Skip to main content
Support Us
Documents

NSA Supply Chain Attack From PMR 4-24-13

Jan. 24, 2019

1/2
Download
Page 1 from NSA Supply Chain Attack From PMR 4-24-13
TOP SECRET//SI//NOFORN ~ 24 April 2013 The overall classification of this brief is Derived From : NSA/CSSM 1-52 Dated : 20070108 Declass ify On : 20291123 TOP SECRET//COMINT//NOFORN ;,·~ TOP SECRET//SI//NOFORN I II
TOP SECRET//SI//NOFORN ~ 24 April 2013 The overall classification of this brief is Derived From : NSA/CSSM 1-52 Dated : 20070108 Declass ify On : 20291123 TOP SECRET//COMINT//NOFORN ;,·~ TOP SECRET//SI//NOFORN I II
Page 2 from NSA Supply Chain Attack From PMR 4-24-13
TOP SECRET//SI//NOFORN SIDPriority:Traditional Inaccessible TargetNetwork (TS//SI//NF) ~ I·· 1111·1 I· ·11· Identifyaccessmethodsintosegregated networksinvolvedin MissionExample andResult:Discovered detailedplansto-classified Voice-Over-IP network , resultingin intelligence acted on by a jointNSA-ICpartnerteamin an overseaslocationto performsupply-chain interdiction on theshipment.Information briefedto seniorstafffor IC partners , NSAandthirdpartypartners. OurApproach • Identified orderfromto andtrackedt~ thenintoChina,as thesourcevendor. • ExtensiveanalysisthroughCloudABRandXKEYSCORE enabled identification of multipleselectorsfortargeting. • Coordinated withTAOto enableCNEaccessagainstkeysupport personnel. • Draftedinputsfor urgentcablessentto overseasstationsandforeign partnersin orderto coordinate groundoperations. • Shiftedscheduleto collaborate in near-real-time withoverseas stations.ProvidedIC Partnerwithdocumentation from end-point accesses , criticalto duplicateoriginalshipmentpacking. SIGINTDevelopment Outcome: Theanalysisandreportingon thistargetidentified , withhighgranularity ,-s methodof hardwareprocurement . Asa resultof theseefforts,NSAandits ICpartnersarenowpositioned for successwithfutureopportunities ..,.~ TOP SECRET//SI//NOFORN (TS//SI//NF) . .. 23
TOP SECRET//SI//NOFORN SIDPriority:Traditional Inaccessible TargetNetwork (TS//SI//NF) ~ I·· 1111·1 I· ·11· Identifyaccessmethodsintosegregated networksinvolvedin MissionExample andResult:Discovered detailedplansto-classified Voice-Over-IP network , resultingin intelligence acted on by a jointNSA-ICpartnerteamin an overseaslocationto performsupply-chain interdiction on theshipment.Information briefedto seniorstafffor IC partners , NSAandthirdpartypartners. OurApproach • Identified orderfromto andtrackedt~ thenintoChina,as thesourcevendor. • ExtensiveanalysisthroughCloudABRandXKEYSCORE enabled identification of multipleselectorsfortargeting. • Coordinated withTAOto enableCNEaccessagainstkeysupport personnel. • Draftedinputsfor urgentcablessentto overseasstationsandforeign partnersin orderto coordinate groundoperations. • Shiftedscheduleto collaborate in near-real-time withoverseas stations.ProvidedIC Partnerwithdocumentation from end-point accesses , criticalto duplicateoriginalshipmentpacking. SIGINTDevelopment Outcome: Theanalysisandreportingon thistargetidentified , withhighgranularity ,-s methodof hardwareprocurement . Asa resultof theseefforts,NSAandits ICpartnersarenowpositioned for successwithfutureopportunities ..,.~ TOP SECRET//SI//NOFORN (TS//SI//NF) . .. 23