Surveillance Techniques: How Your Data Becomes Our Data
In 2001, NSA published the secret “Transition 2001” report defining our strategy for the 21st century. No longer could we simply access analog communications using conventional means, the new digital world of globally-networked encrypted communications required a dramatic change to our surveillance strategy: NSA would need to “live on the network”.
We’ve turned our nation’s Internet and telecommunications companies into collection partners by installing filters in their facilities, serving them with secret court orders, building back doors into their software and acquiring keys to break their encryption.
NSA technicians have installed intercept stations at key junction points, or switches, throughout the country. These switches are located in large windowless buildings owned by the major telecommunication companies and control the domestic internet traffic flow across the nation. A fiber optic splitter is placed on the incoming communication lines and routes the traffic to an NSA intercept station for processing.
View a sample route that internet data traverses from a home in Toronto to the San Francisco Art Institute passing through several NSA intercept stations.
Larger version of map More information about this map
In the past, we used our close partnership with the FBI to collect bulk telephone records on an ongoing basis using a Top Secret order from the Foreign Intelligence Surveillance Court (FISA). The metadata we collected from this program gave us information about what communications you sent and received, who you talked to, where you were when you talked to them, the lengths of your conversations, and what kind of device you were using.
In mid-2015, Congress passed the USA Freedom Act sadly ending this valuable bulk collection program for the time being.
Our partners at the FBI DITU (Data Intercept Technology Unit) extract information from the servers of nine major American internet companies: Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, and Apple. This important partnership gives us direct access to audio, video, photographs, e-mails, documents and connection logs for each of these systems.
Established in 2007, the Top Secret PRISM program has allowed us to closely track targeted individuals over time. Our ability to conduct live surveillance of search terms has given us important insights into their thoughts and intentions.
This slide lists our information providers and the type of data available to our analysts
To learn more about the PRISM program, view additional PRISM slides.
The NSA “MUSCULAR” program allows us to conveniently conduct large-scale data gathering outside the jurisdiction of the Foreign Intelligence Surveillance Court by secretly tapping into the communication links between Google’s data centers outside the U.S. The Special Source Operations (SSO) group discovered a clever way around Google’s security measures giving us full access to the rich data Google stores on the cloud for its users.
Our bulk cellphone location tracking program captures almost 5 billion records a day and feeds into a massive 27 terabyte database storing information about the locations of a hundred million devices. By tapping into the cables that connect the mobile networks globally and working with our corporate partners to install intercept equipment, we can apply mathematical techniques that enable our analysts to map cellphone owners’ relationships by correlating their patterns of movement over time with thousands or millions of other phone users who cross their paths. This “Co-traveler” program allows us to look for unknown associates of known intelligence targets by tracking people whose movements intersect.
When the data we seek resides in places we cannot access using the above surveillance techniques, we rely on the technical experts in the Tailored Access Operations Group and their specialized tools from the ANT Product Catalog. The categories of available tools are listed below.
An FBI fleet of over one hundred specially-modified Cessna planes equipped with sophisticated camera systems in steerable mounts that can provide detailed video, night vision, and infrared thermal imaging quietly fly circular routes daily around many major U.S. cities tracking targets and gathering intelligence. Some of the planes use augmented reality software and sophisticated surveillance technology capable of tracking thousands of cellphones users.
Zoom in and click on the red map markers to view images of the unusual flight patterns in the FBI’s targeted areas. View the map in full-screen mode.
In June 2015, a Senate bill was introduced to “protect” our citizens from Mass Aerial Surveillance. We are happy to report that no action has been taken on this bill and we have every confidence that Congress will agree with us that mass surveillance “IS” protection for our citizens. You can track the progress of this ill-advised bill below.
By tapping into the worldwide network of undersea cables, our OAKSTAR, STORMBREW, BLARNEY and FAIRVIEW systems can process data as it flows across the internet. Each system is responsible for different types of intercepted data. For example, the BLARNEY system gathers metadata describing who is speaking to whom and through which networks and devices.
There are two methods employed for tapping into the undersea cable network. A modified nuclear submarine houses the technicians and gear needed to place the physical taps on the undersea cables along strategic points in the network. The second method involves using intercept probes at the point where the cables connect to the landing stations in various countries. These probes capture and copy the data as it flows onward.
As data flows through our worldwide data collection points, the XKeyscore system indexes and stores this information in a rolling three-day buffer database containing all internet activity passing through each collection site. XKeyscore is a massive distributed Linux cluster with over 700 servers distributed around the world.
The theory behind XKeyscore is simple: People spend a large amount of time on the web performing actions that are anonymous. We can use this traffic to detect anomalies which can lead us to intelligence by itself, or provide a selection path for further inquiries. Examples of anomalous events: Someone searching the web for “suspicious stuff” or someone who is using encryption.
This slide shows a worldwide map of the XKeyscore server locations
This slide shows how metadata is extracted and stored in the XKeyscore database
Learn more about the XKeyscore system.
The “Boundless Informant” mapping tool provides our analysts the means to track intelligence collection statistics worldwide. Using a color-coded map, we can quickly determine the volume of collection data we have by geographical location. This global heat map assigns each nation a color code based on its surveillance intensity ranging from green (least subjected to surveillance) through yellow and orange to red (most surveillance). With the monthly domestic intelligence collection volume at almost three billion pieces, the United States is assigned the color orange.
Learn more about the Boundless Informant program
In addition to our own data collection activities, the Domestic Surveillance Directorate receives a constant flow of information from other sources. For more information about these sources, visit Our Partners page.
Originally posted here:
NSA Surveillance – gov1.info