Free to follow every thread. No paywall, no dead ends.
National Security Agency | HearLore
— Ch. 1 · Origins And Evolution —
National Security Agency.
~6 min read · Ch. 1 of 6
On the 28th of April 1917, three weeks after the U.S. Congress declared war on Germany, a small unit called the Cable and Telegraph Section formed in Washington, D.C. Herbert O. Yardley led this group of just three people: himself and two civilian clerks. The unit absorbed Navy cryptanalysis functions by July 1918 and moved to New York City on the 20th of May 1919 as the Code Compilation Company. This peacetime organization became known as the Black Chamber and was jointly funded by the Army and State Department. It secretly broke diplomatic communications from nations like Japan during the Washington Naval Conference. Secretary of State Henry L. Stimson shut down the operation in 1929, declaring that gentlemen do not read each other's mail. During World War II, the Signal Intelligence Service intercepted Axis communications until it reorganized into the Army Security Agency after the war ended. On the 20th of May 1949, all cryptologic activities centralized under the Armed Forces Security Agency within the Department of Defense. President Harry S. Truman ordered an investigation into AFSA failures in December 1951. A November 4 memo by Secretary of Defense Robert A. Lovett officially created the National Security Agency, changing the name from AFSA. Truman issued a classified memorandum on the 24th of October 1952, establishing the agency without public knowledge. For decades, intelligence community members referred to it as No Such Agency because its existence remained secret.
Global Surveillance Architecture
The Echelon system emerged from Cold War partnerships between five nations: the United States, United Kingdom, Canada, Australia, and New Zealand. By early 1970s, over eight large satellite dishes were installed at Menwith Hill in North Yorkshire, England. Investigative journalist Duncan Campbell reported in 1988 on how this global network could eavesdrop on phone calls, faxes, and emails anywhere on Earth. The BBC confirmed in November 1999 that Britain and the U.S. operated this powerful surveillance infrastructure. NSA stations like those in Japan, Germany, and Thailand collect signals intelligence for the Five Eyes alliance. In Iraq during 2005, the Real Time Regional Gateway gathered all electronic communications to identify insurgents. Edward Snowden revealed in June 2013 that Boundless Informant collected about 124.8 billion telephone data items and 97.1 billion computer data items between February 8 and March 8 of that year alone. The NSA intercepts millions of images daily to support facial recognition programs. Documents show the agency spied on European Union representatives, German ministries, and even Chancellor Angela Merkel's cellphones since the 1990s. A dedicated unit locates targets for extrajudicial assassinations in the Middle East by providing intelligence to the CIA.
When was the National Security Agency officially created?
Secretary of Defense Robert A. Lovett issued a November 4 memo that officially created the National Security Agency by changing the name from AFSA in 1952. President Harry S. Truman issued a classified memorandum on the 24th of October 1952 to establish the agency without public knowledge.
What is the history of the Black Chamber led by Herbert O. Yardley?
The Cable and Telegraph Section formed on the 28th of April 1917 under Herbert O. Yardley before becoming the Code Compilation Company known as the Black Chamber. This organization broke diplomatic communications from nations like Japan until Secretary of State Henry L. Stimson shut down the operation in 1929.
How much data did Boundless Informant collect during the Snowden revelations?
Between February 8 and March 8 of 2013, the Boundless Informant tool collected approximately 124.8 billion telephone data items and 97.1 billion computer data items worldwide. Edward Snowden revealed these figures in June 2013 when he leaked internal documents about massive global spying operations.
Where are the main facilities for the National Security Agency located?
Fort Meade headquarters opened its nine-story building in 1963 and contains over 1,300 buildings covering more than sixty-eight acres of floor space. Additional facilities include the Utah Data Center at Camp Williams completed in May 2019 and stations in countries such as Germany, Japan, Australia, New Zealand, Thailand, and Taiwan.
What encryption vulnerabilities did the NSA insert into Dual EC DRBG standards?
Documents show that the NSA pushed adoption of Dual EC DRBG encryption standard containing built-in vulnerabilities to NIST and ISO organizations in 2006. Linus Torvalds confirmed that the agency inserted backdoors into the Linux kernel despite his earlier jokes about the issue.
Following terrorist attacks on the 11th of September 2001, the NSA created new IT systems to handle information from emerging technologies like the Internet and cell phones. The ThinThread program included advanced data mining with encryption requiring warrants for decryption. Michael Hayden chose Trailblazer instead, which lacked ThinThread's privacy mechanisms when it ramped up in 2002. Science Applications International Corporation, Boeing, IBM, and Litton Industries worked on this project until Congress canceled it in early 2004 due to bureaucratic failures. Turbulence emerged as a smaller test piece with offensive cyber-warfare capabilities including malware injection into remote computers. Congress criticized Turbulence in 2007 for similar problems. President George W. Bush signed authorization for mass surveillance of Internet records on the 11th of March 2004, overriding laws like the Foreign Intelligence Surveillance Act. The Highlander Project conducted by the U.S. Army 513th Military Intelligence Brigade intercepted citizen conversations through ground, airborne, and satellite monitoring stations. Attorney General John Ashcroft and Acting Attorney General James Comey threatened resignation over constitutional concerns about these programs before they continued. The PRISM program began in 2007, collecting communications from nine major providers including Microsoft, Google, Facebook, Yahoo, Skype, YouTube, AOL, PalTalk, and Apple. Former NSA director Keith Alexander claimed the agency prevented terrorist attacks using this data, though no evidence has been presented demonstrating such prevention.
The Snowden Revelations
Edward Snowden leaked internal documents beginning in June 2013 that revealed massive global spying operations. Between February 8 and the 8th of March 2013, the Boundless Informant tool collected approximately 124.8 billion telephone data items and 97.1 billion computer data items worldwide. A secret memo uncovered in 2013 showed the NSA created Dual EC DRBG encryption standards with built-in vulnerabilities in 2006. XKeyscore rules tracked users of privacy tools including Tor networks and Linux Journal readers. Linus Torvalds joked during a the 18th of September 2013 keynote that the NSA wanted backdoors in the Linux kernel. Documents revealed the Tailored Access Operations division accidentally caused Syria's internet blackout in 2012 through hacking errors. The FASCIA database stores trillions of device-location records collected over seven months, containing more than 27 terabytes of location data. After Snowden's revelations, the NSA instituted a two-man rule requiring two system administrators to access sensitive information. Polygraph testing frequency increased from once every five years to quarterly for employees following his disclosure. The U.S. Court of Appeals ruled the surveillance program unlawful on the 4th of September 2020, stating intelligence leaders were not telling the truth about its legality.
Cryptographic Controversies
The NSA pushed adoption of Dual EC DRBG encryption standard containing built-in vulnerabilities in 2006 to NIST and ISO organizations. Microsoft Research cryptographers had previously speculated about such weaknesses before documents confirmed them. IBM Notes software used public key cryptography until laws changed in 2000 allowing export of versions with stronger keys. A 1997 agreement let Lotus export versions supporting 64-bit keys where 24 bits remained encrypted by special keys for NSA workload reduction. This strengthened protection against private-sector espionage but left users vulnerable to government spying. Linus Torvalds revealed during a LinuxCon keynote that the NSA actually did insert backdoors into the kernel despite his earlier jokes. Documents show Tailored Access Operations intercepts routers and servers being shipped to targeted organizations, installing covert firmware before delivery. A physical device called Cottonmouth inserts at USB ports to establish remote access to modified computers. These operations allow the agency to load exploit software onto machines while relaying commands between hardware and software implants. An NSA manager described these prepositioned access points as some of the most productive operations in TAO because they create entry points into hard target networks worldwide.
Infrastructure And Facilities
Fort Meade headquarters opened its nine-story building in 1963 after construction began following late-1950s occupation. The complex contains 1,300 buildings covering more than sixty-eight acres of floor space with over 100 watchposts manned by armed police. The OPS2A building stands eleven stories tall shaped like a dark glass Rubik's Cube housing much of the Operations Directorate. Employees live throughout Maryland communities including Annapolis, Baltimore, Columbia, and Washington D.C. areas. The facility includes a cafeteria, credit union, airline ticket counters, barbershop, bank, post office, fire department, and police force. In 2007, NSA consumed 65 to 75 megawatts of electricity matching usage levels of Annapolis, making it Baltimore Gas & Electric's largest customer. By 2011, the agency became Maryland's biggest power consumer. Site M groundbreaking occurred at Fort Meade in May 2013 for a High-Performance Computing Center costing $3.2 billion with 14 administrative buildings and 10 parking garages. This center uses 60 megawatts initially but has a 150-megawatt substation supporting future expansion through 2030. Additional facilities include Utah Data Center at Camp Williams south of Salt Lake City completed in May 2019 after construction began the 6th of January 2011. Other locations span from Friendship Annex in Linthicum to stations in Colorado, Texas, Georgia, Hawaii, Tennessee, Pennsylvania, California, West Virginia, Germany, Japan, Australia, New Zealand, Thailand, and Taiwan.