Editors Note: (Ralph Turchiano) Requested Repost from the archives (Oct 2013)
EEV: Recently Compromised or exposed Code names, Operations, Software and facilities. The list is in no particular order and is being updated frequently. These are just the discoveries from the past 2 years.
* Details of ALL operations can be found through inputting the codename in the search bar. (Being Updated, will be formatted for easy access in the near future _ The most recently compromised will be at the top (for the first week) after 26 OCT 2013
Compromised Code Names, Operations and Equipment
MUSCULAR – The NSA’s principal tool to exploit the data links is a project called MUSCULAR, operated jointly with the agency’s British counterpart, GCHQ.
Einstein antenna system – Can intercept cell phone signals while simultaneously locating people of interest.
Birdwatcher Program – intercepts microwave and millimeter-wave signals. Some programs, deal primarily with encrypted communications in foreign countries and the search for potential access points. Birdwatcher is controlled directly from SCS headquarters in Maryland.
Quantum – NSA controls a set of servers that sit on the Internet backbone, and these servers are used to redirect targets away from their intended destinations to still other NSA-controlled servers that are responsible for the injection of malware.
FoxAcid – NSA server that selects from a toolkit of exploits in order to gain access to the user’s computer. Presumably this toolkit has both known public exploits that rely on a user’s software being out of date, as well as zero-day exploits which are generally saved for high value targets.
Tailored Access Operations (TAO), the branch of the US National Security Agency (NSA) which deals with cyber-attacks
Opus Dei – International Roman Catholic order, founded in 1928 and championed early by Spanish dictator Francisco Franco, is dedicated to establishing its members in high political, corporate, and religious offices all over the world.
Rossotrudnichestvo exchange program – Alleged exchange program used to recruit Americans to train as Russian spies
Shenguang (“Divine Light”) – China’s laser project for inertial confinement fusion, which aims to use high-powered lasers to produce a sustained nuclear fusion reaction ( lasers designed to damage or destroy US satellites )
Apstar-7 satellite ( APT Satellite Holdings ) – Chinese Satellite the Pentagon leases to oversee communications with its African bases
Operation Socialist – An assault on Belgacom’s “core GRX routers”
“Man in the Middle” or “MiTM” operations “ – highly-sophisticated deception which allows a third party to intervene in an electronic conversation and pretend to be each of the other two parties, obtaining valuable information or spreading disinformation without the targets realizing
US-985D – Text messages France
Unit 61398 – Engages in harmful ‘Computer Network Operations’,” is located in Shanghai’s Pudong district, China’s financial and banking hub, and is staffed by perhaps thousands of people proficient in English as well as computer programming and network operations. Is considered a Chinese State Secret. The unit has stolen “hundreds of terabytes of data from at least 141 organizations across a diverse set of industries beginning as early as 2006.
Apalachee – EU/ UN Tapping
Bumblehive – NSA Storage Facility
Boundless Informant – NSA Data Mining program
CHAMP ( Counter-Electronics High Power Microwave Advanced Missile Project ) Boeings missile with electromagnetic pulse capability
Codeword – Currently Unkown
Swag Security – China’s hack group U.S. Medicaid system / Nuclear Codes ( Ironically also a Bank of America Code Word )
Tailored Access Operations – NSA Special Targets
Flatliquid – Tap Diplomatic Communications
Whitetamale – Mexico e-mails
Lugar Research Center – U.S. Top Secret Biologics lab ( Republic of Georgia )
Special Collection Service – Secret eavesdropping posts in 80 US embassies and consulates around the world.
DishFire – Text message filtering / the intelligence agency collects information on credit card transactions from some 70 banks worldwide.
Sophia – Industrial Control System Computer Networking Fingerprinting Tool ( Powergrid )
Visdom – Competing Industrial Control System Computer Networking Fingerprinting Tool ( Powergrid )
FunVax – Biological pacification of individuals through vaccination
Section 6103 – IRS abuse
IceFog – Advanced Persistent Threats ( China ? )
Tel Shahar – Where the state-of-the-art facility to host the new ballistic-missile defense system ( Arrow 3 ) in Israel – Accidentally disclosed by the Penatgon
Privacy & Civil Liberties Board (PCLOB) – Board set up to oversee domestic spying whose meetings and members are difficult to confirm and may not exist
Spearfishing – Emailed viruses
Hidden Lynx – Chinese Haking Group / Cyber-Mercenaries
Operation Aurora – General mass espionage
NetTraveler – Espionage Programhttps://engineeringevil.com/2013/10/06/the-threat-becomes-less-mysterious-and-more-scary-operation-icefog-apt-spearfishing-hidden-linx-aurora-red-october-darkseoul-shadow-network-sea/
Red October ( Rocra ) – Espionage campaign against military personnel in Eastern Europe, Central Asia, and dozens of other nations (U.S., Australia, Ireland, Switzerland, Belgium, Brazil, Spain, South Africa, Japan, and the UAE.) . Features include an advanced cryptographic spy-module designed to lift data from Acid Cryptofiler, which is known to be used by NATO, the European Union, European Parliament and European Commission since the summer of 2011 to encrypt classified information.
DarkSeoul – Hacker Group (North Korean / China ? )
Shadow Network – Chinese Espionage Group
Team Cymru – Monitor Criminal Activty ( non profit )
Follow the Money – Financial Intelligence division NSA
SWIFT – European Financial Network
GHCQ Cheltenham – Processes Middle East emails, telephone calls and web traffic
XKeyscore – spying program is used to skim regional data from the Visa network
SOD ( Special Operations Division )- Two dozen partner agencies comprise the unit, including the FBI, CIA, NSA, Internal Revenue Service and the Department of Homeland Security.
Total Information Awareness ( TIA ) – Pentagon intelligence gathering
ThinThread – Software correlated data from emails, phone calls, credit card payments and Internet searches and stored and mapped it in ways that could be analysed.
TrailBlazzer – Relaced Thinthread Software to correlated data from emails, phone calls, credit card payments and Internet searches and stored and mapped it in ways that could be analysed.
Going Dark -FBI initiative to extend its ability to wiretap virtually all forms of electronic communications.
International Mobile Subscriber Identity locator ( IMSI ) – These devices allows the government to electronically search large areas for a particular cell phone’s signal—sucking down data on potentially thousands of innocent people along the way.
Stingrays – Another name for International Mobile Subscriber Identity locator
Tripwire or Trapwire – information collection software OR lines in the sand which, if crossed, cover personnel levels, security measures, and in this case, the extreme step of suspending operations.
Voice Grid Nation ( VoiceGrid program ) – is a system that uses advanced algorithms to match identities to voices. Brought to the US by Russia’s Speech Technology Center, it claims to be capable of allowing police, federal agencies and other law enforcement personnel to build up a huge database containing up to several million voices.
Prism ( Discovered prior to Snowden ) – NSA direct access to the servers of nine prominent Internet companies, enabling the spy agency to track e-mails, photographs, and video, among other forms of digital communications .
Bullrun ( Edgehill GHCQ version ) – NSA’s abilities to defeat the encryption used in specific network communication technologies. Bullrun involves multiple sources, all of which are extremely sensitive.” The document reveals that the agency has capabilities against widely used online protocols, such as HTTPS, voice-over-IP and Secure Sockets Layer (SSL), used to protect online shopping and banking.
Cheesy Name – aimed at singling out encryption keys, known as ‘certificates’, that might be vulnerable to being cracked by GCHQ supercomputers.
Humint Operations Team (HOT) Humint, short for “human intelligence – Information gleaned directly from sources or undercover agents.The old fashion way.
Sigint [signals intelligence] enabling – The program “actively engages US and foreign IT industries to covertly influence and/or overtly leverage their commercial products’ designs”
Kimsuky – North Korean Hacking group
GENIE – US computer specialists break into foreign networks so that they can be put under surreptitious US control.
WABASH – Tapping French offices U.N.
Blackfoot – Tapping French offices New York
Tempora – GCHQ’s Tapping transatlantic fibre-optic cables
Sensitive relationship teams – Staff that were urged in one internal guidance paper to disguise the origin of “special source” material in their reports for fear that the role of the companies as intercept partners would cause “high-level political fallout”.
Menwith Hill in North Yorkshire – NSA intercept station
Atlas International Trading – Company in the Pentagon’s Foreign Materiel Acquisition and Exploitation program
Advanced Persistent Threat Groups – Nitro, Aurora, ElderWood, Sykipot, Comment Crew (APT1), NightDragon, FlowerLday, Luckycat, Pitty Panda.
Western Tradition Partnership, or WTP – Compromise U.S. Politicians – Dark Money
Obama.com – Major campaign bundler to the Obama campaign Shanghai based domain owned by Robert Roche with strong commercial ties to the Chinese government. He has made 19 visits to the White House since 2009, including a personal meeting with Obama.
Stuxnet , Duqu , Wiper, Flame – Tilded Platform malware used for cyberespionage and cybersabotage in the Middle East.
WildSage – NSA database. The system “provides a mechanism for cybersecurity centers to share signatures at the SECRET classification level
Port reader software – FBI desire to harvest information on users’ “dialing, routing, addressing, or signaling information associated with a target’s communications”. And, as the FBI stated, this information will only include source, destination IP addresses and port numbers.
Dynamo – Dutch name in COMINT
Richter – German name in COMINT
One-End Foreign (1EF) solution – system, the NSA is able to direct more than half of the internet traffic it intercepts from its collection points into its own repositories
EvilOlive – NSA’s attempt to broaden 1EF Doubling its capacity
ShellTrumpet – NSA’s processor
MoonLightPath – Metadata collection for Special Source Operations
Spinneret – Metadata collection for Special Source Operations
Transient Thurible -GHCQ headquarters that manages XKeyScore (XKS) and Deep Dive metadata collections
Project Riverside – found that rich individuals and private companies had been hiring unscrupulous private detectives to obtain sensitive information on targets for years.
QinetiQ North America (QQ/) – Hi-Tech U.S. defense contractors, which are the favorite target of Cyberpillaging
Acoustic vector sensor – sensor measures the movement of air, disturbed by sound waves, to almost instantly locate where a sound originated. It can then identify the noise and, if required, transmit it live to waiting ears.