A presentation on the NSA’s SHARKSEER program which “detects and mitigates web-based malware Zero-Day and Advanced Persistent Threats using COTS technology by leveraging, dynamically producing, and enhancing global threat knowledge to rapidly protect the networks.”
Central Intelligence Agency, Department of Defense, Department of Justice, National Security Agency, Office of the Director of National Intelligence
This manual provides guidance for sanitization of Information Systems (IS) storage devices for disposal or recycling in accordance with NSA/CSS Policy Statement 9-12, “NSA/CSS Storage Device Sanitization.” Information stored on these devices may range from UNCLASSIFIED to TOP SECRET and may include compartmented, sensitive, or limiteddistribution material. Furthermore, this manual provides information on how to obtain current listings of evaluated sanitization equipment that meets NSA/CSS specifications.
Many networks run by public and private organizations have experienced intrusions in recent years, and this cyber exploitation has resulted in an unprecedented transfer of wealth due to lost intellectual property. The threats to our networks and systems exist across numerous components that include end-user-devices, servers, and infrastructure devices. To address threats to routers and other network infrastructure devices, the National Security Agency’s Information Assurance Directorate (IAD) is publishing this IAA to guide U.S. Government systems accreditors’ strategic plan for network hardening.
Adversary actors in cyberspace continue to demonstrate the interest in and ability to execute Distributed Denial of Service (DDoS) attacks against the United States. The need to offer Internet services in support of mission requirements inherently exposes these services to malicious traffic and the potential for DDoS attack. Proactive preparation to ensure network resilience in the event of a DDoS event is essential. Reactive measures are feasible, but are often too slow to respond to the dynamic nature of today’s threat.
This document is intended as the standard U.S. user’s manual for planning and conducting field key generation and OTAD in support of tactical activities. It is targeted primarily at Joint and Intra-Service Operations and Exercises, particularly those involving forces that do not routinely train or operate together. It also has limited application to Combined operations and exercises involving Allied forces that hold OTAR- and OTAT-capable COMSEC equipment
This document provides detailed instructions for the implementation and installation of premise wire infrastructure in support of unclassified and classified networks within NSAW, Build-out Facilities, domestic facilities where NSA controls the plenum, domestic facilities where NSA does not control the plenum and all OCONUS field sites. This document provides instructions for implementations and installations of premise wiring in communications facilities, office spaces and machine rooms by ITD Internal Service Providers (ISP), External Service providers (ESP), field personnel stationed at the respective facilities or authorized NSA agents.
The Department of Defense (DOD) has published the (Final) Environmental Impact Statement (EIS) for the proposed implementation of campus development initiatives and the construction of associated facilities for the National Security Agency (NSA) complex at Fort George G. Meade (Fort Meade), Maryland, dated September, 2010. The National Security Agency/Central Security Service (NSA/CSS) is a cryptologic intelligence agency administered as part of the DOD. It is responsible for the collection and analysis of foreign communications and foreign signals intelligence. For NSA/CSS to continue to lead the Intelligence Community into the next 50 years with state-of-the-art technologies and productivity, its mission elements will require new facilities and infrastructure.
With internet traffic growing exponentially, attacks on government and commercial computers by cyber terrorists and rogue states have escalated. Those wishing harm have espionage programs targeting the data systems used by the United States and allies. Drug traffickers and weapons dealers use the internet with encrypted communications. To counter these activities, the National Security Agency, an agency of the U.S. government, is building a fortified data center deep inside a mountain in Utah. This complex will house the world’s most sophisticated supercomputers dedicated to code breaking and data traffic analysis. Another site will eventually take delivery of the latest Cray supercomputer called Cascade to support the NSA’s need to crack codes faster to protect the nation and its allies.
The NSA has the capability to do individualized searches, similar to Google, for particular electronic communications in real time through such criteria as target addresses, locations, countries and phone numbers, as well as watch-listed names, keywords, and phrases in email. The NSA also has the capability to seize and store most electronic communications passing through its U.S. intercept centers. The wholesale collection of data allows the NSA to identify and analyze Entities or Communities of interest later in a static database. Based on my proximity to the PSP and my years of experience at the NSA, I can draw informed conclusions from the available facts. Those facts indicate that the NSA is doing both.
A letter from the Commander of U.S. Cyber Command Keith Alexander to Senator John McCain describing the role of U.S. Cyber Command and its position on current efforts to pass cybersecurity legislation.
A map and list of possible locations of NSA domestic interception points inside the United States. The list was presented by computer security researcher Jacob Appelbaum at a recent event held at the Whitney Museum in New York along with filmmaker Laura Poitras and ex-NSA employee William Binney. One of the addresses, an AT&T building on Folsom Street in San Francisco, is the location of Room 641A which was the subject of multiple lawsuits regarding warrantless surveillance of U.S. citizens. A recent article in Wired quoted Binney as estimating that there are likely ten to twenty of these locations around the country.
Declassified DoD Inspector General Report on NSA Thinthread and Trailblazer Systems from December 15, 2004.
A social networking site (SNS) is a web-based service that allows communities of people to share common interests and/or experiences. Rather than using direct point-to-point communication to stay in touch (e.g., face-toface, phone, text/video messages), SNSs allow users to publish information that can be read later by other users (a one-to-many form of communication) and follow their friend’s postings and provide comments. SNSs provide innovative methods for interacting with friends through third-part applications, such as simple games (tic-tac-toe, paper-rock-scissors), interactive maps to show places visited across the world, and quiz/trivia games which allow for score comparison with others. Many SNSs also allow users to logon from mobile devices that have web browser access to the Internet, allowing them to check and update their accounts from virtually any location with a Wi-Fi or cellular signal.
Two pamphlets produced by the NSA on “Using Your BlackBerry Securely” and “Security Tips for Personally Managed Apple iPhones and iPads” from March 2011.
National Security Agency “Site M” Expansion Development Plan and Anti-Terrorism Force Protection Assessment from May 31, 2011. The Site M Area Development Plan (ADP) for the National Security Agency/Central Security Service (NSA/CSS) coordinates the development of facilities on Site M at Fort George G. Meade (Ft. Meade), allowing for growth and expansion over time. Site M development is planned to consist of administrative buildings, operation buildings, High Performance Computing Centers (HPCC) and associated support facilities. The objective of the AT/FP component is to develop a plan for protection of the proposed Site M development. This plan is based on the mandatory DoD minimum antiterrorism standards as well the specific requirements of NSA/CSS Ft. Meade. The plan provides overall guidance for development of the site as well as specific design strategies for key AT/FP components. A layered approach to security has been applied to ensure probability of detection with low false and nuisance alarm rates.
FOUO NSA High Assurance Internet Protocol Encryptor (HAIPE) Briefing from December 2010.
FOUO NSA National COMSEC Security Incident Trends 2008-2009 Briefing from December 2010.
The overall objective of the this task was to architect and implement a capability that will enable automated parsing, normalization, extraction, aggregation, filtering and then detection of attack patterns based on log and log like data in near real time depending on local network settings. We call this the Audit Data Extraction Utility (ADEU).
(U) The purpose of this manual is to help an operator quickly configure a new Rel 3.2 TACLANE from the moment the TACLANE has been unpacked. This TACLANE Quick Start Manual covers the TACLANE-GigE and TACLANE-Mini Rel 3.2 products.
(U//FOUO) The purpose of this manual is to explain how to install, operate, and reconfigure the General Dynamics TACLANE 1 -GigE (KG-175A) and TACLANE -Mini (KG-175B) encryptors.
(U//FOUO) The purpose of this manual is to explain how to install, operate, and reconfigure the General Dynamics TACLANE-Micro (KG-175D) encryptor.