Documents
SIGDEV: Is It Time for a ‘Target Reboot’?
Nov. 18, 2015
DYNAIVIIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION
IS
TOP SECRET ff SI TK ff REL TD USA AUS CAN GBR NZL
Welcome! Saturday, 10 Nov 2012
Web searoh
Agency-all Emails
S]D-all Emails
NSA Rolodex
SCOAWK: The
Mailbag
S?ltoday Blog
S?jtoday Series
SIG1NT Worldwide VTC
S]Dtoday Artiole
Letter to the Editor
Sooial Media
DYNAIVIIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION
IS
TOP SECRET ff SI TK ff REL TD USA AUS CAN GBR NZL
Welcome! Saturday, 10 Nov 2012
Web searoh
Agency-all Emails
S]D-all Emails
NSA Rolodex
SCOAWK: The
Mailbag
S?ltoday Blog
S?jtoday Series
SIG1NT Worldwide VTC
S]Dtoday Artiole
Letter to the Editor
Sooial Media
(U) SIGDEV: Is It Time for a 'Target Reboot'?
FROM: (UHFOUO)
Transnational Strategic Partnerships SIGDEV Branch
Run Date: O3f23f2011
Introduction: This is the story of how a "target reboot" taking a fresh
look at opportunities for collection} by a SIGDEV branch up providing the
target of?ce with new collection and breathed new life into a stagnant situation.
(TSHSIHREL) A year-end review of our SIGDEV-supported targets in late 2010 showed telltale signs that
things were getting stagnant on the Venezuelan Energy target set. Most reporting was coming from
warranted collection, and what little was coming from other collectors was pretty sparse. Rather than think
my way out of this box, I opted to do a "reboot" of the whole target. Turns out, I couldn't have made a better
choice.
(SHSIHREL) Background: Venezuela has some of the largest oil and natural gas reserves in the
world and consistently ranks among the top ten crude oil producers. Its economy is dominated by
the petroleum sector, which accounts for roughly one third of GDP, 80% of exports, and more
than half of all government revenues. In the ?rst half of the twentieth century, US oil companies
were heavily involved in Venezuela, but in 1973, Venezuela voted to nationalize its oil industry
outright, and effective 1 January 1976, Petroleos de Venezuela took over as the
primary oil producer in Venezuela. To understand is to understand the economic heart of
Venezuela.
(TSHSUKREL) I started out by reviewing the Information Needs (Es) and SURREY requirements to make
sure that everything matched and was up to date, and then I met with the target office (TDPIJ to re-assure
myself that we were both on the same page in regards to our goals.
(SIESIHREL) The TOPI analyst stated that he didn't have time to invest an extensive target development
effort, so anything that came to him had to be useable "out of the box." Plainly speaking, he wanted
information at the highest possible levels of the corporation -- namely, the president and members of the
Board of Directors. He wanted as much of it as possible to be in the form ofm data, to reduce the need to
transcribe and piece together conversations.
(TSHSIHREL) Ibegan my "reboot" by visiting the website, where I clicked on "Leadership" and
wrote down the names of the principals who would become my target list:
(U) SIGDEV: Is It Time for a 'Target Reboot'?
FROM: (UHFOUO)
Transnational Strategic Partnerships SIGDEV Branch
Run Date: O3f23f2011
Introduction: This is the story of how a "target reboot" taking a fresh
look at opportunities for collection} by a SIGDEV branch up providing the
target of?ce with new collection and breathed new life into a stagnant situation.
(TSHSIHREL) A year-end review of our SIGDEV-supported targets in late 2010 showed telltale signs that
things were getting stagnant on the Venezuelan Energy target set. Most reporting was coming from
warranted collection, and what little was coming from other collectors was pretty sparse. Rather than think
my way out of this box, I opted to do a "reboot" of the whole target. Turns out, I couldn't have made a better
choice.
(SHSIHREL) Background: Venezuela has some of the largest oil and natural gas reserves in the
world and consistently ranks among the top ten crude oil producers. Its economy is dominated by
the petroleum sector, which accounts for roughly one third of GDP, 80% of exports, and more
than half of all government revenues. In the ?rst half of the twentieth century, US oil companies
were heavily involved in Venezuela, but in 1973, Venezuela voted to nationalize its oil industry
outright, and effective 1 January 1976, Petroleos de Venezuela took over as the
primary oil producer in Venezuela. To understand is to understand the economic heart of
Venezuela.
(TSHSUKREL) I started out by reviewing the Information Needs (Es) and SURREY requirements to make
sure that everything matched and was up to date, and then I met with the target office (TDPIJ to re-assure
myself that we were both on the same page in regards to our goals.
(SIESIHREL) The TOPI analyst stated that he didn't have time to invest an extensive target development
effort, so anything that came to him had to be useable "out of the box." Plainly speaking, he wanted
information at the highest possible levels of the corporation -- namely, the president and members of the
Board of Directors. He wanted as much of it as possible to be in the form ofm data, to reduce the need to
transcribe and piece together conversations.
(TSHSIHREL) Ibegan my "reboot" by visiting the website, where I clicked on "Leadership" and
wrote down the names of the principals who would become my target list:
Determined te fellew the "deeument as yen ge'I medel this time areund, Ifned up Analyst's
Netebeek, epened a blank deeument, and dumped the names inte it. New fer seme My step
was PINWALE, where I ran a few queries with mixed iesults. I had a let ef tiaffie "ee-ing" mest ef my
taiget set, but y'er little infe frem the aetual eemmunieants. I did seme (aenially alieady knewn)
email addiesses, whieh I enteied inte Analyst Netebeek and beuneed against CADENCE and te see if
they weie tasked. Sinee my TOPI didn't have time te de deyelepment, my plan was te deeument eyeiything
and take it te him like dessert en a tray, and let him eheese whatever he wanted.
One thing that kept pepping up in PWALE was a type ef entry whieh ean best be likened
te a entry here at NSA. A little pre-ferma that, upen analysis, shewed that it was
hitting en the names ef the taiget set as streng seleeteis. What's mete, I diseeyered that while seme ef them
weie entiies" fer the peisennel en my set, ethers shewed these same peisennel names as
the supeiyiseis ef ether empleyees. "Ceel!" I theught, and began entering them inte my
netebeek file. A few HUNDRED empleyees later, I had apietty substantial deeument.
I theught this weuld be a geed plaee te step data eelleetien fer a while and feeus en data
analysis.
Heie's a entiy shewing the President ef Rafael Ramiiez
(pietured meeting with Iran-inn PresidentAitmediaejed in 2009):
Nembre RAMIREZ RAFAEL DARIO
(Sedige Uniee RAM1REZRGE
Ceriee PDVSA
Ceriee Peisenal RRAMREZWEMEDVVE
Ceneeide Ceme INFORMACION
Tipe de Empleade EFECTIVU PERMANENTE
Empiesa INTEVEP S.A.
Geieneia INN
INDUSTRLALIZACEIN
Superviser RAMIREZ RAFAEL DARID
Leealidad CARACAS
Edifieie LA CAMP INA TORRE ESTE
Terie TDRRE DESTE
Pise PH
Ofteina PH
Tlfne. Interne
Tlfne. Interne
Telefene Exteme
Fax Interne
Determined te fellew the "deeument as yen ge'I medel this time areund, Ifned up Analyst's
Netebeek, epened a blank deeument, and dumped the names inte it. New fer seme My step
was PINWALE, where I ran a few queries with mixed iesults. I had a let ef tiaffie "ee-ing" mest ef my
taiget set, but y'er little infe frem the aetual eemmunieants. I did seme (aenially alieady knewn)
email addiesses, whieh I enteied inte Analyst Netebeek and beuneed against CADENCE and te see if
they weie tasked. Sinee my TOPI didn't have time te de deyelepment, my plan was te deeument eyeiything
and take it te him like dessert en a tray, and let him eheese whatever he wanted.
One thing that kept pepping up in PWALE was a type ef entry whieh ean best be likened
te a entry here at NSA. A little pre-ferma that, upen analysis, shewed that it was
hitting en the names ef the taiget set as streng seleeteis. What's mete, I diseeyered that while seme ef them
weie entiies" fer the peisennel en my set, ethers shewed these same peisennel names as
the supeiyiseis ef ether empleyees. "Ceel!" I theught, and began entering them inte my
netebeek file. A few HUNDRED empleyees later, I had apietty substantial deeument.
I theught this weuld be a geed plaee te step data eelleetien fer a while and feeus en data
analysis.
Heie's a entiy shewing the President ef Rafael Ramiiez
(pietured meeting with Iran-inn PresidentAitmediaejed in 2009):
Nembre RAMIREZ RAFAEL DARIO
(Sedige Uniee RAM1REZRGE
Ceriee PDVSA
Ceriee Peisenal RRAMREZWEMEDVVE
Ceneeide Ceme INFORMACION
Tipe de Empleade EFECTIVU PERMANENTE
Empiesa INTEVEP S.A.
Geieneia INN
INDUSTRLALIZACEIN
Superviser RAMIREZ RAFAEL DARID
Leealidad CARACAS
Edifieie LA CAMP INA TORRE ESTE
Terie TDRRE DESTE
Pise PH
Ofteina PH
Tlfne. Interne
Tlfne. Interne
Telefene Exteme
Fax Interne
Fax Externe SIN
Busea Persena SIN
Clave Busea Persena INFORMACICJN
Celular SIN INFORMACICJN
Tlfne. Habitaeien SIN MORMACION
Otre Telefene WFORMACION
hem is ene shewing Ramirez as the superiser ef ene ef the beard members, Luis
Nembre PEREZ LUIS FELIPE
cedige I?Iniee VIERMAL
Ceriee PDVSA
Cerree Persenal
Ceneeide Ceme SIN INFURMACION
Tipe de Empleade JUBILADU
Empiesa HOLDING PDVSA
Geieneia
Superviser RAMIREZ RAFAEL DARIO
Leealidad CARACAS
Edi?eie LA CAMP TORRE ESTE
Terre TDRRE ESTE
Pise PH
D?eina PH
Tlfne. Interne
Tlfne. Interne
Telefene Exteme
Fax Interne
Fax Exteme
Busea Persena SIN
Clave Busea Persena INFURMACICJN
Celular
Tlfne. Habitaeien
Otre Telefene WFORMACION
New, even my eld eyes eeuld see that these things were a geldmine ef valid seleeters, te
inelude werk, heme, and eell phenes, email addiesses, I had se much data that I was even able te
make a chart with whieh I eeuld "nermalize" internal numbers se that they eeuld be tasked via
OCTAVE. Iput all ef this tegether inte ene spreadsheet, taking enly the tep persennel, whieh I knew my
TOPI wanted, and presented my TOPI analyst with this paekage. He was thrilled! That by itselfweuld have
been eneugh te warrant writing this stery, but it is what happened next that really made eur day.
AS IwaS analyzing the metadata in PNWALE, I elieked en the "Frem eelunm and
netieed semething peeuliar -- every single entiy,? ever 10,000 ef them, eame frem the
same I ran several mere queries, and ever timeI eame up with the same result. Then, I leeked at the
"Te 16T.134.x.x, yeah, that's PEQUIVEN (a subsidiaiy edeVSA), but 10am?: and
172.18.x.x Yep, seems I had been leeking at internal eemms all this I?red eff a
few emails te F6 hem and in Caraeas, and they een?imed it!
Sinee then, I have been with Caraeas, whe have been suIveying their
envirenment and sticking the Iesults inte XKEYSCORE. I have been lueky eneugh te f'md several juiey
deeuments in there, ene ef whieh hasjust been made inte a lepert!
SERLAL:
Fax Externe SIN
Busea Persena SIN
Clave Busea Persena INFORMACICJN
Celular SIN INFORMACICJN
Tlfne. Habitaeien SIN MORMACION
Otre Telefene WFORMACION
hem is ene shewing Ramirez as the superiser ef ene ef the beard members, Luis
Nembre PEREZ LUIS FELIPE
cedige I?Iniee VIERMAL
Ceriee PDVSA
Cerree Persenal
Ceneeide Ceme SIN INFURMACION
Tipe de Empleade JUBILADU
Empiesa HOLDING PDVSA
Geieneia
Superviser RAMIREZ RAFAEL DARIO
Leealidad CARACAS
Edi?eie LA CAMP TORRE ESTE
Terre TDRRE ESTE
Pise PH
D?eina PH
Tlfne. Interne
Tlfne. Interne
Telefene Exteme
Fax Interne
Fax Exteme
Busea Persena SIN
Clave Busea Persena INFURMACICJN
Celular
Tlfne. Habitaeien
Otre Telefene WFORMACION
New, even my eld eyes eeuld see that these things were a geldmine ef valid seleeters, te
inelude werk, heme, and eell phenes, email addiesses, I had se much data that I was even able te
make a chart with whieh I eeuld "nermalize" internal numbers se that they eeuld be tasked via
OCTAVE. Iput all ef this tegether inte ene spreadsheet, taking enly the tep persennel, whieh I knew my
TOPI wanted, and presented my TOPI analyst with this paekage. He was thrilled! That by itselfweuld have
been eneugh te warrant writing this stery, but it is what happened next that really made eur day.
AS IwaS analyzing the metadata in PNWALE, I elieked en the "Frem eelunm and
netieed semething peeuliar -- every single entiy,? ever 10,000 ef them, eame frem the
same I ran several mere queries, and ever timeI eame up with the same result. Then, I leeked at the
"Te 16T.134.x.x, yeah, that's PEQUIVEN (a subsidiaiy edeVSA), but 10am?: and
172.18.x.x Yep, seems I had been leeking at internal eemms all this I?red eff a
few emails te F6 hem and in Caraeas, and they een?imed it!
Sinee then, I have been with Caraeas, whe have been suIveying their
envirenment and sticking the Iesults inte XKEYSCORE. I have been lueky eneugh te f'md several juiey
deeuments in there, ene ef whieh hasjust been made inte a lepert!
SERLAL:
Venezuela?iEneigy: Venezuela State-Owned Oil
Infcrinaticn a Decrease in Overall Oil Thefts and
Lcsses, Januaiy 2011 (SHREL TO USA, FVEY)
In additicn, I have disccyeied a string that carries user lD's and their and have
reccyeied ever 900 unique which I have fciwarded tc TAO (Tailcred Access
Opeiaticns -- S32), alcng with ether enabling data and a targeting request tc see if we can this
and especially, the bcxes cdeVSA's leadership. Wculdn't rny TDPI be happy then?
(TSHSIHREL) Sc, by sheer luck, (and a ten cf hard wcrk) I disccyeied an new access tc an
existing taiget and am wcrking with TAO tc leverage a new rnissicn capability.
82611-5
Ojj?frhere Venezuelan er"! rig {Jene'a?
ahuul this
article?
articles may not be republished or repcsted cutside
without the consent cf 50121 sid
Oxyner: 3 S0121 a (email)
Page Publisher: S0121, {entail}
Last Mcdi?ed: 11f10r?2012 r? LastReyiewed: 11f10f2012
DYNAIVIIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS
TOP SECRET USA AUS CAN GER NZL
DERIVED FROM: 1-52, DATED 08 JAN 2007 DECLASSIFY ON: 20320108
Venezuela?iEneigy: Venezuela State-Owned Oil
Infcrinaticn a Decrease in Overall Oil Thefts and
Lcsses, Januaiy 2011 (SHREL TO USA, FVEY)
In additicn, I have disccyeied a string that carries user lD's and their and have
reccyeied ever 900 unique which I have fciwarded tc TAO (Tailcred Access
Opeiaticns -- S32), alcng with ether enabling data and a targeting request tc see if we can this
and especially, the bcxes cdeVSA's leadership. Wculdn't rny TDPI be happy then?
(TSHSIHREL) Sc, by sheer luck, (and a ten cf hard wcrk) I disccyeied an new access tc an
existing taiget and am wcrking with TAO tc leverage a new rnissicn capability.
82611-5
Ojj?frhere Venezuelan er"! rig {Jene'a?
ahuul this
article?
articles may not be republished or repcsted cutside
without the consent cf 50121 sid
Oxyner: 3 S0121 a (email)
Page Publisher: S0121, {entail}
Last Mcdi?ed: 11f10r?2012 r? LastReyiewed: 11f10f2012
DYNAIVIIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS
TOP SECRET USA AUS CAN GER NZL
DERIVED FROM: 1-52, DATED 08 JAN 2007 DECLASSIFY ON: 20320108