Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Summarising Snowden and Snowden as internal threat


Published on

A quick lookback at snowden's revelation and also lookign at snowden as an insider threat

*This presentation end abruptly because during the talk it ends as food for thought and kickstart of next session*

Published in: Technology
  • Be the first to comment

Summarising Snowden and Snowden as internal threat

  1. 1. Exposed NSA’s evil snooping Good Guy 1 …for the world
  2. 2. Exposed internal secrets BAAAAD Guy …for his organization 2
  3. 3. 1 Xkeyscore TAO PRISM GCHQ * VictoryDance
  4. 4.
  5. 5. Hammerchant – Spy on VoIP & VPN ANT catalog – Inject surveillance software in Apple cisco dell products WellSpring – Collect images from email based on face recognition DishFire – Collect upto 200million SMS a day NoseySmurf – Smurf in iPhones & Android, turning on mic & track loc Bullrun – NSA & GCHQ effort to weaken cryptography standards/tools ShotGiant – program to break Chinese Huawei networks and products. Upstream – program collects communications transiting the Internet HappyFoot– use cookies & data from phone apps to identify users' devices and physical locations
  6. 6. Alphabetical list of NSA Programs and Tools • A AGILITY - NSA internet information tool or database AGILEVIEW - NSA internet information tool or database ALPHA - SIGINT Exchange Designator for Great Britain ANCHORY - NSA software system which provides web access to textual intelligence documents AUTOSOURCE - NSA tool or database AQUACADE - A class of SIGINT spy satellites (formerly RHYOLITE) ASSOCIATION - NSA tool or database • B BANYAN - NSA tool or database BELLTOPPER - NSA database BELLVIEW - BINOCULAR - Former NSA intelligence dissemination tool BLACKPEARL - NSA tool or database BLARNEY - NSA internet and telephony network collection program BOUNDLESS INFORMANT - DNI and DNR data visualization tool. BULLRUN BYEMAN (BYE) - Retired control system for overhead collection systems (1961-2005)
  7. 7. • C CADENCE - NSA collection tasking tool or database CANYON - Class of COMINT spy satellites (1968-1977) CANNON LIGHT - Counterintelligence database of the US Army CHESS- Compartment of TALENT KEYHOLE for the U-2 spy plane CONFIRM - NSA database for personell access CONTRAOCTAVE - NSA tool or database CONVEYANCE - A voice content ingest processor? / Provide filtering for PRISM. CORONA - A series of photographic surveillance satellites (1959-1972) COURIERSKILL - NSA Collection mission system CREST - Database which automatically translates foreign language intercepts in English CRYPTO ENABLED - collection derived from AO's efforts to enable crypto (cf. CULTWEAVE - Smaller size SIGINT database * • D DANCINGOASIS - (?) DELTA - Compartment for COMINT material from intercepts of Soviet military operations DIKTER - SIGINT Exchange Designator for Norway DINAR - Predecessor of the UMBRA compartment for COMINT DISHFIRE - NSA internet information tool or database DROPMIRE - passive collection of emanations using an antenna DRTBOX - DRUID - SIGINT Exchange Designator for third party countries DYNAMO - SIGINT Exchange Designator for Denmark
  8. 8. • E ECHELON - A SIGINT collection network run by Australia, Canada, New Zealand, the United Kingdom, and the United States, ECHO - SIGINT Exchange Designator for Australia EVILOLIVE - • F FAIRVIEW - NSA internet and telephony network collection program FALLOUT - DNI metadata ingest processor / Provides filtering for PRISM. FISHBOWL - NSA program for securing commercial smartphones FOREMAN - ? FOXACID - target the TOR's users • G GMMA (G) - Compartment for highly sensitive communication intercepts GAMUT - NSA collection tasking tool or database GENIE - implants of spywares GENTE - multi-stage opetation; jumping the airgap etc. ( - GLOBAL BROKER - NSA tool or database
  9. 9. • H HAVE BLUE - Development program of the F-117A Stealth fighter- bomber HAVE QUICK (HQ) - Frequency-hopping system used to protect military UHF radio traffic HERCULES - CIA terrorism database HIGHTIDE - NSA tool or database HIGHLANDS - spywares implants • I INDIA - SIGINT Exchange Designator for New Zealand INTRUDER - Series of ELINT and COMINT spy satellites (since 2009) ISHTAR - SIGINT Exchange Designator for Japan IVY BELLS - NSA, CIA and Navy operation to place wire taps on Soviet underwater communication cables • J JEROBOAM - Another name used for the TRUMPET spy satellites JUGGERNAUT - Picks up all signals from mobile networks JUMPSEAT - Class of SIGINT reconnaissance satellites (1971-1983) • K KLONDIKE (KDK) - Control system for sensitive geospatial intelligence
  10. 10. • L • LIFESAVER - imaging of the hard driver (from LITHIUM - ? LOPERS - Software application for Public Switched Telephone Networks • M MAGIC LANTERN - A keystroke logging software developed by the FBI MAGNETIC - sensor collection of magnetic emanations ( MAGNUM - Series of SIGINT spy satellites (since 1985) MAILORDER - MAIN CORE - Federal database of personal and financial data of suspicious US citizens MAINWAY - NSA database of bulk phone metadata (Call records DB) MARINA - NSA database of bulk internet metadata (Internet records DB) MENTOR - Class of SIGINT spy satellites (since 1995) MESSIAH - NSA automated message handling system METTLESOME - NSA Collection mission system MINARET - A sister project to Project SHAMROCK (1967-1973) MINERALIZE - collection from LAN implant ( MOONLIGHTPATH - An NSA collection program MORAY - Retired compartment for the least sensitive COMINT material • N NUCLEON - Database for contents of phone calls (Voice data DB)
  11. 11. • O OAKSTAR - NSA internet and telephony network collection program, voir aussi "2013 mass surveillance disclosures". OCEAN - (?) from OCEANARIUM - Database for SIGINT from NSA and intelligence sharing partners around the world. OCELOT - Probably a NSA program for collection from internet and telephony networks OCTAVE - NSA tool for telephone network tasking OCTSKYWARD - NSA tool or database OSCAR - SIGINT Exchange Designator for the USA • P PATHFINDER - SIGINT analysis tool (made by SAIC) PINWALE - Database for recorded signals intercepts/internet content (Video data DB) PLUS - NSA SIGINT production feedback program * PRISM - NSA collection program for foreign internet data PROTON - Smaller size SIGINT database PURPLE - Codename for a Japanese diplomatic cryptosystem during WWII PUZZLECUBE - NSA tool or database • Q QUANTUM - see FOXACID - target the TOR's users,
  12. 12. • R RADON - host tap than can inject Ethernet packets onto the same target - exploitation of denied networks (cf. • RAGTIME (RT) - Codeword for four NSA surveillance programs (Ragtime-A, B, C et P). RAMPART / RAMPART-T - penetration of hard targets at or near leadership level RENOIR - NSA telephone network visualization tool RESERVE (RSV) - Control system for the National Reconnaissance Office (NRO) RICHTER - SIGINT Exchange Designator for Germany RUFF - Compartment of TALENT KEYHOLE for IMINT satellites RHYOLITE - Class of SIGINT spy satellites (in 1975 changed to AQUACADE) • S • SABRE - Retired(?) SIGINT product codeword SAVILLE - Narrow band voice encryption used for radio and telephone communication SCISSOR SCORPIOFORE - SHARKFIN - Sweeps up all-source communications intelligence at high speed and volumes SEMESTER - NSA SIGINT reporting tool SENTINEL - NSA database security filter SETTEE- SIGINT Exchange Designator for South Korea
  13. 13. • SHAMROCK - Operation for intercepting telegraphic data going in or out the US (1945-1975) SHELLTRUMPET - NSA metadata processing program SILKWORTH - A software program used for the ECHELON system SIRE - A software program used for the ECHELON system SKYWRITER - NSA internet intelligence reporting tool SOLIS - SIGINT product databases SPHINX - Counterintelligence database of the Defense Intelligence Agency SPINNERET - an NSA operational branche? SPOKE - Retired compartment for less sensitive COMINT material STELLARWIND (STLW) - SCI compartment for the President's Surveillance Program information STONE GHOST - DIA classified network for information exchange with UK, Canada and Australia STORMBREW - NSA internet and telephony network collection program STUMPCURSOR - Foreign computer accessing program of the NSA's Tailored Access Operations
  14. 14. • T • TALENT KEYHOLE (TK) - Control system for space-based collection platforms TALK QUICK - An interim secure voice system created to satisfy urgent requirements imposed by conditions to Southeast Asia. Function was absorbed by AUTOSEVOCOM TAPERLAY - covername for Global Numbering Data Base (GNDB)? TAROTCARD - NSA tool or database TEMPEST - Investigations and studies of compromising electronic emanations THINTREAD - NSA program for wiretapping and sophisticated analysis of the resulting data TRAFFICTHIEF - Part of the TURBULENCE and the PRISM programs TRAILBLAZER - NSA Program to analyze data carried on communications networks TREASUREMAP - NSA internet content visualization tool TRIBUTARY - NSA provided voice threat warning network TRINE - Predecessor of the UMBRA compartment for COMINT TRUMPET - Series of ELINT reconnaissance satellites (1994-2008) TUNINGFORK - NSA tool or database TURBULENCE - NSA Program to detect threats in cyberspace (2005- ) TURMOIL - Part of the TURBULENCE program TUSKATTIRE - DNR (telephony) ingest processor TUTELAGE - Part of the TURBULENCE program
  15. 15. • U • UMBRA - Retired compartment for the most sensitive COMINT material UNIFORM - SIGINT Exchange Designator for Canada UPSTREAM - • V VAGRANT - computer screens / captures d'écrans []( diplomatie-francaise-sur-ecoute-aux-etats-unis35007173210.html VORTEX - Class of SIGINT spy satellites (1978-1989) • W WEALTHYCLUSTER - Program to hunt down tips on terrorists in cyberspace (2002- ) WEBCANDID - NSA tool or database WHITEBOX - • X XCONCORD - Program for finding key words in foreign language documents XKEYSCORE (XKS) - Program for analysing SIGINT traffic • Z ZARF - Compartment of TALENT KEYHOLE for ELINT satellites
  16. 16. “If everything is terrorism, then nothing is terrorism,” - David Gomez, a former senior FBI agent.
  17. 17. 2 INSIDER
  18. 18. No more than 22 personnel at NSA were to have access to the highly classified data - Michael Hayden, former director of the NSA and CIA,
  19. 19. “Does your organization have a way to detect unauthorized access to your data?”
  20. 20. “Does your organization uses and monitors the available technology”