Tailored Access Operations

The Office of Tailored Access Operations (TAO) is a cyber-warfare intelligence-gathering unit of the National Security Agency (NSA). It has been active since at least circa 1998.^[1]^[2] TAO identifies, monitors, infiltrates, and gathers intelligence on computer systems being used by entities foreign to the United States.^[3]^[4]^[5]^[6] The NSA terms these activities "computer network exploitation" (CNE). Sean Gallagher of ArsTechnica describes how TAO functions are integrated into analytic software such as XKeyscore^[7]

TAO is reportedly "now the largest and arguably the most important component of the NSA's huge Signal Intelligence (SIGINT) Directorate, consisting [more than] 1,000 military and civilian computer hackers, intelligence analysts, targeting specialists, computer hardware and software designers, and electrical engineers."^[1]

In an anonymous interview with Bloomberg Businessweek, former U.S. officials stated the unit uses automated hacking software to harvest approximately two petabytes of data per hour which is largely processed automatically.^[5]

A document leaked by Edward Snowden describing the unit's work says that TAO has software templates allowing it break into commonly used hardware, including “routers, switches, and firewalls from multiple product vendor lines".^[8] According to The Washington Post, TAO engineers prefer to tap networks rather than isolated computers, because there are typically many devices on a single network.^[8]

Physical locations

TAO's headquarters are termed the Remote Operations Center (ROC) and are based at Fort Meade, Maryland. TAO also has expanded to NSA Hawaii (Wahiawa, Oahu), NSA Georgia (Fort Gordon, Georgia), Texas Cryptologic Center, and Buckley Air Force Base, Denver.^[1]

Organization

In the Remote Operations Center (ROC) 600 employees gather information from around the world.^[9]^[10]

Data Network Technologies Branch: develops automated spyware
Telecommunications Network Technologies Branch: improve network and computer hacking methods^[11]
Mission Infrastructure Technologies Branch: operates the software provided above^[12]
Access Technologies Operations Branch: Reportedly includes personnel seconded by the CIA and the FBI, who perform what are described as "off-net operations," which is a polite way of saying that they arrange for CIA agents to surreptitiously plant eavesdropping devices on computers and/or telecommunications systems overseas so that TAO's hackers may remotely access them from Fort Meade.^[1] Probably specially equipped submarines, currently USS Jimmy Carter,^[13] are used to wiretap fibre optic cables around the globe.

Known targets

According to Forbes, little is known about the scope and targets of TAO.^[14]

China^[1]
Tor/Firefox users^[15]
In concert with the U.S. CIA and FBI, TAO is used to intercept laptops purchased online, divert them to secret warehouses where spyware and hardware is installed, and send them on to customers.^[16]

External links

References

^ ^a ^b ^c ^d ^e Aid, Matthew M. (10 June 2013). "Inside the NSA's Ultra-Secret China Hacking Group". Foreign Policy. Retrieved 11 June 2013.
^ Paterson, Andrea (30 August 2013). "The NSA has its own team of elite hackers". The Washington Post. Retrieved 31 August 2013.
^ Kingsbury, Alex (June 19, 2009). "The Secret History of the National Security Agency". U.S. News & World Report. Retrieved 22 May 2013.
^ Kingsbury, Alex (November 18, 2009). "U.S. is Striking Back in the Global Cyberwar". U.S. News & World Report. Retrieved 22 May 2013. {{cite web}}: Unknown parameter |coauthors= ignored (|author= suggested) (help)
^ ^a ^b Riley, Michael (May 23, 2013). "How the U.S. Government Hacks the World". Bloomberg Businessweek. Retrieved 23 May 2013.
^ Aid, Matthew M. (8 June 2010). The Secret Sentry: The Untold History of the National Security Agency. Bloomsbury USA. p. 311. ISBN 978-1-60819-096-6. Retrieved 22 May 2013.
^ Gallagher, Sean (August 1, 2013). "NSA's Internet taps can find systems to hack, track VPNs and Word docs". Retrieved August 8, 2013.
^ ^a ^b Barton Gellman; Ellen Nakashima (August 30, 2013). "U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show". The Washington Post. Retrieved 7 September 2013. Much more often, an implant is coded entirely in software by an NSA group called, Tailored Access Operations (TAO). As its name suggests, TAO builds attack tools that are custom-fitted to their targets. The NSA unit's software engineers would rather tap into networks than individual computers because there are usually many devices on each network. Tailored Access Operations has software templates to break into common brands and models of "routers, switches, and firewalls from multiple product vendor lines," according to one document describing its work.
^ Secret NSA hackers from TAO Office have been pwning China for nearly 15 years | Computerworld Blogs
^ Inside the NSA's Ultra-Secret China Hacking Group
^ Hintergrund: Die Speerspitze des amerikanischen Hackings - News Ausland: Amerika - tagesanzeiger.ch
^ http://www.acus.org/natosource/inside-nsas-ultra-secret-hacking-group
^ JIMMY CARTER: SUPER SPY? | Defense Tech
^ Report: NSA Intercepting Laptops Ordered Online, Installing Spyware - Forbes
^ Schneier on Security: How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID
^ Inside TAO: The NSA's Shadow Network - SPIEGEL ONLINE

This United States government–related article is a stub. You can help Wikipedia by expanding it.

[fp2013-1] Aid, Matthew M. (10 June 2013). "Inside the NSA's Ultra-Secret China Hacking Group". Foreign Policy. Retrieved 11 June 2013.

[2] Paterson, Andrea (30 August 2013). "The NSA has its own team of elite hackers". The Washington Post. Retrieved 31 August 2013.

[Kingsbury-3] Kingsbury, Alex (June 19, 2009). "The Secret History of the National Security Agency". U.S. News & World Report. Retrieved 22 May 2013.

[4] Kingsbury, Alex (November 18, 2009). "U.S. is Striking Back in the Global Cyberwar". U.S. News & World Report. Retrieved 22 May 2013. {{cite web}}: Unknown parameter |coauthors= ignored (|author= suggested) (help)

[Riley-5] Riley, Michael (May 23, 2013). "How the U.S. Government Hacks the World". Bloomberg Businessweek. Retrieved 23 May 2013.

[Aid2010-6] Aid, Matthew M. (8 June 2010). The Secret Sentry: The Untold History of the National Security Agency. Bloomsbury USA. p. 311. ISBN 978-1-60819-096-6. Retrieved 22 May 2013.

[7] Gallagher, Sean (August 1, 2013). "NSA's Internet taps can find systems to hack, track VPNs and Word docs". Retrieved August 8, 2013.

[gellman-nakashima-2013-8] Barton Gellman; Ellen Nakashima (August 30, 2013). "U.S. spy agencies mounted 231 offensive cyber-operations in 2011, documents show". The Washington Post. Retrieved 7 September 2013. Much more often, an implant is coded entirely in software by an NSA group called, Tailored Access Operations (TAO). As its name suggests, TAO builds attack tools that are custom-fitted to their targets. The NSA unit's software engineers would rather tap into networks than individual computers because there are usually many devices on each network. Tailored Access Operations has software templates to break into common brands and models of "routers, switches, and firewalls from multiple product vendor lines," according to one document describing its work.

[9] Secret NSA hackers from TAO Office have been pwning China for nearly 15 years | Computerworld Blogs

[10] Inside the NSA's Ultra-Secret China Hacking Group

[11] Hintergrund: Die Speerspitze des amerikanischen Hackings - News Ausland: Amerika - tagesanzeiger.ch

[12] ttp://www.acus.org/natosource/inside-nsas-ultra-secret-hacking-group

[13] JIMMY CARTER: SUPER SPY? | Defense Tech

[14] Report: NSA Intercepting Laptops Ordered Online, Installing Spyware - Forbes

[15] Schneier on Security: How the NSA Attacks Tor/Firefox Users With QUANTUM and FOXACID

[16] Inside TAO: The NSA's Shadow Network - SPIEGEL ONLINE

[1]

v t e National Security Agency
Locations	Alaska Mission Operations Center Colorado Cryptologic Center Consolidated Intelligence Center CSSG Dorsey Road European Cryptologic Center European Technical Center Fort Meade Friendship Annex Georgia Cryptologic Center Hawaii Cryptologic Center Interagency Training Center Kent Island Misawa Security Operations Center Multiprogram Research Facility Pine Gap RAF Menwith Hill Roaring Creek Room 641A Salt Creek Sugar Grove Texas Cryptologic Center Utah Data Center Pacific Technical Center
Leaders	Ralph Canine John A. Samford Laurence Hugh Frost Gordon Blake Marshall Carter Noel Gayler Samuel C. Phillips Lew Allen Bobby Ray Inman Lincoln D. Faurer William Eldridge Odom Bill Studeman John Michael McConnell Kenneth Minihan Michael Hayden Keith B. Alexander Michael S. Rogers Paul Nakasone
Divisions	CSS Information Warfare Support Center ROC Special Collection Service SSO TAO NTOC NSOC
Technology	ANT catalog FROSTBURG HARVEST Secure Terminal Equipment (STE) STU-I STU-II STU-III WARRIOR PRIDE
Controversy	Global surveillance disclosures (2013–present) Church Committee Edward Snowden LOVEINT James Bamford NSA warrantless surveillance controversy Pike Committee Russ Tice Thomas Andrews Drake Thomas Tamm Matthew Aid
Programs	Boundless Informant Dropmire ECHELON Fairview Insider Threat Program MUSCULAR MYSTIC PRISM Real Time Regional Gateway Stellar Wind TRAILBLAZER Turbulence Upstream XKeyscore Epic Shelter
Databases	DISHFIRE Interquake Main Core MAINWAY MARINA Nymrod PINWALE
Other	Dundee Society Institute for Defense Analyses National Cryptologic Museum National Cryptologic School National Vigilance Park NSA Hall of Honor VENONA Vulnerabilities Equities Process Zendian Problem

Physical locations

Organization

Known targets

See also

External links

References