DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS
TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL
(U) Converging Networks
FROM: SIGINT Communications
Run Date: 01/13/2004
FROM: SIGINT Communications
(TS//SI) Today, the globally converged communications network represents a threat to the
SIGINT system's current collection and exploitation capability for three reasons:
1. it affords ubiquitous access to modern near- and real-time communications technologies;
2. it affords both mobility and anonymity for users, key for terrorists and other mobile
targets; and,
3. it is changing at an incredibly fast rate.
(TS//SI) The Terrorist Technology Exploitation Cell (TTEC) of the Office of Counterterrorism (CT)
assesses that the first two factors have led to wide use of web-enabled end-point devices by
terrorists and other targets worldwide. These devices -- including laptops and PCs (personal
computers), GSM and other cell phones, PDAs (personal digital assistants), satellite phones, web
portals, etc. -- allow targets to contact one another across various communications media in
near and real time. NSA's exploitation of these modern communications technologies and
applications, however, tends to be compartmented by technology, tool, data type, etc. This
situation has made it extremely difficult for analysts to put the various cross-media pieces of a
target's communication "back together."
(TS//SI) Offices are working, however, to find a solution! Counterterrorism TTEC analysts have
partnered with CT Digital Network Intelligence (DNI) Development analysts, Corporate SIGINT
Development offices, and Rebuilding Analysis to identify gaps in analytic tools and techniques,
and to use the corporate requirements process to submit Analytic Needs Requirements that,
when filled, will enable intelligence analysts to exploit cross-media communications.
(TS//SI) Meanwhile, steps are being taken to improve SID's capabilities in the near term. For
example, SIGINT Development's Target Development Services Division , working with the CES
Filtering and Selection IPT (Integrated Product Team), is carrying out the following initiatives:
One number, maximum reach : The goal of this project is to modify current telephony selector
management to a system in which the full OCTAVE load is pushed to each field site through a
filter of site specific tasking rules, thus maximizing worldwide collection for each number.
DNI contact chaining : Create the capability to do email contact chaining, and lay the
foundation to expand the capability to include additional DNI protocols, e.g. chat, and further lay
a foundation toward the longer-term goal of cross-media/cross-mode contact chaining.
DNI selector management : Create an environment in which TOPI analysts who wish to task email addresses or phone numbers for communications intercept may do so with a single entry
into OCTAVE and eliminating the necessity for time-intensive best-sites-to-task decision making
by analysts.
Distributed field site architecture : NSA's collection architecture must become as distributed as
the network it is attempting to collect.
Cross-mode analysis : Seeks to gather intelligence from a target as he/she changes
communications mode, e.g. telephone to email.
(For additional details of these initiatives, see SIGDev's convergence briefing .)
(TS//SI) We hope you bring you more articles in future to update you on SID's efforts in dealing
with converging networks!
(U//FOUO) For further information on the above topic, please contact the following pocs:
TTEC (S2I34):
nsa,
Target Development Services (S2S3):
(s)
-
@nsa,
s)
"(U//FOUO) SIDtoday articles may not be republished or reposted outside NSANet
without the consent of S0121 (DL sid_comms)."
DYNAMIC PAGE -- HIGHEST POSSIBLE CLASSIFICATION IS
TOP SECRET // SI / TK // REL TO USA AUS CAN GBR NZL
DERIVED FROM: NSA/CSSM 1-52, DATED 08 JAN 2007 DECLASSIFY ON: 20320108