Top Secret Documents Reveal How GCHQ Hacked Belgacom
-
Upload
leaksourceinfo -
Category
Documents
-
view
227 -
download
0
Transcript of Top Secret Documents Reveal How GCHQ Hacked Belgacom
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
1/67
TOP SECRET STRAP 2
Automated NOC
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
Detection
, Head of GCHQ NAC
, Senior Network Analyst, CSEC NAC
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
2/67
TOP SECRET STRAP 2
Challenge
SDC 2009 Challenged the Network
Analysis community to automate the
detection of Network Operations
This information is exempt from disclosure under the Freedom of Information Act 2000 and ma be subect to exemption under other UK informationlegislation. Refer disclosure requests to GCHQ o
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
3/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
4/67
TOP SECRET STRAP 2
NOCTURNAL SURGE
GCHQ response to challenge.
Early Prototype that looks at only:
ACLs for SSH/TELNET
ACLs for VTY
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
5/67
TOP SECRET STRAP 2NOCTURNAL SURGE
SCREEN SHOT 1
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on 01242 221491 x30306 (non-sec ) or email infoleg@gchq
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
6/67
T STRAP 2AL SURGE
SNAPSHOT SLIDE 2
disclosure under the Freedom of Information Act 2000 and may be subject to exemption under other UK informationuests to GCHQ on 01242 221491 x30306 (non-sec) or email i nfoleg@gchq
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
7/67
TOP SECRET STRAP 2
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on 01242 221491 x30306 (non-sec ) or email infoleg@gchq
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
8/67
ET STRAP 2
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on 01242 221491 x30306 (non-sec ) or email infoleg@gchq
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
9/67
TOP SECRET STRAP 2
GCHQ / CSEC NAC Joint tradecraft development
During March 2011 GCHQ Analysts visited CSEC to look at the
using PENTAHO for tradecraft modelling working with CSEC
NAC and CSEC/H3 software developers to see if could model
NOCTURNAL SURGE in PENTAHO and then implement in
OLYMPIA.
This information is exempt from disclosure under the Freedom of Information Act 2000 and ma be subect to exemption under other UK informationlegislation. Refer disclosure requests to GC
n y poss e o a emp ecause: GCHQ NAC use PENTAHO
CSEC NAC/H3 use PENTAHO
CSEC NAC have implemented GCHQ NAC TIDAL SURGE Database
Schema (DSD also have this..)
GCHQ approach based on AS
CSEC approach based on Country
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
10/67
TOP SECRET STRAP 2
Pentaho - NOC Auto Detection
This information is exempt from disclosure under the Freedom of Information Act 2000 and ma be subect to exemption under other UK informationlegislation. Refer disclosure requests to GCHQ o
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
11/67
TOP SECRET STRAP 2
Phase 2: Intelligent use of Metadata
We do not always get full configuration files to parse.
Services between routers and NOCs run on IP/TCP/UDP
We do create 5-TUPLE metadata from our collection
GCHQ have prototype database 5-Alive
CSEC have database - HYPERION
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
12/67
TOP SECRET STRAP 2
SNMP Protocol
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCH
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
13/67
TOP SECRET STRAP 2
SNMP Protocol in 5-Alive
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
14/67
TOP SECRET STRAP 2
Further drill down on activity for identified IP
This information is exempt from disclosure under the Freedom of Information Act 2000 and ma be subect to exemption under other UK informationlegislation. Refer disclosure requests to GCHQ o
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
15/67
TOP SECRET STRAP 2
Phase 3: Intelligent use of TELNET traffic
Again we do not always get full configuration files. Phase 1 is
based on full (or as near to full) configuration files
GCHQ NAC collect TELNET Sessions into TERMINAL SURGE
Collection based on TCP Port 23 (TELNET)
Other protocols use TCP Port 23 (YMSG)
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
n erac on w ou ers over or may e ne ar ous: Scanning
Password guessing
Need to separate legitimate use from nefarious activity
Look for signs of legitimate use.
Successful login
Follow on commands
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
16/67
TOP SECRET STRAP 2
From TCP Port 23 (Echo)
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCH
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
17/67
TOP SECRET STRAP 2
To TCP Port 23
This information is exempt from disclosure und exemption under other UK informationlegislation. Refer disclosure requests to GCHQ
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
18/67
TOP SECRET STRAP 2
Intelligent analysis of TELNET traffic
The fact that login was successful for both examples means the
following:
From TCP Port 23
To IP address is Network Management Terminal (in the
NOC ?)
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ
To TCP Port 23
From IP address is Network Management Terminal (in
the NOC ?)
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
19/67
TOP SECRET STRAP 2
Phase 4: Bulk Port Scanning
We know the key services/servers running in the NOC
Utilise HACIENDA, GCHQs bulk port scanning capability to
identify what IPs have these service ports open additional
logic to build up confidence required.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
20/67
TOP SECRET STRAP 2
Fusion of sources
Aim is to bring all sources that help identify NOC IP ranges
together with associated confidence.
Different techniques provide different results due to the nature of
passive access (international vs in-country for instance)
Different techniques have different levels of reliability therefore
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
looking to develop aggregation with overlay of smartintelligence.
Solution can work on not just ISP
NOCs but also Mobile OMCs.
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
21/67
TOP SECRET STRAP 2
And then.enabling CNE on NOCs
We now have IP ranges need selectors of NOC Staff to
enable QUANTUM INSERT attack against them.
Use of GCHQ TDI capability to identify selectors coming out of
IP ranges and/or identification of proxy/NAT within NOC range.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCH
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
22/67
TOP SECRET STRAP 2
NOC IP range search in MUTANT BROTH
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCH
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
23/67
TOP SECRET STRAP 2NOC IP range Target identifiers for QUANTUM INSERT
This information is exempt from disclosure und xemption under other UK informationlegislation. Refer disclosure requests to GCH
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
24/67
TOP SECRET STRAP 2
Real-time picture of QI
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
25/67
TOP SECRET STRAP 2
Questions ?
This information is exempt from disclosure under the Freedom of Information Act 2000 and ma be subect to exemption under other UK informationlegislation. Refer disclosure requests to GCHQ o
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
26/67
TOP SECRET STRAP 2
Mobile Networks in
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
World
Head of GCHQ NAC
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
27/67
TOP SECRET STRAP 2
What is a MyNOC ?
MyNOC My Network Operations Centre
A Space
A Concept
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
28/67
TOP SECRET STRAP 2
A Space
Analyst Desktop X 10
Un-attributable internet X 10
JTRIG Desktop
HIGHNOTE CNE Toolsuite
COPPERHEAD CNE Attack box
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
NEXUS (BSS Desktop)
CADDIS (SIS Desktop)
NRT Tipping Display
65 VTC/Collaborative Monitor and Projector
Virtual Whiteboarding tool and Whiteboard
Secure telpehony / storage
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
29/67
TOP SECRET STRAP 2
A Space
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
30/67
TOP SECRET STRAP 2
Interlopers in A Space
This information is exempt from disclosure under t exemption under other UK informationlegislation. Refer disclosure requests to GCHQ on
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
31/67
TOP SECRET STRAP 2
A Concept
Collaboration environment bringing together capability from
across GCHQ.
Appropriateresources identified / Appropriateprioritisation
Formalised planning process
ClearFocused objectives
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
Preparation
Review
Assessment and feasibility
Professional Operations Manager
Ensure operation is focused on stated objectives
Ensures operation is legal Protects information equities
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
32/67
TOP SECRET STRAP 2
MyNOC & NAC
NAC tasked with development of greater good capability in
Mobile/Mobile Internet environment.
Due to lack of progress decision made to sponsor three MyNOC
events:
OP WYLEKEY Exploitation of International Mobile Billing Clearing Houses
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
xp o a on o pera or OP INTERACTION Development of in-depth knowledge of Mobile
Gateways.
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
33/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
34/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
35/67
TOP SECRET STRAP 2
Preparation work
Identified static web gateways and IP range used by engineersand tasked for QUANTUM operations
Identification and tasking of optimal bearers
TDI data mining identified potential for exploitation of LinkedInas a vector for QI QI capability developed for LinkedIn
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
.
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
36/67
TOP SECRET STRAP 2
MyNOC Focus
Expand collection and capability to enable better exploitationof Belgacom.
Identify key staff at BICS, and selectors used by theseindividuals for QI.
Map the network to better understand the BelgacomInfrastructure.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
Investigate VPN links from BICS to other telecoms providers.
Investigate the vulnerability of the MyBICS Reporting Tool.
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
37/67
TOP SECRET STRAP 2
Infrastructure
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
38/67
TOP SECRET STRAP 2
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
39/67
TOP SECRET STRAP 2
Key BELGACOM staff
Identify Belgacom employees
NOC staff
In areas related to maintenance or security
Selectors to enable QUANTUM targeting
Use of LinkedIn noted
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
.
MUTANT BROTH used to identify TDI/Selectors coming from
identified range/proxy
QI capability enhanced to allow shots on LinkedIn
QI capability enhanced to allow white listing when shooting on
proxy
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
40/67
TOP SECRET STRAP 2
NOC IP range search in MUTANT BROTH
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
41/67
TOP SECRET STRAP 2NOC IP range Target identifiers for QUANTUM INSERT
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
42/67
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
43/67
TOP SECRET STRAP 2
GTAC effort
IR21 extractions
Website research domains visited from target gateway IPs
TDI harvesting
Identified owners of TDIs / finding new potential targets
Identified the FTP service
This information is exempt from disclosure under t exemption under other UK informationlegislation. Refer disclosure requests to GCHQ on
User agent analysis
Laptop identification
Mail server analysis
SSL research
GRX analysis
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
44/67
TOP SECRET STRAP 2
What MyNOC Priority gets you
Dedicated resources
Priority tasking of access
Priority utilisation of CNE Operator resources
Priority utilisation of CNE Developer resources
Priorit use of enablin communit GTE GTAC JTRIG
This information is exempt from disclosure under t exemption under other UK informationlegislation. Refer disclosure requests to GCHQ on
Priority time of legalities bodies
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
45/67
TOP SECRET STRAP 2
OP SOCIALIST Outcome
In MyNOC:
CNE Access to BELGACOM MERION ZETA 6 endpoints into
Engineer/support staff IP range
2 endpoints into BELGACOM DMZ (from prep VA work)
Optimal Bearers identified providing good access to BELGACOM proxy.
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
Optimal Bearers continue to allow QI against BELGACOM engineers/proxy
Internal CNE access continues to expand getting close to access core
GRX Routers currently on hosts with access
NAC continue to support with Network Analysis
of internal networks, network understanding
research on credentials and identification of
engineers/system administrators and theirspecific roles.
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
46/67
TOP SECRET STRAP 2
MyNOC leave behinds for NAC
Focused working in small groups
Regular Brainstorming sessions
Professional Operational Management
Network becomes Target Target approach to
Network Problems
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
Awareness of JTRIG and Open-source information specialist
capabilities and how they can support Network Analysis.
Steerage of access for Network Analysis gain
Closer working between NAC and CNE
Joint working between NACs
More NAC MyNOC/Focus efforts to come.
TOP SECRET STRAP 2
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
47/67
TOP SECRET STRAP 2
Questions ?
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 // REL TO USA AUS CAN GBR NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
48/67
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
Making Network Sense of
the encr tion roblem
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
Roundtable
Head of GCHQ NAC
TOP SECRET//REL TO USA AUS CAN GBR NZL
Derived From: NSA/CSSM 1-52
Dated: 20070108
Declassify On: 20360501
TOP SECRET STRAP 2 // REL TO USA AUS CAN GBR NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
49/67
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZLGCHQ metadata
GCHQ now creating metadata on:
SSL / TLS
IKE
OpenVPN
SSH
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
SQUEAL signatures (Various crypt packages)
Data available in BEARDED PIGGY and/or the
CLOUD
TOP SECRET//REL TO USA AUS CAN GBR NZL
TOP SECRET STRAP 2 // REL TO USA AUS CAN GBR NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
50/67
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZLHow can Network Analysis help ?
Can NAC help
make sense using
network
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
volumes of data to
isolate that which
we want to
decrypt
TOP SECRET//REL TO USA AUS CAN GBR NZL
TOP SECRET STRAP 2 // REL TO USA AUS CAN GBR NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
51/67
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZLThe Seed Approach
Intercepted documentation reveals details of VPN set up
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ on
TOP SECRET//REL TO USA AUS CAN GBR NZL
TOP SECRET STRAP 2 // REL TO USA AUS CAN GBR NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
52/67
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZLThe Seed Approach
Turn Seed IP into network block
Query on network block against metadata
Chain outwards / fuzzy subnet logic
Basis of NTAT developed tradecraft:
IRASCIBLE HARE
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
IRASCIBLE RABBIT IRASCIBLE MOOSE
IRASCIBLE EMITT
TOP SECRET//REL TO USA AUS CAN GBR NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
53/67
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZLKnown usage
Target known to use encryption
Identify target subnet
Select on subnet against metadata
Or
Start with an AS look for most interestin wheel
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
BELGACOM - AS6774 known to run GRX links to MNOover VPN
TOP SECRET//REL TO USA AUS CAN GBR NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
54/67
, , , ,
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ
TOP SECRET//REL TO USA AUS CAN GBR NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
55/67
, , , ,
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
TOP SECRET//REL TO USA AUS CAN GBR NZL
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
56/67
Network Knowledge enrichment
Internet Registry information
IP Geolocation
DNS
Data derived from network device configuration files
(routers/Firewalls etc)
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
Network information on surrounding IPs (i.e. rest of subnet isMNO related)
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
57/67
TOP SECRET STRAP 2 // REL TO USA, AUS, CAN, GBR, NZL
TOP SECRET//REL TO USA AUS CAN GBR NZL
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
58/67
Your Ideas Please
This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK informationlegislation. Refer disclosure requests to GCHQ o
TOP SECRET//REL TO USA AUS CAN GBR NZL
SECRET STRAP1 COMINT
The maximum classification allowed on GCWiki is TOP SECRET STRAP1 COMINT Click to report
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
59/67
STARGATE
User Guide
Bugs & Feedback
Deployments
CNE Requirements
Surgery
The maximum classificationallowed on GCWiki is TOP SECRET STRAP1 COMINT. Click to report
inappropriate content.For GCWiki help contact: webteam Support page
STARGATE CNE Requirements
From GCWiki
(Redirected from OPCCNE Prototyping STARGATE CNE Requirements)
Jump to: navigation, search
OPCCNE Prototyping Team(team leader
HOME. MAD. KITCHEN SINK. MARVAL ICE. IRONING BOARD. TIN REVERIE. SORCERER.
FEDEX
Agile. Admin. Andromeda. Data Characterisation. Desks. Discussion. Forensics. Index. Links.Notes
. Storyboards. Team. Training. Planning. Priorities. Unification Workshop. Infrastructure.
Development Process
This page is for OPH-CNE staff to add requirementsfor STARGATE. You should start by reading the
Endpoint Initiative Requirements. Your requirement
may have already been captured.
Some headings have been added to get you started....
C
AQUILA
CNE on the BIG BUS
has a site wide license for OutsideIn
(QuickView uses this behind the scenes). You
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
60/67
Iterations
Iteration 7 Feedback
Iteration 6 Feedback
Iteration 5 Feedback
Dev Team
(Q )
can convert around ~350 document formats
into HTML for viewing safely. This is not
meant to replace udaq but would be a convinent
and safe halfway-house to view files quicklyfor tactical o erational reasons.
User:
[edit] How do you want to search the file
system?
[edit] How do you want to get tasked bycustomers?
[edit] What should appear on the summary
pages? What about summary pages for a
Project or Implant?
[edit] Embedded Comments
What form should they take? Do you want to be able to add attachments or hyperlinks. Do you want to be
alerted when a comment is added to your project?
[edit] What would CNE need from Network diagrams?
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
61/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
62/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
63/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
64/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
65/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
66/67
-
8/10/2019 Top Secret Documents Reveal How GCHQ Hacked Belgacom
67/67