisch; L. Kampf; L. Ryge (July 3, 2014)."NSA targets the privacy-conscious".Panorama.Norddeutscher Rundfunk.Archivedfrom the original on July 3, 2014.RetrievedJuly 4,2014.
  81. ^Lena Kampf, Jacob Appelbaum & John Goetz, Norddeutscher Rundfunk (July 3, 2014)."Deutsche im Visier des US-Geheimdienstes: Von der NSA als Extremist brandmark"(in German).ARD.Archivedfrom the original on July 3, 2014.RetrievedJune 7,2024.
  82. ^"TechWeekEurope: Linus Torvalds Jokes The NSA Wanted A Backdoor In Linux".linuxfoundation.org.Archived fromthe originalon 2015-09-16.Retrieved2014-05-23.
  83. ^"NSA Asked Linus Torvalds To Install Backdoors Into GNU/Linux".falkvinge.net.17 November 2013.Archivedfrom the original on 19 May 2024.Retrieved7 June2024.
  84. ^"Civil Liberties, Justice and Home Affairs – Hearings".europa.eu.Archivedfrom the original on 2016-09-16.Retrieved2024-06-07.
  85. ^"The Swedes discover Lotus Notes has key escrow!"The Risks Digest,Volume 19, Issue 52, December 24, 1997,
  86. ^Only NSA can listen, so that's OKHeise, 1999.
  87. ^Gallagher, Sean (May 14, 2014)."Photos of an NSA" upgrade "factory show Cisco router getting implant".Ars Technica.Archivedfrom the original on June 4, 2024.RetrievedJune 7,2024.
  88. ^Whitwam, Ryan (December 30, 2013)."The NSA regularly intercepts laptop shipments to implant malware report says".extremetech.Archivedfrom the original on December 5, 2022.RetrievedJune 7,2024.
  89. ^"Archived copy".Archived fromthe originalon 2015-03-10.Retrieved2015-03-10.{{cite web}}:CS1 maint: archived copy as title (link)
  90. ^nsa.gov: The NSA storyArchived2014-12-09 at theWayback Machine,Retrieved January 19, 2015 – Page 3: 'NSA... will work with the FBI and other agencies to connect the dots between foreign-based actors and their activities in the U.S.'
  91. ^Domestic Surveillance Directorate websiteArchived2024-05-28 at theWayback Machine,Nsa.gov1.info, Retrieved January 19, 2015
  92. ^The Definitive NSA Parody Site Is Actually InformativeArchived2024-05-12 at theWayback Machine,Forbes, Retrieved January 19, 2015
  93. ^John D Bates (October 3, 2011)."[redacted]"(PDF).pp. 73–74.Archived(PDF)from the original on August 24, 2013.RetrievedJune 7,2024.
  94. ^abDavid Alan Jordan.Decrypting the Fourth Amendment: Warrantless NSA Surveillance and the Enhanced Expectation of Privacy Provided by Encrypted Voice over Internet ProtocolArchived2007-10-30 at theWayback Machine.Boston College Law Review. May 2006. Last access date January 23, 2007,
  95. ^Provost, Colin (2009).President George W. Bush's Influence Over Bureaucracy and Policy.Palgrave Macmillan. pp.94–99.ISBN978-0-230-60954-9.
  96. ^Charlie Savage(2015-09-20)."George W. Bush Made Retroactive N.S.A. 'Fix' After Hospital Room Showdown".The New York Times.Archivedfrom the original on 2024-05-12.Retrieved2024-06-07.
  97. ^abJames Risen&Eric Lichtblau(December 16, 2005),Bush Lets U.S. Spy on Callers Without CourtsArchived2015-05-24 at theWayback Machine,The New York Times
  98. ^"Gwu.edu".Gwu.edu.Archivedfrom the original on June 2, 2010.RetrievedOctober 9,2013.
  99. ^"Hamdan v. Rumsfeld, Secretary of Defense, Et Al. Certiorari to the United States Court of Appeals for the District of Columbia Circuit"(PDF).Supreme Court of the United States.Archived fromthe original(PDF)on 2020-12-07.Retrieved2022-03-12.
  100. ^Gellman, Barton; Poitras, Laura (June 7, 2013)."U.S. intelligence mining data from nine U.S. Internet companies in broad secret program".The Washington Post.Archivedfrom the original on June 15, 2013.RetrievedJune 6,2013.
  101. ^Greenwald, Glenn (June 6, 2013)."NSA taps in to internet giants' systems to mine user data, secret files reveal".The Guardian.London.Archivedfrom the original on August 18, 2006.RetrievedJune 6,2013.
  102. ^"Microsoft handed the NSA access to encrypted messages".The Guardian.July 12, 2013.Archivedfrom the original on November 19, 2015.RetrievedSeptember 7,2013.
  103. ^Angwin, Julia(2014).Dragnet Nation: A Quest for Privacy, Security, and Freedom in a World of Relentless Surveillance.Times Books / Henry Holt and Company. p.47.ISBN978-0-8050-9807-5.
  104. ^"Elliott, Justin and Meyer, TheodoricProPublica.Retrieved October 7, 2016 ".23 October 2013.Archivedfrom the original on 7 June 2024.Retrieved7 June2024.
  105. ^"Goldman, Adam and Apuzzo, Matt Associated Press. Retrieved October 7, 2016".Archived fromthe originalon July 3, 2015.RetrievedOctober 7,2016.
  106. ^"NSA program stopped no terror attacks, says White House panel member".NBC News.20 December 2013.Archivedfrom the original on 21 December 2013.Retrieved7 June2024.
  107. ^Masnick, Mike (December 23, 2013)."Judge And Intelligence Task Force Both Seem Stunned By Lack Of Evidence That Bulk Phone Collection Program Stops Terrorists".Techdirt.Archived fromthe originalon October 10, 2016.Retrieved2017-10-10.
  108. ^Narayan Lakshman (2013-12-05)."NSA tracking millions of cellphones globally".The Hindu.Archivedfrom the original on 2014-04-24.Retrieved2014-03-23.
  109. ^abThe Washington Post (2013-12-04)."FASCIA: The NSA's huge trove of location records"(2 slides).The Washington Post.Archivedfrom the original on 2014-11-01.Retrieved2014-03-23.
  110. ^Cite error: The named referenceHinduwas invoked but never defined (see thehelp page).
  111. ^The Washington Post (2013-12-04)."GHOSTMACHINE: The NSA's cloud analytics platform"(4 slides).The Washington Post.Archivedfrom the original on 2017-11-20.Retrieved2014-03-23.
  112. ^Aid, Matthew M. (10 June 2013)."Inside the NSA's Ultra-Secret China Hacking Group".Foreign Policy.Archivedfrom the original on 12 February 2022.Retrieved11 June2013.
  113. ^"U.S. NSA Unit 'TAO' Hacking China For YearsArchived2024-05-12 at theWayback Machine".Business Insider. June 11, 2013
  114. ^"Secret NSA hackers from TAO Office have been pwning China for nearly 15 yearsArchived2018-02-07 at theWayback Machine".Computerworld.June 11, 2013.
  115. ^"Flubbed NSA Hack Caused Massive 2012 Syrian Internet Blackout, Snowden SaysArchived2024-05-12 at theWayback Machine".International Business Times.August 13, 2013.
  116. ^"National Security Agency Office of the Inspector General".Archivedfrom the original on 2024-06-03.Retrieved2024-06-07.
  117. ^These offices are for example mentioned in aFISA court orderArchived2024-05-12 at theWayback Machinefrom 2011.
  118. ^https:// justice.gov/opa/pr/six-charged-scheme-defraud-federal-government
  119. ^"National Security Agency".fas.org.Archivedfrom the original on November 6, 2012.RetrievedOctober 9,2013.
  120. ^Matthew M. Aid, The Secret Sentry, New York, 2009, pp. 130, 138, 156–158.
  121. ^See also the information about the historical structure of NSA that is archived atFAS.orgArchived2012-11-06 at theWayback Machine
  122. ^TheWeek:The NSA's secret org chartArchived2015-01-11 at theWayback Machine,September 15, 2013
  123. ^National Security Agency – 60 Years of Defending Our NationArchived2018-06-23 at theWayback Machine,Anniversary booklet, 2012, p. 96.
  124. ^Marc Ambinder,3008 SelectorsArchived2015-01-11 at theWayback Machine,June 27, 2013.
  125. ^Ellen Nakashima.National Security Agency plans major reorganizationArchived2023-05-26 at theWayback Machine.The Washington Post,2 Feb 2016.
  126. ^National Security Agency (2009)."ARC Registration"(PDF).NSA ARC. Archived fromthe original(PDF)on January 18, 2012.RetrievedApril 13,2011.
  127. ^DNI (2009)."2009 National Intelligence Consumer's Guide"(PDF).Director of National Intelligence. Archived fromthe original(PDF)on May 24, 2012.RetrievedApril 13,2011.
  128. ^US Army."Theater Army Operations, Field Manual No. 3-93 (100–7)"(PDF).Archived fromthe original(PDF)on August 24, 2011.RetrievedApril 13,2011.
  129. ^Lackland Security Hill Enterprise Infrastructure and Computer Systems ManagementArchived2014-02-04 at theWayback Machine,October 1, 2010, p. 2.
  130. ^Marc Ambinder,How a single IT tech could spy on the worldArchived2015-01-11 at theWayback Machine,June 10, 2013.
  131. ^Misiewicz (September 1998)."Thesis; Modeling and Simulation of a Global Reachback Architecture..."(PDF).Archived fromthe original(PDF)on August 12, 2011.RetrievedApril 13,2011.
  132. ^Joe Jarzombek (2004)."Systems, Network, and Information Integration Context for Software Assurance"(PDF).Carnegie Mellon University.Archived(PDF)from the original on October 28, 2011.RetrievedApril 13,2011.
  133. ^Christopher Griffin (2010)."Dealing with Sensitive Data at Penn State's Applied Research Laboratory: Approach and Examples"(PDF).msu.edu.RetrievedApril 13,2011.[dead link]
  134. ^NPR.org:Officials: Edward Snowden's Leaks Were Masked By Job DutiesArchived2024-05-12 at theWayback Machine,September 18, 2013.
  135. ^National Security Agency – 60 Years of Defending Our NationArchived2018-06-23 at theWayback Machine,Anniversary booklet, 2012, p. 102.
  136. ^"Making a Difference over 30 Years with the NSA Police > National Security Agency Central Security Service > Article View".Archived fromthe originalon 2021-06-24.Retrieved2021-06-18.
  137. ^"NSA Police K-9 Unit Celebrates 140 Dog Years! > National Security Agency Central Security Service > Article View".Archived fromthe originalon 2021-06-24.Retrieved2021-06-18.
  138. ^"Photographic image of vehicle"(JPG).Washington.cbslocal.Archivedfrom the original on 2021-06-24.Retrieved2022-02-23.
  139. ^Matthew M. Aid, The Secret Sentry, New York, 2009, pp. 128, 148, 190, and 198.
  140. ^Harvey A. Davis (March 12, 2002).Statement for the Record(Speech). 342 Dirksen Senate Office Building, Washington, D.C. Archived fromthe originalon June 19, 2009.RetrievedNovember 24,2009.{{cite speech}}:CS1 maint: location (link)
  141. ^abDrew, Christopher & Somini Sengupta (June 24, 2013)."N.S.A. Leak Puts Focus on System Administrators".The New York Times.Archivedfrom the original on June 25, 2013.RetrievedJune 25,2013.
  142. ^abcDavid Kahn,The Codebreakers,Scribner Press, 1967, chapter 19, pp. 672–733.
  143. ^Barton Gellman (December 25, 2013)."Edward Snowden, after months of NSA revelations, says his mission's accomplished".The Washington Post.Archivedfrom the original on December 1, 2015.RetrievedJune 7,2024.
  144. ^abcBauer, Craig P. (2013).Secret History: The Story of Cryptology.CRC Press. p. 359.ISBN978-1-4665-6186-1.
  145. ^abBamford(18 December 2007)."page 538".Body of Secrets.Knopf Doubleday Publishing.ISBN9780307425058.
  146. ^"Your Polygraph Examination: An Important Appointment to Keep"(PDF).National Security Agency. Archived fromthe original(PDF)on 2013-09-03.RetrievedJune 17,2013.
  147. ^McCarthy, Susan."The truth about the polygraph".Salon.Archivedfrom the original on August 16, 2013.RetrievedJuly 5,2013.
  148. ^abNagesh, Gautham (June 14, 2010)."NSA video tries to dispel fear about polygraph use during job interviews".The Hill.Archivedfrom the original on April 1, 2023.RetrievedJune 15,2013.
  149. ^abStein, Jeff. "NSA lie detectors no sweat, video saysArchived2013-10-29 at theWayback Machine."The Washington Post.June 14, 2010. Retrieved July 5, 2013.
  150. ^Maschke, George (13 June 2010)."The Truth About the Polygraph (According to the NSA)".Youtube.Archivedfrom the original on 2021-12-11.Retrieved15 July2020.
  151. ^Drezner, Daniel. "Tone-Deaf at the Listening PostArchived2014-08-25 at theWayback Machine."Foreign Policy.December 16, 2013. Retrieved March 1, 2014. "Snowden has also changed the way the NSA is doing business. Analysts have gone from being polygraphed once every five years to once every quarter."
  152. ^"Is anyone exempt from this law? | District of Columbia New Hire Registry FAQ".dc-newhire.Archivedfrom the original on 18 November 2021.Retrieved18 November2021.
  153. ^"60 Years of Defending Our Nation"(PDF).National Security Agency. 2012. p. 15. Archived fromthe original(PDF)on 2013-06-14.RetrievedJuly 6,2013.
  154. ^abc"60 Years of Defending Our Nation"(PDF).National Security Agency. 2012. p. 10. Archived fromthe original(PDF)on 2013-06-14.RetrievedJuly 6,2013.
  155. ^"60 Years of Defending Our Nation"(PDF).National Security Agency. 2012. p. 23. Archived fromthe original(PDF)on 2013-06-14.RetrievedJuly 6,2013.
  156. ^abc"60 Years of Defending Our Nation"(PDF).National Security Agency. 2012. p. 39. Archived fromthe original(PDF)on 2013-06-14.RetrievedJuly 6,2013.
  157. ^"Marine Cryptologic Support Battalion: Intelligence Department: Fort Meade, MD: New Joins".United States Marine Corps.Archivedfrom the original on June 14, 2013.RetrievedJune 11,2013.
  158. ^ab"Just off the Baltimore-Washington Parkway, about 25 miles northeast of Washington, is a secret city. Fort Meade, in suburban Maryland, is home to the National Security Agency—the NSA, sometimes wryly referred to as No Such Agency or Never Say Anything." "It contains almost 70 miles of roads, 1,300 buildings, each identified by a number, and 18,000 parking spaces as well as a shopping center, golf courses, chain restaurants and every other accouterment of Anywhere, USA." in"Free introduction to Who's reading your emails?".The Sunday Times.June 9, 2013. Archived fromthe originalon June 14, 2013.RetrievedJune 11,2013.(subscription required)
  159. ^Sernovitz, Daniel J. "NSA opens doors for local businessesArchived2013-06-14 at theWayback Machine."Baltimore Business Journal.August 26, 2010. Updated August 27, 2010. Retrieved June 11, 2013. "But for many more, the event was the first time attendees got the chance to take the" NSA Employees Only "exit off the Baltimore-Washington Parkway beyond the restricted gates of the agency's headquarters."
  160. ^Weiland and Wilsey, p.208."[...]housing integration has invalidated Montpelier's Ivory Pass and the National Security Agency has posted an exit ramp off the Baltimore-Washington Parkway that reads NSA."
  161. ^Grier, Peter, and Harry Bruinius. "In the end, NSA might not need to snoop so secretlyArchived2013-06-26 at theWayback Machine."The Christian Science Monitor.June 18, 2013. Retrieved July 1, 2013.
  162. ^abcBarnett, Mark L. (April 26, 2011)."Small Business Brief"(PDF).Office of Small Business Programs, NSA, via The Greater Baltimore Committee. p. 3. Archived fromthe original(PDF)on June 17, 2013.RetrievedJune 11,2013.
  163. ^Gorman, Siobhan (August 6, 2006)."NSA risking electrical overload".The Baltimore Sun.Tribune Company.Archivedfrom the original on June 14, 2013.RetrievedJune 10,2013.
  164. ^Dozier, Kimberly (June 9, 2013)."NSA claims know-how to ensure no illegal spying".Associated Press. Archived fromthe originalon June 14, 2013.RetrievedJune 12,2013.
  165. ^"Geeks 'R' us".The Baltimore Sun.Tribune Company. January 13, 2010.Archivedfrom the original on June 14, 2013.RetrievedJune 11,2013.
  166. ^abcdBamford,Body of Secrets:Anatomy of the Ultra-Secret National Security Agency,p. 488."At the heart of the invisible city is NSA's massive Headquarters/Operations Building. With more than sixty-eight acres of floor space,[...]" and "Entrance is first made through the two-story Visitor Control Center, one[...]"
  167. ^Bamford,Body of Secrets: Anatomy of the Ultra-Secret National Security Agency,p.488–489. "[...]one of more than 100 fixed watch posts within the secret city manned by the armed NSA police. It is here that clearances are checked and visitor badges are issued."
  168. ^abcBamford,Body of Secrets: Anatomy of the Ultra-Secret National Security Agency,p. 490. "And then there is the red badge—[...]and is normally worn by people working in the" Red Corridor "—the drugstore and other concession areas[...]Those with a red badge are forbidden to go anywhere near classified information and are restricted to a few corridors and administrative areas—the bank, the barbershop, the cafeteria, the credit union, the airline and entertainment ticket counters." and "Once inside the white, pentagonal Visitor Control Center, employees are greeted by a six-foot painting of the NSA seal[...]"
  169. ^Bamford,Body of Secrets: Anatomy of the Ultra-Secret National Security Agency,p. 489. "It is here that clearances are checked and visitor badges are issued."
  170. ^Bamford,Body of Secrets: Anatomy of the Ultra-Secret National Security Agency,p. 491. "From the Visitor Control Center, one enters the eleven-story, million OPS2A, the tallest building in the City. Shaped like a dark glass Rubik's Cube, the building houses much of NSA's Operations Directorate, which is responsible for processing the ocean of intercepts and prying open the complex cipher systems."
  171. ^abcdefBamford, James(June 12, 2013)."The Secret War".Wired.Archivedfrom the original on August 2, 2013.RetrievedJune 12,2013.
  172. ^"Career Fields/Other Opportunities/NSA Police Officers section of the NSA website".Nsa.gov.Archivedfrom the original on October 11, 2013.RetrievedOctober 9,2013.
  173. ^T.C. Carrington; Debra L.Z. Potts (September 1999)."National Security Agency Newsletter,Protective Services-More Than Meets the Eye. An Overview of NSA's Protective Services Volume XLVII, No. 9 "(PDF).nsa.gov.pp. 8–10. Archived fromthe original(PDF)on 2016-03-18.Retrieved2016-08-23.
  174. ^ab"Explore NSA."(Archive) National Security Agency. Retrieved June 12, 2013. "Other Locations" and "Our employees live along the Colonial-era streets of Annapolis and Georgetown; in the suburban surroundings of Columbia; near the excitement of Baltimore's Inner Harbor; along rolling hills adjacent to working farms; near the shores of the Chesapeake Bay; and amid the monumental history of Washington, DC."
  175. ^McCombs, Alan J. (2009-02-23)."Fort Meade launches commuter shuttle service".United States Army.Archivedfrom the original on 2017-06-25.Retrieved2017-06-25.
  176. ^abSabar, Ariel (January 2, 2003)."NSA still subject to electronic failure".Archivedfrom the original on 2013-06-14.Retrieved2013-06-11.and "Agency officials anticipated the problem nearly a decade ago as they looked ahead at the technology needs of the agency, sources said, but it was never made a priority, and now the agency's ability to keep its operations going is threatened." and "The NSA is Baltimore Gas & Electric's largest customer, using as much electricity as the city of Annapolis, according to James Bamford...." inGorman, Siobhan (August 6, 2006)."NSA risking electrical overload".Archivedfrom the original on 2013-06-14.Retrieved2013-06-11.andGorman, Siobhan (January 26, 2007)."NSA electricity crisis gets Senate scrutiny".Archivedfrom the original on 2013-06-14.Retrieved2013-06-11.andGorman, Siobhan (June 24, 2007)."Power supply still a vexation for the NSA".The Baltimore Sun.Tribune Company.Archivedfrom the original on June 14, 2013.RetrievedJune 11,2013.
  177. ^GORMAN, SIOBHAN."NSA risking electrical overload".baltimoresun.Archived fromthe originalon 2020-08-13.Retrieved2018-12-23.
  178. ^"The NSA uses about 65 to 75 megawatt-hours of electricity, The Sun reported last week. Its needs are projected to grow by 10 to 15 megawatt-hours by next fall." inStaff (January 26, 2007)."NSA electricity crisis gets Senate scrutiny".The Baltimore Sun.Tribune Company.Archivedfrom the original on June 14, 2013.RetrievedJune 11,2013.
  179. ^abcdefBamford, James (March 15, 2012)."The NSA Is Building the Country's Biggest Spy Center (Watch What You Say)".Wired.Condé Nast.Archivedfrom the original on April 4, 2012.RetrievedFebruary 26,2013.
  180. ^Scott ShaneandTom Bowman(December 10, 1995)."No Such Agency Part Four – Rigging the Game".The Baltimore Sun.Archived fromthe originalon August 27, 2011.RetrievedOctober 3,2015.
  181. ^Brown, Matthew Hay (May 6, 2013)."NSA plans new computing center for cyber threats".The Baltimore Sun.Tribune Company.Archivedfrom the original on June 14, 2013.RetrievedJune 11,2013.
  182. ^"National Security Agency: FY 2014 Military Construction, Defense-Wide"(PDF).Office of the Under Secretary of Defense (Comptroller), USA.gov. pp. 3–4. Archived fromthe original(PDF)on January 25, 2014.RetrievedJune 13,2013.
  183. ^"The DoD Computer Security Center (DoDCSC) was established in January 1981..." and "In 1985, DoDCSC's name was changed to the National Computer Security Center..." and "its responsibility for computer security throughout the federal government..." in"A Guide to Understanding Audit in Trusted Systems".National Computer Security Center via National Institute of Standards and Technology CSRC. Archived fromthe originalon 2012-11-06.RetrievedJune 30,2013.
  184. ^"NSA and its National Computer Security Center (NCSC) have responsibility for..." in"Computer Systems Laboratory Bulletin".National Institute of Standards and Technology CSRC. February 1991. Archived fromthe originalon 2013-07-02.RetrievedJune 30,2013.
  185. ^ab"NSA/NCSC Rainbow Series".Federation of American Scientists.Archivedfrom the original on June 14, 2013.RetrievedJune 30,2013.
  186. ^"Fort Meade".Expeditionary Combat Readiness Center, United States Navy. Archived fromthe originalon June 14, 2013.RetrievedJune 11,2013.
  187. ^Steve Fidel (January 6, 2011)."Utah's billion cyber-security center under way".Deseret News.Archived fromthe originalon January 9, 2011.RetrievedJanuary 6,2011.
  188. ^Office of the Under Secretary of Defense for Acquisition, Technology, and Logistics (September 17, 2014)."MilCon Status Report – August 2014 – Under Secretary of Defense for AT&L".Archived fromthe originalon December 10, 2014.RetrievedApril 16,2015.{{cite web}}:CS1 maint: multiple names: authors list (link)
  189. ^LaPlante, Matthew D. (July 2, 2009)."New NSA center unveiled in budget documents".The Salt Lake Tribune.MediaNews Group.Archivedfrom the original on January 26, 2021.RetrievedJune 9,2013.
  190. ^abNorton-Taylor, Richard (March 1, 2012)."Menwith Hill eavesdropping base undergoes massive expansion".The Guardian.London: Guardian News and Media.Archivedfrom the original on January 26, 2014.RetrievedJune 10,2013.
  191. ^Richelson, Jeffrey T. (August 2012)."Eavesdroppers in Disguise".Air Force Magazine.Air Force Association.Archivedfrom the original on June 14, 2013.RetrievedJune 10,2013.
  192. ^Troianello, Craig (April 4, 2013)."NSA to close Yakima Training Center facility".Yakima Herald-Republic. Archived fromthe originalon June 16, 2013.RetrievedJune 15,2013.
  193. ^"UKUSA Agreement Release: 1940–1956".National Security Agency. Archived fromthe originalon July 2, 2013.RetrievedJuly 11,2013.
  194. ^Bamford, James (September 13, 2002)."What big ears you have".The Guardian.London.RetrievedJuly 11,2013.
  195. ^Tangimoana listed in:"Government Communications Security Bureau [GCSB]".Federation of American Scientists.Archivedfrom the original on September 11, 2013.RetrievedJuly 11,2013.
  196. ^"ECHELON Main Stations".World-Information.org. Archived fromthe originalon October 22, 2013.RetrievedJuly 11,2013.
  197. ^"UK agrees missile defense request".BBC News.July 25, 2007.Archivedfrom the original on December 8, 2019.RetrievedJune 10,2013.
  198. ^Campbell, Duncan (December 6, 1999)."1980 – America's big ear on Europe".New Statesman.Archivedfrom the original on June 2, 2013.RetrievedJune 15,2013.
  199. ^Laura Poitras, Marcel Rosenbach and Holger Stark,Ally and Target: US Intelligence Watches Germany CloselyArchived2013-08-20 at theWayback Machine,August 12, 2013.
  200. ^ab"Snowden Interview: NSA and the Germans 'In Bed Together'".Spiegel International. July 7, 2013.Archivedfrom the original on July 8, 2013.RetrievedJuly 8,2013.
  201. ^Campbell, Duncan (27 May 2001)."Paper 1: Echelon and its role in COMINT".heise online.Archivedfrom the original on 16 August 2016.RetrievedMarch 11,2015.
  202. ^ab"NSA's global interception network".electrospaces.net.July 17, 2014.Archivedfrom the original on December 25, 2014.RetrievedMarch 11,2015.
  203. ^abcd"NSA Satellite Communications SIGINT Station in Thailand Found".matthewaid /.July 27, 2013.Archivedfrom the original on March 17, 2015.RetrievedMarch 11,2015.
  204. ^"Thai map".Google Maps.Archivedfrom the original on October 16, 2015.RetrievedMarch 11,2015.
  205. ^Sabar, Ariel (July 20, 2013)."Congress curbs NSA's power to contract with suppliers".Baltimore Sun.Tribune Company.Archivedfrom the original on May 10, 2013.RetrievedJune 17,2013.
  206. ^"The NSA Comes Out of the Closet: The Debate over Public Cryptography in the Inman Era (U)"(PDF).Cryptologic Quarterly.U.S. National Security Agency.Archived(PDF)from the original on 2024-05-12.Retrieved2024-06-07.Public cryptography issues were overwhelming Inman and the NSA. (p.12)
  207. ^Weeks, Bryan; et al."Hardware Performance Simulations of Round 2 Advanced Encryption Standard Algorithms"(PDF).National Institute of Standards and Technology. Archived fromthe original(PDF)on 2011-10-24.RetrievedJune 29,2013.
  208. ^ab"the NIST standards that define Suite B..." in"Suite B Cryptography / Cryptographic Interoperability".National Security Agency. Archived fromthe originalon 2016-01-01.RetrievedJune 29,2013.
  209. ^Committee on C4ISR for Future Naval Strike Groups, National Research Council (2006).C4ISR for Future Naval Strike Groups.National Academies Press. p. 167.ISBN978-0-309-09600-3.{{cite book}}:CS1 maint: numeric names: authors list (link)
  210. ^"Adkins Family asked for a pic of the KL-7. Here you go!..." in"NSA – National Cryptologic Museum".Facebook. March 20, 2013.Archivedfrom the original on June 5, 2013.RetrievedJune 30,2013.
  211. ^ab"Cryptographic Damage Assessment: DOCID: 3997687"(PDF).National Security Agency. 1968. Archived fromthe original(PDF)on September 18, 2013.RetrievedJune 30,2013.
  212. ^abcd"Cryptologic Excellence: Yesterday, Today and Tomorrow"(PDF).National Security Agency. 2002. p. 17. Archived fromthe original(PDF)on 2013-09-18.RetrievedJune 30,2013.
  213. ^abHickey, Kathleen (January 6, 2010)."NSA certifies Sectera Viper phone for classified communications".GCN.1105 Media. Archived fromthe originalon January 25, 2014.RetrievedJune 30,2013.
  214. ^"JITC Networks, Transmissions, and Integration Division Electronic Key Management System (EKMS)".U.S. Department of Defense: Defense Information Systems Agency: Joint Interoperability Certifier. February 1991. Archived fromthe originalon May 15, 2013.RetrievedJune 30,2013.
  215. ^"6.2.6 What is Fortezza?".RSA Laboratories, EMC Corporation. Archived fromthe originalon July 15, 2012.RetrievedJune 30,2013.
  216. ^"AN/ARC-231 Airborne Communication System".Raytheon.Archivedfrom the original on December 25, 2012.RetrievedJune 30,2013.
  217. ^"NSA approves TACLANE-Router".United Press International. October 24, 2007.Archivedfrom the original on December 15, 2012.RetrievedJune 30,2013.
  218. ^Draft NIST SP 800-131, June 2010.
  219. ^abLorenzo, Joseph (September 24, 2013)."What the heck is going on with NIST's cryptographic standard, SHA-3? | Center for Democracy & Technology".Cdt.org.Archivedfrom the original on January 25, 2014.RetrievedOctober 9,2013.
  220. ^"Twitter / marshray: Believe it or not, NIST is".Twitter.Archivedfrom the original on February 28, 2019.RetrievedOctober 9,2013.
  221. ^"kelsey-invited-ches-0820.pdf – Google Drive".RetrievedOctober 9,2013.
  222. ^Baker, Stewart A."Don't Worry Be Happy".Wired.Vol. 2, no. 6.Archivedfrom the original on October 11, 2008.RetrievedJune 28,2013.
  223. ^"Key Escrow, Key Recovery, Trusted Third Parties & Govt. Access to Keys".Electronic Frontier Foundation. Archived fromthe originalon April 29, 2012.RetrievedJune 28,2013.
  224. ^Schneier, Bruce (July 15, 1998)."Declassifying Skipjack".Crypto-Gram (schneier ).Archivedfrom the original on June 23, 2013.RetrievedJune 28,2013.
  225. ^"SKIPJACK and KEA Algorithm Specifications"(PDF).National Institute of Standards and Technology. May 29, 1998. Archived fromthe original(PDF)on 2011-10-21.RetrievedJune 28,2013.
  226. ^Schneier, Bruce(November 15, 2007)."Did NSA Put a Secret Backdoor in New Encryption Standard?".Wired News.Archivedfrom the original on October 24, 2012.RetrievedJuly 4,2008.
  227. ^Matthew Green (September 18, 2013)."A Few Thoughts on Cryptographic Engineering: The Many Flaws of Dual_EC_DRBG".Blog.cryptographyengineering.Archivedfrom the original on August 20, 2016.RetrievedOctober 9,2013.
  228. ^"Dual_Ec_Drbg backdoor: a proof of concept at Aris' Blog – Computers, ssh and rock'n roll".0xbadc0de.be.31 December 2013.Archivedfrom the original on 17 December 2014.Retrieved7 June2024.
  229. ^"itlbul2013 09 Supplemental".ProPublica. Archived fromthe originalon October 8, 2013.RetrievedOctober 9,2013.
  230. ^Matthew Green (September 20, 2013)."A Few Thoughts on Cryptographic Engineering: RSA warns developers not to use RSA products".Blog.cryptographyengineering.Archivedfrom the original on October 10, 2013.RetrievedOctober 9,2013.
  231. ^NSA Denies It Will Spy on UtilitiesArchived2014-02-09 at theWayback Machine,Threat Level, Wired
  232. ^Mick, Jason (July 8, 2010)."DailyTech – NSA's" Perfect Citizen "Program: Big Brother or Cybersecurity Savior?".DailyTech.Archived fromthe originalon July 11, 2010.RetrievedJuly 8,2010.
  233. ^Whitney, Lance (July 8, 2010)."Report: NSA initiating program to detect cyberattacks".CNET.Archived fromthe originalon June 17, 2011.RetrievedJuly 8,2010.
  234. ^Gorman, Siobhan (July 7, 2010)."U.S. Program to Detect Cyber Attacks on Infrastructure".The Wall Street Journal.Archivedfrom the original on May 7, 2018.RetrievedJuly 7,2010.
  235. ^"NSA Communicators - NSA/CSS".nsa.gov.Archived fromthe originalon 2012-05-14.
  236. ^abSingel, Ryan (2008-04-29)."Declassified NSA Document Reveals the Secret History of TEMPEST".Wired.CondéNet, Inc.Archived fromthe originalon 2012-07-07.Retrieved2008-05-01.
  237. ^ab"Cryptologic Spectrum Articles".Declassification Initiatives.National Security Agency. Archived fromthe originalon 2016-03-18.Retrieved2010-03-27.
  238. ^Singel, Ryan (2006-09-27)."Peek at NSA's Secret Reading List".Wired.CondéNet, Inc.Archived fromthe originalon 2007-02-20.Retrieved2008-05-01.
  239. ^"A Peek Behind the Scenes Part 2"(PDF).National Security Agency.RetrievedNovember 24,2024.
  240. ^Robyn Winder & Charlie Speight (April 19, 2013)."Untangling the Web: A Guide to Internet Research"(PDF).National Security Agency Public Information.Archived fromthe original(PDF)on May 9, 2013.RetrievedMay 9,2013.
  241. ^Zetter, Kim (May 9, 2013)."Use These Secret NSA Google Search Tips to Become Your Spy Agency".Wired Magazine.Archivedfrom the original on March 22, 2014.RetrievedJune 7,2024.
  242. ^Schneier, Bruce(1996).Applied Cryptography, Second Edition.John Wiley & Sons.pp. 609–610.ISBN978-0-471-11709-4.
  243. ^"United States Patent 6,947,978 – Method for geolocating logical network addresses".United States Patent and Trademark Office. September 20, 2005. Archived fromthe originalon September 4, 2015.RetrievedJuly 4,2008.
  244. ^James RisenandEric Lichtblau(June 10, 2013)."How the U.S. Uses Technology to Mine More Data More Quickly".The New York Times.Archivedfrom the original on June 13, 2013.RetrievedJune 13,2013.
  245. ^abcd"Frequently Asked Questions About NSA: 9. Can you explain the NSA and CSS seals?".National Security Agency.Archivedfrom the original on July 25, 2013.RetrievedJuly 18,2013.
  246. ^ab"History of The Insignia".National Security Agency.Archivedfrom the original on July 8, 2013.RetrievedJuly 18,2013.
  247. ^"The National Security Agency Insignia".National Security Agency via Internet Archive. Archived fromthe originalon April 13, 2008.RetrievedJuly 18,2013.
  248. ^ab"A Dangerous Business: The U.S. Navy and National Reconnaissance During the Cold War"(PDF).National Security Agency. Archived fromthe original(PDF)on 2013-09-18.RetrievedJune 13,2013.
  249. ^abc"National Cryptologic Memorial (List of Names) – NSA/CSS".NSA.gov.Archivedfrom the original on June 14, 2013.RetrievedJune 13,2013.
  250. ^Echelon and the Legal Restraints on Signals Intelligence: A Need For ReevalualtionArchived2024-06-06 at theWayback Machineby Lawrence D. Sloan on April 30, 2001
  251. ^Liu, Edward C. et al. (May 21, 2015)Overview of Constitutional Challenges to NSA Collection ActivitiesArchived2021-03-08 at theWayback Machine.Washington, DC:Congressional Research Service.
  252. ^Sanger, David E. (3 February 2015)."Obama's changes to NSA data collection published on February 5, 2015, by Christina Murray quoting David E. Sanger ofThe New York Times".The New York Times.Archivedfrom the original on 12 May 2024.Retrieved7 June2024.
  253. ^Savage, Charlie (2019-03-04)."Disputed N.S.A. Phone Program Is Shut Down, Aide Says".The New York Times.ISSN0362-4331.Archivedfrom the original on 2019-03-06.Retrieved2019-03-06.
  254. ^"Edward Snowden".Archivedfrom the original on February 2, 2022.RetrievedFebruary 6,2022.
  255. ^"Why Edward Snowden should be pardoned".Archivedfrom the original on February 7, 2022.RetrievedFebruary 6,2022.
  256. ^"Why NSA IT Guy Edward Snowden Leaked Top Secret Documents".Forbes.June 10, 2013.Archivedfrom the original on May 12, 2024.RetrievedJune 7,2024.
  257. ^Capra, Tony (March 6, 2014)."Snowden Leaks Could Cost Military Billions: Pentagon".NBC News.Archivedfrom the original on April 10, 2015.RetrievedApril 11,2015.
  258. ^"Interview transcript: former head of the NSA and commander of the US cyber command, General Keith Alexander".Australian Financial Review.Archived fromthe originalon October 6, 2014.RetrievedMay 30,2014.
  259. ^Mike Rosen-Molina (May 19, 2007)."Ex-Guantanamo lawyers sue for recordings of client meetings".The Jurist.Archived fromthe originalon May 2, 2008.RetrievedMay 22,2007.
  260. ^"CCR v. Bush".Center for Constitutional Rights.Archivedfrom the original on June 17, 2009.RetrievedJune 15,2009.
  261. ^"6th Circuit Court of Appeals Decision"(PDF).Archived fromthe original(PDF)on January 17, 2013.RetrievedOctober 9,2013.
  262. ^KJ Mullins (September 20, 2008)."Jewel Vs. NSA Aims To Stop Illegal Surveillance".Digital Journal.Archivedfrom the original on January 25, 2014.RetrievedDecember 30,2011.
  263. ^Jewel v. NSA(complaint)Archived2018-05-28 at theWayback Machine.September 18, 2008.Electronic Frontier Foundation.Retrieved December 30, 2011.
  264. ^Kravets, David (July 15, 2009)."Obama Claims Immunity, As New Spy Case Takes Center Stage".Wired.Archivedfrom the original on December 31, 2011.RetrievedDecember 30,2011.
  265. ^Van Loo, Rory (2019-10-01)."The Missing Regulatory State: Monitoring Businesses in an Age of Surveillance".Vanderbilt Law Review.72(5): 1563.Archivedfrom the original on 2024-05-12.Retrieved2024-06-07.
  266. ^"For Your Eyes Only?".NOW.February 16, 2007.Archivedfrom the original on April 9, 2014.RetrievedJune 7,2024.onPBS
  267. ^Gorman, Siobahn (March 10, 2008)."NSA's Domestic Spying Grows As Agency Sweeps Up Data".The Wall Street Journal Online. Archived fromthe originalon January 24, 2009.RetrievedMarch 14,2014.
  268. ^Liberty and Security in a Changing WorldArchived2017-01-24 at theWayback Machine– Report and Recommendations of The President's Review Group on Intelligence and Communications Technologies, December 12, 2013, 308 pages
  269. ^Mark Hosenball; Will Dunham (April 11, 2014)."White House, spy agencies deny NSA exploited 'Heartbleed' bug".Reuters.Archivedfrom the original on April 15, 2014.RetrievedApril 16,2014.
  270. ^John Shiffman and Kristina Cooke (August 5, 2013)Exclusive: U.S. directs agents to cover up program used to investigate AmericansArchived2013-08-14 at theWayback Machine.Reuters. Retrieved August 12, 2013.
  271. ^John Shiffman and David Ingram (August 7, 2013)Exclusive: IRS manual detailed DEA's use of hidden intel evidenceArchived2020-07-19 at theWayback Machine.Reuters. Retrieved August 12, 2013.
  272. ^Lichtblau, Eric & Risen, James (April 15, 2009)."N.S.A.'s Intercepts Exceed Limits Set by Congress".The New York Times.Archivedfrom the original on September 2, 2012.RetrievedApril 15,2009.
  273. ^Ackerman, Spencer (April 16, 2009)."NSA Revelations Spark Push to Restore FISA".The Washington Independent.Center for Independent Media. Archived fromthe originalon April 18, 2009.RetrievedApril 19,2009.
  274. ^"Statistics on whether the NSA's Secret Data Collection is Acceptable".Statista.Archivedfrom the original on November 4, 2013.RetrievedJuly 19,2013.
  275. ^"59% Oppose Government's Secret Collecting of Phone Records".Rasmussen Reports. June 9, 2013.Archivedfrom the original on July 17, 2013.RetrievedJuly 19,2013.
  276. ^Newport, Frank (June 12, 2013)."Americans Disapprove of Government Surveillance Programs".Gallup.Archivedfrom the original on July 29, 2013.RetrievedJuly 19,2013.
  277. ^"Majority Views NSA Phone Tracking as Acceptable Anti-terror Tactic".Pew Research Center. June 10, 2013.Archivedfrom the original on July 14, 2013.RetrievedJuly 19,2013.
  278. ^Glenn Greenwald(June 6, 2013)."Revealed: NSA collecting phone records of millions of Americans daily".The Guardian.London.Archivedfrom the original on October 12, 2019.RetrievedJune 6,2013.
  279. ^Charlie Savage,Edward Wyatt (2013-06-05)."U.S. Is Secretly Collecting Records of Verizon Calls".The New York Times.Archivedfrom the original on 2024-05-12.Retrieved2024-06-07.
  280. ^Savage, Charlie(August 8, 2013)."N.S.A. Said to Search Content of Messages to and From U.S".The New York Times.Archivedfrom the original on August 13, 2013.RetrievedAugust 13,2013.
  281. ^Nakashima, Ellen."NSA phone record collection does little to prevent terrorist attacks, the group says",The Washington Post,January 12, 2014
  282. ^abNakashima, Ellen./ "NSA chief defends collecting Americans' data"Archived2023-03-26 at theWayback Machine,The Washington Post,September 25, 2013
  283. ^Engaging Privacy and Information Technology in a Digital Age.2007.doi:10.17226/11896.ISBN978-0-309-10392-3.Archivedfrom the original on 2022-03-27.Retrieved2024-06-07.
  284. ^Federal judge rules NSA program is likely unconstitutionalArchived2017-08-30 at theWayback Machine,The Washington Post,December 16, 2013
  285. ^New Rules for the National Security AgencyArchived2023-03-26 at theWayback Machineby the editorial board on May 10, 2015
  286. ^abcdCharlie Savage,Jonathan Weisman (2015-05-07)."N.S.A. Collection of Bulk Call Data is Ruled Illegal".The New York Times.Archivedfrom the original on 2024-05-18.Retrieved2024-06-07.
  287. ^"Rand Paul vs. Washington DC on the USA Freedom Act".HotAir.Archived fromthe originalon 2015-06-02.Retrieved2015-06-02.
  288. ^Top Level Telecommunications,Slides about NSA's Upstream collectionArchived2019-11-08 at theWayback Machine,January 17, 2014
  289. ^NSA paying U.S. companies for access to communications networksArchived2014-03-28 at theWayback Machineby Craig Timberg and Barton Gellman on August 29, 2013
  290. ^NSA PRISM Controversy: Apple, Facebook, Google, more deny knowledgeArchived2015-10-16 at theWayback Machineby Digital Spy on June 6, 2013
  291. ^Microsoft, Facebook, Google and Yahoo release US surveillance requestsArchived2017-01-06 at theWayback Machineby Spencer Ackerman and Dominic Rushe on February 3, 2014
  292. ^abMemorandum of the United States in Response to the Court's Order Dated January 28, 2009(PDF).Washington DC: Foreign Intelligence Surveillance Court Washington DC. January 28, 2009. p. 11.Archived(PDF)from the original on May 12, 2024.RetrievedJune 7,2024.
  293. ^Greenberg, Andy."NSA Secretly Admitted Illegally Tracking Thousands Of 'Alert List' Phone Numbers For Years".Forbes.Archivedfrom the original on March 1, 2014.RetrievedFebruary 25,2014.
  294. ^Brandon, Russel (10 September 2013)."NSA illegally searched 15,000 suspects' phone records, according to declassified report".The Verge.Archivedfrom the original on 28 February 2014.RetrievedFebruary 25,2014.
  295. ^Timm, Trevor (10 September 2013)."Government Releases NSA Surveillance Docs and Previously Secret FISA Court Opinions in Response to EFF Lawsuit".Electronic Frontier Foundation.Archivedfrom the original on 9 February 2014.RetrievedFebruary 25,2014.
  296. ^Barton Gellman and Ashton Solanti, December 5, 2013,"NSA tracking cellphone locations worldwide, Snowden documents show"Archived2017-07-19 at theWayback Machine,The Washington Post.Retrieved December 7, 2013.
  297. ^abGreenwald, Glenn; MacAskill, Ewen (June 6, 2013). "NSA Prism program taps in to user data of Apple, Google and othersArchived2006-08-18 at theWayback Machine".The Guardian.Retrieved June 15, 2013.
  298. ^abGellman and Soltani, October 15, 2013 "NSA collects millions of e-mail address books globallyArchived2014-01-27 at theWayback Machine",The Washington Post.Retrieved October 16, 2013.
  299. ^Perlroth, Larson and Shane, "N.S.A. Able to Foil Basic Safeguards of Privacy on WebArchived2024-05-22 at theWayback Machine",The New York TimesSeptember 5, 2013. Retrieved September 23, 2013.
  300. ^Arthur, Charles "Academics criticise NSA and GCHQ for weakening online encryption",The GuardianSeptember 16, 2013. Retrieved September 23, 2013.
  301. ^"Senators: Limit NSA snooping into US phone records".Associated Press. Archived fromthe originalon October 29, 2013.RetrievedOctober 15,2013."Is it the goal of the NSA to collect the phone records of all Americans?" Udall asked at Thursday's hearing. "Yes, I believe it is in the nation's best interest to put all the phone records into a lockbox that we could search when the nation needs to do it. Yes," Alexander replied.
  302. ^Glenn Greenwald (June 6, 2013). "NSA collecting phone records of millions of Verizon customers dailyArchived2019-10-12 at theWayback Machine".The Guardian.Retrieved September 16, 2013.
  303. ^Court Reveals 'Secret Interpretation' Of The Patriot Act, Allowing NSA To Collect All Phone Call DataArchived2022-02-24 at theWayback Machine,September 17, 2013. Retrieved September 19, 2013.
  304. ^"Exclusive: U.S. directs agents to cover up program used to investigate Americans".Reuters.August 5, 2013.Archivedfrom the original on August 14, 2013.RetrievedAugust 14,2013.
  305. ^Glenn Greenwald, Ryan Gallagher & Ryan Grim, November 26, 2013, "Top-Secret Document Reveals NSA Spied On Porn Habits As Part Of Plan To Discredit 'Radicalizers'Archived2013-11-27 at theWayback Machine",Huffington Post.Retrieved November 28, 2013.
  306. ^"Vast majority of NSA spy targets are mistakenly monitored".Philadelphia News.Net. Archived fromthe originalon 2014-07-14.RetrievedJuly 7,2014.
  307. ^Greenwald, Glen, "Members of Congress denied access to basic information about NSA",The Guardian,August 4, 2013. Retrieved September 23, 2013.
  308. ^Loennig, C., "Court: Ability to police U.S. spying program limitedArchived2023-10-08 at theWayback Machine",The Washington Post,August 16, 2013. Retrieved September 23, 2013.
  309. ^Gellman, B.NSA broke privacy rules thousands of times per year, audit finds,The Washington Post,August 15, 2013. Retrieved September 23, 2013.
  310. ^Gorman, S.NSA Officers Spy on Love InterestsArchived2014-04-01 at theWayback Machine,Wall St Journal, August 23, 2013. Retrieved September 23, 2013.
  311. ^Andrea Peterson,LOVEINT: When NSA officers use their spying power on love interestsArchived2023-09-24 at theWayback Machine,The Washington Post(August 24, 2013).
  312. ^abSpencer Ackerman, November 19, 2013, "Fisa court documents reveal extent of NSA disregard for privacy restrictions",The Guardian.Retrieved November 21, 2013.
  313. ^John D Bates (October 3, 2011). "[redacted]Archived2013-08-24 at theWayback Machine".p. 16.
  314. ^Ellen Nakashima, Julie Tate, and Carol Leonnig (September 10, 2013). "Declassified court documents highlight NSA violations in data collection for surveillanceArchived2022-02-28 at theWayback Machine".The Washington Post.Retrieved September 14, 2013.
  315. ^Richard Leon, December 16, 2013,Memorandum Opinion, Klayman vs. Obama.U.S. District Court for the District of Columbia. Reproduced on The Guardian website. Retrieved February 3, 2013.
  316. ^Bazzle, Steph (December 27, 2013)."Judge Says NSA's Data Collection Is Legal".Indyposted. Archived fromthe originalon December 28, 2013.RetrievedDecember 28,2013.
  317. ^abcKessler, Glenn,James Clapper's 'least untruthful' statement to the SenateArchived2023-06-22 at theWayback Machine,June 12, 2013. Retrieved September 23, 2013.
  318. ^abGlenn Greenwald,XKeyscore: NSA tool collects 'nearly everything a user does on the internet'Archived2014-03-20 at theWayback Machine,The Guardian(July 31, 2013).
  319. ^Kube, C., June 27, 2013,"NSA chief says surveillance programs helped foil 54 plots"Archived2020-09-21 at theWayback Machine,US News on nbcnews.Retrieved September 27, 2013.
  320. ^"NSA Confirms Dragnet Phone Records Collection, But Admits It Was Key in Stopping Just 1 Terror Plot"Archived2024-05-12 at theWayback Machine,Democracy NowAugust 1, 2013. Retrieved September 27, 2013.
  321. ^"Indictment: USA vs Basaaly Saeed Moalin, Mohamed Mohamed Mohamud and Issa Doreh"Archived2023-10-05 at theWayback Machine.Southern District of California July 2010 Grand Jury. Retrieved September 30, 2013.
  322. ^"54 Attacks in 20 Countries Thwarted By NSA Collection"(Press release). The Permanent Select Committee on Intelligence. July 23, 2013. Archived fromthe originalon October 23, 2013.RetrievedMarch 14,2014.
  323. ^"Senate caves, votes to give telecoms retroactive immunity".Ars Technica.February 13, 2008.Archivedfrom the original on July 8, 2017.RetrievedSeptember 16,2013.
  324. ^"Forget Retroactive Immunity, FISA Bill is also about Prospective Immunity".The Progressive.July 10, 2008. Archived fromthe originalon September 18, 2013.RetrievedSeptember 16,2013.
  325. ^"Restricted Web access to the Guardian is Armywide, say officials"Archived2014-10-20 at theWayback Machine,Philipp Molnar,Monterey Herald,June 27, 2013. Retrieved October 15, 2014.
  326. ^Ackerman, Spencer;Roberts, Dan (June 28, 2013)."US Army Blocks Access to Guardian Website to Preserve 'Network Hygiene'—Military Admits to Filtering Reports and Content Relating to Government Surveillance Programs for Thousands of Personnel"Archived2017-01-03 at theWayback Machine.The Guardian.Retrieved June 30, 2013.
  327. ^Ackerman, Spencer (July 1, 2013)."US military blocks entire Guardian website for troops stationed abroad".The Guardian.Archivedfrom the original on February 2, 2017.RetrievedJune 7,2024.
  328. ^Greenwald, Glenn (October 16, 2014)."UN Report Finds Mass Surveillance Violates International Treaties and Privacy Rights".Archived fromthe originalon January 3, 2015.RetrievedOctober 23,2014.
  329. ^Nakashima, Ellen; Timberg, Craig (2017-05-16)."NSA officials worried about the day its potent hacking tool would get loose. Then it did".Washington Post.ISSN0190-8286.Archivedfrom the original on 2022-09-01.Retrieved2017-12-19.
  330. ^Wong, Julia Carrie;Solon, Olivia (12 May 2017)."Massive ransomware cyber-attack hits 74 countries around the world".The Guardian.Archivedfrom the original on 21 May 2017.Retrieved12 May2017.
  331. ^Kharpal, Arjun (19 May 2017)."Cyberattack that hit 200,000 users was 'huge screw-up' by government, Wikipedia's Jimmy Wales says".CNBC.Archivedfrom the original on 24 May 2017.Retrieved2 June2017.
  332. ^abPerlroth, Nicole (6 February 2021)."How the United States Lost to Hackers".The New York Times.Archived fromthe originalon 2021-12-28.Retrieved6 February2021.
  333. ^"Danish secret service helped US spy on Germany's Angela Merkel: report".Deutsche Welle.30 May 2021.Archivedfrom the original on 12 May 2024.Retrieved7 June2024.
  334. ^"How Denmark became the NSA's listening post in Europe".France 24.1 June 2021.Archivedfrom the original on 12 May 2024.Retrieved7 June2024.
  335. ^"NSA spying row: US and Denmark pressed over allegations".BBC News.31 May 2021.Archivedfrom the original on 17 May 2024.Retrieved7 June2024.

References

edit

Further reading

edit
edit