Your SlideShare is downloading. ×
NSA signal-surveillance success stories. April 2013
NSA signal-surveillance success stories. April 2013
NSA signal-surveillance success stories. April 2013
NSA signal-surveillance success stories. April 2013
Upcoming SlideShare
Loading in...5

Thanks for flagging this SlideShare!

Oops! An error has occurred.

Saving this for later? Get the SlideShare app to save on your phone or tablet. Read anywhere, anytime – even offline.
Text the download link to your phone
Standard text messaging rates apply

NSA signal-surveillance success stories. April 2013


Published on

These slides contain excerpts from an April 2013 National Security Agency presentation detailing signal surveillance techniques and successes. They reveal that the NSA and its British counterpart, …

These slides contain excerpts from an April 2013 National Security Agency presentation detailing signal surveillance techniques and successes. They reveal that the NSA and its British counterpart, Government Communications Headquarters (GCHQ), use a Google-specific tracking cookie to pinpoint targets for hacking.


The National Security Agency is secretly piggybacking on the tools that enable Internet advertisers to track consumers, using "cookies" and location data to pinpoint targets for government hacking and to bolster surveillance.

The agency's internal presentation slides, provided by former NSA contractor Edward Snowden, show that when companies follow consumers on the Internet to better serve them advertising, the technique opens the door for similar tracking by the government. The slides also suggest that the agency is using these tracking techniques to help identify targets for offensive hacking operations.

For years, privacy advocates have raised concerns about the use of commercial tracking tools to identify and target consumers with advertisements. The online ad industry has said its practices are innocuous and benefit consumers by serving them ads that are more likely to be of interest to them.

The revelation that the NSA is piggybacking on these commercial technologies could shift that debate, handing privacy advocates a new argument for reining in commercial surveillance.

According to the documents, the NSA and its British counterpart, GCHQ, are using the small tracking files or "cookies" that advertising networks place on computers to identify people browsing the Internet. The intelligence agencies have found particular use for a part of a Google-specific tracking mechanism known as the “PREF” cookie. These cookies typically don't contain personal information, such as someone's name or e-mail address, but they do contain numeric codes that enable Web sites to uniquely identify a person's browser.

In addition to tracking Web visits, this cookie allows NSA to single out an individual's communications among the sea of Internet data in order to send out software that can hack that person's computer. The slides say the cookies are used to "enable remote exploitation," although the specific attacks used by the NSA against targets are not addressed in these documents.

The NSA's use of cookies isn't a technique for sifting through vast amounts of information to find suspicious behavior; rather, it lets NSA home in on someone already under suspicion - akin to when soldiers shine laser pointers on a target to identify it for laser-guided bombs.

Separately, the NSA is also using commercially gathered information to help it locate mobile devices around the world, the documents show. Many smartphone apps running on iPhones and Android devices, and the Apple and Google operating systems themselves, track the location of each device, often without a clear warning to the phone's owner.

Published in: Technology
  • Be the first to comment

  • Be the first to like this

No Downloads
Total Views
On Slideshare
From Embeds
Number of Embeds
Embeds 0
No embeds

Report content
Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

No notes for slide


  • 1. sd 0 'licovere. indiv~dLJallswho could havle pass~b~yeen traveUng with the ships of lntarest . b Our Approach • Queried o 900 tower,s and other selectors in MAINWAY/SEDB ln [attempt ver' to d~.scovler[any ~dentifiable selectors [around the coordinates of interest • C[~eated[another query based on identified selectors of interest to pull fior any Ice~1an infurmation in order to more prelcisely locate leach selector of f ilnte~est • Queried in SEDB shilp data on the ships. of intlerest and p~oHedthe track the sh~pstook into • Identified se~'ectors·by celli fan imormlation seen near the ports.where the sh~pstOf' interest had docked. Also correlated any selectors mov in ing [~elatitOn~D'the sh ips:·m,OVlemlentsus~n;g cen Ian data I
  • 2. [Mission Example and Result: The HAPP 'VIFOOT ana~ytic aglgre'lg,stes leaked locatilOn..based service J locailon-aware appllcanen data ,to infer ~,Pladdress geo..locations. SOS identified 'Publi,c' and jprivate' usag'B of the same IPadd res's fhat caused HAPPY FOOT to ' a,ssign .e~locksto -Iocations (the IP' address 'was used in both countries). This privatle network ~snow geo being ,rea~lmed p~operiygeo..tocated. Ongoing wolt win salve this reaim~naproblem for networks affecting other c and loud analytics., I • r
  • 3. Our'Approach I.;rradk!ed .. ; s con¥erged lcom,municaUons and CNE accesses, Monitored pass~veinternet trlaffic; created automated processes where possible (X1K8 ANCHO,RMAN, Wonkflows, F~ngerpr~nts)~ plrov~ded TAO/GCHQ, with ~WLLidslDSL accounts Cooldes, G,oe)·.~le,PREF~Dsto renabllB remote exploitation~ · .. Partnered with NGiA and IR4 to lconfirm locations land US,RP requipment based on collected phatQ~raphs., .. Drove C,NE,rcoUection and lParme~ed'w~thTAO to incral8se US ,RP specifi'c endpo a ,int lcoesses, . .. P'ravided knowlredgleto interagency partners for patentla~ on the ground survey options and IFBI..led ~ntelUgence Iguiding lefforts. Iii Iii
  • 4. (5//51/ /REL TO USA, FVEY) Metadata/Target Discovery: Analyze ONR/ONI/Convergence metadata for target discovery, identify gaps in collection, processing, and analytic methodologies; Improve metadata collection and processing; Create analytics that automate or improve analytic methodologies; Conduct target discovery through multiple technology thrusts, including endpoint, web-based technologies/services, mobile applications and networks, geo-Iocation analysis, correlations/identity Analysis, Social Network Analysis; Collaboration/facilitation centers. with TAO, 53, CIA, DONI, 550, CES,and SSG