National Security Agency – Wikipedia

Not to be confused with NASA. National Security Agency

Seal of the National Security Agency

Flag of the National Security Agency

The National Security Agency (NSA) is an intelligence organization of the United States government, responsible for global monitoring, collection, and processing of information and data for foreign intelligence and counterintelligence purposes, a discipline known as signals intelligence (SIGINT). NSA is concurrently charged with protection of U.S. government communications and information systems against penetration and network warfare.[8][9] Although many of NSA's programs rely on "passive" electronic collection, the agency is authorized to accomplish its mission through active clandestine means,[10] among which are physically bugging electronic systems[11] and allegedly engaging in sabotage through subversive software.[12][13] Moreover, NSA maintains physical presence in a large number of countries across the globe, where its Special Collection Service (SCS) inserts eavesdropping devices in difficult-to-reach places. SCS collection tactics allegedly encompass "close surveillance, burglary, wiretapping, breaking and entering".[14][15]

Unlike the Defense Intelligence Agency (DIA) and the Central Intelligence Agency (CIA), both of which specialize primarily in foreign human espionage, NSA does not unilaterally conduct human-source intelligence gathering, despite often being portrayed so in popular culture. Instead, NSA is entrusted with assistance to and coordination of SIGINT elements at other government organizations, which are prevented by law from engaging in such activities without the approval of the NSA via the Defense Secretary.[16] As part of these streamlining responsibilities, the agency has a co-located organization called the Central Security Service (CSS), which was created to facilitate cooperation between NSA and other U.S. military cryptanalysis components. Additionally, the NSA Director simultaneously serves as the Commander of the United States Cyber Command and as Chief of the Central Security Service.

Originating as a unit to decipher coded communications in World War II, it was officially formed as the NSA by President Harry S. Truman in 1952. Since then, it has become one of the largest U.S. intelligence organizations in terms of personnel and budget,[6][17] operating as part of the Department of Defense and simultaneously reporting to the Director of National Intelligence.

NSA surveillance has been a matter of political controversy on several occasions, such as its spying on anti-Vietnam war leaders or economic espionage. In 2013, the extent of some of the NSA's secret surveillance programs was revealed to the public by Edward Snowden. According to the leaked documents, the NSA intercepts the communications of over a billion people worldwide, many of whom are American citizens, and tracks the movement of hundreds of millions of people using cellphones. Internationally, research has pointed to the NSA's ability to surveil the domestic Internet traffic of foreign countries through "boomerang routing".[18]

The origins of the National Security Agency can be traced back to April 28, 1917, three weeks after the U.S. Congress declared war on Germany in World War I. A code and cipher decryption unit was established as the Cable and Telegraph Section which was also known as the Cipher Bureau. It was headquartered in Washington, D.C. and was part of the war effort under the executive branch without direct Congressional authorization. During the course of the war it was relocated in the army's organizational chart several times. On July 5, 1917, Herbert O. Yardley was assigned to head the unit. At that point, the unit consisted of Yardley and two civilian clerks. It absorbed the navy's cryptoanalysis functions in July 1918. World War I ended on November 11, 1918, and MI-8 moved to New York City on May 20, 1919, where it continued intelligence activities as the Code Compilation Company under the direction of Yardley.[19][20]

MI-8 also operated the so-called "Black Chamber".[22] The Black Chamber was located on East 37th Street in Manhattan. Its purpose was to crack the communications codes of foreign governments. Jointly supported by the State Department and the War Department, the chamber persuaded Western Union, the largest U.S. telegram company, to allow government officials to monitor private communications passing through the company's wires.[23]

Other "Black Chambers" were also found in Europe. They were established by the French and British governments to read the letters of targeted individuals, employing a variety of techniques to surreptitiously open, copy, and reseal correspondence before forwarding it to unsuspecting recipients.[24]

Despite the American Black Chamber's initial successes, it was shut down in 1929 by U.S. Secretary of State Henry L. Stimson, who defended his decision by stating: "Gentlemen do not read each other's mail".[21]

During World War II, the Signal Security Agency (SSA) was created to intercept and decipher the communications of the Axis powers.[25] When the war ended, the SSA was reorganized as the Army Security Agency (ASA), and it was placed under the leadership of the Director of Military Intelligence.[25]

On May 20, 1949, all cryptologic activities were centralized under a national organization called the Armed Forces Security Agency (AFSA).[25] This organization was originally established within the U.S. Department of Defense under the command of the Joint Chiefs of Staff.[26] The AFSA was tasked to direct Department of Defense communications and electronic intelligence activities, except those of U.S. military intelligence units.[26] However, the AFSA was unable to centralize communications intelligence and failed to coordinate with civilian agencies that shared its interests such as the Department of State, Central Intelligence Agency (CIA) and the Federal Bureau of Investigation (FBI).[26] In December 1951, President Harry S. Truman ordered a panel to investigate how AFSA had failed to achieve its goals. The results of the investigation led to improvements and its redesignation as the National Security Agency.[27]

The agency was formally established by Truman in a memorandum of October 24, 1952, that revised National Security Council Intelligence Directive (NSCID) 9.[28] Since President Truman's memo was a classified document,[28] the existence of the NSA was not known to the public at that time. Due to its ultra-secrecy the U.S. intelligence community referred to the NSA as "No Such Agency".[29]

In the 1960s, the NSA played a key role in expanding America's commitment to the Vietnam War by providing evidence of a North Vietnamese attack on the American destroyer USSMaddox during the Gulf of Tonkin incident.[30]

A secret operation, code-named "MINARET", was set up by the NSA to monitor the phone communications of Senators Frank Church and Howard Baker, as well as major civil rights leaders, including Martin Luther King, Jr., and prominent U.S. journalists and athletes who criticized the Vietnam War.[31] However, the project turned out to be controversial, and an internal review by the NSA concluded that its Minaret program was "disreputable if not outright illegal".[31]

In the aftermath of the Watergate scandal, a congressional hearing in 1975 led by Sen. Frank Church[32] revealed that the NSA, in collaboration with Britain's SIGINT intelligence agency Government Communications Headquarters (GCHQ), had routinely intercepted the international communications of prominent anti-Vietnam war leaders such as Jane Fonda and Dr. Benjamin Spock.[33] Following the resignation of President Richard Nixon, there were several investigations of suspected misuse of FBI, CIA and NSA facilities.[34] Senator Frank Church uncovered previously unknown activity,[34] such as a CIA plot (ordered by the administration of President John F. Kennedy) to assassinate Fidel Castro.[35] The investigation also uncovered NSA's wiretaps on targeted American citizens.[36]

After the Church Committee hearings, the Foreign Intelligence Surveillance Act of 1978 was passed into law. This was designed to limit the practice of mass surveillance in the United States.[34]

In 1986, the NSA intercepted the communications of the Libyan government during the immediate aftermath of the Berlin discotheque bombing. The White House asserted that the NSA interception had provided "irrefutable" evidence that Libya was behind the bombing, which U.S. President Ronald Reagan cited as a justification for the 1986 United States bombing of Libya.[37][38]

In 1999, a multi-year investigation by the European Parliament highlighted the NSA's role in economic espionage in a report entitled 'Development of Surveillance Technology and Risk of Abuse of Economic Information'.[39] That year, the NSA founded the NSA Hall of Honor, a memorial at the National Cryptologic Museum in Fort Meade, Maryland.[40] The memorial is a, "tribute to the pioneers and heroes who have made significant and long-lasting contributions to American cryptology".[40] NSA employees must be retired for more than fifteen years to qualify for the memorial.[40]

NSA's infrastructure deteriorated in the 1990s as defense budget cuts resulted in maintenance deferrals. On January 24, 2000, NSA headquarters suffered a total network outage for three days caused by an overloaded network. Incoming traffic was successfully stored on agency servers, but it could not be directed and processed. The agency carried out emergency repairs at a cost of $3 million to get the system running again. (Some incoming traffic was also directed instead to Britain's GCHQ for the time being.) Director Michael Hayden called the outage a "wake-up call" for the need to invest in the agency's infrastructure.[41]

In the aftermath of the September 11 attacks, the NSA created new IT systems to deal with the flood of information from new technologies like the Internet and cellphones. ThinThread contained advanced data mining capabilities. It also had a "privacy mechanism"; surveillance was stored encrypted; decryption required a warrant. The research done under this program may have contributed to the technology used in later systems. ThinThread was cancelled when Michael Hayden chose Trailblazer, which did not include ThinThread's privacy system.[43]

Trailblazer Project ramped up in 2002. SAIC, Boeing, CSC, IBM, and Litton worked on it. Some NSA whistleblowers complained internally about major problems surrounding Trailblazer. This led to investigations by Congress and the NSA and DoD Inspectors General. The project was cancelled in early 2004; it was late, over budget, and didn't do what it was supposed to do. The government then raided the whistleblowers' houses. One of them, Thomas Drake, was charged with violating 18 U.S.C.793(e) in 2010 in an unusual use of espionage law. He and his defenders claim that he was actually being persecuted for challenging the Trailblazer Project. In 2011, all ten original charges against Drake were dropped.[44][45]

Turbulence started in 2005. It was developed in small, inexpensive "test" pieces, rather than one grand plan like Trailblazer. It also included offensive cyber-warfare capabilities, like injecting malware into remote computers. Congress criticized Turbulence in 2007 for having similar bureaucratic problems as Trailblazer.[45] It was to be a realization of information processing at higher speeds in cyberspace.[46]

The massive extent of the NSA's spying, both foreign and domestic, was revealed to the public in a series of detailed disclosures of internal NSA documents beginning in June 2013. Most of the disclosures were leaked by former NSA contractor, Edward Snowden.

It was revealed that the NSA intercepts telephone and Internet communications of over a billion people worldwide, seeking information on terrorism as well as foreign politics, economics[47] and "commercial secrets".[48] In a declassified document it was revealed that 17,835 phone lines were on an improperly permitted "alert list" from 2006 to 2009 in breach of compliance, which tagged these phone lines for daily monitoring.[49][50][51] Eleven percent of these monitored phone lines met the agency's legal standard for "reasonably articulable suspicion" (RAS).[49][52]

A dedicated unit of the NSA locates targets for the CIA for extrajudicial assassination in the Middle East.[53] The NSA has also spied extensively on the European Union, the United Nations and numerous governments including allies and trading partners in Europe, South America and Asia.[54][55]

The NSA tracks the locations of hundreds of millions of cellphones per day, allowing them to map people's movements and relationships in detail.[56] It reportedly has access to all communications made via Google, Microsoft, Facebook, Yahoo, YouTube, AOL, Skype, Apple and Paltalk,[57] and collects hundreds of millions of contact lists from personal email and instant messaging accounts each year.[58] It has also managed to weaken much of the encryption used on the Internet (by collaborating with, coercing or otherwise infiltrating numerous technology companies), so that the majority of Internet privacy is now vulnerable to the NSA and other attackers.[59][60]

Domestically, the NSA collects and stores metadata records of phone calls,[61] including over 120 million US Verizon subscribers,[62] as well as Internet communications,[57] relying on a secret interpretation of the Patriot Act whereby the entirety of US communications may be considered "relevant" to a terrorism investigation if it is expected that even a tiny minority may relate to terrorism.[63] The NSA supplies foreign intercepts to the DEA, IRS and other law enforcement agencies, who use these to initiate criminal investigations. Federal agents are then instructed to "recreate" the investigative trail via parallel construction.[64]

The NSA also spies on influential Muslims to obtain information that could be used to discredit them, such as their use of pornography. The targets, both domestic and abroad, are not suspected of any crime but hold religious or political views deemed "radical" by the NSA.[65]

Although NSAs surveillance activities are controversial, government agencies and private enterprises have common needs, and sometimes cooperate at subtle and complex technical levels. Big data is becoming more advantageous, justifying the cost of required computer hardware, and social media lead the trend. The interests of NSA and Silicon Valley began to converge as advances in computer storage technology drastically reduced the costs of storing enormous amounts of data and at the same time the value of the data for use in consumer marketing began to rise. On the other hand, social media sites are growing as voluntary data mining operations on a scale that rivals or exceeds anything the government could attempt on its own.[66]

According to a report in The Washington Post in July 2014, relying on information provided by Snowden, 90% of those placed under surveillance in the U.S. are ordinary Americans, and are not the intended targets. The newspaper said it had examined documents including emails, text messages, and online accounts that support the claim.[67]

Despite President Obama's claims that these programs have congressional oversight, members of Congress were unaware of the existence of these NSA programs or the secret interpretation of the Patriot Act, and have consistently been denied access to basic information about them.[68] Obama has also claimed that there are legal checks in place to prevent inappropriate access of data and that there have been no examples of abuse;[69] however, the secret FISC court charged with regulating the NSA's activities is, according to its chief judge, incapable of investigating or verifying how often the NSA breaks even its own secret rules.[70] It has since been reported that the NSA violated its own rules on data access thousands of times a year, many of these violations involving large-scale data interceptions;[71] and that NSA officers have even used data intercepts to spy on love interests.[72] The NSA has "generally disregarded the special rules for disseminating United States person information" by illegally sharing its intercepts with other law enforcement agencies.[73] A March 2009 opinion of the FISC court, released by court order, states that protocols restricting data queries had been "so frequently and systemically violated that it can be fairly said that this critical element of the overall ... regime has never functioned effectively."[74][75] In 2011 the same court noted that the "volume and nature" of the NSA's bulk foreign Internet intercepts was "fundamentally different from what the court had been led to believe".[73] Email contact lists (including those of US citizens) are collected at numerous foreign locations to work around the illegality of doing so on US soil.[58]

Legal opinions on the NSA's bulk collection program have differed. In mid-December 2013, U.S. District Court Judge Richard Leon ruled that the "almost-Orwellian" program likely violates the Constitution, and wrote, "I cannot imagine a more 'indiscriminate' and 'arbitrary invasion' than this systematic and high-tech collection and retention of personal data on virtually every single citizen for purposes of querying and analyzing it without prior judicial approval. Surely, such a program infringes on 'that degree of privacy' that the Founders enshrined in the Fourth Amendment. Indeed, I have little doubt that the author of our Constitution, James Madison, who cautioned us to beware 'the abridgement of freedom of the people by gradual and silent encroachments by those in power,' would be aghast."[76]

Later that month, U.S. District Judge William Pauley ruled that the NSA's collection of telephone records is legal and valuable in the fight against terrorism. In his opinion, he wrote, "a bulk telephony metadata collection program [is] a wide net that could find and isolate gossamer contacts among suspected terrorists in an ocean of seemingly disconnected data" and noted that a similar collection of data prior to 9/11 might have prevented the attack.[77]

An October 2014 United Nations report condemned mass surveillance by the United States and other countries as violating multiple international treaties and conventions that guarantee core privacy rights.[78]

On March 20, 2013 the Director of National Intelligence, Lieutenant General James Clapper, testified before Congress that the NSA does not wittingly collect any kind of data on millions or hundreds of millions of Americans, but he retracted this in June after details of the PRISM program were published, and stated instead that meta-data of phone and Internet traffic are collected, but no actual message contents.[79] This was corroborated by the NSA Director, General Keith Alexander, before it was revealed that the XKeyscore program collects the contents of millions of emails from US citizens without warrant, as well as "nearly everything a user does on the Internet". Alexander later admitted that "content" is collected, but stated that it is simply stored and never analyzed or searched unless there is "a nexus to al-Qaida or other terrorist groups".[69]

Regarding the necessity of these NSA programs, Alexander stated on June 27 that the NSA's bulk phone and Internet intercepts had been instrumental in preventing 54 terrorist "events", including 13 in the US, and in all but one of these cases had provided the initial tip to "unravel the threat stream".[80] On July 31 NSA Deputy Director John Inglis conceded to the Senate that these intercepts had not been vital in stopping any terrorist attacks, but were "close" to vital in identifying and convicting four San Diego men for sending US$8,930 to Al-Shabaab, a militia that conducts terrorism in Somalia.[81][82][83]

The U.S. government has aggressively sought to dismiss and challenge Fourth Amendment cases raised against it, and has granted retroactive immunity to ISPs and telecoms participating in domestic surveillance.[84][85] The U.S. military has acknowledged blocking access to parts of The Guardian website for thousands of defense personnel across the country,[86][87] and blocking the entire Guardian website for personnel stationed throughout Afghanistan, the Middle East, and South Asia.[88]

The NSA is led by the Director of the National Security Agency (DIRNSA), who also serves as Chief of the Central Security Service (CHCSS) and Commander of the United States Cyber Command (USCYBERCOM) and is the highest-ranking military official of these organizations. He is assisted by a Deputy Director, who is the highest-ranking civilian within the NSA/CSS.

NSA also has an Inspector General, head of the Office of the Inspector General (OIG), a General Counsel, head of the Office of the General Counsel (OGC) and a Director of Compliance, who is head of the Office of the Director of Compliance (ODOC).[89]

Unlike other intelligence organizations such as CIA or DIA, NSA has always been particularly reticent concerning its internal organizational structure.

As of the mid-1990s, the National Security Agency was organized into five Directorates:

Each of these directorates consisted of several groups or elements, designated by a letter. There were for example the A Group, which was responsible for all SIGINT operations against the Soviet Union and Eastern Europe, and G Group, which was responsible for SIGINT related to all non-communist countries. These groups were divided in units designated by an additional number, like unit A5 for breaking Soviet codes, and G6, being the office for the Middle East, North Africa, Cuba, Central and South America.[91][92]

As of 2013[update], NSA has about a dozen directorates, which are designated by a letter, although not all of them are publicly known. The directorates are divided in divisions and units starting with the letter of the parent directorate, followed by a number for the division, the sub-unit or a sub-sub-unit.

The main elements of the organizational structure of the NSA are:[93]

In the year 2000, a leadership team was formed, consisting of the Director, the Deputy Director and the Directors of the Signals Intelligence (SID), the Information Assurance (IAD) and the Technical Directorate (TD). The chiefs of other main NSA divisions became associate directors of the senior leadership team.[101]

After president George W. Bush initiated the President's Surveillance Program (PSP) in 2001, the NSA created a 24-hour Metadata Analysis Center (MAC), followed in 2004 by the Advanced Analysis Division (AAD), with the mission of analyzing content, Internet metadata and telephone metadata. Both units were part of the Signals Intelligence Directorate.[102]

A 2016 proposal would combine the Signals Intelligence Directorate with the Information Assurance Directorate into a Directorate of Operations.[103]

The NSA maintains at least two watch centers:

The number of NSA employees is officially classified[4] but there are several sources providing estimates. In 1961, NSA had 59,000 military and civilian employees, which grew to 93,067 in 1969, of which 19,300 worked at the headquarters at Fort Meade. In the early 1980s NSA had roughly 50,000 military and civilian personnel. By 1989 this number had grown again to 75,000, of which 25,000 worked at the NSA headquarters. Between 1990 and 1995 the NSA's budget and workforce were cut by one third, which led to a substantial loss of experience.[106]

In 2012, the NSA said more than 30,000 employees worked at Fort Meade and other facilities.[2] In 2012, John C. Inglis, the deputy director, said that the total number of NSA employees is "somewhere between 37,000 and one billion" as a joke,[4] and stated that the agency is "probably the biggest employer of introverts."[4] In 2013 Der Spiegel stated that the NSA had 40,000 employees.[5] More widely, it has been described as the world's largest single employer of mathematicians.[107] Some NSA employees form part of the workforce of the National Reconnaissance Office (NRO), the agency that provides the NSA with satellite signals intelligence.

As of 2013 about 1,000 system administrators work for the NSA.[108]

The NSA received criticism early on in 1960 after two agents had defected to the Soviet Union. Investigations by the House Un-American Activities Committee and a special subcommittee of the United States House Committee on Armed Services revealed severe cases of ignorance in personnel security regulations, prompting the former personnel director and the director of security to step down and leading to the adoption of stricter security practices.[109] Nonetheless, security breaches reoccurred only a year later when in an issue of Izvestia of July 23, 1963, a former NSA employee published several cryptologic secrets.

The very same day, an NSA clerk-messenger committed suicide as ongoing investigations disclosed that he had sold secret information to the Soviets on a regular basis. The reluctance of Congressional houses to look into these affairs had prompted a journalist to write, "If a similar series of tragic blunders occurred in any ordinary agency of Government an aroused public would insist that those responsible be officially censured, demoted, or fired." David Kahn criticized the NSA's tactics of concealing its doings as smug and the Congress' blind faith in the agency's right-doing as shortsighted, and pointed out the necessity of surveillance by the Congress to prevent abuse of power.[109]

Edward Snowden's leaking of the existence of PRISM in 2013 caused the NSA to institute a "two-man rule", where two system administrators are required to be present when one accesses certain sensitive information.[108] Snowden claims he suggested such a rule in 2009.[110]

The NSA conducts polygraph tests of employees. For new employees, the tests are meant to discover enemy spies who are applying to the NSA and to uncover any information that could make an applicant pliant to coercion.[111] As part of the latter, historically EPQs or "embarrassing personal questions" about sexual behavior had been included in the NSA polygraph.[111] The NSA also conducts five-year periodic reinvestigation polygraphs of employees, focusing on counterintelligence programs. In addition the NSA conducts periodic polygraph investigations in order to find spies and leakers; those who refuse to take them may receive "termination of employment", according to a 1982 memorandum from the director of the NSA.[112]

There are also "special access examination" polygraphs for employees who wish to work in highly sensitive areas, and those polygraphs cover counterintelligence questions and some questions about behavior.[112] NSA's brochure states that the average test length is between two and four hours.[113] A 1983 report of the Office of Technology Assessment stated that "It appears that the NSA [National Security Agency] (and possibly CIA) use the polygraph not to determine deception or truthfulness per se, but as a technique of interrogation to encourage admissions."[114] Sometimes applicants in the polygraph process confess to committing felonies such as murder, rape, and selling of illegal drugs. Between 1974 and 1979, of the 20,511 job applicants who took polygraph tests, 695 (3.4%) confessed to previous felony crimes; almost all of those crimes had been undetected.[111]

In 2010 the NSA produced a video explaining its polygraph process.[115] The video, ten minutes long, is titled "The Truth About the Polygraph" and was posted to the Web site of the Defense Security Service. Jeff Stein of The Washington Post said that the video portrays "various applicants, or actors playing them it's not clear describing everything bad they had heard about the test, the implication being that none of it is true."[116] AntiPolygraph.org argues that the NSA-produced video omits some information about the polygraph process; it produced a video responding to the NSA video.[115] George Maschke, the founder of the Web site, accused the NSA polygraph video of being "Orwellian".[116]

After Edward Snowden revealed his identity in 2013, the NSA began requiring polygraphing of employees once per quarter.[117]

The number of exemptions from legal requirements has been criticized. When in 1964 the Congress was hearing a bill giving the director of the NSA the power to fire at will any employee,The Washington Post wrote: "This is the very definition of arbitrariness. It means that an employee could be discharged and disgraced on the basis of anonymous allegations without the slightest opportunity to defend himself." Yet, the bill was accepted by an overwhelming majority.[109]

The heraldic insignia of NSA consists of an eagle inside a circle, grasping a key in its talons.[118] The eagle represents the agency's national mission.[118] Its breast features a shield with bands of red and white, taken from the Great Seal of the United States and representing Congress.[118] The key is taken from the emblem of Saint Peter and represents security.[118]

When the NSA was created, the agency had no emblem and used that of the Department of Defense.[119] The agency adopted its first of two emblems in 1963.[119] The current NSA insignia has been in use since 1965, when then-Director, LTG Marshall S. Carter (USA) ordered the creation of a device to represent the agency.[120]

The NSA's flag consists of the agency's seal on a light blue background.

Crews associated with NSA missions have been involved in a number of dangerous and deadly situations.[121] The USS Liberty incident in 1967 and USS Pueblo incident in 1968 are examples of the losses endured during the Cold War.[121]

The National Security Agency/Central Security Service Cryptologic Memorial honors and remembers the fallen personnel, both military and civilian, of these intelligence missions.[122] It is made of black granite, and has 171 names carved into it, as of 2013[update] .[122] It is located at NSA headquarters. A tradition of declassifying the stories of the fallen was begun in 2001.[122]

NSANet stands for National Security Agency Network and is the official NSA intranet.[123] It is a classified network,[124] for information up to the level of TS/SCI[125] to support the use and sharing of intelligence data between NSA and the signals intelligence agencies of the four other nations of the Five Eyes partnership. The management of NSANet has been delegated to the Central Security Service Texas (CSSTEXAS).[126]

NSANet is a highly secured computer network consisting of fiber-optic and satellite communication channels which are almost completely separated from the public Internet. The network allows NSA personnel and civilian and military intelligence analysts anywhere in the world to have access to the agency's systems and databases. This access is tightly controlled and monitored. For example, every keystroke is logged, activities are audited at random and downloading and printing of documents from NSANet are recorded.[127]

In 1998, NSANet, along with NIPRNET and SIPRNET, had "significant problems with poor search capabilities, unorganized data and old information".[128] In 2004, the network was reported to have used over twenty commercial off-the-shelf operating systems.[129] Some universities that do highly sensitive research are allowed to connect to it.[130]

The thousands of Top Secret internal NSA documents that were taken by Edward Snowden in 2013 were stored in "a file-sharing location on the NSA's intranet site" so they could easily be read online by NSA personnel. Everyone with a TS/SCI-clearance had access to these documents and as a system administrator, Snowden was responsible for moving accidentally misplaced highly sensitive documents to more secure storage locations.[131]

The DoD Computer Security Center was founded in 1981 and renamed the National Computer Security Center (NCSC) in 1985. NCSC was responsible for computer security throughout the federal government.[132] NCSC was part of NSA,[133] and during the late 1980s and the 1990s, NSA and NCSC published Trusted Computer System Evaluation Criteria in a six-foot high Rainbow Series of books that detailed trusted computing and network platform specifications.[134] The Rainbow books were replaced by the Common Criteria, however, in the early 2000s.[134]

On July 18, 2013, Greenwald said that Snowden held "detailed blueprints of how the NSA does what they do", thereby sparking fresh controversy.[135]

Headquarters for the National Security Agency is located at 39632N 764617W / 39.10889N 76.77139W / 39.10889; -76.77139 in Fort George G. Meade, Maryland, although it is separate from other compounds and agencies that are based within this same military installation. Ft. Meade is about 20mi (32km) southwest of Baltimore,[136] and 25mi (40km) northeast of Washington, DC.[137] The NSA has its own exit off Maryland Route 295 South labeled "NSA Employees Only".[138][139] The exit may only be used by people with the proper clearances, and security vehicles parked along the road guard the entrance.[140]

NSA is the largest employer in the U.S. state of Maryland, and two-thirds of its personnel work at Ft. Meade.[141] Built on 350 acres (140ha; 0.55sqmi)[142] of Ft. Meade's 5,000 acres (2,000ha; 7.8sqmi),[143] the site has 1,300 buildings and an estimated 18,000 parking spaces.[137][144]

The main NSA headquarters and operations building is what James Bamford, author of Body of Secrets, describes as "a modern boxy structure" that appears similar to "any stylish office building."[145] The building is covered with one-way dark glass, which is lined with copper shielding in order to prevent espionage by trapping in signals and sounds.[145] It contains 3,000,000 square feet (280,000m2), or more than 68 acres (28ha), of floor space; Bamford said that the U.S. Capitol "could easily fit inside it four times over."[145]

The facility has over 100 watchposts,[146] one of them being the visitor control center, a two-story area that serves as the entrance.[145] At the entrance, a white pentagonal structure,[147] visitor badges are issued to visitors and security clearances of employees are checked.[148] The visitor center includes a painting of the NSA seal.[147]

The OPS2A building, the tallest building in the NSA complex and the location of much of the agency's operations directorate, is accessible from the visitor center. Bamford described it as a "dark glass Rubik's Cube".[149] The facility's "red corridor" houses non-security operations such as concessions and the drug store. The name refers to the "red badge" which is worn by someone without a security clearance. The NSA headquarters includes a cafeteria, a credit union, ticket counters for airlines and entertainment, a barbershop, and a bank.[147] NSA headquarters has its own post office, fire department, and police force.[150][151][152]

The employees at the NSA headquarters reside in various places in the Baltimore-Washington area, including Annapolis, Baltimore, and Columbia in Maryland and the District of Columbia, including the Georgetown community.[153]

Following a major power outage in 2000, in 2003 and in follow-ups through 2007, The Baltimore Sun reported that the NSA was at risk of electrical overload because of insufficient internal electrical infrastructure at Fort Meade to support the amount of equipment being installed. This problem was apparently recognized in the 1990s but not made a priority, and "now the agency's ability to keep its operations going is threatened."[154]

Baltimore Gas & Electric (BGE, now Constellation Energy) provided NSA with 65 to 75 megawatts at Ft. Meade in 2007, and expected that an increase of 10 to 15 megawatts would be needed later that year.[155] In 2011, NSA at Ft. Meade was Maryland's largest consumer of power.[141] In 2007, as BGE's largest customer, NSA bought as much electricity as Annapolis, the capital city of Maryland.[154]

One estimate put the potential for power consumption by the new Utah Data Center at US$40million per year.[156]

When the agency was established, its headquarters and cryptographic center were in the Naval Security Station in Washington, D.C. The COMINT functions were located in Arlington Hall in Northern Virginia, which served as the headquarters of the U.S. Army's cryptographic operations.[157] Because the Soviet Union had detonated a nuclear bomb and because the facilities were crowded, the federal government wanted to move several agencies, including the AFSA/NSA. A planning committee considered Fort Knox, but Fort Meade, Maryland, was ultimately chosen as NSA headquarters because it was far enough away from Washington, D.C. in case of a nuclear strike and was close enough so its employees would not have to move their families.[158]

Construction of additional buildings began after the agency occupied buildings at Ft. Meade in the late 1950s, which they soon outgrew.[158] In 1963 the new headquarters building, nine stories tall, opened. NSA workers referred to the building as the "Headquarters Building" and since the NSA management occupied the top floor, workers used "Ninth Floor" to refer to their leaders.[159] COMSEC remained in Washington, D.C., until its new building was completed in 1968.[158] In September 1986, the Operations 2A and 2B buildings, both copper-shielded to prevent eavesdropping, opened with a dedication by President Ronald Reagan.[160] The four NSA buildings became known as the "Big Four."[160] The NSA director moved to 2B when it opened.[160]

On March 30, 2015, shortly before 9am, a stolen sports utility vehicle approached an NSA police vehicle blocking the road near the gate of Fort Meade, after it was told to leave the area. NSA officers fired on the SUV, killing the 27-year-old driver, Ricky Hall (a transgender person also known as Mya), and seriously injuring his 20-year-old male passenger. An NSA officer's arm was injured when Hall subsequently crashed into his vehicle.[161][162]

The two, dressed in women's clothing after a night of partying at a motel with the man they'd stolen the SUV from that morning, "attempted to drive a vehicle into the National Security Agency portion of the installation without authorization", according to an NSA statement.[163] FBI spokeswoman Amy Thoreson said the incident is not believed to be related to terrorism.[164] In June 2015 the FBI closed its investigation into the incident and federal prosecutors have declined to bring charges against anyone involved.[165]

An anonymous police official told The Washington Post, "This was not a deliberate attempt to breach the security of NSA. This was not a planned attack." The two are believed to have made a wrong turn off the highway, while fleeing from the motel after stealing the vehicle. A small amount of cocaine was found in the SUV. A local CBS reporter initially said a gun was found,[166] but her later revision does not.[167] Dozens of journalists were corralled into a parking lot blocks away from the scene, and were barred from photographing the area.[168]

In 1995, The Baltimore Sun reported that the NSA is the owner of the single largest group of supercomputers.[169]

NSA held a groundbreaking ceremony at Ft. Meade in May 2013 for its High Performance Computing Center 2, expected to open in 2016.[170] Called Site M, the center has a 150 megawatt power substation, 14 administrative buildings and 10 parking garages.[150] It cost $3.2billion and covers 227 acres (92ha; 0.355sqmi).[150] The center is 1,800,000 square feet (17ha; 0.065sqmi)[150] and initially uses 60 megawatts of electricity.[171]

Increments II and III are expected to be completed by 2030, and would quadruple the space, covering 5,800,000 square feet (54ha; 0.21sqmi) with 60 buildings and 40 parking garages.[150]Defense contractors are also establishing or expanding cybersecurity facilities near the NSA and around the Washington metropolitan area.[150]

As of 2012, NSA collected intelligence from four geostationary satellites.[156] Satellite receivers were at Roaring Creek Station in Catawissa, Pennsylvania and Salt Creek Station in Arbuckle, California.[156] It operated ten to twenty taps on U.S. telecom switches. NSA had installations in several U.S. states and from them observed intercepts from Europe, the Middle East, North Africa, Latin America, and Asia.[156]

NSA had facilities at Friendship Annex (FANX) in Linthicum, Maryland, which is a 20 to 25-minute drive from Ft. Meade;[172] the Aerospace Data Facility at Buckley Air Force Base in Aurora outside Denver, Colorado; NSA Texas in the Texas Cryptology Center at Lackland Air Force Base in San Antonio, Texas; NSA Georgia at Fort Gordon in Augusta, Georgia; NSA Hawaii in Honolulu; the Multiprogram Research Facility in Oak Ridge, Tennessee, and elsewhere.[153][156]

On January 6, 2011 a groundbreaking ceremony was held to begin construction on NSA's first Comprehensive National Cyber-security Initiative (CNCI) Data Center, known as the "Utah Data Center" for short. The $1.5B data center is being built at Camp Williams, Utah, located 25 miles (40km) south of Salt Lake City, and will help support the agency's National Cyber-security Initiative.[173] It is expected to be operational by September 2013.[156]

In 2009, to protect its assets and to access more electricity, NSA sought to decentralize and expand its existing facilities in Ft. Meade and Menwith Hill,[174] the latter expansion expected to be completed by 2015.[175]

The Yakima Herald-Republic cited Bamford, saying that many of NSA's bases for its Echelon program were a legacy system, using outdated, 1990s technology.[176] In 2004, NSA closed its operations at Bad Aibling Station (Field Station 81) in Bad Aibling, Germany.[177] In 2012, NSA began to move some of its operations at Yakima Research Station, Yakima Training Center, in Washington state to Colorado, planning to leave Yakima closed.[178] As of 2013, NSA also intended to close operations at Sugar Grove, West Virginia.[176]

Following the signing in 19461956[179] of the UKUSA Agreement between the United States, United Kingdom, Canada, Australia and New Zealand, who then cooperated on signals intelligence and ECHELON,[180] NSA stations were built at GCHQ Bude in Morwenstow, United Kingdom; Geraldton, Pine Gap and Shoal Bay, Australia; Leitrim and Ottawa, Canada; Misawa, Japan; and Waihopai and Tangimoana,[181] New Zealand.[182]

NSA operates RAF Menwith Hill in North Yorkshire, United Kingdom, which was, according to BBC News in 2007, the largest electronic monitoring station in the world.[183] Planned in 1954, and opened in 1960, the base covered 562 acres (227ha; 0.878sqmi) in 1999.[184]

The agency's European Cryptologic Center (ECC), with 240 employees in 2011, is headquartered at a US military compound in Griesheim, near Frankfurt in Germany. A 2011 NSA report indicates that the ECC is responsible for the "largest analysis and productivity in Europe" and focusses on various priorities, including Africa, Europe, the Middle East and counterterrorism operations.[185]

In 2013, a new Consolidated Intelligence Center, also to be used by NSA, is being built at the headquarters of the United States Army Europe in Wiesbaden, Germany.[186] NSA's partnership with Bundesnachrichtendienst (BND), the German foreign intelligence service, was confirmed by BND president Gerhard Schindler.[186]

Thailand is a "3rd party partner" of the NSA along with nine other nations.[187] These are non-English-speaking countries that have made security agreements for the exchange of SIGINT raw material and end product reports.

Thailand is the site of at least two US SIGINT collection stations. One is at the US Embassy in Bangkok, a joint NSA-CIA Special Collection Service (SCS) unit. It presumably eavesdrops on foreign embassies, governmental communications, and other targets of opportunity.[188]

Read the original post:
National Security Agency - Wikipedia