The National Security Agency (NSA) is a national-level
intelligence agency
An intelligence agency is a government agency responsible for the collection, Intelligence analysis, analysis, and exploitation of information in support of law enforcement, national security, military, public safety, and foreign policy objective ...
of the
United States Department of Defense
The United States Department of Defense (DoD, USDOD or DOD) is an executive branch department of the federal government charged with coordinating and supervising all agencies and functions of the government directly related to national secu ...
, under the authority of the
Director of National Intelligence
The director of national intelligence (DNI) is a senior, cabinet-level United States government official, required by the Intelligence Reform and Terrorism Prevention Act of 2004 to serve as executive head of the United States Intelligence Commu ...
(DNI). The NSA is responsible for global monitoring, collection, and processing of information and data for foreign and domestic intelligence and
counterintelligence
Counterintelligence is an activity aimed at protecting an agency's intelligence program from an opposition's intelligence service. It includes gathering information and conducting activities to prevent espionage, sabotage, assassinations or ot ...
purposes, specializing in a discipline known as
signals intelligence
Signals intelligence (SIGINT) is intelligence-gathering by interception of ''signals'', whether communications between people (communications intelligence—abbreviated to COMINT) or from electronic signals not directly used in communication ( ...
(SIGINT). The NSA is also tasked with the
protection
Protection is any measure taken to guard a thing against damage caused by outside forces. Protection can be provided to physical objects, including organisms, to systems, and to intangible things like civil and political rights. Although th ...
of U.S. communications networks and
information systems
An information system (IS) is a formal, sociotechnical, organizational system designed to collect, process, information storage, store, and information distribution, distribute information. From a sociotechnical perspective, information systems a ...
.
The NSA relies on a variety of measures to accomplish its mission, the majority of which are
clandestine
Clandestine may refer to:
* Secrecy, the practice of hiding information from certain individuals or groups, perhaps while sharing it with other individuals
* Clandestine operation, a secret intelligence or military activity
Music and entertainmen ...
. The existence of the NSA was not revealed until 1975. The NSA has roughly 32,000 employees.
Originating as a unit to decipher coded communications in
World War II
World War II or the Second World War, often abbreviated as WWII or WW2, was a world war that lasted from 1939 to 1945. It involved the vast majority of the world's countries—including all of the great powers—forming two opposin ...
, it was officially formed as the NSA by President
Harry S. Truman
Harry S. Truman (May 8, 1884December 26, 1972) was the 33rd president of the United States, serving from 1945 to 1953. A leader of the Democratic Party, he previously served as the 34th vice president from January to April 1945 under Franklin ...
in 1952. Between then and the end of the Cold War, it became the largest of the
U.S. intelligence organizations in terms of personnel and budget, but information available as of 2013 indicates that the
Central Intelligence Agency
The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian foreign intelligence service of the federal government of the United States, officially tasked with gathering, processing, ...
(CIA) pulled ahead in this regard, with a budget of $14.7 billion.
The NSA currently conducts
worldwide mass data collection and has been known to physically
bug electronic systems as one method to this end. The NSA is also alleged to have been behind such attack software as
Stuxnet
Stuxnet is a malicious computer worm first uncovered in 2010 and thought to have been in development since at least 2005. Stuxnet targets supervisory control and data acquisition ( SCADA) systems and is believed to be responsible for causing su ...
, which severely damaged Iran's nuclear program. The NSA, alongside the CIA, maintains a physical presence in many countries across the globe; the CIA/NSA joint
Special Collection Service
The Special Collection Service (SCS), codenamed F6, is a highly classified joint U.S. Central Intelligence Agency–National Security Agency program charged with inserting eavesdropping equipment in difficult-to-reach places, such as foreign em ...
(a highly classified intelligence team) inserts eavesdropping devices in high value targets (such as presidential palaces or embassies). SCS collection tactics allegedly encompass "close surveillance, burglary, wiretapping,
ndbreaking and entering".
Unlike the CIA and the
Defense Intelligence Agency
The Defense Intelligence Agency (DIA) is an intelligence agency and combat support agency of the United States Department of Defense, specializing in defense and military intelligence.
A component of the Department of Defense (DoD) and the I ...
(DIA), both of which specialize primarily in foreign
human espionage, the NSA does not publicly conduct human-source intelligence gathering. The NSA is entrusted with providing assistance to, and the coordination of, SIGINT elements for other government organizations – which are prevented by Executive Order from engaging in such activities on their own. As part of these responsibilities, the agency has a co-located organization called the
Central Security Service
The Central Security Service (CSS) is a combat support agency of the United States Department of Defense which was established in 1972 to integrate the National Security Agency (NSA) and the Service Cryptologic Components (SCC) of the United Sta ...
(CSS), which facilitates cooperation between the NSA and other U.S. defense
cryptanalysis
Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic sec ...
components. To further ensure streamlined communication between the signals
intelligence community divisions, the
NSA Director
The director of the National Security Agency (DIRNSA) is the highest-ranking official of the National Security Agency, which is a defense agency within the U.S. Department of Defense. The director of the NSA also concurrently serves as the Chief ...
simultaneously serves as the Commander of the
United States Cyber Command
United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integra ...
and as Chief of the Central Security Service.
The NSA's actions have been a matter of political controversy on several occasions, including
its spying on anti–Vietnam War leaders and the agency's participation in
economic espionage
Industrial espionage, economic espionage, corporate spying, or corporate espionage is a form of espionage conducted for commercial purposes instead of purely national security.
While political espionage is conducted or orchestrated by governmen ...
. In 2013, the NSA had many of its secret surveillance programs
revealed to the public by
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
, a former NSA contractor. According to the leaked documents, the NSA intercepts and stores the communications of over a billion people worldwide, including United States citizens. The documents also revealed the NSA tracks hundreds of millions of people's movements using cellphones'
metadata
Metadata is "data that provides information about other data", but not the content of the data, such as the text of a message or the image itself. There are many distinct types of metadata, including:
* Descriptive metadata – the descriptive ...
. Internationally, research has pointed to the NSA's ability to surveil the domestic Internet traffic of foreign countries through "
boomerang routing".
History
Formation
The origins of the National Security Agency can be traced back to April 28, 1917, three weeks after the
U.S. Congress
The United States Congress is the legislature of the federal government of the United States. It is Bicameralism, bicameral, composed of a lower body, the United States House of Representatives, House of Representatives, and an upper body, ...
declared war on Germany in
World War I
World War I (28 July 1914 11 November 1918), often abbreviated as WWI, was one of the deadliest global conflicts in history. Belligerents included much of Europe, the Russian Empire, the United States, and the Ottoman Empire, with fightin ...
. A
code
In communications and information processing, code is a system of rules to convert information—such as a letter, word, sound, image, or gesture—into another form, sometimes shortened or secret, for communication through a communication ...
and
cipher
In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is ''encipherment''. To encipher or encode i ...
decryption unit was established as the Cable and Telegraph Section which was also known as the Cipher Bureau. It was headquartered in Washington, D.C. and was part of the war effort under the executive branch without direct Congressional authorization. During the course of the war, it was relocated in the army's organizational chart several times. On July 5, 1917,
Herbert O. Yardley
Herbert Osborn Yardley (April 13, 1889 – August 7, 1958) was an American cryptologist. He founded and led the cryptographic organization the Black Chamber. Under Yardley, the cryptanalysts of The American Black Chamber broke Japanese diplomatic ...
was assigned to head the unit. At that point, the unit consisted of Yardley and two
civilian
Civilians under international humanitarian law are "persons who are not members of the armed forces" and they are not "combatants if they carry arms openly and respect the laws and customs of war". It is slightly different from a non-combatant, b ...
clerks. It absorbed the Navy's
cryptanalysis
Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic sec ...
functions in July 1918. World War I ended on
November 11, 1918
The Armistice of 11 November 1918 was the armistice signed at Le Francport near Compiègne that ended fighting on land, sea, and air in World War I between the Entente and their last remaining opponent, Germany. Previous armistices h ...
, and the army cryptographic section of Military Intelligence (MI-8) moved to New York City on May 20, 1919, where it continued intelligence activities as the Code Compilation Company under the direction of Yardley.
The Black Chamber
After the disbandment of the
U.S. Army
The United States Army (USA) is the land service branch of the United States Armed Forces. It is one of the eight U.S. uniformed services, and is designated as the Army of the United States in the U.S. Constitution.Article II, section 2, cla ...
cryptographic section of military intelligence known as MI-8, the U.S. government created the Cipher Bureau, also known as
Black Chamber
The Black Chamber (1919–1929), also known as the Cipher Bureau, was the United States' first peacetime cryptanalytic organization, and a forerunner of the National Security Agency. The only prior codes and cypher organizations maintained by the ...
, in 1919. The Black Chamber was the United States' first peacetime
cryptanalytic
Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic se ...
organization. Jointly funded by the Army and the State Department, the Cipher Bureau was disguised as a
New York City
New York, often called New York City or NYC, is the List of United States cities by population, most populous city in the United States. With a 2020 population of 8,804,190 distributed over , New York City is also the L ...
commercial code company; it actually produced and sold such codes for business use. Its true mission, however, was to break the communications (chiefly diplomatic) of other nations. At the
Washington Naval Conference
The Washington Naval Conference was a disarmament conference called by the United States and held in Washington, DC from November 12, 1921 to February 6, 1922. It was conducted outside the auspices of the League of Nations. It was attended by nine ...
, it aided American negotiators by providing them with the decrypted traffic of many of the conference delegations, including the
Japanese
Japanese may refer to:
* Something from or related to Japan, an island country in East Asia
* Japanese language, spoken mainly in Japan
* Japanese people, the ethnic group that identifies with Japan through ancestry or culture
** Japanese diaspor ...
. The Black Chamber successfully persuaded
Western Union
The Western Union Company is an American multinational financial services company, headquartered in Denver, Colorado.
Founded in 1851 as the New York and Mississippi Valley Printing Telegraph Company in Rochester, New York, the company chang ...
, the largest U.S.
telegram
Telegraphy is the long-distance transmission of messages where the sender uses symbolic codes, known to the recipient, rather than a physical exchange of an object bearing the message. Thus flag semaphore is a method of telegraphy, whereas p ...
company at the time, as well as several other communications companies to illegally give the Black Chamber access to cable traffic of foreign embassies and consulates. Soon, these companies publicly discontinued their collaboration.
Despite the Chamber's initial successes, it was shut down in 1929 by U.S. Secretary of State
Henry L. Stimson
Henry Lewis Stimson (September 21, 1867 – October 20, 1950) was an American statesman, lawyer, and Republican Party politician. Over his long career, he emerged as a leading figure in U.S. foreign policy by serving in both Republican and D ...
, who defended his decision by stating, "Gentlemen do not read each other's mail."
World War II and its aftermath
During
World War II
World War II or the Second World War, often abbreviated as WWII or WW2, was a world war that lasted from 1939 to 1945. It involved the vast majority of the world's countries—including all of the great powers—forming two opposin ...
, the
Signal Intelligence Service
The Signal Intelligence Service (SIS) was the United States Army codebreaking division through World War II. It was founded in 1930 to compile codes for the Army. It was renamed the Signal Security Agency in 1943, and in September 1945, became th ...
(SIS) was created to intercept and decipher the communications of the
Axis powers
The Axis powers, ; it, Potenze dell'Asse ; ja, 枢軸国 ''Sūjikukoku'', group=nb originally called the Rome–Berlin Axis, was a military coalition that initiated World War II and fought against the Allies. Its principal members were ...
.
When the war ended, the SIS was reorganized as the
Army Security Agency
The United States Army Security Agency (ASA) was the United States Army's signals intelligence branch from 1945 to 1976. The Latin motto of the Army Security Agency was ''Semper Vigiles'' (Vigilant Always), which echoes the declaration, often ...
(ASA), and it was placed under the leadership of the Director of Military Intelligence.
On May 20, 1949, all cryptologic activities were centralized under a national organization called the Armed Forces Security Agency (AFSA).
This organization was originally established within the
U.S. Department of Defense
The United States Department of Defense (DoD, USDOD or DOD) is an executive branch department of the federal government charged with coordinating and supervising all agencies and functions of the government directly related to national secur ...
under the command of the
Joint Chiefs of Staff
The Joint Chiefs of Staff (JCS) is the body of the most senior uniformed leaders within the United States Department of Defense, that advises the president of the United States, the secretary of defense, the Homeland Security Council and the ...
.
The AFSA was tasked to direct Department of Defense communications and electronic intelligence activities, except those of U.S.
military intelligence
Military intelligence is a military discipline that uses information collection and analysis approaches to provide guidance and direction to assist commanders in their decisions. This aim is achieved by providing an assessment of data from a ...
units.
However, the AFSA was unable to centralize
communications intelligence
Signals intelligence (SIGINT) is intelligence-gathering by interception of ''signals'', whether communications between people (communications intelligence—abbreviated to COMINT) or from electronic signals not directly used in communication ( ...
and failed to coordinate with civilian agencies that shared its interests such as the
Department of State
The United States Department of State (DOS), or State Department, is an executive department of the U.S. federal government responsible for the country's foreign policy and relations. Equivalent to the ministry of foreign affairs of other nati ...
,
Central Intelligence Agency
The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian foreign intelligence service of the federal government of the United States, officially tasked with gathering, processing, ...
(CIA) and the
Federal Bureau of Investigation
The Federal Bureau of Investigation (FBI) is the domestic intelligence and security service of the United States and its principal federal law enforcement agency. Operating under the jurisdiction of the United States Department of Justice, ...
(FBI).
In December 1951, President
Harry S. Truman
Harry S. Truman (May 8, 1884December 26, 1972) was the 33rd president of the United States, serving from 1945 to 1953. A leader of the Democratic Party, he previously served as the 34th vice president from January to April 1945 under Franklin ...
ordered a panel to investigate how AFSA had failed to achieve its goals. The results of the investigation led to improvements and its redesignation as the National Security Agency.
The
National Security Council
A national security council (NSC) is usually an executive branch governmental body responsible for coordinating policy on national security issues and advising chief executives on matters related to national security. An NSC is often headed by a na ...
issued a memorandum of October 24, 1952, that revised
National Security Council Intelligence Directive (NSCID) 9. On the same day, Truman issued a second memorandum that called for the establishment of the NSA.
The actual establishment of the NSA was done by a November 4 memo by
Robert A. Lovett
Robert Abercrombie Lovett (September 14, 1895May 7, 1986) was the fourth United States Secretary of Defense, having been promoted to this position from Deputy Secretary of Defense. He served in the cabinet of President of the United States, Presi ...
, the
Secretary of Defense
A defence minister or minister of defence is a cabinet official position in charge of a ministry of defense, which regulates the armed forces in sovereign states. The role of a defence minister varies considerably from country to country; in som ...
, changing the name of the AFSA to the NSA, and making the new agency responsible for all communications intelligence. Since President Truman's memo was a
classified document,
the existence of the NSA was not known to the public at that time. Due to its ultra-secrecy the U.S. intelligence community referred to the NSA as "No Such Agency".
Vietnam War
In the 1960s, the NSA played a key role in expanding U.S. commitment to the
Vietnam War
The Vietnam War (also known by #Names, other names) was a conflict in Vietnam, Laos, and Cambodia from 1 November 1955 to the fall of Saigon on 30 April 1975. It was the second of the Indochina Wars and was officially fought between North Vie ...
by providing evidence of a
North Vietnam
North Vietnam, officially the Democratic Republic of Vietnam (DRV; vi, Việt Nam Dân chủ Cộng hòa), was a socialist state supported by the Soviet Union (USSR) and the People's Republic of China (PRC) in Southeast Asia that existed f ...
ese attack on the American destroyer during the
Gulf of Tonkin incident
The Gulf of Tonkin incident ( vi, Sự kiện Vịnh Bắc Bộ) was an international confrontation that led to the United States engaging more directly in the Vietnam War. It involved both a proven confrontation on August 2, 1964, carried out b ...
.
A secret operation, code-named "
MINARET
A minaret (; ar, منارة, translit=manāra, or ar, مِئْذَنة, translit=miʾḏana, links=no; tr, minare; fa, گلدسته, translit=goldaste) is a type of tower typically built into or adjacent to mosques. Minarets are generall ...
", was set up by the NSA to monitor the phone communications of Senators
Frank Church
Frank Forrester Church III (July 25, 1924 – April 7, 1984) was an Americans, American politician and lawyer. A member of the Democratic Party (United States), Democratic Party, he served as a United States Senate, United States senator from Idah ...
and
Howard Baker
Howard Henry Baker Jr. (November 15, 1925 June 26, 2014) was an American politician and diplomat who served as a United States Senator from Tennessee from 1967 to 1985. During his tenure, he rose to the rank of Senate Minority Leader and then ...
, as well as key leaders of the
civil rights movement
The civil rights movement was a nonviolent social and political movement and campaign from 1954 to 1968 in the United States to abolish legalized institutional Racial segregation in the United States, racial segregation, Racial discrimination ...
, including
Martin Luther King Jr.
Martin Luther King Jr. (born Michael King Jr.; January 15, 1929 – April 4, 1968) was an American Baptist minister and activist, one of the most prominent leaders in the civil rights movement from 1955 until his assassination in 1968 ...
, and prominent U.S. journalists and athletes who criticized the
Vietnam War
The Vietnam War (also known by #Names, other names) was a conflict in Vietnam, Laos, and Cambodia from 1 November 1955 to the fall of Saigon on 30 April 1975. It was the second of the Indochina Wars and was officially fought between North Vie ...
.
["Declassified NSA Files Show Agency Spied on Muhammad Ali and MLK Operation Minaret Set Up in the 1960s to Monitor Anti-Vietnam Critics, Branded 'Disreputable If Not Outright Illegal' by NSA Itself"]
''The Guardian'', September 26, 2013 However, the project turned out to be controversial, and an internal review by the NSA concluded that its Minaret program was "disreputable if not outright illegal".
The NSA mounted a major effort to secure tactical communications among U.S. forces during the war with mixed success. The
NESTOR
Nestor may refer to:
* Nestor (mythology), King of Pylos in Greek mythology
Arts and entertainment
* "Nestor" (''Ulysses'' episode) an episode in James Joyce's novel ''Ulysses''
* Nestor Studios, first-ever motion picture studio in Hollywood, L ...
family of compatible
secure voice
Secure voice (alternatively secure speech or ciphony) is a term in cryptography for the encryption of voice communication over a range of communication types such as radio, telephone or IP.
History
The implementation of voice encryption date ...
systems it developed was widely deployed during the
Vietnam War
The Vietnam War (also known by #Names, other names) was a conflict in Vietnam, Laos, and Cambodia from 1 November 1955 to the fall of Saigon on 30 April 1975. It was the second of the Indochina Wars and was officially fought between North Vie ...
, with about 30,000 NESTOR sets produced. However, a variety of technical and operational problems limited their use, allowing the North Vietnamese to exploit and intercept U.S. communications.
Church Committee hearings
In the aftermath of the
Watergate scandal
The Watergate scandal was a major political scandal in the United States involving the administration of President Richard Nixon from 1972 to 1974 that led to Nixon's resignation. The scandal stemmed from the Nixon administration's continual ...
, a congressional hearing in 1975 led by Senator
Frank Church
Frank Forrester Church III (July 25, 1924 – April 7, 1984) was an Americans, American politician and lawyer. A member of the Democratic Party (United States), Democratic Party, he served as a United States Senate, United States senator from Idah ...
revealed that the NSA, in collaboration with Britain's SIGINT intelligence agency
Government Communications Headquarters
Government Communications Headquarters, commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the Un ...
(GCHQ), had routinely intercepted the international communications of prominent anti-Vietnam war leaders such as
Jane Fonda
Jane Seymour Fonda (born December 21, 1937) is an American actress, activist, and former fashion model. Recognized as a film icon, Fonda is the recipient of various accolades including two Academy Awards, two British Academy Film Awards, sev ...
and Dr.
Benjamin Spock
Benjamin McLane Spock (May 2, 1903 – March 15, 1998) was an American pediatrician and left-wing political activist whose book '' Baby and Child Care'' (1946) is one of the best-selling books of the twentieth century, selling 500,000 copie ...
. The NSA tracked these individuals in a secret filing system that was destroyed in 1974. Following the resignation of President
Richard Nixon
Richard Milhous Nixon (January 9, 1913April 22, 1994) was the 37th president of the United States, serving from 1969 to 1974. A member of the Republican Party, he previously served as a representative and senator from California and was ...
, there were several investigations of suspected misuse of FBI, CIA and NSA facilities.
Senator
Frank Church
Frank Forrester Church III (July 25, 1924 – April 7, 1984) was an Americans, American politician and lawyer. A member of the Democratic Party (United States), Democratic Party, he served as a United States Senate, United States senator from Idah ...
uncovered previously unknown activity,
such as a CIA plot (ordered by the administration of President
John F. Kennedy
John Fitzgerald Kennedy (May 29, 1917 – November 22, 1963), often referred to by his initials JFK and the nickname Jack, was an American politician who served as the 35th president of the United States from 1961 until his assassination i ...
) to assassinate
Fidel Castro
Fidel Alejandro Castro Ruz (; ; 13 August 1926 – 25 November 2016) was a Cuban revolutionary and politician who was the leader of Cuba from 1959 to 2008, serving as the prime minister of Cuba from 1959 to 1976 and president from 1976 to 200 ...
. The investigation also uncovered NSA's wiretaps on targeted U.S. citizens.
After the Church Committee hearings, the
Foreign Intelligence Surveillance Act
The Foreign Intelligence Surveillance Act of 1978 ("FISA" , ) is a United States federal law that establishes procedures for the physical and electronic surveillance and the collection of "foreign intelligence information" between "foreign po ...
of 1978 was passed. This was designed to limit the practice of
mass surveillance in the United States
The practice of mass surveillance in the United States dates back to wartime monitoring and censorship of international communications from, to, or which passed through the United States. After the First and Second World Wars, mass surveillance ...
.
From 1980s to 1990s
In 1986, the NSA intercepted the communications of the Libyan government during the immediate aftermath of the
Berlin discotheque bombing. The
White House
The White House is the official residence and workplace of the president of the United States. It is located at 1600 Pennsylvania Avenue NW in Washington, D.C., and has been the residence of every U.S. president since John Adams in 1800. ...
asserted that the NSA interception had provided "irrefutable" evidence that Libya was behind the bombing, which U.S. President
Ronald Reagan
Ronald Wilson Reagan ( ; February 6, 1911June 5, 2004) was an American politician, actor, and union leader who served as the 40th president of the United States from 1981 to 1989. He also served as the 33rd governor of California from 1967 ...
cited as a justification for the
1986 United States bombing of Libya
The 1986 United States bombing of Libya, code-named Operation El Dorado Canyon, consisted of air strikes by the United States against Libya on Tuesday 15 April 1986. The attack was carried out by the U.S. Air Force (USAF), U.S. Navy and U.S. Ma ...
.
In 1999, a multi-year investigation by the European Parliament highlighted the NSA's role in economic espionage in a report entitled 'Development of Surveillance Technology and Risk of Abuse of Economic Information'. That year, the NSA founded the
NSA Hall of Honor
The Hall of Honor is a memorial at the National Security Agency headquarters in Fort Meade, Maryland. It honors individuals who rendered distinguished service to American cryptology.
The Hall of Honor
The Hall of Honor is located on the grounds ...
, a memorial at the
National Cryptologic Museum
The National Cryptologic Museum (NCM) is an American museum of cryptologic history that is affiliated with the National Security Agency (NSA). The first public museum in the U.S. Intelligence Community, NCM is located in the former Colony Sev ...
in Fort Meade, Maryland.
The memorial is a, "tribute to the pioneers and heroes who have made significant and long-lasting contributions to American cryptology".
NSA employees must be retired for more than fifteen years to qualify for the memorial.
NSA's infrastructure deteriorated in the 1990s as defense budget cuts resulted in maintenance deferrals. On January 24, 2000, NSA headquarters suffered a total network outage for three days caused by an overloaded network. Incoming traffic was successfully stored on agency servers, but it could not be directed and processed. The agency carried out emergency repairs at a cost of $3 million to get the system running again. (Some incoming traffic was also directed instead to Britain's
GCHQ
Government Communications Headquarters, commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the Unit ...
for the time being.) Director
Michael Hayden called the outage a "wake-up call" for the need to invest in the agency's infrastructure.
In the 1990s the defensive arm of the NSA—the Information Assurance Directorate (IAD)—started working more openly; the first public technical talk by an NSA scientist at a major cryptography conference was J. Solinas' presentation on efficient
Elliptic Curve Cryptography
Elliptic-curve cryptography (ECC) is an approach to public-key cryptography based on the algebraic structure of elliptic curves over finite fields. ECC allows smaller keys compared to non-EC cryptography (based on plain Galois fields) to provide e ...
algorithms at Crypto 1997. The IAD's cooperative approach to academia and industry culminated in its support for a
transparent process for replacing the outdated
Data Encryption Standard
The Data Encryption Standard (DES ) is a symmetric-key algorithm for the encryption of digital data. Although its short key length of 56 bits makes it too insecure for modern applications, it has been highly influential in the advancement of cry ...
(DES) by an
Advanced Encryption Standard
The Advanced Encryption Standard (AES), also known by its original name Rijndael (), is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.
AES is a variant ...
(AES). Cybersecurity policy expert
Susan Landau
Susan Landau is an American mathematician, engineer, cybersecurity policy expert, and Bridge Professor in Cybersecurity and Policy at the Fletcher School of Law and Diplomacy at Tufts University. and She previously worked as a Senior Staff Priv ...
attributes the NSA's harmonious collaboration with industry and academia in the selection of the AES in 2000—and the Agency's support for the choice of a strong encryption algorithm designed by Europeans rather than by Americans—to
Brian Snow
Brian Snow (September 5, 1943December 4, 2022) served in the U.S. National Security Agency from 1971 to 2006, including a six-year term as Technical Director of the Information Assurance Directorate (IAD), which is the defensive arm of the NSA, ...
, who was the Technical Director of IAD and represented the NSA as cochairman of the Technical Working Group for the AES competition, and
Michael Jacobs, who headed IAD at the time.
After the
terrorist attacks of September 11, 2001
The September 11 attacks, commonly known as 9/11, were four coordinated suicide terrorist attacks carried out by al-Qaeda against the United States on Tuesday, September 11, 2001. That morning, nineteen terrorists hijacked four commercial ...
, the NSA believed that it had public support for a dramatic expansion of its surveillance activities.
According to
Neal Koblitz
Neal I. Koblitz (born December 24, 1948) is a Professor of Mathematics at the University of Washington. He is also an adjunct professor with the Centre for Applied Cryptographic Research at the University of Waterloo. He is the creator of hypere ...
and
Alfred Menezes
Alfred Menezes is co-author of several books on cryptography, including the ''Handbook of Applied Cryptography'', and is a professor of mathematics at the University of Waterloo in Canada. , the period when the NSA was a trusted partner with academia and industry in the development of cryptographic standards started to come to an end when, as part of the change in the NSA in the post-September 11 era, Snow was replaced as Technical Director, Jacobs retired, and IAD could no longer effectively oppose proposed actions by the offensive arm of the NSA.
War on Terror
In the aftermath of the
September 11 attacks
The September 11 attacks, commonly known as 9/11, were four coordinated suicide terrorist attacks carried out by al-Qaeda against the United States on Tuesday, September 11, 2001. That morning, nineteen terrorists hijacked four commercia ...
, the NSA created new IT systems to deal with the flood of information from new technologies like the Internet and cellphones.
ThinThread contained advanced
data mining capabilities. It also had a "privacy mechanism"; surveillance was stored encrypted; decryption required a warrant. The research done under this program may have contributed to the technology used in later systems. ThinThread was cancelled when Michael Hayden chose
Trailblazer
A trailblazer is a person who is paving the way in their particular field for future generations.
Trailblazer may refer to:
Sports
* Derby Trailblazers, a British semi-professional basketball team
* North Carolina Trailblazers, a US women's rec ...
, which did not include ThinThread's privacy system.
Trailblazer Project
Trailblazer was a United States National Security Agency (NSA) program intended to develop a capability to analyze data carried on communications networks like the Internet. It was intended to track entities using communication methods such as cell ...
ramped up in 2002 and was worked on by
Science Applications International Corporation
Science Applications International Corporation (SAIC), Inc. is an American technology company headquartered in Reston, Virginia that provides government services and information technology support.
History
The original SAIC was created in 196 ...
(SAIC),
Boeing
The Boeing Company () is an American multinational corporation that designs, manufactures, and sells airplanes, rotorcraft, rockets, satellites, telecommunications equipment, and missiles worldwide. The company also provides leasing and product ...
,
Computer Sciences Corporation
Computer Sciences Corporation (CSC) was an American multinational corporation that provided information technology (IT) services and professional services. On April 3, 2017, it merged with the Enterprise Services line of business of HP Ente ...
,
IBM, and
Litton Industries
Litton Industries was a large defense contractor in the United States named after inventor Charles Litton Sr.
During the 1960s, the company began acquiring many unrelated firms and became one of the largest conglomerates in the United States. ...
. Some NSA
whistleblower
A whistleblower (also written as whistle-blower or whistle blower) is a person, often an employee, who reveals information about activity within a private or public organization that is deemed illegal, immoral, illicit, unsafe or fraudulent. Whi ...
s complained internally about major problems surrounding Trailblazer. This led to investigations by Congress and the NSA and DoD
Inspectors General
An inspector general is an investigative official in a civil or military organization. The plural of the term is "inspectors general".
Australia
The Inspector-General of Intelligence and Security (Australia) (IGIS) is an independent statutory off ...
. The project was cancelled in early 2004.
Turbulence
In fluid dynamics, turbulence or turbulent flow is fluid motion characterized by chaotic changes in pressure and flow velocity. It is in contrast to a laminar flow, which occurs when a fluid flows in parallel layers, with no disruption between ...
started in 2005. It was developed in small, inexpensive "test" pieces, rather than one grand plan like Trailblazer. It also included offensive cyber-warfare capabilities, like injecting
malware
Malware (a portmanteau for ''malicious software'') is any software intentionally designed to cause disruption to a computer, server, client, or computer network, leak private information, gain unauthorized access to information or systems, depri ...
into remote computers. Congress criticized Turbulence in 2007 for having similar bureaucratic problems as Trailblazer.
[Bamford, ]Shadow Factory
A shadow is a dark area where light from a light source is blocked by an opaque object. It occupies all of the three-dimensional volume behind an object with light in front of it. The cross section of a shadow is a two-dimensional silhouette, o ...
, pp. 325–340. It was to be a realization of information processing at higher speeds in cyberspace.
Global surveillance disclosures
The massive extent of the NSA's spying, both foreign and domestic, was revealed to the public in a series of detailed disclosures of internal NSA documents beginning in June 2013. Most of the disclosures were leaked by former NSA contractor
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
. On 4 September 2020, the NSA's surveillance program was ruled unlawful by the
US Court of Appeals
The United States courts of appeals are the intermediate appellate courts of the United States federal judiciary. The courts of appeals are divided into 11 numbered circuits that cover geographic areas of the United States and hear appeals fro ...
. The court also added that the US intelligence leaders, who publicly defended it, were not telling the truth.
Mission
NSA's
eavesdropping
Eavesdropping is the act of secretly or stealthily listening to the private conversation or communications of others without their consent in order to gather information.
Etymology
The verb ''eavesdrop'' is a back-formation from the noun ''eaves ...
mission includes radio broadcasting, both from various organizations and individuals, the Internet, telephone calls, and other intercepted forms of communication. Its secure communications mission includes military, diplomatic, and all other sensitive, confidential or secret government communications.
According to a 2010 article in ''
The Washington Post
''The Washington Post'' (also known as the ''Post'' and, informally, ''WaPo'') is an American daily newspaper published in Washington, D.C. It is the most widely circulated newspaper within the Washington metropolitan area and has a large nati ...
'', "every day, collection systems at the National Security Agency intercept and store 1.7 billion e-mails, phone calls and other types of communications. The NSA sorts a fraction of those into 70 separate databases."
Because of its listening task, NSA/CSS has been heavily involved in
cryptanalytic
Cryptanalysis (from the Greek ''kryptós'', "hidden", and ''analýein'', "to analyze") refers to the process of analyzing information systems in order to understand hidden aspects of the systems. Cryptanalysis is used to breach cryptographic se ...
research, continuing the work of predecessor agencies which had broken many World War II
codes
In communications and information processing, code is a system of rules to convert information—such as a letter, word, sound, image, or gesture—into another form, sometimes shortened or secret, for communication through a communication c ...
and
cipher
In cryptography, a cipher (or cypher) is an algorithm for performing encryption or decryption—a series of well-defined steps that can be followed as a procedure. An alternative, less common term is ''encipherment''. To encipher or encode i ...
s (see, for instance,
Purple
Purple is any of a variety of colors with hue between red and blue. In the RGB color model used in computer and television screens, purples are produced by mixing red and blue light. In the RYB color model historically used by painters, pu ...
,
Venona project
The Venona project was a United States counterintelligence program initiated during World War II by the United States Army's Signal Intelligence Service (later absorbed by the National Security Agency), which ran from February 1, 1943, until Octob ...
, and
JN-25
The vulnerability of Japanese naval codes and ciphers was crucial to the conduct of World War II, and had an important influence on foreign relations between Japan and the west in the years leading up to the war as well. Every Japanese code was e ...
).
In 2004, NSA
Central Security Service
The Central Security Service (CSS) is a combat support agency of the United States Department of Defense which was established in 1972 to integrate the National Security Agency (NSA) and the Service Cryptologic Components (SCC) of the United Sta ...
and the
National Cyber Security Division
The National Cyber Security Division (NCSD) is a division of the Office of Cyber Security & Communications, within the United States Department of Homeland Security's Cybersecurity and Infrastructure Security Agency. Formed from the Critical Inf ...
of the
Department of Homeland Security
The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior or home ministries of other countries. Its stated missions involve anti-terr ...
(DHS) agreed to expand the NSA Centers of Academic Excellence in Information Assurance Education Program.
As part of the
National Security Presidential Directive 54/Homeland Security Presidential Directive 23 (NSPD 54), signed on January 8, 2008, by President Bush, the NSA became the lead agency to monitor and protect all of the federal government's computer networks from
cyber-terrorism
Cyberterrorism is the use of the Internet to conduct violent acts that result in, or threaten, the loss of life or significant bodily harm, in order to achieve political or ideological gains through threat or intimidation. Acts of deliberate, la ...
.
A part of NSA's mission is to serve as a
combat support agency
Combat support agency (CSA) is a designation by the United States Department of Defense (DoD) of those defense agencies that provide department-level and tactical support to the U.S. military during combat operations. The designation was first ou ...
for the Department of Defense.
Operations
Operations by the National Security Agency can be divided into three types:
* Collection overseas, which falls under the responsibility of the Global Access Operations (GAO) division.
* Domestic collection, which falls under the responsibility of the
Special Source Operations
Special Source Operations (SSO) is a division in the US National Security Agency (NSA) which is responsible for all programs aimed at collecting data from major fiber-optic cables and switches, both inside the US and abroad, and also through corpor ...
(SSO) division.
* Hacking operations, which fall under the responsibility of the
Tailored Access Operations
The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997 ...
(TAO) division.
Collection overseas
Echelon
"Echelon" was created in the incubator of the
Cold War
The Cold War is a term commonly used to refer to a period of geopolitical tension between the United States and the Soviet Union and their respective allies, the Western Bloc and the Eastern Bloc. The term '' cold war'' is used because the ...
. Today it is a
legacy system
In computing, a legacy system is an old method, technology, computer system, or application program, "of, relating to, or being a previous or outdated computer system", yet still in use. Often referencing a system as "legacy" means that it paved ...
, and several NSA stations are closing.
NSA/CSS, in combination with the equivalent agencies in the United Kingdom (
Government Communications Headquarters
Government Communications Headquarters, commonly known as GCHQ, is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to the government and armed forces of the Un ...
), Canada (
Communications Security Establishment
The Communications Security Establishment (CSE; french: Centre de la sécurité des télécommunications, ''CST''), formerly (from 2008-2014) called the Communications Security Establishment Canada (CSEC), is the Government of Canada's national c ...
), Australia (
Australian Signals Directorate
Australian Signals Directorate (ASD), formerly the Defence Signals Directorate (DSD) is the federal statutory agency in the Australian Government responsible for foreign signals intelligence, support to military operations, cyber warfare, and ...
), and New Zealand (
Government Communications Security Bureau
The Government Communications Security Bureau (GCSB) ( mi, Te Tira Tiaki) is the public-service department of New Zealand charged with promoting New Zealand's national security by collecting and analysing information of an intelligence nature. ...
), otherwise known as the
UKUSA
The United Kingdom – United States of America Agreement (UKUSA, ) is a multilateral agreement for cooperation in signals intelligence between Australia, Canada, New Zealand, the United Kingdom, and the United States. The alliance of intell ...
group,
[Richelson, Jeffrey T.; Ball, Desmond (1985). ''The Ties That Bind: Intelligence Cooperation Between the UKUSA Countries''. London: ]Allen & Unwin
George Allen & Unwin was a British publishing company formed in 1911 when Sir Stanley Unwin purchased a controlling interest in George Allen & Co. It went on to become one of the leading publishers of the twentieth century and to establish an ...
. was reported to be in command of the operation of the so-called
ECHELON
ECHELON, originally a secret government code name, is a surveillance program (signals intelligence/SIGINT collection and analysis network) operated by the five signatory states to the UKUSA Security Agreement:Given the 5 dialects that use ...
system. Its capabilities were suspected to include the ability to monitor a large proportion of the world's transmitted civilian telephone, fax and data traffic.
During the early 1970s, the first of what became more than eight large satellite communications dishes were installed at Menwith Hill. Investigative journalist
Duncan Campbell reported in 1988 on the "
ECHELON
ECHELON, originally a secret government code name, is a surveillance program (signals intelligence/SIGINT collection and analysis network) operated by the five signatory states to the UKUSA Security Agreement:Given the 5 dialects that use ...
" surveillance program, an extension of the
UKUSA Agreement
The United Kingdom – United States of America Agreement (UKUSA, ) is a multilateral agreement for cooperation in signals intelligence between Australia, Canada, New Zealand, the United Kingdom, and the United States. The alliance of intellig ...
on global signals intelligence
SIGINT
Signals intelligence (SIGINT) is intelligence-gathering by interception of ''signals'', whether communications between people (communications intelligence—abbreviated to COMINT) or from electronic signals not directly used in communication ( ...
, and detailed how the eavesdropping operations worked.
On November 3, 1999, the BBC reported that they had confirmation from the Australian Government of the existence of a powerful "global spying network" code-named Echelon, that could "eavesdrop on every single phone call, fax or e-mail, anywhere on the planet" with Britain and the United States as the chief protagonists. They confirmed that Menwith Hill was "linked directly to the headquarters of the US National Security Agency (NSA) at Fort Meade in Maryland".
NSA's United States Signals Intelligence Directive 18 (USSID 18) strictly prohibited the interception or collection of information about "...
U.S. person
The term United States person or US person is used in various contexts in US laws and regulations with different meanings. It can refer to natural persons or other entities.
Data collection and intelligence
The term "US person" is used in the co ...
s, entities, corporations or organizations...." without explicit written legal permission from the
United States Attorney General
The United States attorney general (AG) is the head of the United States Department of Justice, and is the chief law enforcement officer of the federal government of the United States. The attorney general serves as the principal advisor to the p ...
when the subject is located abroad, or the
Foreign Intelligence Surveillance Court
The United States Foreign Intelligence Surveillance Court (FISC), also called the FISA Court, is a U.S. federal court established under the Foreign Intelligence Surveillance Act of 1978 (FISA) to oversee requests for surveillance warrants ag ...
when within U.S. borders. Alleged Echelon-related activities, including its use for motives other than national security, including political and
industrial espionage
Industrial espionage, economic espionage, corporate spying, or corporate espionage is a form of espionage conducted for commercial purposes instead of purely national security.
While political espionage is conducted or orchestrated by governmen ...
, received criticism from countries outside the UKUSA alliance.
Other SIGINT operations overseas
The NSA was also involved in planning to blackmail people with "
SEXINT SEXINT is the practice of monitoring and/or characterizing/indexing the pornographic preferences of internet users in an effort to later use the information for blackmail. The term is a portmanteau of ''sex''ual ''int''elligence retrieved on an inte ...
", intelligence gained about a potential target's sexual activity and preferences. Those targeted had not committed any apparent crime nor were they charged with one.
In order to support its
facial recognition program, the NSA is intercepting "millions of images per day".
The
Real Time Regional Gateway The Real Time Regional Gateway (RT-RG) is a data processing and data mining system introduced in 2007 by the US National Security Agency (NSA) and deployed during the American military operations in Iraq and Afghanistan. It is able to store, fuse, ...
is a data collection program introduced in 2005 in Iraq by NSA during the
Iraq War
{{Infobox military conflict
, conflict = Iraq War {{Nobold, {{lang, ar, حرب العراق (Arabic) {{Nobold, {{lang, ku, شەڕی عێراق (Kurdish languages, Kurdish)
, partof = the Iraq conflict (2003–present), I ...
that consisted of gathering all electronic communication, storing it, then searching and otherwise analyzing it. It was effective in providing information about Iraqi insurgents who had eluded less comprehensive techniques.
This "collect it all" strategy introduced by NSA director,
Keith B. Alexander
Keith Brian Alexander (born December 2, 1951) is a retired four-star general of the United States Army, who served as director of the National Security Agency, chief of the Central Security Service, and commander of the United States Cyber Comma ...
, is believed by
Glenn Greenwald
Glenn Edward Greenwald (born March 6, 1967) is an American journalist, author and lawyer. In 2014, he cofounded ''The Intercept'', of which he was an editor until he resigned in October 2020. Greenwald subsequently started publishing on Substac ...
of ''
The Guardian
''The Guardian'' is a British daily newspaper. It was founded in 1821 as ''The Manchester Guardian'', and changed its name in 1959. Along with its sister papers ''The Observer'' and ''The Guardian Weekly'', ''The Guardian'' is part of the Gu ...
'' to be the model for the comprehensive worldwide mass archiving of communications which NSA is engaged in as of 2013.
A dedicated unit of the NSA locates targets for the
CIA
The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian intelligence agency, foreign intelligence service of the federal government of the United States, officially tasked with gat ...
for extrajudicial assassination in the Middle East.
[Greg Miller and Julie Tate, October 17, 2013,]
Documents reveal NSA's extensive involvement in targeted killing program
, ''The Washington Post''. Retrieved October 18, 2013. The NSA has also spied extensively on the European Union, the United Nations and numerous governments including allies and trading partners in Europe, South America and Asia.
In June 2015,
WikiLeaks
WikiLeaks () is an international Nonprofit organization, non-profit organisation that published news leaks and classified media provided by anonymous Source (journalism), sources. Julian Assange, an Australian Internet activism, Internet acti ...
published documents showing that NSA spied on
French
French (french: français(e), link=no) may refer to:
* Something of, from, or related to France
** French language, which originated in France, and its various dialects and accents
** French people, a nation and ethnic group identified with Franc ...
companies.
In July 2015, WikiLeaks published documents showing that NSA spied on federal German ministries since the 1990s. Even Germany's Chancellor
Angela Merkel
Angela Dorothea Merkel (; ; born 17 July 1954) is a German former politician and scientist who served as Chancellor of Germany from 2005 to 2021. A member of the Christian Democratic Union (CDU), she previously served as Leader of the Oppo ...
's cellphones and phones of her predecessors had been intercepted.
Boundless Informant
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
revealed in June 2013 that between February 8 and March 8, 2013, the NSA collected about 124.8 billion telephone data items and 97.1 billion computer data items throughout the world, as was displayed in charts from an internal NSA tool codenamed
Boundless Informant
Boundless Informant (stylized as BOUNDLESSINFORMANT) is a big data analysis and data visualization tool used by the United States National Security Agency (NSA). It gives NSA managers summaries of the NSA's worldwide data collection activities by ...
. Initially, it was reported that some of these data reflected eavesdropping on citizens in countries like Germany, Spain and France, but later on, it became clear that those data were collected by European agencies during military missions abroad and were subsequently shared with NSA.
Bypassing encryption
In 2013, reporters uncovered a secret memo that claims the NSA created and pushed for the adoption of the
Dual EC DRBG
Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) is an algorithm that was presented as a cryptographically secure pseudorandom number generator (CSPRNG) using methods in elliptic curve cryptography. Despite wide public criti ...
encryption standard that contained built-in vulnerabilities in 2006 to the United States
National Institute of Standards and Technology
The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical sci ...
(NIST), and the
International Organization for Standardization
The International Organization for Standardization (ISO ) is an international standard development organization composed of representatives from the national standards organizations of member countries. Membership requirements are given in Ar ...
(aka ISO).
This memo appears to give credence to previous speculation by cryptographers at
Microsoft Research
Microsoft Research (MSR) is the research subsidiary of Microsoft. It was created in 1991 by Richard Rashid, Bill Gates and Nathan Myhrvold with the intent to advance state-of-the-art computing and solve difficult world problems through technologi ...
.
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
claims that the NSA often bypasses encryption altogether by lifting information before it is encrypted or after it is decrypted.
XKeyscore
XKeyscore (XKEYSCORE or XKS) is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intellige ...
rules (as specified in a file xkeyscorerules100.txt, sourced by German TV stations
NDR
NDR may refer to:
Computing
* Non delivery report, a return email message to a sender indicating failed message delivery
* Network Data Representation, an implementation of the OSI model presentation layer
Science and technology
* Negative differ ...
and
WDR, who claim to have excerpts from its source code) reveal that the NSA tracks users of privacy-enhancing software tools, including
Tor
Tor, TOR or ToR may refer to:
Places
* Tor, Pallars, a village in Spain
* Tor, former name of Sloviansk, Ukraine, a city
* Mount Tor, Tasmania, Australia, an extinct volcano
* Tor Bay, Devon, England
* Tor River, Western New Guinea, Indonesia
Sc ...
; an anonymous email service provided by the
MIT Computer Science and Artificial Intelligence Laboratory
Computer Science and Artificial Intelligence Laboratory (CSAIL) is a research institute at the Massachusetts Institute of Technology (MIT) formed by the 2003 merger of the Laboratory for Computer Science (LCS) and the Artificial Intelligence Lab ...
(CSAIL) in Cambridge, Massachusetts; and readers of the ''
Linux Journal
''Linux Journal'' (''LJ'') is an American monthly technology magazine originally published by Specialized System Consultants, Inc. (SSC) in Seattle, Washington since 1994. In December 2006 the publisher changed to Belltown Media, Inc. in Houston ...
''.
Software backdoors
Linus Torvalds
Linus Benedict Torvalds ( , ; born 28 December 1969) is a Finnish software engineer who is the creator and, historically, the lead developer of the Linux kernel, used by Linux distributions and other operating systems such as Android. He also c ...
, the founder of
Linux kernel
The Linux kernel is a free and open-source, monolithic, modular, multitasking, Unix-like operating system kernel. It was originally authored in 1991 by Linus Torvalds for his i386-based PC, and it was soon adopted as the kernel for the GNU ope ...
, joked during a
LinuxCon
Open Source Summit (formerly LinuxCon) is a name for a series of annual conventions organized each year since 2009 by the Linux Foundation. The first LinuxCon took place in North America. Linux Foundation started organizing similar events in Eur ...
keynote on September 18, 2013, that the NSA, who are the founder of
SELinux
Security-Enhanced Linux (SELinux) is a Linux kernel security module that provides a mechanism for supporting access control security policies, including mandatory access controls (MAC).
SELinux is a set of kernel modifications and user-space t ...
, wanted a backdoor in the kernel. However, later, Linus' father, a
Member of the European Parliament
A Member of the European Parliament (MEP) is a person who has been elected to serve as a popular representative in the European Parliament.
When the European Parliament (then known as the Common Assembly of the ECSC) first met in 1952, its ...
(MEP), revealed that the NSA actually did this.
IBM Notes
HCL Notes (formerly IBM Notes and Lotus Notes; see Branding below) and HCL Domino (formerly IBM Domino and Lotus Domino) are the client and server, respectively, of a collaborative client-server software platform formerly sold by IBM, now by HCL ...
was the first widely adopted software product to use
public key cryptography
Public-key cryptography, or asymmetric cryptography, is the field of cryptographic systems that use pairs of related keys. Each key pair consists of a public key and a corresponding private key. Key pairs are generated with cryptographic alg ...
for client–server and server–server authentication and for encryption of data. Until US laws regulating encryption were changed in 2000, IBM and
Lotus
Lotus may refer to:
Plants
*Lotus (plant), various botanical taxa commonly known as lotus, particularly:
** ''Lotus'' (genus), a genus of terrestrial plants in the family Fabaceae
**Lotus flower, a symbolically important aquatic Asian plant also ...
were prohibited from exporting versions of Notes that supported
symmetric encryption
Symmetric-key algorithms are algorithms for cryptography that use the same cryptographic keys for both the encryption of plaintext and the decryption of ciphertext. The keys may be identical, or there may be a simple transformation to go between th ...
keys that were longer than 40 bits. In 1997, Lotus negotiated an agreement with the NSA that allowed the export of a version that supported stronger keys with 64 bits, but 24 of the bits were encrypted with a special key and included in the message to provide a "workload reduction factor" for the NSA. This strengthened the protection for users of Notes outside the US against private-sector
industrial espionage
Industrial espionage, economic espionage, corporate spying, or corporate espionage is a form of espionage conducted for commercial purposes instead of purely national security.
While political espionage is conducted or orchestrated by governmen ...
, but not against spying by the US government.
Boomerang routing
While it is assumed that foreign transmissions terminating in the U.S. (such as a non-U.S. citizen accessing a U.S. website) subject non-U.S. citizens to NSA surveillance, recent research into boomerang routing has raised new concerns about the NSA's ability to surveil the domestic Internet traffic of foreign countries.
Boomerang routing occurs when an Internet transmission that originates and terminates in a single country transits another. Research at the
University of Toronto
The University of Toronto (UToronto or U of T) is a public research university in Toronto, Ontario, Canada, located on the grounds that surround Queen's Park. It was founded by royal charter in 1827 as King's College, the first institution ...
has suggested that approximately 25% of Canadian domestic traffic may be subject to NSA surveillance activities as a result of the boomerang routing of Canadian
Internet service provider
An Internet service provider (ISP) is an organization that provides services for accessing, using, or participating in the Internet. ISPs can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise private ...
s.
Hardware implanting
A document included in NSA files released with
Glenn Greenwald
Glenn Edward Greenwald (born March 6, 1967) is an American journalist, author and lawyer. In 2014, he cofounded ''The Intercept'', of which he was an editor until he resigned in October 2020. Greenwald subsequently started publishing on Substac ...
's book ''
No Place to Hide'' details how the agency's
Tailored Access Operations
The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997 ...
(TAO) and other NSA units gain access to hardware. They intercept
routers,
servers and other
network hardware
Networking hardware, also known as network equipment or computer networking devices, are electronic devices which are required for communication and interaction between devices on a computer network. Specifically, they mediate data transmission in ...
being shipped to organizations targeted for surveillance and install covert implant firmware onto them before they are delivered. This was described by an NSA manager as "some of the most productive operations in TAO because they preposition access points into hard target networks around the world."
Computers seized by the NSA due to
interdiction Interdiction is a military term for the act of delaying, disrupting, or destroying enemy forces or supplies en route to the battle area. A distinction is often made between strategic and tactical interdiction. The former refers to operations whose e ...
are often modified with a physical device known as Cottonmouth. Cottonmouth is a device that can be inserted in the USB port of a computer in order to establish remote access to the targeted machine. According to NSA's Tailored Access Operations (TAO) group implant catalog, after implanting Cottonmouth, the NSA can establish a
network bridge
A network bridge is a computer networking device that creates a single, aggregate network from multiple communication networks or network segments. This function is called network bridging. Bridging is distinct from routing. Routing allows mu ...
"that allows the NSA to load exploit software onto modified computers as well as allowing the NSA to relay commands and data between hardware and software implants."
Domestic collection
NSA's mission, as set forth in
Executive Order 12333
Executive Order 12333, signed on December 4, 1981 by U.S. President Ronald Reagan, was an Executive Order intended to extend powers and responsibilities of U.S. intelligence agencies and direct the leaders of U.S. federal agencies to co-operat ...
in 1981, is to collect information that constitutes "foreign intelligence or counterintelligence" while ''not'' "acquiring information concerning the domestic activities of
United States person
The term United States person or US person is used in various contexts in law of the United States, US laws and regulations with different meanings. It can refer to Natural person, natural persons or Legal person, other entities.
Data collection a ...
s". NSA has declared that it relies on the FBI to collect information on foreign intelligence activities within the borders of the United States, while confining its own activities within the United States to the embassies and missions of foreign nations.
The appearance of a 'Domestic Surveillance Directorate' of the NSA was soon exposed as a hoax in 2013.
NSA's domestic surveillance activities are limited by the requirements imposed by the
Fourth Amendment to the U.S. Constitution
The Fourth Amendment (Amendment IV) to the United States Constitution is part of the Bill of Rights. It prohibits unreasonable searches and seizures. In addition, it sets requirements for issuing warrants: warrants must be issued by a judge or ...
. The
Foreign Intelligence Surveillance Court
The United States Foreign Intelligence Surveillance Court (FISC), also called the FISA Court, is a U.S. federal court established under the Foreign Intelligence Surveillance Act of 1978 (FISA) to oversee requests for surveillance warrants ag ...
for example held in October 2011, citing multiple Supreme Court precedents, that the Fourth Amendment prohibitions against unreasonable searches and seizures apply to the contents of all communications, whatever the means, because "a person's private communications are akin to personal papers."
However, these protections do not apply to non-U.S. persons located outside of U.S. borders, so the NSA's foreign surveillance efforts are subject to far fewer limitations under U.S. law.
[David Alan Jordan]
Decrypting the Fourth Amendment: Warrantless NSA Surveillance and the Enhanced Expectation of Privacy Provided by Encrypted Voice over Internet Protocol
. Boston College Law Review. May 2006. Last access date January 23, 2007 The specific requirements for domestic surveillance operations are contained in the
Foreign Intelligence Surveillance Act
The Foreign Intelligence Surveillance Act of 1978 ("FISA" , ) is a United States federal law that establishes procedures for the physical and electronic surveillance and the collection of "foreign intelligence information" between "foreign po ...
of 1978 (FISA), which does not extend protection to non-U.S. citizens located outside of
U.S. territory
In the United States, a territory is any extent of region under the sovereign jurisdiction of the federal government of the United States, including all waters (around islands or continental tracts). The United States asserts sovereign rights for ...
.
President's Surveillance Program
George W. Bush
George Walker Bush (born July 6, 1946) is an American politician who served as the 43rd president of the United States from 2001 to 2009. A member of the Republican Party, Bush family, and son of the 41st president George H. W. Bush, he ...
, president during the
9/11 terrorist attacks
The September 11 attacks, commonly known as 9/11, were four coordinated suicide terrorist attacks carried out by al-Qaeda against the United States on Tuesday, September 11, 2001. That morning, nineteen terrorists hijacked four commercial ...
, approved the
Patriot Act
The USA PATRIOT Act (commonly known as the Patriot Act) was a landmark Act of the United States Congress, signed into law by President George W. Bush. The formal name of the statute is the Uniting and Strengthening America by Providing Appropr ...
shortly after the attacks to take anti-terrorist security measures.
Title 1
The Elementary and Secondary Education Act (ESEA) was passed by the 89th United States Congress and signed into law by President Lyndon B. Johnson on April 11, 1965. Part of Johnson's "War on Poverty", the act has been one of the most far-rea ...
,
2, and
9 specifically authorized measures that would be taken by the NSA. These titles granted enhanced domestic security against terrorism, surveillance procedures, and improved intelligence, respectively. On March 10, 2004, there was a debate between President Bush and White House Counsel
Alberto Gonzales
Alberto R. Gonzales (born August 4, 1955) is an American lawyer who served as the 80th United States Attorney General, appointed in February 2005 by President George W. Bush, becoming the highest-ranking Hispanic American in executive governme ...
, Attorney General
John Ashcroft
John David Ashcroft (born May 9, 1942) is an American lawyer, lobbyist and former politician who served as the 79th U.S. Attorney General in the George W. Bush administration from 2001 to 2005. A former U.S. Senator from Missouri and the 50th ...
, and Acting Attorney General
James Comey
James Brien Comey Jr. (; born December 14, 1960) is an American lawyer who was the seventh director of the Federal Bureau of Investigation (FBI) from 2013 until his dismissal in May 2017. Comey was a registered Republican for most of his adul ...
. The Attorneys General were unsure if the NSA's programs could be considered constitutional. They threatened to resign over the matter, but ultimately the NSA's programs continued. On March 11, 2004, President Bush signed a new authorization for mass surveillance of Internet records, in addition to the surveillance of phone records. This allowed the president to be able to override laws such as the
Foreign Intelligence Surveillance Act
The Foreign Intelligence Surveillance Act of 1978 ("FISA" , ) is a United States federal law that establishes procedures for the physical and electronic surveillance and the collection of "foreign intelligence information" between "foreign po ...
, which protected civilians from mass surveillance. In addition to this, President Bush also signed that the measures of mass surveillance were also retroactively in place.
James Risen
James Risen (born April 27, 1955) is an American journalist for ''The Intercept''. He previously worked for ''The New York Times'' and before that for ''Los Angeles Times''. He has written or co-written many articles concerning U.S. government ...
& Eric Lichtblau
Eric Lichtblau (born 1965) is an American journalist, reporting for ''The New York Times'' in the Washington bureau, as well as the ''Los Angeles Times'', ''Time'' magazine, ''The New Yorker'', and the CNN network's investigative news unit. He ha ...
(December 16, 2005)
Bush Lets U.S. Spy on Callers Without Courts
''The New York Times
''The New York Times'' (''the Times'', ''NYT'', or the Gray Lady) is a daily newspaper based in New York City with a worldwide readership reported in 2020 to comprise a declining 840,000 paid print subscribers, and a growing 6 million paid ...
''
One such surveillance program, authorized by the U.S. Signals Intelligence Directive 18 of President George Bush, was the Highlander Project undertaken for the National Security Agency by the U.S. Army
513th Military Intelligence Brigade
The 513th Military Intelligence Brigade is a unit of the United States Army and subordinate to the U.S. Army Intelligence and Security Command. Its mission is to provide "tailored, multi-disciplined intelligence and intelligence capabilities in su ...
. NSA relayed telephone (including cell phone) conversations obtained from ground, airborne, and satellite monitoring stations to various U.S. Army Signal Intelligence Officers, including the
201st Military Intelligence Battalion. Conversations of citizens of the U.S. were intercepted, along with those of other nations.
Proponents of the surveillance program claim that the President has
executive authority
The Executive, also referred as the Executive branch or Executive power, is the term commonly used to describe that part of government which enforces the law, and has overall responsibility for the governance of a state.
In political systems b ...
to order such action, arguing that laws such as FISA are overridden by the President's Constitutional powers. In addition, some argued that FISA was implicitly overridden by a subsequent statute, the
Authorization for Use of Military Force, although the Supreme Court's ruling in ''
Hamdan v. Rumsfeld
''Hamdan v. Rumsfeld'', 548 U.S. 557 (2006), is a case in which the Supreme Court of the United States held that military commissions set up by the Bush administration to try detainees at Guantanamo Bay violated both the Uniform Code of Mili ...
'' deprecates this view.
The PRISM program
Under the
PRISM
Prism usually refers to:
* Prism (optics), a transparent optical component with flat surfaces that refract light
* Prism (geometry), a kind of polyhedron
Prism may also refer to:
Science and mathematics
* Prism (geology), a type of sedimentary ...
program, which started in 2007,
NSA gathers Internet communications from foreign targets from nine major U.S. Internet-based communication service providers:
Microsoft
Microsoft Corporation is an American multinational technology corporation producing computer software, consumer electronics, personal computers, and related services headquartered at the Microsoft Redmond campus located in Redmond, Washing ...
,
Yahoo
Yahoo! (, styled yahoo''!'' in its logo) is an American web services provider. It is headquartered in Sunnyvale, California and operated by the namesake company Yahoo! Inc. (2017–present), Yahoo Inc., which is 90% owned by investment funds ma ...
,
Google
Google LLC () is an American multinational technology company focusing on search engine technology, online advertising, cloud computing, computer software, quantum computing, e-commerce, artificial intelligence, and consumer electronics. ...
,
Facebook
Facebook is an online social media and social networking service owned by American company Meta Platforms. Founded in 2004 by Mark Zuckerberg with fellow Harvard College students and roommates Eduardo Saverin, Andrew McCollum, Dustin M ...
,
PalTalk
Paltalk is a proprietary video group chat service that enables users to communicate by video, Internet chat, or voice. It offers chat rooms and the ability for users to create their own public virtual chat room. Paltalk Desktop is available on mac ...
,
AOL
AOL (stylized as Aol., formerly a company known as AOL Inc. and originally known as America Online) is an American web portal and online service provider based in New York City. It is a brand marketed by the current incarnation of Yahoo (2017 ...
,
Skype
Skype () is a proprietary telecommunications application operated by Skype Technologies, a division of Microsoft, best known for VoIP-based videotelephony, videoconferencing and voice calls. It also has instant messaging, file transfer, deb ...
,
YouTube
YouTube is a global online video platform, online video sharing and social media, social media platform headquartered in San Bruno, California. It was launched on February 14, 2005, by Steve Chen, Chad Hurley, and Jawed Karim. It is owned by ...
and
Apple
An apple is an edible fruit produced by an apple tree (''Malus domestica''). Apple fruit tree, trees are agriculture, cultivated worldwide and are the most widely grown species in the genus ''Malus''. The tree originated in Central Asia, wh ...
. Data gathered include email, videos, photos,
VoIP
Voice over Internet Protocol (VoIP), also called IP telephony, is a method and group of technologies for the delivery of voice communications and multimedia sessions over Internet Protocol (IP) networks, such as the Internet. The terms Internet t ...
chats such as
Skype
Skype () is a proprietary telecommunications application operated by Skype Technologies, a division of Microsoft, best known for VoIP-based videotelephony, videoconferencing and voice calls. It also has instant messaging, file transfer, deb ...
, and file transfers.
Former NSA director General Keith Alexander claimed that in September 2009 the NSA prevented
Najibullah Zazi
Najibullah Zazi (born August 10, 1985) is an Afghan-American who was arrested in September 2009 as part of the 2009 U.S. al Qaeda group accused of planning suicide bombings on the New York City Subway system, and who pleaded guilty as have two o ...
and his friends from carrying out a terrorist attack.
However, this claim has been debunked and no evidence has been presented demonstrating that the NSA has ever been instrumental in preventing a terrorist attack.
Hacking operations
Besides the more traditional ways of eavesdropping in order to collect signals intelligence, NSA is also engaged in
hacking computers, smartphones and their networks. A division which conducts such operations is the
Tailored Access Operations
The Office of Tailored Access Operations (TAO), now Computer Network Operations, and structured as S32, is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least 1998, possibly 1997 ...
(TAO) division, which has been active since at least circa 1998.
According to the ''
Foreign Policy
A State (polity), state's foreign policy or external policy (as opposed to internal or domestic policy) is its objectives and activities in relation to its interactions with other states, unions, and other political entities, whether bilaterall ...
'' magazine, "... the Office of Tailored Access Operations, or TAO, has successfully penetrated Chinese computer and telecommunications systems for almost 15 years, generating some of the best and most reliable intelligence information about what is going on inside the People's Republic of China."
In an interview with ''
Wired
''Wired'' (stylized as ''WIRED'') is a monthly American magazine, published in print and online editions, that focuses on how emerging technologies affect culture, the economy, and politics. Owned by Condé Nast, it is headquartered in San Fra ...
'' magazine, Edward Snowden said the Tailored Access Operations division accidentally caused
Syria
Syria ( ar, سُورِيَا or سُورِيَة, translit=Sūriyā), officially the Syrian Arab Republic ( ar, الجمهورية العربية السورية, al-Jumhūrīyah al-ʻArabīyah as-Sūrīyah), is a Western Asian country loc ...
's internet blackout in 2012.
Organizational structure
The NSA is led by the
Director of the National Security Agency
The director of the National Security Agency (DIRNSA) is the highest-ranking official of the National Security Agency, which is a defense agency within the U.S. Department of Defense. The director of the NSA also concurrently serves as the Chief ...
(DIRNSA), who also serves as Chief of the
Central Security Service
The Central Security Service (CSS) is a combat support agency of the United States Department of Defense which was established in 1972 to integrate the National Security Agency (NSA) and the Service Cryptologic Components (SCC) of the United Sta ...
(CHCSS) and Commander of the
United States Cyber Command
United States Cyber Command (USCYBERCOM) is one of the eleven unified combatant commands of the United States Department of Defense (DoD). It unifies the direction of cyberspace operations, strengthens DoD cyberspace capabilities, and integra ...
(USCYBERCOM) and is the highest-ranking military official of these organizations. He is assisted by a
Deputy Director, who is the highest-ranking civilian within the NSA/CSS.
NSA also has an
Inspector General
An inspector general is an investigative official in a civil or military organization. The plural of the term is "inspectors general".
Australia
The Inspector-General of Intelligence and Security (Australia) (IGIS) is an independent statutory off ...
, head of the Office of the Inspector General (OIG), a
General Counsel
A general counsel, also known as chief counsel or chief legal officer (CLO), is the chief in-house lawyer for a company or a governmental department.
In a company, the person holding the position typically reports directly to the CEO, and their ...
, head of the Office of the General Counsel (OGC) and a Director of Compliance, who is head of the Office of the Director of Compliance (ODOC).
Unlike other intelligence organizations such as the CIA or
DIA, NSA has always been particularly reticent concerning its internal organizational structure.
As of the mid-1990s, the National Security Agency was organized into five Directorates:
* The Operations Directorate, which was responsible for SIGINT collection and processing.
* The Technology and Systems Directorate, which develops new technologies for SIGINT collection and processing.
* The Information Systems Security Directorate, which was responsible for NSA's communications and information security missions.
* The Plans, Policy and Programs Directorate, which provided staff support and general direction for the Agency.
* The Support Services Directorate, which provided logistical and administrative support activities.
Each of these directorates consisted of several groups or elements, designated by a letter. There were for example the A Group, which was responsible for all SIGINT operations against the Soviet Union and Eastern Europe, and G Group, which was responsible for SIGINT related to all non-communist countries. These groups were divided into units designated by an additional number, like unit A5 for breaking Soviet codes, and G6, being the office for the Middle East, North Africa, Cuba, Central and South America.
Directorates
, NSA has about a dozen directorates, which are designated by a letter, although not all of them are publicly known.
In the year 2000, a leadership team was formed consisting of the director, the deputy director and the directors of the Signals Intelligence (SID), the Information Assurance (IAD) and the Technical Directorate (TD). The chiefs of other main NSA divisions became associate directors of the senior leadership team.
[National Security Agency – 60 Years of Defending Our Nation]
, Anniversary booklet, 2012, p. 96.
After president George W. Bush initiated the
President's Surveillance Program
The President's Surveillance Program (PSP) is a collection of secret intelligence activities authorized by the President of the United States George W. Bush after the September 11 attacks in 2001 as part of the War on Terrorism. Information coll ...
(PSP) in 2001, the NSA created a 24-hour Metadata Analysis Center (MAC), followed in 2004 by the Advanced Analysis Division (AAD), with the mission of analyzing content, Internet metadata and telephone metadata. Both units were part of the Signals Intelligence Directorate.
A 2016 proposal would combine the Signals Intelligence Directorate with Information Assurance Directorate into Directorate of Operations.
NSANet
NSANet stands for National Security Agency Network and is the official NSA intranet.
It is a classified network,
for information up to the level of
TS/
SCI
SCI may refer to:
Companies
*Service Corporation International, an American funeral service provider
*Shipping Corporation of India
*SCI Systems, merged into Sanmina Corporation, electronics manufacturing
*SCi Games, a video game developer
Orga ...
to support the use and sharing of intelligence data between NSA and the signals intelligence agencies of the four other nations of the
Five Eyes
The Five Eyes (FVEY) is an intelligence alliance comprising Australia, Canada, New Zealand, the United Kingdom, and the United States. These countries are parties to the multilateral UKUSA Agreement, a treaty for joint cooperation in sign ...
partnership. The management of NSANet has been delegated to the
Central Security Service
The Central Security Service (CSS) is a combat support agency of the United States Department of Defense which was established in 1972 to integrate the National Security Agency (NSA) and the Service Cryptologic Components (SCC) of the United Sta ...
Texas (CSSTEXAS).
NSANet is a highly secured computer network consisting of fiber-optic and satellite communication channels which are almost completely separated from the public Internet. The network allows NSA personnel and civilian and military intelligence analysts anywhere in the world to have access to the agency's systems and databases. This access is tightly controlled and monitored. For example, every keystroke is logged, activities are audited at random and downloading and printing of documents from NSANet are recorded.
In 1998, NSANet, along with
NIPRNET
The Non-classified Internet Protocol (IP) Router Network (NIPRNet) is an IP network used to exchange unclassified information, including information subject to controls on distribution, among the private network's users. The NIPRNet also provide ...
and
SIPRNET
The Secure Internet Protocol Router Network (SIPRNet) is "a system of interconnected computer networks used by the U.S. Department of Defense and the U.S. Department of State to transmit classified information (up to and including information cla ...
, had "significant problems with poor search capabilities, unorganized data and old information".
In 2004, the network was reported to have used over twenty
commercial off-the-shelf
Commercial off-the-shelf or commercially available off-the-shelf (COTS) products are packaged or canned (ready-made) hardware or software, which are adapted aftermarket to the needs of the purchasing organization, rather than the commissioning of ...
operating systems.
Some universities that do highly sensitive research are allowed to connect to it.
The thousands of Top Secret internal NSA documents that were taken by
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
in 2013 were stored in "a file-sharing location on the NSA's intranet site"; so, they could easily be read online by NSA personnel. Everyone with a TS/SCI-clearance had access to these documents. As a system administrator, Snowden was responsible for moving accidentally misplaced highly sensitive documents to safer storage locations.
Watch centers
The NSA maintains at least two watch centers:
*
National Security Operations Center
The National Security Operations Center (NSOC) or Directorate K is the part of the United States National Security Agency responsible for current operations and time-sensitive signals intelligence (SIGINT) reporting for the United States SIGINT ...
(NSOC), which is the NSA's current operations center and focal point for time-sensitive SIGINT reporting for the United States SIGINT System (USSS). This center was established in 1968 as the National SIGINT Watch Center (NSWC) and renamed into National SIGINT Operations Center (NSOC) in 1973. This "nerve center of the NSA" got its current name in 1996.
* NSA/CSS Threat Operations Center (NTOC), which is the primary NSA/CSS partner for
Department of Homeland Security
The United States Department of Homeland Security (DHS) is the U.S. federal executive department responsible for public security, roughly comparable to the interior or home ministries of other countries. Its stated missions involve anti-terr ...
response to cyber incidents. The NTOC establishes real-time network awareness and threat characterization capabilities to forecast, alert, and attribute malicious activity and enable the coordination of Computer Network Operations. The NTOC was established in 2004 as a joint Information Assurance and Signals Intelligence project.
[National Security Agency – 60 Years of Defending Our Nation]
, Anniversary booklet, 2012, p. 102.
NSA Police
The NSA has its own police force, known as ''NSA Police'' (and formerly as ''NSA Security Protective Force'') which provides law enforcement services, emergency response and physical security to the NSA's people and property.
NSA Police are armed federal officers. NSA Police have use of a K9 division, which generally conducts explosive detection screening of mail, vehicles and cargo entering NSA grounds.
NSA Police use marked vehicles to carry out patrols.
Employees
The number of NSA employees is officially classified
[Introverted? Then NSA wants you.]
" ''Florida Championship Wrestling
Florida Championship Wrestling (FCW) was a professional wrestling promotion based on the former National Wrestling Alliance member promotion, Championship Wrestling from Florida, which operated from 1961 until 1987. From October 2007 to August ...
''. April 2012. Retrieved July 1, 2013. but there are several sources providing estimates.
In 1961, NSA had 59,000 military and civilian employees, which grew to 93,067 in 1969, of which 19,300 worked at the headquarters at Fort Meade. In the early 1980s, NSA had roughly 50,000 military and civilian personnel. By 1989 this number had grown again to 75,000, of which 25,000 worked at the NSA headquarters. Between 1990 and 1995 the NSA's budget and workforce were cut by one third, which led to a substantial loss of experience.
In 2012, the NSA said more than 30,000 employees worked at Fort Meade and other facilities.
In 2012,
John C. Inglis
John Chris Inglis (born October 29, 1954), also known as Chris Inglis, is an American government official who served as the first National Cyber Director. Inglis is also a former Deputy Director of the National Security Agency. On April 12, 2021 ...
, the deputy director, said that the total number of NSA employees is "somewhere between 37,000 and one billion" as a joke,
and stated that the agency is "probably the biggest employer of
introverts
The traits of extraversion (also spelled extroversion Retrieved 2018-02-21.) and introversion are a central dimension in some human personality theories. The terms ''introversion'' and ''extraversion'' were introduced into psychology by Carl J ...
."
In 2013 ''
Der Spiegel
''Der Spiegel'' (, lit. ''"The Mirror"'') is a German weekly news magazine published in Hamburg. With a weekly circulation of 695,100 copies, it was the largest such publication in Europe in 2011. It was founded in 1947 by John Seymour Chaloner ...
'' stated that the NSA had 40,000 employees.
[ "How can an intelligence agency, even one as large and well-staffed as the NSA with its 40,000 employees, work meaningfully with such a flood of information?"] More widely, it has been described as the world's largest single employer of
mathematician
A mathematician is someone who uses an extensive knowledge of mathematics in their work, typically to solve mathematical problems.
Mathematicians are concerned with numbers, data, quantity, structure, space, models, and change.
History
On ...
s. Some NSA employees form part of the workforce of the
National Reconnaissance Office
The National Reconnaissance Office (NRO) is a member of the United States Intelligence Community and an agency of the United States Department of Defense which designs, builds, launches, and operates the reconnaissance satellites of the U.S. f ...
(NRO), the agency that provides the NSA with satellite
signals intelligence
Signals intelligence (SIGINT) is intelligence-gathering by interception of ''signals'', whether communications between people (communications intelligence—abbreviated to COMINT) or from electronic signals not directly used in communication ( ...
.
As of 2013 about 1,000
system administrator
A system administrator, or sysadmin, or admin is a person who is responsible for the upkeep, configuration, and reliable operation of computer systems, especially multi-user computers, such as servers. The system administrator seeks to ensu ...
s work for the NSA.
Personnel security
The NSA received criticism early on in 1960 after two agents had defected to the
Soviet Union
The Soviet Union,. officially the Union of Soviet Socialist Republics. (USSR),. was a transcontinental country that spanned much of Eurasia from 1922 to 1991. A flagship communist state, it was nominally a federal union of fifteen national ...
. Investigations by the
House Un-American Activities Committee
The House Committee on Un-American Activities (HCUA), popularly dubbed the House Un-American Activities Committee (HUAC), was an investigative committee of the United States House of Representatives, created in 1938 to investigate alleged disloy ...
and a special subcommittee of the
United States House Committee on Armed Services
The U.S. House Committee on Armed Services, commonly known as the House Armed Services Committee or HASC, is a standing committee of the United States House of Representatives. It is responsible for funding and oversight of the Department of Defe ...
revealed severe cases of ignorance in personnel security regulations, prompting the former personnel director and the director of security to step down and leading to the adoption of stricter security practices.
[David Kahn, ''The Codebreakers'', Scribner Press, 1967, chapter 19, pp. 672–733.] Nonetheless, security breaches reoccurred only a year later when in an issue of ''
Izvestia
''Izvestia'' ( rus, Известия, p=ɪzˈvʲesʲtʲɪjə, "The News") is a daily broadsheet newspaper in Russia. Founded in 1917, it was a newspaper of record in the Soviet Union until the Soviet Union's dissolution in 1991, and describes ...
'' of July 23, 1963, a former NSA employee published several cryptologic secrets.
The very same day, an NSA clerk-messenger committed
suicide
Suicide is the act of intentionally causing one's own death. Mental disorders (including depression, bipolar disorder, schizophrenia, personality disorders, anxiety disorders), physical disorders (such as chronic fatigue syndrome), and s ...
as ongoing investigations disclosed that he had sold secret information to the Soviets on a regular basis. The reluctance of Congressional houses to look into these affairs had prompted a journalist to write, "If a similar series of tragic blunders occurred in any ordinary agency of Government an aroused public would insist that those responsible be officially censured, demoted, or fired."
David Kahn criticized the NSA's tactics of concealing its doings as smug and the Congress' blind faith in the agency's right-doing as shortsighted, and pointed out the necessity of surveillance by the Congress to prevent abuse of power.
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
's leaking of the existence of
PRISM
Prism usually refers to:
* Prism (optics), a transparent optical component with flat surfaces that refract light
* Prism (geometry), a kind of polyhedron
Prism may also refer to:
Science and mathematics
* Prism (geology), a type of sedimentary ...
in 2013 caused the NSA to institute a "
two-man rule
The two-man rule is a control mechanism designed to achieve a high level of security for especially critical material or operations. Under this rule, access and actions require the presence of two or more authorized people at all times.
United St ...
", where two system administrators are required to be present when one accesses certain sensitive information.
Snowden claims he suggested such a rule in 2009.
Polygraphing
The NSA conducts
polygraph
A polygraph, often incorrectly referred to as a lie detector test, is a device or procedure that measures and records several physiological indicators such as blood pressure, pulse, respiration, and skin conductivity while a person is asked an ...
tests of employees. For new employees, the tests are meant to discover enemy spies who are applying to the NSA and to uncover any information that could make an applicant pliant to coercion.
As part of the latter, historically ''EPQs'' or "embarrassing personal questions" about sexual behavior had been included in the NSA polygraph.
The NSA also conducts five-year periodic reinvestigation polygraphs of employees, focusing on counterintelligence programs. In addition the NSA conducts periodic polygraph investigations in order to find spies and leakers; those who refuse to take them may receive "termination of employment", according to a 1982 memorandum from the director of the NSA.
There are also "special access examination" polygraphs for employees who wish to work in highly sensitive areas, and those polygraphs cover counterintelligence questions and some questions about behavior.
NSA's brochure states that the average test length is between two and four hours.
A 1983 report of the
Office of Technology Assessment
The Office of Technology Assessment (OTA) was an office of the United States Congress that operated from 1974 to 1995. OTA's purpose was to provide congressional members and committees with objective and authoritative analysis of the complex scien ...
stated that "It appears that the NSA
ational Security Agency(and possibly CIA) use the polygraph not to determine deception or truthfulness per se, but as a technique of interrogation to encourage admissions." Sometimes applicants in the polygraph process confess to committing felonies such as murder, rape, and selling of illegal drugs. Between 1974 and 1979, of the 20,511 job applicants who took polygraph tests, 695 (3.4%) confessed to previous felony crimes; almost all of those crimes had been undetected.
In 2010 the NSA produced a video explaining its polygraph process.
The video, ten minutes long, is titled "The Truth About the Polygraph" and was posted to the Web site of the
Defense Security Service
The Defense Counterintelligence and Security Agency (DCSA) is a federasecurityand defense agency of the United States Department of Defense (DoD) that reports to the Under Secretary of Defense for Intelligence.DCSA is the largest counterintellige ...
. Jeff Stein of ''
The Washington Post
''The Washington Post'' (also known as the ''Post'' and, informally, ''WaPo'') is an American daily newspaper published in Washington, D.C. It is the most widely circulated newspaper within the Washington metropolitan area and has a large nati ...
'' said that the video portrays "various applicants, or actors playing them—it's not clear—describing everything bad they had heard about the test, the implication being that none of it is true."
[Stein, Jeff.]
NSA lie detectors no sweat, video says
" ''The Washington Post''. June 14, 2010. Retrieved July 5, 2013. AntiPolygraph.org argues that the NSA-produced video omits some information about the polygraph process; it produced a video responding to the NSA video.
George Maschke, the founder of the Web site, accused the NSA polygraph video of being "
Orwellian
"Orwellian" is an adjective describing a situation, idea, or societal condition that George Orwell identified as being destructive to the welfare of a free and open society. It denotes an attitude and a brutal policy of draconian control by pr ...
".
A 2013 article indicated that after
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
revealed his identity in 2013, the NSA began requiring polygraphing of employees once per quarter.
[Drezner, Daniel.]
Tone-Deaf at the Listening Post
." ''Foreign Policy
A State (polity), state's foreign policy or external policy (as opposed to internal or domestic policy) is its objectives and activities in relation to its interactions with other states, unions, and other political entities, whether bilaterall ...
''. December 16, 2013. Retrieved March 1, 2014. "Snowden has also changed the way the NSA is doing business. Analysts have gone from being polygraphed once every five years to once every quarter."
Arbitrary firing
The number of exemptions from legal requirements has been criticized. When in 1964 Congress was hearing a bill giving the director of the NSA the power to fire at will any employee, ''The Washington Post'' wrote: "This is the very definition of arbitrariness. It means that an employee could be discharged and disgraced on the basis of anonymous allegations without the slightest opportunity to defend himself." Yet, the bill was accepted by an overwhelming majority.
Also, every person hired to a job in the US after 2007, at any private organization, state or federal government agency, ''must'' be reported to the
New Hire Registry The New Hire Registry is a program established in the United States pursuant to the ''Personal Responsibility and Work Opportunity Reconciliation Act'' (PRWORA) of 1996, 42 U.S.C. 653a, which required each state, the District of Columbia, and the Fe ...
, ostensibly to look for
child support
Child support (or child maintenance) is an ongoing, periodic payment made by a parent for the financial benefit of a child (or parent, caregiver, guardian) following the end of a marriage or other similar relationship. Child maintenance is paid d ...
evaders, ''except'' that employees of an intelligence agency may be excluded from reporting if the director deems it necessary for national security reasons.
Facilities
Headquarters
History of headquarters
When the agency was first established, its headquarters and cryptographic center were in the Naval Security Station in Washington, D.C. The COMINT functions were located in
Arlington Hall
Arlington Hall (also called Arlington Hall Station) is a historic building in Arlington, Virginia, originally a girls' school and later the headquarters of the United States Army's Signal Intelligence Service (SIS) cryptography effort during Worl ...
in
Northern Virginia
Northern Virginia, locally referred to as NOVA or NoVA, comprises several counties and independent cities in the Commonwealth of Virginia in the United States. It is a widespread region radiating westward and southward from Washington, D.C. Wit ...
, which served as the headquarters of the
U.S. Army
The United States Army (USA) is the land service branch of the United States Armed Forces. It is one of the eight U.S. uniformed services, and is designated as the Army of the United States in the U.S. Constitution.Article II, section 2, cla ...
's cryptographic operations.
Because the
Soviet Union
The Soviet Union,. officially the Union of Soviet Socialist Republics. (USSR),. was a transcontinental country that spanned much of Eurasia from 1922 to 1991. A flagship communist state, it was nominally a federal union of fifteen national ...
had detonated a nuclear bomb and because the facilities were crowded, the federal government wanted to move several agencies, including the AFSA/NSA. A planning committee considered
Fort Knox
Fort Knox is a United States Army installation in Kentucky, south of Louisville and north of Elizabethtown. It is adjacent to the United States Bullion Depository, which is used to house a large portion of the United States' official gold res ...
, but
Fort Meade
Fort George G. Meade is a United States Army installation located in Maryland, that includes the Defense Information School, the Defense Media Activity, the United States Army Field Band, and the headquarters of United States Cyber Command, the N ...
,
Maryland
Maryland ( ) is a state in the Mid-Atlantic region of the United States. It shares borders with Virginia, West Virginia, and the District of Columbia to its south and west; Pennsylvania to its north; and Delaware and the Atlantic Ocean to ...
, was ultimately chosen as NSA headquarters because it was far enough away from Washington, D.C. in case of a nuclear strike and was close enough so its employees would not have to move their families.
Construction of additional buildings began after the agency occupied buildings at Fort Meade in the late 1950s, which they soon outgrew.
In 1963 the new headquarters building, nine stories tall, opened. NSA workers referred to the building as the "Headquarters Building" and since the NSA management occupied the top floor, workers used "Ninth Floor" to refer to their leaders. COMSEC remained in Washington, D.C., until its new building was completed in 1968.
In September 1986, the Operations 2A and 2B buildings, both copper-shielded to prevent
eavesdropping
Eavesdropping is the act of secretly or stealthily listening to the private conversation or communications of others without their consent in order to gather information.
Etymology
The verb ''eavesdrop'' is a back-formation from the noun ''eaves ...
, opened with a dedication by President
Ronald Reagan
Ronald Wilson Reagan ( ; February 6, 1911June 5, 2004) was an American politician, actor, and union leader who served as the 40th president of the United States from 1981 to 1989. He also served as the 33rd governor of California from 1967 ...
.
The four NSA buildings became known as the "Big Four."
The NSA director moved to 2B when it opened.
Headquarters for the National Security Agency is located at in
Fort George G. Meade
Fort George G. Meade is a United States Army installation located in Maryland, that includes the Defense Information School, the Defense Media Activity, the United States Army Field Band, and the headquarters of United States Cyber Command, the N ...
,
Maryland
Maryland ( ) is a state in the Mid-Atlantic region of the United States. It shares borders with Virginia, West Virginia, and the District of Columbia to its south and west; Pennsylvania to its north; and Delaware and the Atlantic Ocean to ...
, although it is separate from other compounds and agencies that are based within this same military installation. Fort Meade is about southwest of
Baltimore
Baltimore ( , locally: or ) is the List of municipalities in Maryland, most populous city in the U.S. state of Maryland, fourth most populous city in the Mid-Atlantic (United States), Mid-Atlantic, and List of United States cities by popula ...
, and northeast of Washington, D.C.
["Just off the Baltimore-Washington Parkway, about 25 miles northeast of Washington, is a secret city. Fort Meade, in suburban Maryland, is home to the National Security Agency – the NSA, sometimes wryly referred to as No Such Agency or Never Say Anything." and "It contains almost 70 miles of roads, 1,300 buildings, each identified by a number, and 18,000 parking spaces as well as a shopping centre, golf courses, chain restaurants and every other accoutrement of Anywhere, USA." in ] The NSA has two dedicated exits off
Baltimore–Washington Parkway
The Baltimore–Washington Parkway (also referred to as the B–W Parkway) is a highway in the U.S. state of Maryland, running southwest from Baltimore to Washington, D.C. The road begins at an interchange with U.S. Route 50 (US 50 ...
. The Eastbound exit from the Parkway (heading toward Baltimore) is open to the public and provides employee access to its main campus and public access to the National Cryptology Museum. The Westbound side exit, (heading toward Washington) is labeled "NSA Employees Only". The exit may only be used by people with the proper clearances, and security vehicles parked along the road guard the entrance.
NSA is the largest employer in the state of Maryland, and two-thirds of its personnel work at Fort Meade.
Built on
of Fort Meade's , the site has 1,300 buildings and an estimated 18,000 parking spaces.
The main NSA headquarters and operations building is what
James Bamford
James Bamford (born September 15, 1946) is an American author, journalist and documentary producer noted for his writing about United States intelligence agency, intelligence agencies, especially the National Security Agency (NSA). ''The New Y ...
, author of ''
Body of Secrets
''Body of Secrets: Anatomy of the Ultra-Secret National Security Agency'' is a book by James Bamford about the NSA and its operations. It also covers the history of espionage in the United States from uses of the Fulton surface-to-air recovery s ...
'', describes as "a modern boxy structure" that appears similar to "any stylish office building."
Bamford
Bamford is a village in the Peak District, Derbyshire, England, close to the River Derwent. To the north-east is Bamford Edge, and to the north-west the Ladybower, Derwent and Howden Reservoirs. At the 2011 census, it had a population of 1,241 ...
, ''Body of Secrets
''Body of Secrets: Anatomy of the Ultra-Secret National Security Agency'' is a book by James Bamford about the NSA and its operations. It also covers the history of espionage in the United States from uses of the Fulton surface-to-air recovery s ...
: Anatomy of the Ultra-Secret National Security Agency''
p. 488
"At the heart of the invisible city is NSA's massive Headquarters/Operations Building. With more than sixty-eight acres of floor space, .. and "Entrance is first made through the two-story Visitor Control Center, one .. The building is covered with one-way dark glass, which is lined with copper shielding in order to prevent espionage by trapping in signals and sounds.
It contains , or more than , of floor space; Bamford said that the
U.S. Capitol
The United States Capitol, often called The Capitol or the Capitol Building, is the Seat of government, seat of the Legislature, legislative branch of the Federal government of the United States, United States federal government, which is form ...
"could easily fit inside it four times over."
The facility has over 100 watchposts,
Bamford
Bamford is a village in the Peak District, Derbyshire, England, close to the River Derwent. To the north-east is Bamford Edge, and to the north-west the Ladybower, Derwent and Howden Reservoirs. At the 2011 census, it had a population of 1,241 ...
, ''Body of Secrets: Anatomy of the Ultra-Secret National Security Agency'', p
488
489. " ..ne of more than 100 fixed watch posts within the secret city manned by the armed NSA police. It is here that clearances are checked and visitor badges are issued." one of them being the visitor control center, a two-story area that serves as the entrance.
At the entrance, a white pentagonal structure,
Bamford
Bamford is a village in the Peak District, Derbyshire, England, close to the River Derwent. To the north-east is Bamford Edge, and to the north-west the Ladybower, Derwent and Howden Reservoirs. At the 2011 census, it had a population of 1,241 ...
, ''Body of Secrets: Anatomy of the Ultra-Secret National Security Agency'', p. 490. "And then there is the red badge— ..nd is normally worn by people working in the "Red Corridor"—the drugstore and other concession areas ..hose with a red badge are forbidden to go anywhere near classified information and are restricted to a few corridors and administrative areas—the bank, the barbershop, the cafeteria, the credit union, the airline and entertainment ticket counters." and "Once inside the white, pentagonal Visitor Control Center, employees are greeted by a six-foot painting of the NSA seal .. visitor badges are issued to visitors and security clearances of employees are checked.
Bamford
Bamford is a village in the Peak District, Derbyshire, England, close to the River Derwent. To the north-east is Bamford Edge, and to the north-west the Ladybower, Derwent and Howden Reservoirs. At the 2011 census, it had a population of 1,241 ...
, ''Body of Secrets: Anatomy of the Ultra-Secret National Security Agency'', p. 489. "It is here that clearances are checked and visitor badges are issued." The visitor center includes a painting of the NSA seal.
The OPS2A building, the tallest building in the NSA complex and the location of much of the agency's operations directorate, is accessible from the visitor center. Bamford described it as a "dark glass
Rubik's Cube
The Rubik's Cube is a Three-dimensional space, 3-D combination puzzle originally invented in 1974 by Hungarians, Hungarian sculptor and professor of architecture Ernő Rubik. Originally called the Magic Cube, the puzzle was licensed by Rubik t ...
". The facility's "red corridor" houses non-security operations such as concessions and the drug store. The name refers to the "red badge" which is worn by someone without a security clearance. The NSA headquarters includes a cafeteria, a credit union, ticket counters for airlines and entertainment, a barbershop, and a bank.
NSA headquarters has its own post office, fire department, and police force.
The employees at the NSA headquarters reside in various places in the
Baltimore-Washington area, including
Annapolis
Annapolis ( ) is the capital city of the U.S. state of Maryland and the county seat of, and only incorporated city in, Anne Arundel County. Situated on the Chesapeake Bay at the mouth of the Severn River, south of Baltimore and about east o ...
, Baltimore, and
Columbia in Maryland and the District of Columbia, including the
Georgetown community.
[Explore NSA]
"
Archive
National Security Agency. Retrieved June 12, 2013. "Other Locations" and "Our employees live along the Colonial-era streets of Annapolis and Georgetown; in the suburban surroundings of Columbia; near the excitement of Baltimore's Inner Harbor; along rolling hills adjacent to working farms; near the shores of the Chesapeake Bay; and amid the monumental history of Washington, DC." The NSA maintains a shuttle service from the
Odenton station
Odenton is a passenger rail station on the MARC Train, MARC Penn Line (MARC), Penn Line. It is located along the Northeast Corridor; Amtrak trains operating along the corridor pass through but do not stop. Both platforms at the station are high-le ...
of
MARC Marc or MARC may refer to:
People
* Marc (given name), people with the first name
* Marc (surname), people with the family name
Acronyms
* MARC standards, a data format used for library cataloging,
* MARC Train, a regional commuter rail system of ...
to its Visitor Control Center and has done so since 2005.
Power consumption
Following a major power outage in 2000, in 2003, and in follow-ups through 2007, ''
The Baltimore Sun
''The Baltimore Sun'' is the largest general-circulation daily newspaper based in the U.S. state of Maryland and provides coverage of local and regional news, events, issues, people, and industries.
Founded in 1837, it is currently owned by Tr ...
'' reported that the NSA was at risk of electrical overload because of insufficient internal electrical infrastructure at Fort Meade to support the amount of equipment being installed. This problem was apparently recognized in the 1990s but not made a priority, and "now the agency's ability to keep its operations going is threatened."
[ and "Agency officials anticipated the problem nearly a decade ago as they looked ahead at the technology needs of the agency, sources said, but it was never made a priority, and now the agency's ability to keep its operations going is threatened." and "The NSA is Baltimore Gas & Electric's largest customer, using as much electricity as the city of Annapolis, according to James Bamford...." in and and ]
On August 6, 2006, ''The Baltimore Sun'' reported that the NSA had completely maxed out the grid, and that Baltimore Gas & Electric (BGE, now
Constellation Energy
Constellation Energy Corporation () is an energy company headquartered in Baltimore, Maryland, United States. The company provides electric power, natural gas, and energy management services. It has approximately two million customers across th ...
) was unable to sell them any more power. NSA decided to move some of its operations to a new satellite facility.
BGE provided NSA with 65 to 75
megawatts
The watt (symbol: W) is the unit of power or radiant flux in the International System of Units (SI), equal to 1 joule per second or 1 kg⋅m2⋅s−3. It is used to quantify the rate of energy transfer. The watt is named after James Watt ...
at Fort Meade in 2007, and expected that an increase of 10 to 15 megawatts would be needed later that year. In 2011, the NSA was Maryland's largest consumer of power.
In 2007, as BGE's largest customer, NSA bought as much electricity as
Annapolis
Annapolis ( ) is the capital city of the U.S. state of Maryland and the county seat of, and only incorporated city in, Anne Arundel County. Situated on the Chesapeake Bay at the mouth of the Severn River, south of Baltimore and about east o ...
, the capital city of Maryland.
One estimate put the potential for power consumption by the new
Utah Data Center
The Utah Data Center (UDC), also known as the Intelligence Community Comprehensive National Cybersecurity Initiative Data Center, is a data storage facility for the United States Intelligence Community that is designed to store data estimated to b ...
at 40 million per year.
Computing assets
In 1995, ''
The Baltimore Sun
''The Baltimore Sun'' is the largest general-circulation daily newspaper based in the U.S. state of Maryland and provides coverage of local and regional news, events, issues, people, and industries.
Founded in 1837, it is currently owned by Tr ...
'' reported that the NSA is the owner of the single largest group of
supercomputer
A supercomputer is a computer with a high level of performance as compared to a general-purpose computer. The performance of a supercomputer is commonly measured in floating-point operations per second ( FLOPS) instead of million instructions ...
s.
NSA held a groundbreaking ceremony at Fort Meade in May 2013 for its High Performance Computing Center 2, expected to open in 2016. Called Site M, the center has a 150 megawatt power substation, 14 administrative buildings and 10 parking garages.
It cost 3.2 billion and covers .
The center is
and initially uses 60 megawatts of electricity.
Increments II and III are expected to be completed by 2030, and would quadruple the space, covering with 60 buildings and 40 parking garages.
Defense contractor
The arms industry, also known as the arms trade, is a global industry which manufactures and sells weapons and military technology. It consists of a commercial industry involved in the research and development, engineering, production, and serv ...
s are also establishing or expanding
cybersecurity
Computer security, cybersecurity (cyber security), or information technology security (IT security) is the protection of computer systems and networks from attack by malicious actors that may result in unauthorized information disclosure, the ...
facilities near the NSA and around the
Washington metropolitan area
The Washington metropolitan area, also commonly referred to as the National Capital Region, is the metropolitan area centered on Washington, D.C. The metropolitan area includes all of Washington, D.C. and parts of the states of Maryland, Virgin ...
.
National Computer Security Center
The DoD Computer Security Center was founded in 1981 and renamed the National Computer Security Center (NCSC) in 1985. NCSC was responsible for computer security throughout the federal government. NCSC was part of NSA, and during the late 1980s and the 1990s, NSA and NCSC published
Trusted Computer System Evaluation Criteria
Trusted Computer System Evaluation Criteria (TCSEC) is a United States Government Department of Defense (DoD) standard that sets basic requirements for assessing the effectiveness of computer security controls built into a computer system. The TCS ...
in a six-foot high
Rainbow Series
The Rainbow Series (sometimes known as the Rainbow Books) is a series of computer security standards and guidelines published by the United States government in the 1980s and 1990s. They were originally published by the U.S. Department of Defens ...
of books that detailed trusted computing and network platform specifications.
The Rainbow books were replaced by the
Common Criteria
The Common Criteria for Information Technology Security Evaluation (referred to as Common Criteria or CC) is an international standard (ISO/IEC 15408) for computer security certification. It is currently in version 3.1 revision 5.
Common Criteria ...
, however, in the early 2000s.
Other U.S. facilities
As of 2012, NSA collected intelligence from four
geostationary satellites
A geostationary orbit, also referred to as a geosynchronous equatorial orbit''Geostationary orbit'' and ''Geosynchronous (equatorial) orbit'' are used somewhat interchangeably in sources. (GEO), is a circular geosynchronous orbit in altitude ...
.
Satellite receivers were at
Roaring Creek Station Roaring Creek Earth Station is a satellite ground station operated by AT&T and located approximately south of Catawissa, Pennsylvania, Catawissa, Pennsylvania at 311 Earth Station Rd, Catawissa, PA 17820. The facility includes three dishes that ha ...
in
Catawissa, Pennsylvania
Catawissa is a borough in Columbia County, Pennsylvania. It is part of Northeastern Pennsylvania. The population was 1,539 at the 2020 census. It is part of the Bloomsburg– Berwick Metropolitan Statistical Area.
Catawissa is twinned with ...
and
Salt Creek Station Salt Creek Earth Station is a satellite ground station located approximately southwest of Arbuckle, California, Arbuckle, California. It is licensed to Xaba Ranch, LLC, a real estate holding company. The site was formerly licensed to AT&T Corporati ...
in
Arbuckle, California
Arbuckle is a census-designated place (CDP) in Colusa County, California, United States. The population was 3,028 at the 2010 census, up from 2,332 at the 2000 census. Arbuckle is situated in the southerly portion of Colusa County, approximately ...
.
It operated ten to twenty
taps on U.S. telecom switches. NSA had installations in several U.S. states and from them observed intercepts from Europe, the Middle East, North Africa, Latin America, and Asia.
NSA had facilities at
Friendship Annex
The Friendship Annex, also known as FANX or FANEX, is a National Security Agency (NSA) facility complex located in Linthicum, Maryland, near the Baltimore Washington International Airport (BWI).Hersh, p. 5.Pike. Established in the 1970s, the compl ...
(FANX) in
Linthicum, Maryland
Linthicum is a census-designated place (CDP) and unincorporated community in Anne Arundel County, Maryland, Anne Arundel County, Maryland, United States. The population was 10,324 at the 2010 census. It is located directly north of Baltimore–Wa ...
, which is a 20 to 25-minute drive from Fort Meade; the
Aerospace Data Facility at
Buckley Space Force Base
Buckley Space Force Base is a United States Space Force base in Aurora, Colorado named after United States Army Air Service First Lieutenant John Harold Buckley. The base is run by Space Base Delta 2, with major units including the U.S. Space For ...
in
Aurora
An aurora (plural: auroras or aurorae), also commonly known as the polar lights, is a natural light display in Earth's sky, predominantly seen in high-latitude regions (around the Arctic and Antarctic). Auroras display dynamic patterns of bri ...
, Colorado; NSA Texas in the
Texas Cryptology Center
The NSA/CSS Texas Cryptologic Center (TCC), also known as the Texas Cryptology Center, Texas Cryptographic Center or NSA Texas, is a satellite campus at the Medina Annex, Lackland Air Force Base, San Antonio, Texas, operated by the U.S. National ...
at
Lackland Air Force Base
Lackland Air Force Base is a United States Air Force (USAF) base located in Bexar County, Texas. The base is under the jurisdiction of the 802d Mission Support Group, Air Education and Training Command (AETC) and an enclave of the city of Sa ...
in
San Antonio
("Cradle of Freedom")
, image_map =
, mapsize = 220px
, map_caption = Interactive map of San Antonio
, subdivision_type = Country
, subdivision_name = United States
, subdivision_type1= U.S. state, State
, subdivision_name1 = Texas
, s ...
, Texas; NSA Georgia,
Georgia Cryptologic Center The Georgia Cryptologic Center (GCC) or NSA Georgia, codenamed "Sweet Tea", is a U.S. National Security Agency (NSA) Central Security Service (CSS) facility located within Fort Gordon in Augusta, Georgia. The facility opened on March 5, 2012 at a ...
,
Fort Gordon
Fort Gordon, formerly known as Camp Gordon, is a United States Army installation established in October 1941. It is the current home of the United States Army Signal Corps, United States Army Cyber Command, and the Cyber Center of Excellence. It ...
,
Augusta, Georgia
Augusta ( ), officially Augusta–Richmond County, is a consolidated city-county on the central eastern border of the U.S. state of Georgia (U.S. state), Georgia. The city lies across the Savannah River from South Carolina at the head of its navig ...
; NSA Hawaii,
Hawaii Cryptologic Center
Hawaii ( ; haw, Hawaii or ) is a state in the Western United States, located in the Pacific Ocean about from the U.S. mainland. It is the only U.S. state outside North America, the only state that is an archipelago, and the only state ...
in
Honolulu
Honolulu (; ) is the capital and largest city of the U.S. state of Hawaii, which is in the Pacific Ocean. It is an unincorporated county seat of the consolidated City and County of Honolulu, situated along the southeast coast of the island ...
; the
Multiprogram Research Facility The Multiprogram Research Facility (MRF, also known as Building 5300) is a facility at the Oak Ridge National Laboratory in Oak Ridge, Tennessee. It is used by the U.S. National Security Agency (NSA) to design and build supercomputers for cryptan ...
in
Oak Ridge, Tennessee
Oak Ridge is a city in Anderson and Roane counties in the eastern part of the U.S. state of Tennessee, about west of downtown Knoxville. Oak Ridge's population was 31,402 at the 2020 census. It is part of the Knoxville Metropolitan Area. Oak ...
, and elsewhere.
On January 6, 2011, a groundbreaking ceremony was held to begin construction on NSA's first Comprehensive National Cyber-security Initiative (CNCI) Data Center, known as the "
Utah Data Center
The Utah Data Center (UDC), also known as the Intelligence Community Comprehensive National Cybersecurity Initiative Data Center, is a data storage facility for the United States Intelligence Community that is designed to store data estimated to b ...
" for short. The $1.5B data center is being built at
Camp Williams
Camp W. G. Williams, commonly known as Camp Williams, also known as Army Garrison Camp Williams, is a National Guard training site operated by the Utah National Guard. It is located south of Bluffdale, west of Lehi, and north of Saratoga Spri ...
,
Utah
Utah ( , ) is a state in the Mountain West subregion of the Western United States. Utah is a landlocked U.S. state bordered to its east by Colorado, to its northeast by Wyoming, to its north by Idaho, to its south by Arizona, and to it ...
, located south of
Salt Lake City
Salt Lake City (often shortened to Salt Lake and abbreviated as SLC) is the Capital (political), capital and List of cities and towns in Utah, most populous city of Utah, United States. It is the county seat, seat of Salt Lake County, Utah, Sal ...
, and will help support the agency's National Cyber-security Initiative. It is expected to be operational by September 2013.
Construction of Utah Data Center finished in May 2019.
In 2009, to protect its assets and access more electricity, NSA sought to decentralize and expand its existing facilities in Fort Meade and Menwith Hill, the latter expansion expected to be completed by 2015.
The ''
Yakima Herald-Republic
The ''Yakima Herald-Republic'' is a newspaper published in Yakima, Washington, and distributed throughout Yakima, Kittitas and Klickitat counties as well as northwest Benton County. It is Washington state's seventh-largest daily newspaper. The ne ...
'' cited Bamford, saying that many of NSA's bases for its Echelon program were a
legacy system
In computing, a legacy system is an old method, technology, computer system, or application program, "of, relating to, or being a previous or outdated computer system", yet still in use. Often referencing a system as "legacy" means that it paved ...
, using outdated, 1990s technology.
["It's kind of a legacy system, this whole idea, the Echelon," Bamford said. "Communications have changed a great deal since they built it." in ] In 2004, NSA closed its operations at
Bad Aibling Station
The Bad Aibling Station (BAS), also known as the 18th United States Army Security Agency Field Station, Field station 81, and Hortensie III is a satellite tracking station operated by the German SIGINT agency BND from nearby ''Mangfall Barracks' ...
(Field Station 81) in
Bad Aibling
Bad Aibling () is a spa town and former district seat in Bavaria on the river Mangfall, located some southeast of Munich. It features a luxury health resort with a peat pulp bath and mineral spa.
History
Bad Aibling and its surroundings ...
, Germany. In 2012, NSA began to move some of its operations at Yakima Research Station,
Yakima Training Center
The Yakima Training Center (YTC) is a United States Army training center, used for maneuver training, Land Warrior system testing and as a live fire exercise area. It is located in the south central portion of the U.S. state of Washington, bounde ...
, in Washington state to Colorado, planning to leave Yakima closed. As of 2013, NSA also intended to close operations at
Sugar Grove, West Virginia Sugar Grove is a community located in Pendleton County, West Virginia, United States. Its ZIP Code is 26815. It is located within the United States National Radio Quiet Zone.
The community was named for a sugar orchard at the original town site. ...
.
International stations
Following the signing in 1946–1956 of the
UKUSA Agreement
The United Kingdom – United States of America Agreement (UKUSA, ) is a multilateral agreement for cooperation in signals intelligence between Australia, Canada, New Zealand, the United Kingdom, and the United States. The alliance of intellig ...
between the United States, United Kingdom, Canada, Australia and New Zealand, who then cooperated on
signals intelligence
Signals intelligence (SIGINT) is intelligence-gathering by interception of ''signals'', whether communications between people (communications intelligence—abbreviated to COMINT) or from electronic signals not directly used in communication ( ...
and
ECHELON
ECHELON, originally a secret government code name, is a surveillance program (signals intelligence/SIGINT collection and analysis network) operated by the five signatory states to the UKUSA Security Agreement:Given the 5 dialects that use ...
, NSA stations were built at
GCHQ Bude
GCHQ Bude, also known as GCHQ Composite Signals Organisation Station Morwenstow, abbreviated to GCHQ CSO Morwenstow, is a UK Government satellite ground station and eavesdropping centre located on the north Cornwall coast at Cleave Camp, betwee ...
in
Morwenstow
Morwenstow ( kw, Logmorwenna) is a civil parish in north Cornwall, UK. The parish abuts the west coast, about six miles (10 km) north of Bude and within the Cornwall Area of Outstanding Natural Beauty (AONB).
Morwenstow is the most norther ...
, United Kingdom;
Geraldton
Geraldton (Wajarri: ''Jambinu'', Wilunyu: ''Jambinbirri'') is a coastal city in the Mid West region of the Australian state of Western Australia, north of the state capital, Perth.
At June 2018, Geraldton had an urban population of 37,648. ...
,
Pine Gap
Pine Gap is a satellite surveillance base and Australian Earth station approximately south-west of the town of Alice Springs, Northern Territory in the center of Australia. It is jointly operated by Australia and the United States, and since ...
and
Shoal Bay
In oceanography, geomorphology, and Earth science, geoscience, a shoal is a natural submerged ridge, bank (geography), bank, or bar that consists of, or is covered by, sand or other unconsolidated material and rises from the bed of a body o ...
, Australia;
Leitrim and
Ottawa
Ottawa (, ; Canadian French: ) is the capital city of Canada. It is located at the confluence of the Ottawa River and the Rideau River in the southern portion of the province of Ontario. Ottawa borders Gatineau, Quebec, and forms the core ...
, Ontario, Canada;
Misawa, Japan; and
Waihopai and
Tangimoana
Tangimoana is a community in the Manawatū-Whanganui Region of the North Island of New Zealand. It had a population of 303 permanent residents in 2018. It is located 15 kilometres southwest of Bulls, and 30 kilometres west of Palmerston North.
T ...
, New Zealand.
NSA operates
RAF Menwith Hill
Royal Air Force Menwith Hill is a Royal Air Force station near Harrogate, North Yorkshire, England, which provides communications and intelligence support services to the United Kingdom and the United States. The site contains an extensive sate ...
in North Yorkshire, United Kingdom, which was, according to
BBC News
BBC News is an operational business division of the British Broadcasting Corporation (BBC) responsible for the gathering and broadcasting of news and current affairs in the UK and around the world. The department is the world's largest broadca ...
in 2007, the largest electronic monitoring station in the world. Planned in 1954, and opened in 1960, the base covered in 1999.
The agency's
European Cryptologic Center
The Dagger Complex is a US military base in Darmstadt (Germany), close to Griesheim and located at the ''Eberstädter Weg'', south of the August-Euler-Airfield.
The complex is under US Army Intelligence and Security Command (INSCOM) command o ...
(ECC), with 240 employees in 2011, is headquartered at a US military compound in
Griesheim, near
Frankfurt
Frankfurt, officially Frankfurt am Main (; Hessian: , "Frank ford on the Main"), is the most populous city in the German state of Hesse. Its 791,000 inhabitants as of 2022 make it the fifth-most populous city in Germany. Located on its na ...
in Germany. A 2011 NSA report indicates that the ECC is responsible for the "largest analysis and productivity in Europe" and focuses on various priorities, including Africa, Europe, the Middle East and counterterrorism operations.
In 2013, a new Consolidated Intelligence Center, also to be used by NSA, is being built at the headquarters of the
United States Army Europe
United States Army Europe and Africa (USAREUR-AF) is an Army Service Component Command (ASCC) /Theater Army responsible for directing United States Army operations throughout the U.S. European Command (EUCOM) and U.S. Africa Command (AFRICO ...
in
Wiesbaden
Wiesbaden () is a city in central western Germany and the capital of the state of Hesse. , it had 290,955 inhabitants, plus approximately 21,000 United States citizens (mostly associated with the United States Army). The Wiesbaden urban area ...
, Germany.
NSA's partnership with
Bundesnachrichtendienst
The Federal Intelligence Service (German: ; , BND) is the foreign intelligence agency of Germany, directly subordinate to the Chancellor's Office. The BND headquarters is located in central Berlin and is the world's largest intelligence head ...
(BND), the German foreign intelligence service, was confirmed by BND president
Gerhard Schindler
Gerhard Schindler (born 4 October 1952 in Kollig, West Germany) is a German civil servant and former President of the ''Bundesnachrichtendienst'' (BND), the German Federal Intelligence Service.
Life
Schindler's parents are from Transylvania and ...
.
Thailand
Thailand
Thailand ( ), historically known as Siam () and officially the Kingdom of Thailand, is a country in Southeast Asia, located at the centre of the Indochinese Peninsula, spanning , with a population of almost 70 million. The country is bo ...
is a "3rd party partner" of the NSA along with nine other nations.
These are non-English-speaking countries that have made security agreements for the exchange of SIGINT raw material and end product reports.
Thailand is the site of at least two US SIGINT collection stations. One is at the
US Embassy
The United States has the second most diplomatic missions of any country in the world after Mainland China, including 166 of the 193 member countries of the United Nations, as well as observer state Vatican City and non-member countries Kosovo a ...
in
Bangkok
Bangkok, officially known in Thai language, Thai as Krung Thep Maha Nakhon and colloquially as Krung Thep, is the capital and most populous city of Thailand. The city occupies in the Chao Phraya River delta in central Thailand and has an estima ...
, a joint NSA-
CIA
The Central Intelligence Agency (CIA ), known informally as the Agency and historically as the Company, is a civilian intelligence agency, foreign intelligence service of the federal government of the United States, officially tasked with gat ...
Special Collection Service (SCS) unit. It presumably eavesdrops on foreign embassies, governmental communications, and other targets of opportunity.
The second installation is a FORNSAT (foreign satellite interception) station in the Thai city of Khon Kaen. It is codenamed INDRA, but has also been referred to as LEMONWOOD.
The station is approximately in size and consists of a large 3,700–4,600 m
2 (40,000–50,000 ft
2) operations building on the west side of the ops compound and four radome-enclosed parabolic antennas. Possibly two of the radome-enclosed antennas are used for SATCOM intercept and two antennas used for relaying the intercepted material back to NSA. There is also a PUSHER-type circularly-disposed antenna array (CDAA) just north of the ops compound.
NSA activated Khon Kaen in October 1979. Its mission was to eavesdrop on the radio traffic of People's Liberation Army, Chinese army and People's Liberation Army Air Force, air force units in southern China, especially in and around the city of Kunming in Yunnan Province. In the late 1970s, the base consisted only of a small CDAA antenna array that was remote-controlled via satellite from the NSA listening post at Kunia Camp, Hawaii, Kunia, Hawaii, and a small force of civilian contractors from Bendix Corporation, Bendix Field Engineering Corp. whose job it was to keep the antenna array and satellite relay facilities up and running 24/7.
According to the papers of the late General William Odom, the INDRA facility was upgraded in 1986 with a new British-made PUSHER CDAA antenna as part of an overall upgrade of NSA and Thai SIGINT facilities whose objective was to spy on the neighboring communist nations of Vietnam, Laos, and Cambodia.
The base apparently fell into disrepair in the 1990s as China and Vietnam became more friendly towards the US, and by 2002 archived satellite imagery showed that the PUSHER CDAA antenna had been torn down, perhaps indicating that the base had been closed. At some point in the period since 9/11, the Khon Kaen base was reactivated and expanded to include a sizeable SATCOM intercept mission. It is likely that the NSA presence at Khon Kaen is relatively small, and that most of the work is done by civilian contractors.
Research and development
NSA has been involved in debates about public policy, both indirectly as a behind-the-scenes adviser to other departments, and directly during and after Bobby Ray Inman, Vice Admiral Bobby Ray Inman's directorship. NSA was a major player in the debates of the 1990s regarding the export of cryptography in the United States. Restrictions on export were reduced but not eliminated in 1996.
Its secure government communications work has involved the NSA in numerous technology areas, including the design of specialized communications computer hardware, hardware and software, production of dedicated semiconductors (at the Fort Meade, Maryland, Ft. Meade chip fabrication plant), and advanced cryptography research. For 50 years, NSA designed and built most of its computer equipment in-house, but from the 1990s until about 2003 (when the U.S. Congress curtailed the practice), the agency contracted with the private sector in the fields of research and equipment.
Data Encryption Standard
NSA was embroiled in some controversy concerning its involvement in the creation of the Data Encryption Standard (DES), a standard and public block cipher algorithm used by the U.S. government and banking community.
During the development of DES by
IBM in the 1970s, NSA recommended changes to some details of the design. There was suspicion that these changes had weakened the algorithm sufficiently to enable the agency to eavesdrop if required, including speculation that a critical component—the so-called S-boxes—had been altered to insert a "Backdoor (computing), backdoor" and that the reduction in key length might have made it feasible for NSA to discover DES keys using massive computing power. It has since been observed that the S-boxes in DES are particularly resilient against differential cryptanalysis, a technique which was not publicly discovered until the late 1980s but known to the IBM DES team.
Advanced Encryption Standard
The involvement of NSA in selecting a successor to Data Encryption Standard (DES), the Advanced Encryption Standard (AES), was limited to hardware performance testing (see Advanced Encryption Standard process, AES competition). NSA has subsequently certified AES for protection of classified information when used in NSA-approved systems.
["the NIST standards that define Suite B..." in ]
NSA encryption systems
The NSA is responsible for the encryption-related components in these legacy systems:
* FNBDT Future Narrow Band Digital Terminal
* KL-7 ADONIS off-line rotor encryption machine (post-WWII – 1980s)
* KW-26 ROMULUS electronic in-line teletypewriter encryptor (1960s–1980s)
* KW-37 JASON fleet broadcast encryptor (1960s–1990s)
* KY-57 VINSON tactical radio voice encryptor
* KG-84 Dedicated Data Encryption/Decryption
* STU-III secure telephone unit,
phased out by the Secure Terminal Equipment, STE
The NSA oversees encryption in the following systems that are in use today:
* EKMS Electronic Key Management System
* Fortezza encryption based on portable crypto token in PC Card format
* SINCGARS tactical radio with cryptographically controlled frequency hopping
* Secure Terminal Equipment, STE secure terminal equipment
* TACLANE product line by General Dynamics C4 Systems
The NSA has specified NSA Suite A Cryptography, Suite A and NSA Suite B Cryptography, Suite B cryptographic algorithm suites to be used in U.S. government systems; the Suite B algorithms are a subset of those previously specified by National Institute of Standards and Technology, NIST and are expected to serve for most information protection purposes, while the Suite A algorithms are secret and are intended for especially high levels of protection.
SHA
The widely used SHA-1 and SHA-2 hash functions were designed by NSA. SHA-1 is a slight modification of the weaker SHA-0 algorithm, also designed by NSA in 1993. This small modification was suggested by NSA two years later, with no justification other than the fact that it provides additional security. An attack for SHA-0 that does not apply to the revised algorithm was indeed found between 1998 and 2005 by academic cryptographers. Because of weaknesses and key length restrictions in SHA-1, NIST deprecates its use for digital signatures, and approves only the newer SHA-2 algorithms for such applications from 2013 on.
A new hash standard, SHA-3, has recently been selected through the NIST hash function competition, competition concluded October 2, 2012 with the selection of SHA-3, Keccak as the algorithm. The process to select SHA-3 was similar to the one held in choosing the AES, but some doubts have been cast over it,
since fundamental modifications have been made to Keccak in order to turn it into a standard. These changes potentially undermine the cryptanalysis performed during the competition and reduce the security levels of the algorithm.
Clipper chip
Because of concerns that widespread use of strong cryptography would hamper government use of Telephone tapping, wiretaps, NSA proposed the concept of key escrow in 1993 and introduced the Clipper chip that would offer stronger protection than DES but would allow access to encrypted data by authorized law enforcement officials. The proposal was strongly opposed and key escrow requirements ultimately went nowhere. However, NSA's Fortezza hardware-based encryption cards, created for the Clipper project, are still used within government, and NSA ultimately declassified and published the design of the Skipjack (cipher), Skipjack cipher used on the cards.
Dual EC DRBG random number generator cryptotrojan
NSA promoted the inclusion of a random number generator called
Dual EC DRBG
Dual_EC_DRBG (Dual Elliptic Curve Deterministic Random Bit Generator) is an algorithm that was presented as a cryptographically secure pseudorandom number generator (CSPRNG) using methods in elliptic curve cryptography. Despite wide public criti ...
in the U.S.
National Institute of Standards and Technology
The National Institute of Standards and Technology (NIST) is an agency of the United States Department of Commerce whose mission is to promote American innovation and industrial competitiveness. NIST's activities are organized into physical sci ...
's 2007 guidelines. This led to speculation of a backdoor (computing), backdoor which would allow NSA access to data encrypted by systems using that pseudorandom number generator (PRNG).
This is now deemed to be plausible based on the fact that output of next iterations of PRNG can provably be determined if relation between two internal Elliptic-curve cryptography, Elliptic Curve points is known.
Both NIST and RSA Security, RSA are now officially recommending against the use of this PRNG.
Perfect Citizen
Perfect Citizen is a program to perform Vulnerability assessment (computing), vulnerability assessment by the NSA on U.S. critical infrastructure.
It was originally reported to be a program to develop a system of sensors to detect cyber attacks on critical infrastructure computer networks in both the private and public sector through a network monitoring system named ''Einstein''.
It is funded by the Comprehensive National Cybersecurity Initiative and thus far Raytheon Technologies, Raytheon has received a contract for up to $100 million for the initial stage.
Academic research
NSA has invested many millions of dollars in academic research under grant code prefix ''MDA904'', resulting in over 3,000 papers NSA/CSS has, at times, attempted to restrict the publication of academic research into cryptography; for example, the Khufu and Khafre block ciphers were voluntarily withheld in response to an NSA request to do so. In response to a Freedom of information in the United States, FOIA lawsuit, in 2013 the NSA released the 643-page research paper titled, "Untangling the Web: A Guide to Internet Research," written and compiled by NSA employees to assist other NSA workers in searching for information of interest to the agency on the public Internet.
Patents
NSA has the ability to file for a patent from the U.S. Patent and Trademark Office under gag order. Unlike normal patents, these are not revealed to the public and do not expire. However, if the Patent Office receives an application for an identical patent from a third party, they will reveal NSA's patent and officially grant it to NSA for the full term on that date.
One of NSA's published patents describes a method of geolocation, geographically locating an individual computer site in an Internet-like network, based on the Latency (engineering), latency of multiple network connections. Although no public patent exists, NSA is reported to have used a similar locating technology called trilateralization that allows real-time tracking of an individual's location, including altitude from ground level, using data obtained from cellphone towers.
Insignia and memorials
The heraldic insignia of NSA consists of an bald eagle, eagle inside a circle, grasping a key (lock), key in its talons.
The eagle represents the agency's national mission.
Its breast features a shield with bands of red and white, taken from the Great Seal of the United States and representing Congress.
The key is taken from the emblem of Saint Peter and represents security.
When the NSA was created, the agency had no emblem and used that of the Department of Defense.
The agency adopted its first of two emblems in 1963.
The current NSA insignia has been in use since 1965, when then-Director of the National Security Agency, Director, LTG Marshall Carter, Marshall S. Carter (United States Army, USA) ordered the creation of a device to represent the agency.
The NSA's flag consists of the agency's seal on a light blue background.
Crews associated with NSA missions have been involved in a number of dangerous and deadly situations.
The USS Liberty incident, USS ''Liberty'' incident in 1967 and USS Pueblo (AGER-2), USS ''Pueblo'' incident in 1968 are examples of the losses endured during the
Cold War
The Cold War is a term commonly used to refer to a period of geopolitical tension between the United States and the Soviet Union and their respective allies, the Western Bloc and the Eastern Bloc. The term '' cold war'' is used because the ...
.
The National Security Agency/Central Security Service Cryptologic Memorial honors and remembers the fallen personnel, both military and civilian, of these intelligence missions.
It is made of black granite, and has 171 names carved into it,
It is located at NSA headquarters. A tradition of declassifying the stories of the fallen was begun in 2001.
Constitutionality, legality and privacy questions regarding operations
In the United States, at least since 2001, there has been legal controversy over what signal intelligence can be used for and how much freedom the National Security Agency has to use signal intelligence. In 2015, the government made slight changes in how it uses and collects certain types of data, specifically phone records. The government was not analyzing the phone records as of early 2019. The surveillance programs were deemed unlawful in September 2020 in a court of appeals case.
Warrantless wiretaps
On December 16, 2005, ''
The New York Times
''The New York Times'' (''the Times'', ''NYT'', or the Gray Lady) is a daily newspaper based in New York City with a worldwide readership reported in 2020 to comprise a declining 840,000 paid print subscribers, and a growing 6 million paid ...
'' reported that, under
White House
The White House is the official residence and workplace of the president of the United States. It is located at 1600 Pennsylvania Avenue NW in Washington, D.C., and has been the residence of every U.S. president since John Adams in 1800. ...
pressure and with an executive order from President
George W. Bush
George Walker Bush (born July 6, 1946) is an American politician who served as the 43rd president of the United States from 2001 to 2009. A member of the Republican Party, Bush family, and son of the 41st president George H. W. Bush, he ...
, the National Security Agency, in an attempt to thwart terrorism, had been tapping phone calls made to persons outside the country, without obtaining warrant (law), warrants from the United States Foreign Intelligence Surveillance Court, a secret court created for that purpose under the
Foreign Intelligence Surveillance Act
The Foreign Intelligence Surveillance Act of 1978 ("FISA" , ) is a United States federal law that establishes procedures for the physical and electronic surveillance and the collection of "foreign intelligence information" between "foreign po ...
(FISA).
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
Edward Snowden is a former American intelligence contractor who revealed in 2013 the existence of secret wide-ranging information-gathering programs conducted by the National Security Agency (NSA). More specifically, Snowden released information that demonstrated how the United States government was gathering immense amounts of personal communications, emails, phone locations, web histories and more of American citizens without their knowledge. One of Snowden's primary motivators for releasing this information was fear of a surveillance state developing as a result of the infrastructure being created by the NSA. As Snowden recounts, "I believe that, at this point in history, the greatest danger to our freedom and way of life comes from the reasonable fear of omniscient State powers kept in check by nothing more than policy documents... It is not that I do not value intelligence, but that I oppose . . . omniscient, automatic, mass surveillance. . . . That seems to me a greater threat to the institutions of free society than missed intelligence reports, and unworthy of the costs."
In March 2014, Army General Martin Dempsey, Chairman of the Joint Chiefs of Staff, told the United States House Committee on Armed Services, House Armed Services Committee, "The vast majority of the documents that Snowden ... exfiltrated from our highest levels of security ... had nothing to do with exposing government oversight of domestic activities. The vast majority of those were related to our military capabilities, operations, tactics, techniques, and procedures." When asked in a May 2014 interview to quantify the number of documents Snowden stole, retired NSA director Keith Alexander said there was no accurate way of counting what he took, but Snowden may have downloaded more than a million documents.
Other surveillance
On January 17, 2006, the Center for Constitutional Rights filed a lawsuit, CCR v. Bush, against the
George W. Bush
George Walker Bush (born July 6, 1946) is an American politician who served as the 43rd president of the United States from 2001 to 2009. A member of the Republican Party, Bush family, and son of the 41st president George H. W. Bush, he ...
Presidency. The lawsuit challenged the National Security Agency's (NSA's) surveillance of people within the U.S., including the interception of CCR emails without securing a warrant first.
In the August 2006 case ''ACLU v. NSA'', U.S. District Court Judge Anna Diggs Taylor concluded that NSA's warrantless surveillance program was both illegal and unconstitutional. On July 6, 2007, the 6th Circuit Court of Appeals vacated the decision on the grounds that the ACLU lacked standing to bring the suit.
In September 2008, the Electronic Frontier Foundation (EFF) filed a class action lawsuit against the NSA and several high-ranking officials of the Presidency of George W. Bush, Bush administration,
charging an "illegal and unconstitutional program of dragnet communications surveillance,"
[''Jewel v. NSA'' (complaint)]
September 18, 2008. Electronic Frontier Foundation. Retrieved December 30, 2011. based on documentation provided by former AT&T technician Mark Klein.
As a result of the USA Freedom Act passed by United States Congress, Congress in June 2015, the NSA had to shut down its bulk phone surveillance program on November 29 of the same year. The USA Freedom Act forbids the NSA to collect metadata and content of phone calls unless it has a warrant for terrorism investigation. In that case, the agency must ask the Telephone company, telecom companies for the record, which will only be kept for six months. The NSA's use of large telecom companies to assist it with its surveillance efforts has caused several privacy concerns.
AT&T Internet monitoring
In May 2008, Mark Klein, a former AT&T Inc., AT&T employee, alleged that his company had cooperated with NSA in installing Narus (company), Narus hardware to replace the FBI Carnivore (software), Carnivore program, to monitor network communications including traffic between U.S. citizens.
[ on Public Broadcasting Service, PBS]
Data mining
NSA was reported in 2008 to use its computing capability to analyze "transactional" data that it regularly acquires from other government agencies, which gather it under their own jurisdictional authorities. As part of this effort, NSA now monitors huge volumes of records of domestic email data, web addresses from Internet searches, bank transfers, credit-card transactions, travel records, and telephone data, according to current and former intelligence officials interviewed by ''The Wall Street Journal''. The sender, recipient, and subject line of emails can be included, but the content of the messages or of phone calls are not.
A 2013 advisory group for the Obama administration, seeking to reform NSA spying programs following the revelations of documents released by Edward J. Snowden, mentioned in 'Recommendation 30' on page 37, "...that the National Security Council staff should manage an interagency process to review on a regular basis the activities of the US Government regarding attacks that exploit a previously unknown vulnerability in a computer application." Retired cybersecurity expert Richard A. Clarke was a group member and stated on April 11, 2014, that NSA had no advance knowledge of Heartbleed.
Illegally obtained evidence
In August 2013 it was revealed that a 2005 IRS training document showed that NSA intelligence intercepts and wiretaps, both foreign and domestic, were being supplied to the Drug Enforcement Administration (DEA) and Internal Revenue Service (IRS) and were illegally used to launch criminal investigations of US citizens. Law enforcement agents were directed to conceal how the investigations began and recreate an apparently legal investigative trail by re-obtaining the same evidence by other means.
Barack Obama administration
In the months leading to April 2009, the NSA intercepted the communications of U.S. citizens, including a Congressman, although the United States Department of Justice, Justice Department believed that the interception was unintentional. The Justice Department then took action to correct the issues and bring the program into compliance with existing laws. United States Attorney General Eric Holder resumed the program according to his understanding of the
Foreign Intelligence Surveillance Act
The Foreign Intelligence Surveillance Act of 1978 ("FISA" , ) is a United States federal law that establishes procedures for the physical and electronic surveillance and the collection of "foreign intelligence information" between "foreign po ...
amendment of 2008, without explaining what had occurred.
Polls conducted in June 2013 found divided results among Americans regarding NSA's secret data collection. Rasmussen Reports found that 59% of Americans disapprove, Gallup (company), Gallup found that 53% disapprove, and Pew Research Center, Pew found that 56% are in favor of NSA data collection.
Section 215 metadata collection
On April 25, 2013, the NSA obtained a court order requiring Verizon's Business Network Services to provide
metadata
Metadata is "data that provides information about other data", but not the content of the data, such as the text of a message or the image itself. There are many distinct types of metadata, including:
* Descriptive metadata – the descriptive ...
on all calls in its system to the NSA "on an ongoing daily basis" for a three-month period, as reported by ''
The Guardian
''The Guardian'' is a British daily newspaper. It was founded in 1821 as ''The Manchester Guardian'', and changed its name in 1959. Along with its sister papers ''The Observer'' and ''The Guardian Weekly'', ''The Guardian'' is part of the Gu ...
'' on June 6, 2013. This information includes "the numbers of both parties on a call ... location data, call duration, unique identifiers, and the time and duration of all calls" but not "[t]he contents of the conversation itself". The order relies on the so-called "business records" provision of the Patriot Act.
In August 2013, following the Snowden leaks, new details about the NSA's data mining activity were revealed. Reportedly, the majority of emails into or out of the United States are captured at "selected communications links" and automatically analyzed for keywords or other "selectors". Emails that do not match are deleted.
The utility of such a massive metadata collection in preventing terrorist attacks is disputed. Many studies reveal the dragnet like system to be ineffective. One such report, released by the New America Foundation concluded that after an analysis of 225 terrorism cases, the NSA "had no discernible impact on preventing acts of terrorism."
[Nakashima, Ellen]
"NSA phone record collection does little to prevent terrorist attacks, group says"
''The Washington Post'', January 12, 2014
Defenders of the program said that while metadata alone cannot provide all the information necessary to prevent an attack, it assures the ability to "connect the dots"
[Nakashima, Ellen]
''The Washington Post'', September 25, 2013 between suspect foreign numbers and domestic numbers with a speed only the NSA's software is capable of. One benefit of this is quickly being able to determine the difference between suspicious activity and real threats. As an example, NSA director General
Keith B. Alexander
Keith Brian Alexander (born December 2, 1951) is a retired four-star general of the United States Army, who served as director of the National Security Agency, chief of the Central Security Service, and commander of the United States Cyber Comma ...
mentioned at the annual Cybersecurity Summit in 2013, that metadata analysis of domestic phone call records after the Boston Marathon bombing helped determine that rumors of a follow-up attack in New York were baseless.
In addition to doubts about its effectiveness, many people argue that the collection of metadata is an unconstitutional invasion of privacy. , the collection process remained legal and grounded in the ruling from ''Smith v. Maryland'' (1979). A prominent opponent of the data collection and its legality is U.S. District Judge Richard J. Leon, who issued a report in 2013 in which he stated: "I cannot imagine a more 'indiscriminate' and 'arbitrary invasion' than this systematic and high tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval...Surely, such a program infringes on 'that degree of privacy' that the founders enshrined in the Fourth Amendment to the United States Constitution, Fourth Amendment".
As of May 7, 2015, the United States Court of Appeals for the Second Circuit ruled that the interpretation of Section 215 of the Patriot Act was wrong and that the NSA program that has been collecting Americans' phone records in bulk is illegal. It stated that Section 215 cannot be clearly interpreted to allow government to collect national phone data and, as a result, expired on June 1, 2015. This ruling "is the first time a higher-level court in the regular judicial system has reviewed the NSA phone records program."
The replacement law known as the USA Freedom Act, which will enable the NSA to continue to have bulk access to citizens' metadata but with the stipulation that the data will now be stored by the companies themselves.
This change will not have any effect on other Agency procedures – outside of metadata collection – which have purportedly challenged Americans' Fourth Amendment rights, including Upstream collection, a mass of techniques used by the Agency to collect and store American's data/communications directly from the Internet backbone.
[Top Level Telecommunications]
Slides about NSA's Upstream collection
January 17, 2014
Under the Upstream collection program, the NSA paid telecommunications companies hundreds of millions of dollars in order to collect data from them. While companies such as Google and Yahoo! claim that they do not provide "direct access" from their servers to the NSA unless under a court order, the NSA had access to emails, phone calls, and cellular data users. Under this new ruling, telecommunications companies maintain bulk user metadata on their servers for at least 18 months, to be provided upon request to the NSA.
This ruling made the mass storage of specific phone records at NSA datacenters illegal, but it did not rule on Section 215's constitutionality.
Fourth Amendment encroachment
In a declassified document it was revealed that 17,835 phone lines were on an improperly permitted "alert list" from 2006 to 2009 in breach of compliance, which tagged these phone lines for daily monitoring.
Eleven percent of these monitored phone lines met the agency's legal standard for "reasonably articulable suspicion" (RAS).
The NSA tracks the locations of hundreds of millions of cellphones per day, allowing it to map people's movements and relationships in detail.
[Barton Gellman and Ashton Solanti, December 5, 2013]
''The Washington Post''. Retrieved December 7, 2013. The NSA has been reported to have access to all communications made via Google, Microsoft, Facebook, Yahoo, YouTube,
AOL
AOL (stylized as Aol., formerly a company known as AOL Inc. and originally known as America Online) is an American web portal and online service provider based in New York City. It is a brand marketed by the current incarnation of Yahoo (2017 ...
, Skype, Apple and Paltalk,
[Greenwald, Glenn; MacAskill, Ewen (June 6, 2013).]
NSA Prism program taps in to user data of Apple, Google and others
. ''The Guardian.'' Retrieved June 15, 2013. and collects hundreds of millions of contact lists from personal email and instant messaging accounts each year.
[Gellman and Soltani, October 15, 2013]
NSA collects millions of e-mail address books globally
, ''The Washington Post''. Retrieved October 16, 2013. It has also managed to weaken much of the encryption used on the Internet (by collaborating with, coercing or otherwise infiltrating numerous technology companies to leave "backdoors" into their systems), so that the majority of encryption is inadvertently vulnerable to different forms of attack.
Domestically, the NSA has been proven to collect and store metadata records of phone calls, including over 120 million US MAINWAY, Verizon subscribers, as well as intercept vast amounts of communications via the internet (Upstream collection, Upstream).
The government's legal standing had been to rely on a secret interpretation of the
Patriot Act
The USA PATRIOT Act (commonly known as the Patriot Act) was a landmark Act of the United States Congress, signed into law by President George W. Bush. The formal name of the statute is the Uniting and Strengthening America by Providing Appropr ...
whereby the entirety of US communications may be considered "relevant" to a terrorism investigation if it is expected that even a tiny minority may relate to terrorism.
[Court Reveals 'Secret Interpretation' Of The Patriot Act, Allowing NSA To Collect All Phone Call Data](_blank)
September 17, 2013. Retrieved September 19, 2013. The NSA also supplies foreign intercepts to the Drug Enforcement Administration, DEA, Internal Revenue Service, IRS and other law enforcement agencies, who use these to initiate criminal investigations. Federal agents are then instructed to "recreate" the investigative trail via parallel construction.
The NSA also spies on influential Muslims to obtain information that could be used to discredit them, such as their use of pornography. The targets, both domestic and abroad, are not suspected of any crime but hold religious or political views deemed "radical" by the NSA.
[Glenn Greenwald, Ryan Gallagher & Ryan Grim, November 26, 2013,]
Top-Secret Document Reveals NSA Spied On Porn Habits As Part Of Plan To Discredit 'Radicalizers'
, ''Huffington Post''. Retrieved November 28, 2013.
According to a report in ''The Washington Post'' in July 2014, relying on information provided by Snowden, 90% of those placed under surveillance in the U.S. are ordinary Americans and are not the intended targets. The newspaper said it had examined documents including emails, text messages, and online accounts that support the claim.
Congressional oversight
The Intelligence Committees of US House and Senate exercise primary oversight over the NSA; other members of congress have been denied access to materials and information regarding the agency and its activities. The United States Foreign Intelligence Surveillance Court, the secret court charged with regulating the NSA's activities is, according to its chief judge, incapable of investigating or verifying how often the NSA breaks even its own secret rules. It has since been reported that the NSA violated its own rules on data access thousands of times a year, many of these violations involving large-scale data interceptions. NSA officers have even used data intercepts to spy on love interests; "most of the NSA violations were self-reported, and each instance resulted in administrative action of termination."
The NSA has "generally disregarded the special rules for disseminating United States person information" by illegally sharing its intercepts with other law enforcement agencies.
[Spencer Ackerman, November 19, 2013,]
Fisa court documents reveal extent of NSA disregard for privacy restrictions
, ''The Guardian''. Retrieved November 21, 2013. A March 2009 FISA Court opinion, which the court released, states that protocols restricting data queries had been "so frequently and systemically violated that it can be fairly said that this critical element of the overall ... regime has never functioned effectively." In 2011 the same court noted that the "volume and nature" of the NSA's bulk foreign Internet intercepts was "fundamentally different from what the court had been led to believe".
Email contact lists (including those of US citizens) are collected at numerous foreign locations to work around the illegality of doing so on US soil.
Legal opinions on the NSA's bulk collection program have differed. In mid-December 2013, U.S. District Judge Richard Leon ruled that the "almost-Orwellian" program likely violates the Constitution, and wrote, "I cannot imagine a more 'indiscriminate' and 'arbitrary invasion' than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval. Surely, such a program infringes on 'that degree of privacy' that the Founders enshrined in the Fourth Amendment. Indeed, I have little doubt that the author of our Constitution, James Madison, who cautioned us to beware 'the abridgement of freedom of the people by gradual and silent encroachments by those in power,' would be aghast."
[Richard Leon, December 16, 2013, ]
Memorandum Opinion, Klayman vs. Obama
'. U.S. District Court for the District of Columbia. Reproduced on The Guardian website. Retrieved February 3, 2013.
Later that month, U.S. District Judge William H. Pauley III, William Pauley ruled that the NSA's collection of telephone records is legal and valuable in the fight against terrorism. In his opinion, he wrote, "a bulk telephony metadata collection program [is] a wide net that could find and isolate gossamer contacts among suspected terrorists in an ocean of seemingly disconnected data" and noted that a similar collection of data prior to 9/11 might have prevented the attack.
Official responses
At a March 2013 Senate Intelligence Committee hearing, Senator Ron Wyden asked Director of National Intelligence James Clapper, "does the NSA collect any type of data at all on millions or hundreds of millions of Americans?" Clapper replied "No, sir. ... Not wittingly. There are cases where they could inadvertently perhaps collect, but not wittingly."
[Kessler, Glenn]
James Clapper's 'least untruthful' statement to the Senate
June 12, 2013. Retrieved September 23, 2013. This statement came under scrutiny months later, in June 2013, when details of the
PRISM
Prism usually refers to:
* Prism (optics), a transparent optical component with flat surfaces that refract light
* Prism (geometry), a kind of polyhedron
Prism may also refer to:
Science and mathematics
* Prism (geology), a type of sedimentary ...
surveillance program were published, showing that "the NSA apparently can gain access to the servers of nine Internet companies for a wide range of digital data."
Wyden said that Clapper had failed to give a "straight answer" in his testimony. Clapper, in response to criticism, said, "I responded in what I thought was the most truthful, or least untruthful manner." Clapper added, "There are honest differences on the semantics of what – when someone says 'collection' to me, that has a specific meaning, which may have a different meaning to him."
NSA whistle-blower
Edward Snowden
Edward Joseph Snowden (born June 21, 1983) is an American and naturalized Russian former computer intelligence consultant who leaked highly classified information from the National Security Agency (NSA) in 2013, when he was an employee and su ...
additionally revealed the existence of
XKeyscore
XKeyscore (XKEYSCORE or XKS) is a secret computer system used by the United States National Security Agency (NSA) for searching and analyzing global Internet data, which it collects in real time. The NSA has shared XKeyscore with other intellige ...
, a top secret NSA program that allows the agency to search vast databases of "the metadata as well as the content of emails and other internet activity, such as browser history," with capability to search by "name, telephone number, IP address, keywords, the language in which the internet activity was conducted or the type of browser used."
[Glenn Greenwald]
XKeyscore: NSA tool collects 'nearly everything a user does on the internet'
''The Guardian'' (July 31, 2013). XKeyscore "provides the technological capability, if not the legal authority, to target even US persons for extensive electronic surveillance without a warrant provided that some identifying information, such as their email or IP address, is known to the analyst."
Regarding the necessity of these NSA programs, Alexander stated on June 27, 2013, that the NSA's bulk phone and Internet intercepts had been instrumental in preventing 54 terrorist "events", including 13 in the US, and in all but one of these cases had provided the initial tip to "unravel the threat stream". On July 31 NSA Deputy Director John Inglis conceded to the Senate that these intercepts had not been vital in stopping any terrorist attacks, but were "close" to vital in identifying and convicting four San Diego men for sending US$8,930 to Al-Shabaab (militant group), Al-Shabaab, a militia that conducts terrorism in Somalia.
The U.S. government has aggressively sought to dismiss and challenge Fourth Amendment to the United States Constitution, Fourth Amendment cases raised against it, and has granted retroactive immunity to ISPs and telecoms participating in domestic surveillance.
The U.S. military has acknowledged blocking access to parts of ''The Guardian'' website for thousands of defense personnel across the country,
[Spencer Ackerman, Ackerman, Spencer; Roberts, Dan (June 28, 2013)]
"US Army Blocks Access to Guardian Website to Preserve 'Network Hygiene'—Military Admits to Filtering Reports and Content Relating to Government Surveillance Programs for Thousands of Personnel"
''The Guardian
''The Guardian'' is a British daily newspaper. It was founded in 1821 as ''The Manchester Guardian'', and changed its name in 1959. Along with its sister papers ''The Observer'' and ''The Guardian Weekly'', ''The Guardian'' is part of the Gu ...
''. Retrieved June 30, 2013. and blocking the entire ''Guardian'' website for personnel stationed throughout Afghanistan, the Middle East, and South Asia.
An October 2014 United Nations report condemned mass surveillance by the United States and other countries as violating multiple international treaties and conventions that guarantee core privacy rights.
Responsibility for international ransomware attack
An exploit dubbed EternalBlue, created by the NSA, was used in the unprecedented worldwide WannaCry ransomware attack in May 2017. The exploit had been leaked online by a hacking group, The Shadow Brokers, nearly a month prior to the attack. A number of experts have pointed the finger at the NSA's non-disclosure of the underlying vulnerability, and their loss of control over the EternalBlue attack tool that exploited it. Edward Snowden said that if the NSA had "Responsible disclosure, privately disclosed the flaw used to attack hospitals when they found it, not when they lost it, [the attack] might not have happened". Wikipedia co-founder, Jimmy Wales, stated that he joined "with Microsoft and the other leaders of the industry in saying this is a huge screw-up by the government ... the moment the NSA found it, they should have notified Microsoft so they could quietly issue a Patch (computing), patch and really chivvy people along, long before it became a huge problem."
Activities of previous employees
Former employee David Evenden, who had left the NSA to work for US defense contractor Cyperpoint at a position in the United Arab Emirates, was tasked with hacking UAE neighbor Qatar in 2015 to determine if they were funding terrorist group Muslim Brotherhood. He quit the company after learning his team had hacked Qatari Sheikha Moza bint Nasser's email exchanges with Michelle Obama, just prior to her visit to Doha.
Upon Evenden's return to the US, he reported his experiences to the FBI. The incident highlights a growing trend of former NSA employees and contractors leaving the agency to start up their own firms, and then hiring out to countries like Turkey, Sudan and even Russia, a country involved in Cyberwarfare by Russia#United States, numerous cyberattacks against the US.
2021 Denmark-NSA collaborative surveillance
In May 2021, it was reported that Danish Defence Intelligence Service collaborated with NSA to wiretap on fellow EU members and leaders, leading to wide backlash among EU countries and demands for explanation from Danish and American governments.
See also
Notes
References
* James Bamford, Bamford, James. ''
Body of Secrets
''Body of Secrets: Anatomy of the Ultra-Secret National Security Agency'' is a book by James Bamford about the NSA and its operations. It also covers the history of espionage in the United States from uses of the Fulton surface-to-air recovery s ...
: Anatomy of the Ultra-Secret National Security Agency'', Random House Digital, Inc., December 18, 2007. . Previously published as: Doubleday, 2001, .
* Bauer, Craig P. ''Secret History: The Story of Cryptology'' (''Volume 76 of Discrete Mathematics and Its Applications''). CRC Press, 2013. .
* Weiland, Matt and Sean Wilsey. ''State by State''. HarperCollins, October 19, 2010. .
Further reading
* Samuel A. Adams, Adams, Sam, ''War of Numbers: An Intelligence Memoir'' Steerforth; new edition (June 1, 1998).
* Aid, Matthew, The Secret Sentry: The Untold History of the National Security Agency, 432 pages, , Bloomsbury Press (June 9, 2009).
*
Mandatory Declassification Review– Interagency Security Classification Appeals Panel
* James Bamford, Bamford, James, ''The Puzzle Palace (book), The Puzzle Palace'', Penguin Books, 1982, .
* James Bamford, Bamford, James, ''
The New York Times
''The New York Times'' (''the Times'', ''NYT'', or the Gray Lady) is a daily newspaper based in New York City with a worldwide readership reported in 2020 to comprise a declining 840,000 paid print subscribers, and a growing 6 million paid ...
'', December 25, 2005;
The Agency That Could Be Big Brother.
* Bamford, James, ''The Shadow Factory'', Anchor Books, 2009, .
*
*
*
* Radden Keefe, Patrick, ''Chatter: Dispatches from the Secret World of Global Eavesdropping'', Random House, .
* Sherman Kent, Kent, Sherman, ''Strategic Intelligence for American Public Policy''.
* David Kahn (writer), Kahn, David, ''The Codebreakers'', 1181 pp., . Look for the 1967 rather than the 1996 edition.
* Walter Laqueur, Laqueur, Walter, ''A World of secrets''.
* Liston, Robert A., ''The Pueblo Surrender: A Covert Action by the National Security Agency'', .
* Steven Levy, Levy, Steven, ''Crypto: How the Code Rebels Beat the Government—Saving Privacy in the Digital Age'', Penguin Books, .
* Prados, John, ''The Soviet estimate: U.S. intelligence analysis & Russian military strength'', hardcover, 367 pages, , Dial Press (1982).
* Perro, Ralph J.
Interviewing With an Intelligence Agency (or, A Funny Thing Happened on the Way to Fort Meade).
Archive Federation of American Scientists. November 2003. Updated January 2004. – About the experience of a candidate of an NSA job in pre-employment screening. "Ralph J. Perro" is a pseudonym that is a reference to Ralph J. Canine (''perro'' is Spanish for "dog", and a dog is a type of canine)
* Shaker, Richard J.
The Agency That Came in from the Cold"
Archive''Notices of the American Mathematical Society, Notices''. American Mathematical Society. May/June 1992 pp. 408–411.
* Tully, Andrew, ''The Super Spies: More Secret, More Powerful than the CIA'', 1969, LC 71080912.
* Church Committee, ''Intelligence Activities and the Rights of Americans: 1976 US Senate Report on Illegal Wiretaps and Domestic Spying by the FBI, CIA and NSA'', Red and Black Publishers (May 1, 2008).
*
Just what is the NSA? (video) ''CNN''. June 7, 2013.
*
*
National Security Agency Releases History of Cold War Intelligence Activities" George Washington University. National Security Archive Electronic Briefing Book No. 260. Posted November 14, 2008.
*
External links
*
National Security Agency – 60 Years of Defending Our Nation* [http://www.gwu.edu/~nsarchiv/ The National Security Archive at George Washington University]
*
National Security Agency (NSA) Archiveon the Internet Archive
{{Authority control
National Security Agency,
1952 establishments in the United States
Articles containing video clips
Computer security organizations
Government agencies established in 1952
Mass surveillance
Signals intelligence agencies
Supercomputer sites
United States Department of Defense agencies
United States government secrecy
Intelligence analysis agencies