Misplaced Pages

#996003

132-576: TAO identifies, monitors, infiltrates, and gathers intelligence on computer systems being used by entities foreign to the United States. TAO is reportedly "the largest and arguably the most important component of the NSA's huge Signals Intelligence Directorate (SID), consisting of more than 1,000 military and civilian computer hackers, intelligence analysts, targeting specialists, computer hardware and software designers, and electrical engineers. The office

264-537: A KGB mole within it, created considerable media interest. In 1984, GCHQ was the centre of a political row when, in the wake of strikes which affected Sigint collection, the Conservative government of Margaret Thatcher prohibited its employees from belonging to a trade union, asserting that membership of a union was in conflict with national security . The government offered £1,000 to each employee who agreed to give up their right to union membership. Following

396-595: A diplomatic mission representing U.S. interests before the UN and other international organizations , Snowden received a diplomatic passport and a four-bedroom apartment near Lake Geneva . According to Greenwald, while there Snowden said he was "considered the top technical and cybersecurity expert" in that country and "was hand-picked by the CIA to support the president at the 2008 NATO summit in Romania ". A 2016 report from

528-784: A rear admiral in the Coast Guard, became a senior official with the FBI and was at the Pentagon in 2001 during the September 11 attacks . Edward Snowden said that he had expected to work for the federal government, as had the rest of his family. His parents divorced in 2001, and his father remarried. In the early 1990s, while still in grade school, Snowden moved with his family to the area of Fort Meade, Maryland . Mononucleosis caused him to miss high school for almost nine months. Rather than returning to school, he claims to have passed

660-492: A system administrator , Snowden has said he was an infrastructure analyst, which meant that his job was to look for new ways to break into Internet and telephone traffic around the world. An anonymous source told Reuters that, while in Hawaii, Snowden may have persuaded 20–25 co-workers to give him their login credentials by telling them he needed them to do his job. The NSA sent a memo to Congress saying that Snowden had tricked

792-520: A "computer wizard". Snowden was sent to the CIA's secret school for technology specialists, where he lived in a hotel for six months while studying and training full-time. In March 2007, the CIA stationed Snowden with diplomatic cover in Geneva , Switzerland , where he was responsible for maintaining computer-network security. Assigned to the U.S. Permanent Mission to the United Nations ,

924-446: A FOX media segment. The US government formally apologised for the unfounded allegations and promised they would not be repeated. British intelligence did gather information relating to Russian contacts made by Trump's campaign team in the run-up to his election, which were passed on to US intelligence agencies. On 31 October 2018, GCHQ joined Instagram . GCHQ personnel are recognised annually by King Charles III (formerly

1056-458: A May 2014 interview to quantify the number of documents Snowden stole, retired NSA director Keith Alexander said there was no accurate way of counting what he took, but Snowden may have downloaded more than a million documents. The September 15, 2016 HPSCI report estimated the number of downloaded documents at 1.5 million. In a 2013 Associated Press interview, Glenn Greenwald stated: In order to take documents with him that proved that what he

1188-561: A May 2014 interview, Snowden told NBC News that after bringing his concerns about the legality of the NSA spying programs to officials, he was told to stay silent on the matter. He said that the NSA had copies of emails he sent to their Office of General Counsel, oversight, and compliance personnel broaching "concerns about the NSA's interpretations of its legal authorities. I had raised these complaints not just officially in writing through email, but to my supervisors, to my colleagues, in more than one office." In May 2014, U.S. officials released

1320-507: A San Francisco–based nonprofit organization that aims to protect journalists from hacking and government surveillance. He also has a job at an unnamed Russian IT company. In 2017, he married Lindsay Mills . On September 17, 2019, his memoir Permanent Record was published. On September 2, 2020, a U.S. federal court ruled in United States v. Moalin that one of the U.S. intelligence 's mass surveillance program exposed by Snowden

1452-556: A US court order before disclosing data. However the head of the UK technology industry group techUK rejected these claims, stating that they understood the issues but that disclosure obligations "must be based upon a clear and transparent legal framework and effective oversight rather than, as suggested, a deal between the industry and government". In 2015, documents obtained by The Intercept from US National Security Agency whistleblower Edward Snowden revealed that GCHQ had carried out

SECTION 10

#1732791709997

1584-401: A University of Liverpool computer security master's degree in 2013. The university said that Snowden registered for an online master's degree program in computer security in 2011 but was inactive as a student and had not completed the program. In his May 2014 interview with NBC News , Snowden accused the U.S. government of trying to use one position here or there in his career to distract from

1716-572: A basic understanding of Mandarin Chinese and was deeply interested in martial arts . At age 20, he listed his religion as Buddhism after working at a U.S. military base in Japan. In September 2019, as part of interviews relating to the release of his memoir Permanent Record , Snowden revealed to The Guardian that he married Lindsay Mills in a courthouse in Moscow. The couple's first son

1848-402: A big impact that I didn't turn over" and that "I have to screen everything before releasing it to journalists ... If I have time to go through this information, I would like to make it available to journalists in each country." Despite these measures, the improper redaction of a document by The New York Times resulted in the exposure of intelligence activity against al-Qaeda . In June 2014,

1980-404: A chance to respond (it's unclear if the compromised router facilitates this race on the return trip). Prior to the development of this technology, FOXACID software made spear-phishing attacks the NSA referred to as spam. If the browser is exploitable, further permanent "implants" (rootkits etc.) are deployed in the target computer, e.g. OLYMPUSFIRE for Windows, which gives complete remote access to

2112-705: A chapter of the book Whistleblowing Nation , published in March 2020, an adaptation of which also appeared on Lawfare Blog in March 2019. The unclassified portion of a September 15, 2016, report by the United States House Permanent Select Committee on Intelligence (HPSCI), initiated by the chairman and Ranking Member in August 2014, and posted on the website of the Federation of American Scientists , concluded that Snowden

2244-584: A conference slideshow presented by the GCHQ. Soon after becoming Director of GCHQ in 2014, Robert Hannigan wrote an article in the Financial Times on the topic of internet surveillance , stating that "however much [large US technology companies] may dislike it, they have become the command and control networks of choice for terrorists and criminals" and that GCHQ and its sister agencies "cannot tackle these challenges at scale without greater support from

2376-496: A fellow employee into sharing his personal private key to gain greater access to the NSA's computer system. Snowden disputed the memo, saying in January 2014, "I never stole any passwords, nor did I trick an army of co-workers." Booz Allen terminated Snowden's employment on June 10, 2013, the day after he went public with his story, and 3 weeks after he had left Hawaii on a leave of absence. The former colleague said Snowden

2508-501: A group of 14 former GCHQ employees, who had been dismissed after refusing to give up their union membership, were offered re-employment, which three of them accepted. The legal case Council of Civil Service Unions v Minister for the Civil Service is significant beyond the dispute, and even beyond trade union law, in that it held for the first time that the royal prerogative is generally subject to judicial review , although

2640-589: A mail-order catalog, one from which other NSA employees can order technologies from the ANT division for tapping their targets' data." The document was created in 2008. Security researcher Jacob Appelbaum gave a speech at the Chaos Communications Congress in Hamburg , Germany , in which he detailed techniques that the simultaneously published Der Spiegel article he coauthored disclosed from

2772-454: A mass-surveillance operation, codenamed KARMA POLICE , since about 2008. The operation swept up the IP address of Internet users visiting websites, and was established with no public scrutiny or oversight. KARMA POLICE is a powerful spying tool in conjunction with other GCHQ programs because IP addresses could be cross-referenced with other data. The goal of the program, according to the documents,

SECTION 20

#1732791709997

2904-513: A polygraph exam and underwent a stringent background investigation. After attending a 2006 job-fair focused on intelligence agencies, Snowden accepted an offer for a position at the CIA. The Agency assigned him to the global communications division at CIA headquarters in Langley, Virginia . In May 2006, Snowden wrote in Ars Technica that he had no trouble getting work because he was

3036-472: A result of the cuts. The cuts had been mostly reversed by 2000 in the wake of threats from violent non-state actors , and risks from increased terrorism, organised crime and illegal access to nuclear, chemical and biological weapons. David Omand became the Director of GCHQ in 1996, and greatly restructured the agency in the face of new and changing targets and rapid technological change. Omand introduced

3168-441: A secret court order requiring Verizon to hand the NSA millions of Americans' phone records daily, as well as the surveillance of phone and Internet records of French citizens, with specific targets of French people either "suspected of association with terrorist activities" or in "the worlds of business, politics or French state administration." XKeyscore , an analytical tool that allows for collection of "almost anything done on

3300-434: A sexually compromising situation. But they're extremely attractive. So what do they do? They turn around in their chair and they show a co-worker ... and sooner or later this person's whole life has been seen by all of these other people. Snowden observed that this behavior happened routinely every two months but was never reported, being considered one of the " fringe benefits " of the work. Snowden has described himself as

3432-463: A single email that Snowden had written in April 2013 inquiring about legal authorities but said that they had found no other evidence that Snowden had expressed his concerns to someone in an oversight position. In June 2014, the NSA said it had not been able to find any records of Snowden raising internal complaints about the agency's operations. That same month, Snowden explained that he had not produced

3564-672: A single network. TAO's headquarters are termed the Remote Operations Center (ROC) and are based at the NSA headquarters at Fort Meade, Maryland . TAO also has expanded to NSA Hawaii ( Wahiawa , Oahu), NSA Georgia ( Fort Eisenhower , Georgia), NSA Texas ( Joint Base San Antonio , Texas), and NSA Colorado ( Buckley Space Force Base , Denver). Details on a program titled QUANTUMSQUIRREL indicate NSA ability to masquerade as any routable IPv4 or IPv6 host. This enables an NSA computer to generate false geographical location and personal identification credentials when accessing

3696-453: A whistleblower, a description used by many sources, including CNBC , The New Yorker , Reuters, and The Guardian , among others. The term has both informal and legal meanings. Snowden said that he had told multiple employees and two supervisors about his concerns, but the NSA disputes his claim. Snowden elaborated in January 2014, saying "[I] made tremendous efforts to report these programs to co-workers, supervisors, and anyone with

3828-488: A year as system administrator and pre-sales technical engineer on Dell's CIA account. In that capacity, he was consulted by the chiefs of the CIA's technical branches, including the agency's chief information officer and its chief technology officer . U.S. officials and other sources familiar with the investigation said Snowden began downloading documents describing the government's electronic spying programs while working for Dell in April 2012. Investigators estimated that of

3960-545: Is an American former NSA intelligence contractor and whistleblower who leaked classified documents revealing the existence of global surveillance programs. He became a naturalized Russian citizen in 2022. In 2013, while working as a government contractor, Snowden leaked highly classified information from the National Security Agency (NSA). He was indicted for espionage. His disclosures revealed numerous global surveillance programs, many run by

4092-435: Is currently known as Office of Computer Network Operations (OCNO). ". A document leaked by former NSA contractor Edward Snowden describing the unit's work says TAO has software templates allowing it to break into commonly used hardware, including "routers, switches, and firewalls from multiple product vendor lines". TAO engineers prefer to tap networks rather than isolated computers, because there are typically many devices on

Tailored Access Operations - Misplaced Pages Continue

4224-442: Is done using analytic databases such as XKeyscore . A specific method of finding vulnerable machines is interception of Windows Error Reporting traffic, which is logged into XKeyscore. QUANTUM attacks launched from NSA sites can be too slow for some combinations of targets and services as they essentially try to exploit a race condition , i.e. the NSA server is trying to beat the legitimate server with its response. As of mid-2011,

4356-497: Is installed, and send them on to customers. TAO has also targeted internet browsers Tor and Firefox . According to a 2013 article in Foreign Policy , TAO has become "increasingly accomplished at its mission, thanks in part to the high-level cooperation it secretly receives from the 'big three' American telecom companies ( AT&T , Verizon and Sprint ), most of the large US-based Internet service providers, and many of

4488-470: Is responsible for securing the UK's own communications. The Joint Technical Language Service (JTLS) is a small department and cross-government resource responsible for mainly technical language support and translation and interpreting services across government departments. It is co-located with GCHQ for administrative purposes. In 2013, GCHQ received considerable media attention when the former National Security Agency contractor Edward Snowden revealed that

4620-732: Is that GCHQ and its US equivalent, the National Security Agency (NSA), share technologies, infrastructure and information. GCHQ ran many signals intelligence (SIGINT) monitoring stations abroad. During the early Cold War , the remnants of the British Empire provided a global network of ground stations which were a major contribution to the UKUSA Agreement; the US regarded RAF Little Sai Wan in Hong Kong as

4752-447: Is used to commandeer (i.e. compromise) untargeted computer systems. The software is used as a part of QUANTUMNATION, which also includes the software vulnerability scanner VALIDATOR. The tool was first described at the 2014 Chaos Communication Congress by Jacob Appelbaum , who characterized it as tyrannical. QUANTUMCOOKIE is a more complex form of attack which can be used against Tor users. Suspected, alleged and confirmed targets of

4884-644: The British Army for GCHQ. In March 2010, GCHQ was criticised by the Intelligence and Security Committee for problems with its IT security practices and failing to meet its targets for work targeted against cyber attacks. As revealed by Edward Snowden in The Guardian , GCHQ spied on foreign politicians visiting the 2009 G-20 London Summit by eavesdropping phonecalls and emails and monitoring their computers, and in some cases even ongoing after

5016-609: The Communications-Electronic Security Department (CESD). In October 1969, CESD was merged into GCHQ and becoming Communications-Electronic Security Group ( CESG ). In 1977 CESG relocated from Eastcote to Cheltenham. CESG continued as the UK National Technical Authority for information assurance , including cryptography . CESG did not manufacture security equipment, but worked with industry to ensure

5148-567: The GED test. He took classes at Anne Arundel Community College . Although Snowden had no undergraduate college degree, he worked online toward a master's degree at the University of Liverpool , England , in 2011. He was interested in Japanese popular culture , had studied the Japanese language , and worked for an anime company that had a resident office in the U.S. He also said he had

5280-773: The Government Code and Cypher School ( GC&CS ) and was known under that name until 1946. During the Second World War it was located at Bletchley Park , where it was responsible for breaking the German Enigma codes . There are two main components of GCHQ, the Composite Signals Organisation (CSO), which is responsible for gathering information, and the National Cyber Security Centre (NCSC), which

5412-733: The Suez War led to the eviction of GCHQ from several of its best foreign SIGINT collection sites, including the new Perkar, Ceylon site and RAF Habbaniya , Iraq. The staff largely moved to tented encampments on military bases in Cyprus, which later became the Sovereign Base Area . During the Cuban Missile Crisis , GCHQ Scarborough intercepted radio communications from Soviet ships reporting their positions and used that to establish where they were heading. A copy of

Tailored Access Operations - Misplaced Pages Continue

5544-632: The United States National Security Agency (NSA) Tailored Access Operations (TAO) by the Advanced Network Technology (ANT) Division to aid in cyber surveillance. Most devices are described as already operational and available to US nationals and members of the Five Eyes alliance. According to Der Spiegel , which released the catalog to the public on December 30, 2013, "The list reads like

5676-509: The United States Intelligence Community "if they think you are the single point of failure that could stop this disclosure and make them the sole owner of this information." In May 2013, Snowden was permitted temporary leave from his position at the NSA in Hawaii, on the pretext of receiving treatment for his epilepsy . In mid-May, Snowden gave an electronic interview to Poitras and Jacob Appelbaum which

5808-651: The Whistleblower Protection Act of 1989 (5 USC 2303(b)(8)-(9); Pub. Law 101-12). However, Snowden's potential status as a whistleblower under the 1989 Act is not directly addressed in the criminal complaint against him in the United States District Court for the Eastern District of Virginia (see below) (Case No. 1:13 CR 265 (0MH)). These and similar and related issues are discussed in an essay by David Pozen, in

5940-603: The government and armed forces of the United Kingdom . Primarily based at " The Doughnut " in the suburbs of Cheltenham , GCHQ is the responsibility of the country's Secretary of State for Foreign and Commonwealth Affairs (Foreign Secretary), but it is not a part of the Foreign Office and its director ranks as a Permanent Secretary . GCHQ was originally established after the First World War as

6072-459: The "widespread surveillance" and for helping to spark a "huge public debate about the extent of the government's spying". The Guardian ' s chief editor, Alan Rusbridger , credited Snowden for having performed a public service. The ongoing publication of leaked documents has revealed previously unknown details of a global surveillance apparatus run by the NSA in close cooperation with three of its four Five Eyes partners: Australia's ASD ,

6204-606: The 1920s, GC&CS was successfully reading Soviet Union diplomatic cyphers. However, in May 1927, during a row over clandestine Soviet support for the General Strike and the distribution of subversive propaganda, Prime Minister Stanley Baldwin made details from the decrypts public. During the Second World War, GC&CS was based largely at Bletchley Park , in present-day Milton Keynes , working on understanding

6336-560: The 50,000 to 200,000 documents Snowden gave to Greenwald and Poitras, most were copied by Snowden while working at Dell. In March 2012, Dell reassigned Snowden to Hawaii as lead technologist for the NSA's information-sharing office. On March 15, 2013—three days after what he later called his "breaking point" of "seeing the Director of National Intelligence , James Clapper , directly lie under oath to Congress" —Snowden quit his job at Dell. Although he has said his career high annual salary

6468-900: The Army and RAF codebreakers went to the Wireless Experimental Centre in Delhi, India. The Navy codebreakers in FECB went to Colombo , Ceylon, then to Kilindini , near Mombasa , Kenya. GC&CS was renamed the Government Communications Headquarters (GCHQ) in June 1946. The organisation was at first based in Eastcote in northwest London, then in 1951 moved to the outskirts of Cheltenham , setting up two sites at Oakley and Benhall . One of

6600-506: The CIA. In 2009, Snowden began work as a contractor for Dell , which manages computer systems for multiple government agencies. Assigned to an NSA facility at Yokota Air Base near Tokyo , Snowden instructed top officials and military officers on how to defend their networks from Chinese hackers. Snowden looked into mass surveillance in China which prompted him to investigate and then expose Washington's mass surveillance program after he

6732-660: The Corporate Board are: During the First World War, the British Army and Royal Navy had separate signals intelligence agencies, MI1b and NID25 (initially known as Room 40) respectively. In 1919, the Cabinet's Secret Service Committee, chaired by Lord Curzon , recommended that a peacetime codebreaking agency should be created, a task which was given to the Director of Naval Intelligence , Hugh Sinclair . Sinclair merged staff from NID25 and MI1b into

SECTION 50

#1732791709997

6864-558: The German Enigma machine and Lorenz ciphers . In 1940, GC&CS was working on the diplomatic codes and ciphers of 26 countries, tackling over 150 diplomatic cryptosystems. Senior staff included Alastair Denniston , Oliver Strachey , Dilly Knox , John Tiltman , Edward Travis , Ernst Fetterlein , Josh Cooper , Donald Michie , Alan Turing , Gordon Welchman , Joan Clarke , Max Newman , William Tutte , I. J. (Jack) Good , Peter Calvocoressi and Hugh Foss . The 1943 British–US Communication Intelligence Agreement, BRUSA , connected

6996-772: The Hong Kong stations operations were moved to Australian Defence Satellite Communications Station in Geraldton in Western Australia . Operations that used GCHQ's intelligence-gathering capabilities in the 1990s included the monitoring of communications of Iraqi soldiers in the Gulf War , of dissident republican terrorists and the Real IRA , of the various factions involved in the Yugoslav Wars , and of

7128-607: The House of Lords ruled in favour of the Crown in this instance. The Intelligence Services Act 1994 formalised the activities of the intelligence agencies for the first time, defining their purpose, and the British Parliament's Intelligence and Security Committee was given a remit to examine the expenditure, administration and policy of the three intelligence agencies. The objectives of GCHQ were defined as working as "in

7260-515: The Internet utilizing QUANTUMSQUIRREL. From 2013 to 2017, the head of TAO was Rob Joyce , a 25-plus year employee who previously worked in the NSA's Information Assurance Directorate (IAD). In January 2016, Joyce had a rare public appearance when he gave a presentation at the Usenix’s Enigma conference. The NSA ANT catalog is a 50-page classified document listing technology available to

7392-598: The London Sunday Times reported that Russian and Chinese intelligence services had decrypted more than 1 million classified files in the Snowden cache, forcing the UK's MI6 intelligence agency to move agents out of live operations in hostile countries. Sir David Omand , a former director of the UK's GCHQ intelligence gathering agency, described it as a huge strategic setback that was harming Britain, America, and their NATO allies. The Sunday Times said it

7524-470: The NSA and the Five Eyes intelligence alliance with the cooperation of telecommunication companies and European governments and prompted a cultural discussion about national security and individual privacy. In 2013, Snowden was hired by an NSA contractor, Booz Allen Hamilton , after previous employment with Dell and the CIA . Snowden says he gradually became disillusioned with the programs with which he

7656-461: The NSA of vulnerabilities it knows about, before fixes or information about these vulnerabilities is available to the public; this enables TAO to execute so-called zero-day attacks . A Microsoft official who declined to be identified in the press confirmed that this is indeed the case, but said that Microsoft cannot be held responsible for how the NSA uses this advance information. Edward Snowden Edward Joseph Snowden (born June 21, 1983)

7788-405: The NSA was prototyping a capability codenamed QFIRE, which involved embedding their exploit-dispensing servers in virtual machines (running on VMware ESX ) hosted closer to the target, in the so-called Special Collection Sites (SCS) network worldwide. The goal of QFIRE was to lower the latency of the spoofed response, thus increasing the probability of success. COMMENDEER [ sic ]

7920-532: The NSA's recently installed director, U.S. Navy Admiral Michael S. Rogers , said that while some terrorist groups had altered their communications to avoid surveillance techniques revealed by Snowden, the damage done was not significant enough to conclude that "the sky is falling." Nevertheless, in February 2015, Rogers said that Snowden's disclosures had a material impact on the NSA's detection and evaluation of terrorist activities worldwide. On June 14, 2015,

8052-658: The NSA. In March 2014, Army General Martin Dempsey , Chairman of the Joint Chiefs of Staff , told the House Armed Services Committee , "The vast majority of the documents that Snowden ... exfiltrated from our highest levels of security ... had nothing to do with exposing government oversight of domestic activities. The vast majority of those were related to our military capabilities, operations, tactics, techniques, and procedures." When asked in

SECTION 60

#1732791709997

8184-411: The Prince of Wales) at the Prince of Wales's Intelligence Community Awards at St James's Palace or Clarence House alongside members of the Security Service (MI5), and Secret Intelligence Service (MI6). Awards and citations are given to teams within the agencies as well as individuals. As well as a mission to gather intelligence, GCHQ has for a long time had a corresponding mission to assist in

8316-428: The Security Service and SIS (MI5 and MI6). In December 1994 the businessman Roger Hurn was commissioned to begin a review of GCHQ, which was concluded in March 1995. Hurn's report recommended a cut of £100  million in GCHQ's budget; such a large reduction had not been suffered by any British intelligence agency since the end of World War II. The J Division of GCHQ, which had collected SIGINT on Russia, disappeared as

8448-673: The Tailored Access Operations unit include national and international entities like China , Northwestern Polytechnical University , OPEC , and Mexico's Secretariat of Public Security . The group has also targeted global communication networks via SEA-ME-WE 4 – an optical fibre submarine communications cable system that carries telecommunications between Singapore, Malaysia, Thailand, Bangladesh, India, Sri Lanka, Pakistan, United Arab Emirates, Saudi Arabia, Sudan, Egypt, Italy, Tunisia, Algeria and France. Additionally, Försvarets radioanstalt (FRA) in Sweden gives access to fiber optic links for QUANTUM cooperation. TAO's QUANTUM INSERT technology

8580-431: The UK's GCHQ , and Canada's CSEC . On June 5, 2013, media reports documenting the existence and functions of classified surveillance programs and their scope began and continued throughout the entire year. The first program to be revealed was PRISM, which allows for direct access to data on the servers of Microsoft, Yahoo, Google, Facebook, PalTalk, AOL, Skype, YouTube, and Apple. Barton Gellman of The Washington Post

8712-427: The US House of Representatives Select Committee on Intelligence said that Snowden's official position at CIA was an entry-level technical services officer. Snowden described his CIA experience in Geneva as formative, stating that the CIA deliberately got a Swiss banker drunk and encouraged him to drive home. Snowden said that when the latter was arrested for drunk driving, a CIA operative offered to help in exchange for

8844-455: The United States gathered information on militants. As a result, the group's top leaders used couriers or encrypted channels to avoid being tracked or monitored by Western analysts. According to Snowden, he did not indiscriminately turn over documents to journalists, stating that "I carefully evaluated every single document I disclosed to ensure that each was legitimately in the public interest. There are all sorts of documents that would have made

8976-420: The agency was in the process of collecting all online and telephone data in the UK via the Tempora programme. Snowden's revelations began a spate of ongoing disclosures of global surveillance . The Guardian newspaper was forced to destroy computer hard drives with the files Snowden had given them because of the threats of a lawsuit under the Official Secrets Act. In June 2014, The Register reported that

9108-442: The availability of suitable products and services, while GCHQ itself funded research into such areas, for example to the Centre for Quantum Computation at Oxford University and the Heilbronn Institute for Mathematical Research at the University of Bristol . In the 21st century, CESG ran a number of assurance schemes such as CHECK, CLAS , Commercial Product Assurance (CPA) and CESG Assisted Products Service (CAPS). In 1970

9240-432: The banker becoming an informant. Ueli Maurer , President of the Swiss Confederation for the year 2013, publicly disputed Snowden's claims in June of that year. "This would mean that the CIA successfully bribed the Geneva police and judiciary. With all due respect, I just can't imagine it," said Maurer. In February 2009, following six counseling sessions from his supervisors regarding poor performance, Snowden resigned from

9372-402: The breakdown of talks and the failure to negotiate a no-strike agreement, a number of mass national one-day strikes were held to protest against this decision, believed by some to be the first step to wider bans on trade unions. Appeals to British courts and the European Commission of Human Rights were unsuccessful. An appeal to the International Labour Organization resulted in a decision that

9504-579: The canceled passport, and he was restricted to the airport terminal for over one month. Russia later granted Snowden the right of asylum with an initial visa for residence for one year, which was repeatedly extended. In October 2020, he was granted permanent residency in Russia. In September 2022, Snowden was granted Russian citizenship by President Vladimir Putin . A subject of controversy, Snowden has been variously praised and condemned for his leaks. Snowden has defended his actions as an effort "to inform

9636-402: The catalog. The TAO has developed an attack suite they call QUANTUM. It relies on a compromised router that duplicates internet traffic, typically HTTP requests, so that they go both to the intended target and to an NSA site (indirectly). The NSA site runs FOXACID software which sends back exploits that load in the background in the target web browser before the intended destination has had

9768-443: The codename " Verax ". He asked not to be quoted at length for fear of identification by stylometry . According to Gellman, before their first meeting in person, Snowden wrote, "I understand that I will be made to suffer for my actions and that the return of this information to the public marks my end." Snowden also told Gellman that until the articles were published, the journalists working with him would also be at mortal risk from

9900-412: The communiqués in question because of the ongoing nature of the dispute, disclosing for the first time that "I am working with the NSA in regard to these records and we're going back and forth, so I don't want to reveal everything that will come out." Self-description as a whistleblower and attribution as such in news reports does not determine whether he qualifies as a whistleblower within the meaning of

10032-693: The concept for public-key encryption ( public key infrastructure ) was developed and proven by GCHQ's James H. Ellis . Ellis lacked the number theory skills required to build a workable system. In 1974 GCHQ mathematician Clifford Cocks had developed a workable public key cryptography algorithm and a workable PKI system. Cocks's system was not available in the public domain until it was declassified in 1997. By 1997 broader public key cryptography commercial technologies had been independently developed and had become well established, in areas such as email security , digital signatures , and TLS (a fundamental TCP/IP security component) etc. Most notably in 1977

10164-486: The concept of "Sinews" (or "SIGINT New Systems") which allowed more flexible working methods, avoiding overlaps in work by creating fourteen domains, each with a well-defined working scope. The tenure of Omand also saw the construction of a modern new headquarters, intended to consolidate the two old sites at Oakley and Benhall into a single, more open-plan work environment. Located on a 176-acre site in Benhall, it would be

10296-522: The criminal Kenneth Noye . In the mid-1990s GCHQ began to assist in the investigation of cybercrime . At the end of 2003, GCHQ moved in to its new building. Built on a circular plan around a large central courtyard, it quickly became known as the Doughnut . At the time, it was one of the largest public-sector building projects in Europe, with an estimated cost of £337 million. The new building, which

10428-594: The government's actions were in violation of Freedom of Association and Protection of the Right to Organise Convention . A no-strike agreement was eventually negotiated and the ban lifted by the incoming Labour government in 1997, with the Government Communications Group of the Public and Commercial Services Union (PCS) being formed to represent interested employees at all grades. In 2000,

10560-564: The handling of this issue was becoming essential to their credibility as an organisation. The Internet had become a "cyber commons", with its dominance creating a "second age of Sigint". GCHQ transformed itself accordingly, including greatly expanded Public Relations and Legal departments, and adopting public education in cyber security as an important part of its remit. In February 2014, The Guardian , based on documents provided by Snowden, revealed that GCHQ had indiscriminately collected 1.8 million private Yahoo webcam images from users across

10692-730: The infected machine. This type of attack is part of the man-in-the-middle attack family, though more specifically it is called man-on-the-side attack . It is difficult to pull off without controlling some of the Internet backbone . There are numerous services that FOXACID can exploit this way. The names of some FOXACID modules are given below: By collaboration with the British Government Communications Headquarters (GCHQ) ( MUSCULAR ), Google services could be attacked too, including Gmail . Finding machines that are exploitable and worth attacking

10824-474: The information the government sought to suppress by destroying the hard drives related to the location of a "beyond top secret" GCHQ internet monitoring base in Seeb , Oman, and the close involvement of BT and Cable & Wireless in intercepting internet communications. GCHQ is led by the Director of GCHQ, Anne Keast-Butler , and a Corporate Board, made up of executive and non-executive directors. Reporting to

10956-637: The initial articles based on the leaked documents were published, beginning with The Guardian on June 5. Greenwald later said Snowden disclosed 9,000 to 10,000 documents. Within months, documents had been obtained and published by media outlets worldwide, most notably The Guardian (Britain), Der Spiegel (Germany), The Washington Post and The New York Times (U.S.), O Globo (Brazil), Le Monde (France), and similar outlets in Sweden , Canada , Italy , Netherlands , Norway , Spain , and Australia . In 2014, NBC broke its first story based on

11088-501: The intelligence agencies should "investigate whether all the functions that GCHQ carries out today are still necessary." In late 1993 civil servant Michael Quinlan advised a deep review of the work of GCHQ following the conclusion of his "Review of Intelligence Requirements and Resources", which had imposed a 3% cut on the agency. The Chief Secretary to the Treasury , Jonathan Aitken , subsequently held face to face discussions with

11220-460: The intelligence agency directors to assess further savings in the wake of Quinlan's review. Aldrich (2010) suggests that Sir John Adye , the then Director of GCHQ performed badly in meetings with Aitken, leading Aitken to conclude that GCHQ was "suffering from out-of-date methods of management and out-of-date methods for assessing priorities". GCHQ's budget was £850 million in 1993, (£2.19 billion as of 2023) compared to £125 million for

11352-622: The interests of national security, with particular reference to the defence and foreign policies of His Majesty's government; in the interests of the economic wellbeing of the United Kingdom; and in support of the prevention and the detection of serious crime". During the introduction of the Intelligence Agency Act in late 1993, the former Prime Minister Jim Callaghan had described GCHQ as a "full-blown bureaucracy", adding that future bodies created to provide oversight of

11484-519: The internet," was described by The Guardian as a program that shed light on one of Snowden's most controversial statements: "I, sitting at my desk [could] wiretap anyone, from you or your accountant, to a federal judge or even the president, if I had a personal email." Government Communications Headquarters Government Communications Headquarters ( GCHQ ) is an intelligence and security organisation responsible for providing signals intelligence (SIGINT) and information assurance (IA) to

11616-410: The largest building constructed for secret intelligence operations outside the United States. Operations at GCHQ's Chung Hom Kok listening station in Hong Kong ended in 1994. GCHQ's Hong Kong operations were extremely important to their relationship with the NSA, who contributed investment and equipment to the station. In anticipation of the transfer of Hong Kong to the Chinese government in 1997,

11748-423: The leaked documents. In February 2014, for reporting based on Snowden's leaks, journalists Glenn Greenwald, Laura Poitras, Barton Gellman and The Guardian′ s Ewen MacAskill were honored as co-recipients of the 2013 George Polk Award , which they dedicated to Snowden. The NSA reporting by these journalists also earned The Guardian and The Washington Post the 2014 Pulitzer Prize for Public Service for exposing

11880-665: The main focus of GC&CS was on diplomatic traffic, with "no service traffic ever worth circulating" and so, at the initiative of Lord Curzon, it was transferred from the Admiralty to the Foreign Office . GC&CS came under the supervision of Hugh Sinclair , who by 1923 was both the Chief of SIS and Director of GC&CS. In 1925, both organisations were co-located on different floors of Broadway Buildings, opposite St. James's Park . Messages decrypted by GC&CS were distributed in blue-jacketed files that became known as "BJs". In

12012-701: The major reasons for selecting Cheltenham was that the town had been the location of the headquarters of the United States Army Services of Supply for the European Theater during the War, which built up a telecommunications infrastructure in the region to carry out its logistics tasks. Following the Second World War , US and British intelligence have shared information as part of the UKUSA Agreement . The principal aspect of this

12144-652: The material appeared in The Guardian , The Washington Post , and other publications. On June 21, 2013, the United States Department of Justice unsealed charges against Snowden of two counts of violating the Espionage Act of 1917 and theft of government property, following which the Department of State revoked his passport . Two days later, he flew into Moscow 's Sheremetyevo International Airport , where Russian authorities observed

12276-402: The measures that the source asked him to take to secure their communications, such as encrypting email, too annoying to employ. Snowden then contacted documentary filmmaker Laura Poitras in January 2013. According to Poitras, Snowden chose to contact her after seeing her New York Times article about NSA whistleblower William Binney . What originally attracted Snowden to Greenwald and Poitras

12408-522: The most hostile and dangerous environments around the world. So when they say I'm a low-level systems administrator, that I don't know what I'm talking about, I'd say it's somewhat misleading." In a June interview with Globo TV , Snowden reiterated that he "was actually functioning at a very senior level." In a July interview with The Guardian , Snowden explained that, during his NSA career, "I began to move from merely overseeing these systems to actively directing their use. Many people don't understand that I

12540-541: The most valuable of these. The monitoring stations were largely run by inexpensive National Service recruits, but when this ended in the early 1960s, the increased cost of civilian employees caused budgetary problems. In 1965 a Foreign Office review found that 11,500 staff were involved in SIGINT collection (8,000 GCHQ staff and 3,500 military personnel), exceeding the size of the Diplomatic Service . Reaction to

12672-592: The new organisation, which initially consisted of around 25–30 officers and a similar number of clerical staff. It was titled the "Government Code and Cypher School" (GC&CS), a cover-name which was chosen by Victor Forbes of the Foreign Office . Alastair Denniston , who had been a member of NID25, was appointed as its operational head. It was initially under the control of the Admiralty and located in Watergate House, Adelphi, London. Its public function

12804-535: The order of 1.7 million, a number that originally came from Department of Defense talking points. In July 2014, The Washington Post reported on a cache previously provided by Snowden from domestic NSA operations consisting of "roughly 160,000 intercepted e-mail and instant-message conversations, some of them hundreds of pages long, and 7,900 documents taken from more than 11,000 online accounts." A DIA report declassified in June 2015 said that Snowden took 900,000 Department of Defense files, more than he downloaded from

12936-702: The organisation at Eastcote later that year. From 1952 to 1954, the intelligence mission of GCHQ relocated to Cheltenham; the Security section remained at Eastcote, and in March 1954 became a separate, independent organisation: the London Communications Security Agency (LCSA), which in 1958 was renamed to the London Communications-Electronic Security Agency (LCESA). In April 1965, GPO and MOD units merged with LCESA to become

13068-399: The private sector", arguing that most internet users "would be comfortable with a better and more sustainable relationship between the [intelligence] agencies and the tech companies". Since the 2013 global surveillance disclosures , large US technology companies have improved security and become less co-operative with foreign intelligence agencies, including those of the UK, generally requiring

13200-612: The proper clearance who would listen. The reactions of those I told about the scale of the constitutional violations ranged from deeply concerned to appalled, but no one was willing to risk their jobs, families, and possibly even freedom to go to [ sic ] through what [Thomas Andrews] Drake did." In March 2014, during testimony to the European Parliament, Snowden wrote that before revealing classified information he had reported "clearly problematic programs" to ten officials, who he said did nothing in response. In

13332-586: The protection of the British government's own communications. When the Government Code and Cypher School (GC&CS) was created in 1919, its overt task was providing security advice. GC&CS's Security section was located in Mansfield College, Oxford during the Second World War. In April 1946, GC&CS became GCHQ, and the now GCHQ Security section moved from Oxford to join the rest of

13464-525: The public as to that which is done in their name and that which is done against them". His disclosures have fueled debates over mass surveillance , government secrecy , and the balance between national security and information privacy , something that he has said he intended to do in retrospective interviews. In early 2016, Snowden became the president of the Freedom of the Press Foundation ,

13596-548: The report for, in his opinion, presuming that the public became concerned about privacy only after Snowden's disclosures. Snowden's decision to leak NSA documents developed gradually following his March 2007 posting as a technician to the Geneva CIA station. Snowden later made contact with Glenn Greenwald, a journalist working at The Guardian . He contacted Greenwald anonymously as "Cincinnatus" and said he had sensitive documents that he would like to share. Greenwald found

13728-490: The report was sent directly to the White House Situation Room, providing initial indications of Soviet intentions with regards the US naval blockade of Cuba. Duncan Campbell and Mark Hosenball revealed the existence of GCHQ in 1976 in an article for Time Out ; as a result, Hosenball was deported from the UK. GCHQ had a very low profile in the media until 1983 when the trial of Geoffrey Prime ,

13860-403: The run-up to the 2003 Iraq war . GCHQ gains its intelligence by monitoring a wide variety of communications and other electronic signals. For this, a number of stations have been established in the UK and overseas. The listening stations are at Cheltenham itself, Bude , Scarborough , Ascension Island , and with the United States at Menwith Hill . Ayios Nikolaos Station in Cyprus is run by

13992-849: The signal intercept networks of the GC&;CS and the US National Security Agency (NSA). Equipment used to break enemy codes included the Colossus computer . Colossus consisted of ten networked computers. An outstation in the Far East, the Far East Combined Bureau , was set up in Hong Kong in 1935 and moved to Singapore in 1939. Subsequently, with the Japanese advance down the Malay Peninsula,

14124-402: The summit via keyloggers that had been installed during the summit. According to Edward Snowden, at that time GCHQ had two principal umbrella programs for collecting communications: GCHQ has also had access to the US internet monitoring programme PRISM from at least as far back as June 2010. PRISM is said to give the National Security Agency and FBI easy access to the systems of nine of

14256-482: The top computer security software manufacturers and consulting companies." A 2012 TAO budget document claims that these companies, on TAO's behest, "insert vulnerabilities into commercial encryption systems, IT systems, networks and endpoint communications devices used by targets". A number of US companies, including Cisco and Dell , have subsequently made public statements denying that they insert such back doors into their products. Microsoft provides advance warning to

14388-483: The totality of his experience, downplaying him as a "low-level analyst." In his words, he was "trained as a spy in the traditional sense of the word in that I lived and worked undercover overseas—pretending to work in a job that I'm not—and even being assigned a name that was not mine." He said he'd worked for the NSA undercover overseas, and for the DIA had developed sources and methods to keep information and people secure "in

14520-584: The university did not find records to show that Snowden attended the university and suggested that he may instead have attended Advanced Career Technologies, a private for-profit organization that operated as the Computer Career Institute at Johns Hopkins University. The University of Maryland University College acknowledged that Snowden had attended a summer session at a UM campus in Asia. Snowden's résumé stated that he estimated he would receive

14652-456: The work of others, Snowden recalled a moment when he and his colleagues began to have severe ethical doubts. Snowden said 18- to 22-year-old analysts were suddenly: ...thrust into a position of extraordinary responsibility, where they now have access to all your private records. In the course of their daily work, they stumble across something that is completely unrelated in any sort of necessary sense—for example, an intimate nude photo of someone in

14784-457: The world's top internet companies, including Google, Facebook, Microsoft, Apple, Yahoo, and Skype. From 2013, GCHQ realised that public attitudes to Sigint had changed and its former unquestioned secrecy was no longer appropriate or acceptable. The growing use of the Internet, together with its inherent insecurities, meant that the communications traffic of private citizens were becoming inextricably mixed with those of their targets and openness in

14916-593: The world. In the same month NBC and The Intercept , based on documents released by Snowden, revealed the Joint Threat Research Intelligence Group and the Computer Network Exploitation units within GCHQ. Their mission was cyber operations based on "dirty tricks" to shut down enemy communications, discredit, and plant misinformation on enemies. These operations were 5% of all GCHQ operations according to

15048-444: Was "either (a) a web browsing profile for every visible user on the internet, or (b) a user profile for every visible website on the internet." In 2015, GCHQ admitted for the first time in court that it conducts computer hacking. In 2017, US Press Secretary Sean Spicer made allegations that GCHQ had conducted surveillance on US President Donald Trump . These unfounded claims were based on statements made during an opinion piece in

15180-430: Was "to advise as to the security of codes and cyphers used by all Government departments and to assist in their provision", but also had a secret directive to "study the methods of cypher communications used by foreign powers". GC&CS officially formed on 1 November 1919, and produced its first decrypt prior to that date, on 19 October. Before the Second World War, GC&CS was a relatively small department. By 1922,

15312-574: Was $ 200,000, Snowden said he took a pay cut to work at consulting firm Booz Allen Hamilton , where he sought employment in order to gather data and then release details of the NSA's worldwide surveillance activity. At the time of his departure from the U.S. in May 2013, he had been employed for 15 months inside the NSA's Hawaii regional operations center , which focuses on the electronic monitoring of China and North Korea , first for Dell and then for two months with Booz Allen Hamilton . While intelligence officials have described his position there as

15444-469: Was a Salon article written by Greenwald detailing how Poitras's controversial films had made her a target of the government. Greenwald began working with Snowden in either February or April 2013, after Poitras asked Greenwald to meet her in New York City, at which point Snowden began providing documents to them. Barton Gellman , writing for The Washington Post , says his first direct contact

15576-502: Was actually an analyst and I designated individuals and groups for targeting." Snowden subsequently told Wired that while at Dell in 2011, "I would sit down with the CIO of the CIA, the CTO of the CIA, the chiefs of all the technical branches. They would tell me their hardest technology problems, and it was my job to come up with a way to fix them." During his time as an NSA analyst, directing

15708-602: Was asked in 2009 to brief a conference in Tokyo. During his four years with Dell, he rose from supervising NSA computer system upgrades to working as what his résumé termed a "cyber strategist" and an "expert in cyber counterintelligence" at several U.S. locations. In 2010, he had a brief stint in New Delhi , India , where he enrolled himself in a local IT institute to learn core Java programming and advanced ethical hacking . In 2011, he returned to Maryland , where he spent

15840-586: Was born in December 2020, and their second son was born sometime before September 2022. Feeling a duty to fight in the Iraq War , Snowden enlisted in the United States Army on May 7, 2004, and became a Special Forces candidate through its 18X enlistment option. He did not complete the training due to a leg injury and was given an administrative discharge on September 28, 2004. Snowden

15972-409: Was designed by Gensler and constructed by Carillion , became the base for all of GCHQ's Cheltenham operations. The public spotlight fell on GCHQ in late 2003 and early 2004 following the sacking of Katharine Gun after she leaked to The Observer a confidential email from agents at the United States' National Security Agency addressed to GCHQ officers about the wiretapping of UN delegates in

16104-568: Was given full administrator privileges with virtually unlimited access to NSA data. Snowden was offered a position on the NSA's elite team of hackers , Tailored Access Operations , but turned it down to join Booz Allen. An anonymous source later said that Booz Allen's hiring screeners found possible discrepancies in Snowden's résumé but still decided to hire him. Snowden's résumé stated that he attended computer-related classes at Johns Hopkins University . A spokeswoman for Johns Hopkins said that

16236-706: Was illegal and possibly unconstitutional. Edward Joseph Snowden was born on June 21, 1983, in Elizabeth City, North Carolina . Snowden's father, Lonnie, was a warrant officer in the U.S. Coast Guard , and his mother, Elizabeth, was a clerk at the U.S. District Court for the District of Maryland . His older sister, Jessica, was a lawyer at the Federal Judicial Center in Washington, D.C. His maternal grandfather, Edward J. Barrett ,

16368-443: Was involved, and that he tried to raise his ethical concerns through internal channels but was ignored. On May 20, 2013, Snowden flew to Hong Kong after taking medical leave from his job at an NSA facility in Hawaii , and in early June he revealed thousands of classified NSA documents to journalists Glenn Greenwald , Laura Poitras , Barton Gellman , and Ewen MacAskill . Snowden came to international attention after stories based on

16500-612: Was not a whistleblower in the sense required by the Whistleblower Protection Act. The bulk of the report is classified. The exact size of Snowden's disclosure is unknown, but Australian officials have estimated 15,000 or more Australian intelligence files and British officials estimate at least 58,000 British intelligence files were included. NSA Director Keith Alexander initially estimated that Snowden had copied anywhere from 50,000 to 200,000 NSA documents. Later estimates provided by U.S. officials were in

16632-522: Was not clear whether Russia and China stole Snowden's data or whether Snowden voluntarily handed it over to remain at liberty in Hong Kong and Moscow. In April 2015, the Henry Jackson Society , a British neoconservative think tank , published a report claiming that Snowden's intelligence leaks negatively impacted Britain's ability to fight terrorism and organized crime. Gus Hosein, executive director of Privacy International , criticized

16764-504: Was on May 16, 2013. According to Gellman, Snowden approached Greenwald after the Post declined to guarantee publication within 72 hours of all 41 PowerPoint slides that Snowden had leaked exposing the PRISM electronic data mining program, and to publish online an encrypted code allowing Snowden to later prove that he was the source. Snowden communicated using encrypted email , and going by

16896-736: Was passed to UK services, particularly to GCHQ 's MyNOC , which used it to target Belgacom and GPRS roaming exchange (GRX) providers like the Comfone , Syniverse , and Starhome. Belgacom, which provides services to the European Commission , the European Parliament and the European Council discovered the attack. In concert with the CIA and FBI , TAO is used to intercept laptops purchased online, divert them to secret warehouses where spyware and hardware

17028-408: Was published weeks later by Der Spiegel . After disclosing the copied documents, Snowden promised that nothing would stop subsequent disclosures. In June 2013, he said, "All I can say right now is the US government is not going to be able to cover this up by jailing or murdering me. Truth is coming, and it cannot be stopped." On May 20, 2013, Snowden flew to Hong Kong, where he was staying when

17160-508: Was saying was true he had to take ones that included very sensitive, detailed blueprints of how the NSA does what they do. Thus, the Snowden documents allegedly contained sensitive NSA blueprints detailing how the NSA operates, which would allow someone who read them to evade or even duplicate NSA surveillance. Further, a 2015 New York Times article reported that the Islamic State group had studied Snowden's revelations about how

17292-438: Was the first journalist to report on Snowden's documents. He said the U.S. government urged him not to specify by name which companies were involved, but Gellman decided that to name them "would make it real to Americans." Reports also revealed details of Tempora , a secret British surveillance program run by the NSA's British partner, GCHQ. The initial reports included details about NSA call database , Boundless Informant , and

17424-496: Was then employed for less than a year in 2005 as a security guard at the University of Maryland 's Center for Advanced Study of Language, a research center sponsored by the National Security Agency (NSA). According to the University, this is not a classified facility, though it is heavily guarded. In June 2014, Snowden told Wired that his job as a security guard required a high-level security clearance , for which he passed

#996003