TOP SECRET STRAP 2 Mobile Networks in World Head of GCHQ NAC This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 What is a MyNOC • MyNOC – My Network Operations Centre – A Space – A Concept This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 A Space • • • • • • • • • • • Analyst Desktop X 10 Un-attributable internet X 10 JTRIG Desktop HIGHNOTE – CNE Toolsuite COPPERHEAD – CNE Attack box NEXUS BSS Desktop CADDIS SIS Desktop NRT Tipping Display 65” VTC Collaborative Monitor and Projector Virtual Whiteboarding tool and Whiteboard Secure telpehony storage This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ o TOP SECRET STRAP 2 A Space This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ o TOP SECRET STRAP 2 Interlopers in A Space This information is exempt from disclosure under t legislation Refer disclosure requests to GCHQ on exemption under other UK information TOP SECRET STRAP 2 A Concept • Collaboration environment bringing together capability from across GCHQ • Appropriate resources identified Appropriate prioritisation • Formalised planning process – – – – Clear Focused objectives Selection of Operations Manager Preparation Review • Assessment and feasibility • Professional Operations Manager – Ensure operation is focused on stated objectives – Ensures operation is legal – Protects information equities This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 MyNOC NAC • NAC tasked with development of “greater good” capability in Mobile Mobile Internet environment • Due to lack of progress decision made to sponsor three MyNOC events – OP WYLEKEY – Exploitation of International Mobile Billing Clearing Houses – OP SOCIALIST – Exploitation of GRX Operator – OP INTERACTION – Development of in-depth knowledge of Mobile Gateways This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ o TOP SECRET STRAP 2 MyNOC Team assemble • Operations Manager • Network Analysts NAC Cheltenham NAC Bude NAC Cyprus • Dataminer GTAC • Open Source Specialist • JTRIG Analysts Cheltenham Bude • CNE Operators Cheltenham CNE Scarborough CNE • VPN Expert Crypt SD • EREPO Expert CNE • Protocol Analyst GTE • Production Tasking Co-ordinator PTC • Trainee Ops Managers This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ o TOP SECRET STRAP 2 One Month Later – OP SOCIALIST • Scoping session conducted – main focus to be on enabling CNE access to BELGACOM GRX Operator • Ultimate Goal – enable CNE access to BELGACOM Core GRX Routers from which we can undertake MiTM operations against targets roaming using Smart Phones • Secondary focus – breadth of knowledge on GRX Operators • Operations Manager assigned team assembles This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 Preparation work • Identified static web gateways and IP range used by engineers and tasked for QUANTUM operations • Identification and tasking of optimal bearers • TDI data mining identified potential for exploitation of LinkedIn as a vector for QI – QI capability developed for LinkedIn • WOODCUTTER logs analysed for usage by BELGACOM This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 MyNOC Focus • Expand collection and capability to enable better exploitation of Belgacom • Identify key staff at BICS and selectors used by these individuals for QI • Map the network to better understand the Belgacom Infrastructure • Investigate VPN links from BICS to other telecoms providers • Investigate the vulnerability of the MyBICS Reporting Tool This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ o TOP SECRET STRAP 2 Infrastructure This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ o TOP SECRET STRAP 2 Key BELGACOM staff • Identify Belgacom employees – NOC staff – In areas related to maintenance or security • Selectors to enable QUANTUM targeting – Use of LinkedIn noted – Use of Slashdot org noted • MUTANT BROTH used to identify TDI Selectors coming from identified range proxy • QI capability enhanced to allow shots on LinkedIn • QI capability enhanced to allow ‘white listing’ when shooting on proxy This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 NOC IP range search in MUTANT BROTH This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 NOC IP range – Target identifiers for QUANTUM INSERT This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 Real-time picture 03 0 'l Klan aha u-I llu-I -I I II nhp HIITA m I'lfl Iluuh I - Il II I IJ I i Ill u-uuI'l'q ll'Hnl- tr 1 caEHn TOP SECRET STRAP 2 GTAC effort • • • • • • • • • • IR21 extractions Website research – domains visited from target gateway IPs TDI harvesting Identified owners of TDIs finding new potential targets Identified the FTP service User agent analysis Laptop identification Mail server analysis SSL research GRX analysis This information is exempt from disclosure under t legislation Refer disclosure requests to GCHQ on exemption under other UK information TOP SECRET STRAP 2 What MyNOC Priority gets you • • • • • • Dedicated resources Priority tasking of access Priority utilisation of CNE Operator resources Priority utilisation of CNE Developer resources Priority use of enabling community GTE GTAC JTRIG Priority time of legalities bodies This information is exempt from disclosure under t legislation Refer disclosure requests to GCHQ on exemption under other UK information TOP SECRET STRAP 2 OP SOCIALIST Outcome • In MyNOC – CNE Access to BELGACOM – MERION ZETA – 6 endpoints into Engineer support staff IP range – 2 endpoints into BELGACOM DMZ from prep VA work – Optimal Bearers identified providing good access to BELGACOM proxy • Post MyNOC – Optimal Bearers continue to allow QI against BELGACOM engineers proxy – Internal CNE access continues to expand – getting close to access core GRX Routers – currently on hosts with access – NAC continue to support with Network Analysis of internal networks network understanding research on credentials and identification of engineers system administrators and their specific roles This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 MyNOC leave behinds for NAC • • • • • • • • • Focused working in small groups Regular Brainstorming sessions Professional Operational Management Network becomes Target – Target approach to Network Problems Awareness of JTRIG and Open-source information specialist capabilities and how they can support Network Analysis Steerage of access for Network Analysis gain Closer working between NAC and CNE Joint working between NACs More NAC MyNOC Focus efforts to come… This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on TOP SECRET STRAP 2 Questions This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation Refer disclosure requests to GCHQ on
OCR of the Document
View the Document >>