kids encyclopedia robot

National Security Agency facts for kids

Kids Encyclopedia Facts
Quick facts for kids
National Security Agency
National Security Agency.svg
Seal of the National Security Agency
Flag of the U.S. National Security Agency.svg
Flag of the National Security Agency
National Security Agency headquarters, Fort Meade, Maryland.jpg
NSA headquarters in Fort Meade, Maryland, c. 1986
Agency overview
Formed November 4, 1952; 72 years ago (1952-11-04)
Preceding agency
  • Armed Forces Security Agency
Headquarters Fort Meade, Maryland, U.S.
39°6′32″N 76°46′17″W / 39.10889°N 76.77139°W / 39.10889; -76.77139
Motto "Defending Our Nation. Securing the Future."
Employees Classified (est. 30,000–40,000)
Annual budget Classified (estimated $10.8 billion, 2013)
Agency executives
  • General Timothy D. Haugh, USAF, Director
  • Wendy Noble, Deputy Director
Parent agency Department of Defense


The National Security Agency (NSA) is a special spy agency of the United States Department of Defense. It works under the Director of National Intelligence. The NSA's main job is to listen to, collect, and understand information from all over the world. This information helps the U.S. government with its foreign and domestic intelligence needs. They are experts in something called signals intelligence (SIGINT), which means they collect information by intercepting signals like phone calls and internet data.

The NSA also protects U.S. communication networks and computer systems. Most of their work is kept secret. The NSA has about 32,000 employees.

The NSA started during World War II as a group that broke secret codes. President Harry S. Truman officially created the NSA in 1952. For many years, it was the largest U.S. intelligence group. The NSA collects data from around the world. They have also been known to secretly place listening devices in electronic systems. The NSA works with the Central Intelligence Agency (CIA) in many countries. They have a secret team called the Special Collection Service. This team places listening devices in important places like embassies. Their methods can include "close surveillance, burglary, wiretapping, and breaking and entering."

Unlike the CIA, which focuses on human spies, the NSA does not publicly gather human intelligence. The NSA helps other government groups with signals intelligence. They have a partner organization called the Central Security Service (CSS). This group helps the NSA work with other U.S. defense code-breaking teams. The head of the NSA is also the leader of the United States Cyber Command.

The NSA's actions have sometimes caused arguments. For example, they spied on leaders who were against the Vietnam War. They also took part in economic espionage, which is spying on other countries' businesses. In 2013, a former NSA contractor named Edward Snowden revealed many of the NSA's secret surveillance programs. The leaked documents showed that the NSA collects and stores communications from over a billion people worldwide. This includes U.S. citizens. The documents also showed that the NSA tracks people's movements using cellphone data. In September 2020, a U.S. court ruled that the NSA's surveillance program was unlawful.

Contents

How the NSA Started

Early Days of Code Breaking

The NSA's story began on April 28, 1917. This was three weeks after the U.S. declared war on Germany in World War I. A special unit was created to break codes and ciphers. It was called the Cable and Telegraph Section, also known as the Cipher Bureau. This group was based in Washington, D.C. It was part of the war effort.

On July 5, 1917, Herbert O. Yardley became the head of this unit. At first, it was just Yardley and two clerks. In July 1918, it took over the Navy's code-breaking jobs. World War I ended on November 11, 1918. The army's code-breaking section moved to New York City in May 1919. It continued its work as the Code Compilation Company.

The Secret "Black Chamber"

Black Chamber cryptanalytic work sheet for solving Japanese diplomatic cipher, 1919 - National Cryptologic Museum - DSC07698
A secret worksheet from the Black Chamber, used to solve a Japanese diplomatic code in 1919.

After World War I, the U.S. government created the Cipher Bureau in 1919. It was also known as the Black Chamber. This was the first U.S. code-breaking group during peacetime. The Army and the State Department funded it together. The Cipher Bureau pretended to be a company that made and sold codes for businesses. But its real job was to break the secret communications of other countries. They mostly focused on diplomatic messages.

At the Washington Naval Conference, the Black Chamber helped American negotiators. They gave them secret messages from other countries, including Japan. The Black Chamber even convinced Western Union, a large telegram company, to secretly give them access to foreign embassy messages. But these companies later stopped helping the Black Chamber.

In 1929, U.S. Secretary of State Henry L. Stimson closed the Black Chamber. He famously said, "Gentlemen do not read each other's mail."

From World War II to the NSA

During World War II, a group called the Signal Intelligence Service (SIS) was formed. Its job was to intercept and break the codes of the Axis countries. After the war, the SIS became the United States Army Security Agency (ASA).

On May 20, 1949, all code-breaking activities were brought together. They formed a national organization called the Armed Forces Security Agency (AFSA). This group was part of the United States Department of Defense. The AFSA was supposed to manage all defense communication and electronic intelligence. However, the AFSA struggled to work with other civilian agencies like the Central Intelligence Agency (CIA).

In December 1951, President Harry S. Truman ordered a review of the AFSA. The review found problems. This led to the AFSA being reorganized and renamed the National Security Agency.

The United States National Security Council issued a memo on October 24, 1952. On the same day, President Truman signed another memo to create the NSA. The actual change happened on November 4, 1952. The Secretary of Defense, Robert A. Lovett, changed the AFSA's name to the NSA. The new agency became responsible for all communications intelligence. Because President Truman's memo was a secret document, the public did not know about the NSA at first. Due to its high secrecy, some people in the U.S. intelligence community called it "No Such Agency."

The Vietnam War and Spying

In the 1960s, the NSA played a big part in the Vietnam War. They provided information about a North Vietnamese attack on an American ship. This was during the Gulf of Tonkin incident.

The NSA also had a secret operation called "MINARET." This project monitored the phone calls of U.S. Senators and civil rights leaders. It also spied on journalists and athletes who spoke against the Vietnam War. An internal review by the NSA later said that the Minaret program was "disreputable if not outright illegal."

The NSA tried hard to secure communications for U.S. forces during the war. They developed the NESTOR secure voice systems. About 30,000 of these systems were used. But there were problems, and the North Vietnamese were sometimes able to listen in on U.S. communications.

Church Committee Hearings

After the Watergate scandal, a special group in Congress held hearings in 1975. Senator Frank Church led these hearings. They found out that the NSA had been secretly listening to international calls. They spied on people who were against the Vietnam War. The NSA kept track of these people in a secret filing system. This system was destroyed in 1974.

The investigation also found that the NSA had wiretapped U.S. citizens. After these hearings, the Foreign Intelligence Surveillance Act of 1978 was passed. This law was made to limit mass surveillance in the United States.

From the 1980s to the 1990s

In 1986, the NSA intercepted messages from the Libyan government. This happened after a bombing in Berlin. The White House said the NSA found "irrefutable" proof that Libya was behind the bombing. President Ronald Reagan used this as a reason to bomb Libya in 1986.

In 1999, a European Parliament investigation looked into the NSA's role in spying on businesses. That year, the NSA started the NSA Hall of Honor. This is a memorial at the National Cryptologic Museum in Fort Meade, Maryland. It honors "pioneers and heroes" who helped American code-breaking.

In the 1990s, the NSA's computer systems had problems. Budget cuts meant less money for maintenance. On January 24, 2000, the NSA headquarters had a total network outage for three days. This was caused by an overloaded network. The agency spent $3 million to fix it. The director called it a "wake-up call."

After the September 11 attacks in 2001, the NSA greatly expanded its surveillance. They believed they had public support for this.

The War on Terror

After the September 11 attacks, the NSA created new computer systems. These systems helped them handle the huge amount of information from the internet and cellphones. One program, ThinThread, had advanced data mining tools. It also had a "privacy mechanism." This meant surveillance data was encrypted. It could only be decrypted with a warrant. However, ThinThread was canceled.

Another project, Trailblazer, started in 2002. Several big companies worked on it. Some NSA employees warned about major problems with Trailblazer. It was canceled in early 2004.

Turbulence started in 2005. It was built in smaller parts. It also included ways to attack computer networks, like putting malware on remote computers. Congress criticized Turbulence in 2007 for having problems similar to Trailblazer.

Global Surveillance Secrets Revealed

The huge amount of spying by the NSA was revealed to the public starting in June 2013. This happened through detailed documents leaked by former NSA contractor Edward Snowden. On September 4, 2020, a U.S. court ruled that the NSA's surveillance program was unlawful. The court also said that U.S. intelligence leaders had not been truthful when they defended the program.

What the NSA Does

The NSA's main job is to listen in on communications. This includes radio broadcasts, internet traffic, and phone calls. Their other main job is to secure U.S. government communications. This means keeping military, diplomatic, and other secret government messages safe.

In 2010, The Washington Post reported that NSA systems intercept and store 1.7 billion emails and phone calls every day. The NSA sorts a small part of this into 70 different databases.

Because they listen to so much, the NSA is very involved in code-breaking research. They continue the work of older agencies that broke many codes during World War II.

In 2008, the NSA became the main agency to protect all federal government computer networks from cyber-terrorism. The NSA also helps the United States Department of Defense.

How the NSA Operates

The NSA's operations can be divided into three main types:

  • Collecting information from other countries. This is done by the Global Access Operations (GAO) division.
  • Collecting information inside the U.S. This is done by the Special Source Operations (SSO) division.
  • Hacking computers and networks. This is done by the Tailored Access Operations (TAO) division.

Collecting Information Overseas

The ECHELON System

The "Echelon" system was created during the Cold War. It is now an older system, and some NSA stations are closing.

The NSA, along with spy agencies from the United Kingdom, Canada, Australia, and New Zealand, worked together on the ECHELON system. This group is known as the UKUSA group. Echelon was thought to be able to monitor a large part of the world's phone, fax, and data traffic.

In the early 1970s, large satellite dishes were installed at Menwith Hill in the UK. In 1999, the BBC reported that the Australian Government confirmed Echelon existed. They said it could "eavesdrop on every single phone call, fax or e-mail, anywhere on the planet." Britain and the United States were the main users. Menwith Hill was "linked directly to the headquarters of the US National Security Agency (NSA) at Fort Meade in Maryland."

Berlin 2013 PRISM Demo
Protesters in Berlin against NSA data mining, wearing masks of Chelsea Manning and Edward Snowden.

U.S. rules strictly forbid the NSA from collecting information about U.S. citizens or companies without legal permission. This permission must come from the United States Attorney General or a special court. Some people criticized Echelon for being used for things other than national security, like spying on businesses.

Other Overseas Spying

To help its facial recognition program, the NSA intercepts "millions of images per day."

The Real Time Regional Gateway was a data collection program started in Iraq in 2005. It collected all electronic communication, stored it, and then analyzed it. This "collect it all" method helped find Iraqi insurgents. Many believe this method is now used for worldwide mass collection of communications.

A special NSA unit finds targets for the CIA for secret killings in the Middle East. The NSA has also spied on the European Union, the United Nations, and many governments, including allies.

In June 2015, WikiLeaks showed documents proving the NSA spied on French companies. In July 2015, WikiLeaks also showed that the NSA spied on German government ministries since the 1990s. Even German Chancellor Angela Merkel's phones were intercepted.

Boundless Informant

Edward Snowden revealed in June 2013 that the NSA collected a huge amount of phone and computer data. Between February 8 and March 8, 2013, they collected about 124.8 billion phone data items and 97.1 billion computer data items worldwide. This was shown in charts from an NSA tool called Boundless Informant. It was first thought that some of this data was from spying on citizens in Europe. But later, it became clear that European agencies collected this data during military missions and shared it with the NSA.

Getting Around Encryption

In 2013, reporters found a secret memo. It claimed the NSA created and promoted an encryption standard called Dual EC DRBG in 2006. This standard had secret weaknesses built in. This supports earlier ideas that the NSA might have put "backdoors" into encryption. Edward Snowden says the NSA often gets information before it's encrypted or after it's decrypted.

Secret rules from an NSA program called XKeyscore show that the NSA tracks users of privacy tools. This includes Tor, an anonymous email service, and readers of Linux Journal.

Software Backdoors

Linus Torvalds, the creator of Linux kernel, joked that the NSA wanted a backdoor in the kernel. Later, Linus's father, a politician, said that the NSA actually did try to do this.

IBM Notes was one of the first software products to use public key encryption. Until 2000, U.S. laws limited how strong encryption could be when exported. In 1997, IBM made a deal with the NSA. This allowed them to export stronger encryption. But 24 bits of the encryption key were hidden with a special key. This key helped the NSA to decrypt messages. This made users outside the U.S. safer from business spies, but not from the U.S. government.

Boomerang Routing

Sometimes, internet traffic that starts and ends in one country travels through another country. This is called boomerang routing. Research suggests that about 25% of Canadian internet traffic might be spied on by the NSA because of this.

Secret Hardware Implants

NSA employees carefully open intercepted packages.
A "load station" used to implant a tracking device.

A document from Glenn Greenwald's book No Place to Hide shows how the NSA gets into computer hardware. The NSA's Tailored Access Operations (TAO) unit intercepts routers, servers, and other network equipment. They install secret software onto these devices before they are delivered. An NSA manager called this "some of the most productive operations" because they create secret ways to access networks around the world.

Computers seized by the NSA are often changed with a physical device called Cottonmouth. This device can be put into a USB port. It allows the NSA to access the computer remotely. After Cottonmouth is installed, the NSA can put special software onto the computer. This lets them send commands and get data from the device.

Collecting Information Inside the U.S.

The NSA's job is to collect "foreign intelligence or counterintelligence." They are not supposed to collect information about U.S. citizens' activities. The NSA says it relies on the FBI to collect information about foreign intelligence activities within the U.S. The NSA's own activities inside the U.S. are limited to foreign embassies.

A claim about a 'Domestic Surveillance Directorate' of the NSA was later shown to be false.

The NSA's activities inside the U.S. are limited by the Fourth Amendment. This amendment protects people from unreasonable searches. A special court, the Foreign Intelligence Surveillance Court, said in 2011 that the Fourth Amendment protects all private communications. However, these protections do not apply to people who are not U.S. citizens and are outside the U.S. So, the NSA has fewer limits on its foreign surveillance.

President's Surveillance Program

President George W. Bush approved the Patriot Act after the 9/11 attacks. This act allowed new anti-terrorist security measures. Parts of the Patriot Act gave the NSA more power for domestic surveillance. In 2004, there was a debate about whether the NSA's programs were constitutional. Some officials threatened to resign, but the programs continued. President Bush then allowed mass surveillance of internet and phone records. This allowed him to override laws like the Foreign Intelligence Surveillance Act.

One program, the Highlander Project, collected phone conversations from U.S. citizens. Supporters of these programs said the President had the power to order such actions. They argued that the President's powers could override laws like FISA.

The PRISM Program

Prism-slide-8
PRISM: a secret program where the NSA collects user data from companies like Microsoft and Facebook.

The PRISM program started in 2007. Under PRISM, the NSA collects internet communications from foreign targets. They get this data from nine major U.S. internet companies. These include Microsoft, Yahoo, Google, Facebook, and Apple. The data collected includes emails, videos, photos, and chats.

Former NSA director General Keith Alexander claimed that in September 2009, the NSA prevented a terrorist attack. However, this claim has been questioned. No clear proof has been shown that the NSA was key in stopping a terrorist attack.

Hacking Operations

Besides listening in, the NSA also hacks computers, smartphones, and their networks. The Tailored Access Operations (TAO) division does these hacking operations. This division has been active since at least 1998.

According to Foreign Policy magazine, TAO has successfully gotten into Chinese computer systems for almost 15 years. This has given them very good information about what is happening in China.

In an interview, Edward Snowden said that the TAO division accidentally caused Syria's internet blackout in 2012.

How the NSA is Organized

Gen Timothy D. Haugh
Timothy D. Haugh, the current director of the NSA.

The NSA is led by the Director of the National Security Agency (DIRNSA). This person is also the head of the Central Security Service (CHCSS) and the United States Cyber Command (USCYBERCOM). The Director is the highest-ranking military official in these groups. A Deputy Director helps the Director. This person is the highest-ranking civilian in the NSA.

The NSA also has an Inspector General and a General Counsel. Unlike other spy agencies, the NSA has always been very secret about its internal structure.

In the mid-1990s, the NSA had five main Directorates:

  • The Operations Directorate: collected and processed signals intelligence.
  • The Technology and Systems Directorate: developed new technologies.
  • The Information Systems Security Directorate: handled NSA's communication and information security.
  • The Plans, Policy and Programs Directorate: provided support and direction.
  • The Support Services Directorate: handled logistics and administration.

Each of these had different groups. For example, the A Group worked on operations against the Soviet Union.

NSA's Secret Network: NSANet

Intel GreenDoor
A secure room with computer terminals for accessing secret networks like NSANet.

NSANet stands for National Security Agency Network. It is the NSA's official internal computer network. It is a highly secret network for sharing intelligence data. This data can be up to the level of Top Secret/Sensitive Compartmented Information. It supports sharing information between the NSA and its partners in the Five Eyes alliance.

NSANet is a very secure network. It uses fiber-optic cables and satellites. It is almost completely separate from the public internet. This network allows NSA staff and intelligence analysts around the world to access the agency's systems. Access is tightly controlled. Every keystroke is recorded. Activities are checked randomly. Printing documents from NSANet is also recorded.

In 1998, NSANet had problems with searching for information. In 2004, it used over twenty different computer operating systems. Some universities doing very sensitive research are allowed to connect to it.

Thousands of secret NSA documents were taken by Edward Snowden in 2013. These documents were stored on "a file-sharing location on the NSA's intranet site." This meant NSA staff could easily read them online. As a system administrator, Snowden was responsible for moving sensitive documents to safer places.

NSA Police

The NSA has its own police force, called the NSA Police. They provide law enforcement, emergency response, and physical security for NSA staff and property.

NSA Police officers are armed federal officers. They have a K9 (dog) division. These dogs usually check mail, vehicles, and cargo for explosives before they enter NSA grounds. NSA Police use marked vehicles for patrols.

NSA Employees

The exact number of NSA employees is secret. But estimates suggest it's between 30,000 and 40,000 people. In 1969, the NSA had 93,067 military and civilian employees. About 19,300 worked at the headquarters. In 2012, the NSA said over 30,000 employees worked at Fort Meade and other places. The deputy director joked that the NSA is "probably the biggest employer of introverts." The NSA is also said to be the world's largest employer of mathematicians.

About 1,000 system administrators work for the NSA.

Employee Security

The NSA faced criticism in 1960 after two agents went to the Soviet Union. Investigations found serious problems with security rules. This led to stricter security practices. But security problems happened again. In 1963, a former NSA employee published secret code-breaking information.

After Edward Snowden leaked information in 2013, the NSA started a "two-man rule." This means two system administrators must be present when someone accesses sensitive information. Snowden claims he suggested such a rule in 2009.

Polygraph Tests

The NSA uses polygraph (lie detector) tests for employees. For new employees, the tests try to find enemy spies or information that could make an applicant easy to control. The NSA also does polygraph tests every five years for current employees. These tests focus on counterintelligence. They also do special polygraph tests for employees who want to work in very sensitive areas. The NSA says an average test takes two to four hours.

A 1983 report said that the NSA uses polygraphs not just to find lies, but to encourage people to admit things. In 2010, the NSA made a video called "The Truth About the Polygraph." It showed people talking about what they heard about the test, suggesting it wasn't true. But critics say the video leaves out some information.

After Edward Snowden revealed his identity in 2013, the NSA reportedly started requiring polygraph tests for employees once every three months.

Firing Employees

The NSA director has the power to fire any employee at any time. This has been criticized as being unfair. In 1964, The Washington Post said this power meant an employee could be fired "on the basis of anonymous allegations without the slightest opportunity to defend himself." But Congress still approved the bill. Also, most new hires in the U.S. are reported to a special registry. But employees of intelligence agencies can be excluded if the director thinks it's needed for national security.

NSA Buildings

Headquarters

History of the Headquarters

NSA-Fort Meade-1950
The NSA headquarters at Fort Meade around the 1950s.

When the NSA first started, its headquarters were in Washington, D.C. The code-breaking functions were in Arlington Hall in Virginia. Because of concerns about a nuclear attack and crowded buildings, the government wanted to move some agencies. Fort Meade, Maryland, was chosen for the NSA headquarters. It was far enough from Washington, D.C., but close enough so employees wouldn't have to move their families.

New buildings were built after the agency moved to Fort Meade in the late 1950s. In 1963, a new nine-story headquarters building opened. NSA workers called it the "Headquarters Building." Since management was on the top floor, workers referred to their leaders as "Ninth Floor." In September 1986, two new buildings, Operations 2A and 2B, opened. These buildings were covered with copper to prevent spying. The four NSA buildings became known as the "Big Four."

National Security Agency, 2013
The National Security Agency headquarters in Fort Meade in 2013.

The NSA headquarters is located at Fort George G. Meade, Maryland. It's about 20 miles (32 km) southwest of Baltimore and 25 miles (40 km) northeast of Washington, D.C. The NSA has two special exits off the Baltimore–Washington Parkway. One exit is open to the public and leads to the main campus and the National Cryptology Museum. The other exit is marked "NSA Employees Only" and is guarded.

The NSA is the largest employer in Maryland. Two-thirds of its staff work at Fort Meade. The site covers 350 acres (140 ha) and has 1,300 buildings and about 18,000 parking spaces.

NSA headquarters building in Fort Meade (left), NSOC (right)

The main NSA building is a "modern boxy structure." It looks like a stylish office building. It has dark glass that you can't see through from the outside. This glass is lined with copper to stop signals from getting in or out. The building has 3 million square feet (280,000 sqm) of floor space. The U.S. Capitol building could fit inside it four times over.

The facility has over 100 guard posts. The visitor control center is a two-story entrance. Here, visitors get badges, and employee security clearances are checked. The visitor center has a painting of the NSA seal.

The OPS2A building is the tallest in the NSA complex. It's where much of the agency's operations happen. It looks like a "dark glass Rubik's Cube." The facility also has a "red corridor" for non-security things like food and a drug store. The name comes from the "red badge" worn by people without a security clearance. The NSA headquarters has its own cafeteria, credit union, barbershop, bank, post office, fire department, and police force.

NSA employees live in various places around Baltimore and Washington, D.C. The NSA has a shuttle service from the Odenton train station to its Visitor Control Center.

Power Use

NeverSleeps 071310
The NSA uses a lot of electricity for data processing, making it Maryland's largest power consumer.

After a big power outage in 2000, reports in 2003 said the NSA was at risk of electrical overload. They didn't have enough power to support all their equipment. This problem was known in the 1990s but wasn't fixed. In 2006, The Baltimore Sun reported that the NSA had used up all the available electricity. The power company couldn't sell them any more. The NSA decided to move some operations to a new facility.

In 2007, the NSA used as much electricity as the entire city of Annapolis, Maryland. One estimate said the new Utah Data Center could use $40 million worth of power each year.

Computers

In 1995, The Baltimore Sun reported that the NSA owned the largest group of supercomputers.

In May 2013, the NSA started building its High Performance Computing Center 2 at Fort Meade. It was expected to open in 2016. This center has a large power substation, 14 administrative buildings, and 10 parking garages. It cost $3.2 billion and covers 227 acres (92 ha). The center is 1.8 million square feet (167,000 sqm) and uses 60 megawatts of electricity at first.

Other U.S. Facilities

Buckley AFB
Buckley Space Force Base in Colorado.
Utah Data Center Panorama (cropped)
The Utah Data Center.

As of 2012, the NSA collected intelligence from four geostationary satellites. They had satellite receivers in Pennsylvania and California. They also had many taps on U.S. telecom switches. The NSA had facilities in several U.S. states. From these, they observed communications from Europe, the Middle East, North Africa, Latin America, and Asia.

The NSA had facilities at Friendship Annex (FANX) in Maryland. They also had facilities at the Aerospace Data Facility-Colorado in Colorado, NSA Texas, NSA Georgia, NSA Hawaii, and the Multiprogram Research Facility in Tennessee.

On January 6, 2011, construction began on the NSA's first large data center. It is known as the "Utah Data Center." This $1.5 billion data center is being built at Camp Williams, Utah. It is 25 miles (40 km) south of Salt Lake City. It was expected to be ready by September 2013. Construction finished in May 2019.

In 2009, the NSA wanted to spread out its facilities to get more electricity. They planned to expand their existing sites in Fort Meade and Menwith Hill.

Many of the NSA's Echelon bases were using older technology from the 1990s. In 2004, the NSA closed its operations in Germany. In 2012, the NSA started moving some operations from Washington state to Colorado. As of 2013, the NSA also planned to close operations in West Virginia.

International Stations

Menwith-hill-radomes
RAF Menwith Hill in the United Kingdom has the largest NSA presence.

After the UKUSA Agreement was signed, NSA stations were built in other countries. These included the United Kingdom, Australia, Canada, Japan, and New Zealand.

The NSA operates RAF Menwith Hill in North Yorkshire, United Kingdom. In 2007, BBC News called it the largest electronic monitoring station in the world. It was planned in 1954 and opened in 1960. By 1999, the base covered 562 acres (227 ha).

The NSA's European Cryptologic Center (ECC) is in Germany. In 2011, it had 240 employees. The ECC is responsible for the "largest analysis and productivity in Europe." It focuses on Africa, Europe, the Middle East, and fighting terrorism.

In 2013, a new intelligence center was being built in Germany. The NSA would also use it. The head of the German foreign intelligence service confirmed their partnership with the NSA.

Thailand

Thailand is a "3rd party partner" of the NSA. This means they are non-English-speaking countries that have agreements to share secret intelligence.

Thailand has at least two U.S. intelligence collection stations. One is at the US Embassy in Bangkok. This is a joint NSA-CIA unit. It likely listens in on foreign embassies and government communications.

The second station is for intercepting foreign satellites. It's in the Thai city of Khon Kaen. It's called INDRA or LEMONWOOD. The station is about 40 hectares (100 acres) in size. It has a large operations building and four radome-covered parabolic antennas. Two antennas are likely for satellite interception, and two for sending the intercepted material back to the NSA.

The NSA started using Khon Kaen in October 1979. Its job was to listen to radio traffic from the Chinese army and air force in southern China. In the late 1970s, the base was small. It had a small antenna array controlled from Hawaii. It also had a few civilian contractors.

The INDRA facility was upgraded in 1986. This was part of a larger upgrade to spy on Vietnam, Laos, and Cambodia. The base seemed to fall apart in the 1990s as China and Vietnam became more friendly with the U.S. By 2002, satellite images showed the antenna had been taken down. But after 9/11, the Khon Kaen base was reactivated and expanded. It now includes a large satellite interception mission. The NSA presence at Khon Kaen is likely small, with most work done by civilian contractors.

Research and Development

The NSA has been involved in public policy debates. They advise other government departments. They also directly participated in debates about exporting encryption technology in the 1990s. Rules on exporting encryption were loosened in 1996.

The NSA's work on secure government communications involves many technology areas. This includes designing special computer hardware and software. They also make special computer chips and do advanced code-breaking research. For 50 years, the NSA designed most of its computer equipment itself. But from the 1990s to about 2003, they hired private companies for research and equipment.

Data Encryption Standard

Frostburg
FROSTBURG was the NSA's first supercomputer, used from 1991 to 1997.

The NSA was involved in creating the Data Encryption Standard (DES). This is a public encryption method used by the U.S. government and banks. During its development in the 1970s, the NSA suggested changes to the design. Some people suspected these changes weakened the encryption. They thought it might allow the NSA to listen in if needed. It was later found that the DES design was very strong against a type of attack that the NSA knew about but the public didn't.

Advanced Encryption Standard

The NSA's role in choosing the next encryption standard, the Advanced Encryption Standard (AES), was limited to testing its performance. The NSA later approved AES for protecting secret information in NSA-approved systems.

NSA Encryption Systems

STU-IIIphones.nsa
STU-III secure telephones on display at the National Cryptologic Museum.

The NSA is responsible for encryption in these older systems:

  • FNBDT Future Narrow Band Digital Terminal
  • KL-7 ADONIS off-line rotor encryption machine (used from after WWII to the 1980s)
  • KW-26 ROMULUS electronic teletypewriter encryptor (1960s–1980s)
  • KW-37 JASON fleet broadcast encryptor (1960s–1990s)
  • KY-57 VINSON tactical radio voice encryptor
  • KG-84 Dedicated Data Encryption/Decryption
  • STU-III secure telephone unit, replaced by the STE

The NSA also oversees encryption in systems used today:

  • EKMS Electronic Key Management System
  • Fortezza encryption using a portable crypto token
  • SINCGARS tactical radio with frequency hopping
  • STE secure terminal equipment
  • TACLANE products by General Dynamics C4 Systems

The NSA has set up Suite A and Suite B cryptographic algorithms. These are used in U.S. government systems. Suite B algorithms are for most information protection. Suite A algorithms are secret and for very high levels of protection.

SHA Hash Functions

The widely used SHA-1 and SHA-2 hash functions were designed by the NSA. SHA-1 was a small change to an older, weaker algorithm also designed by the NSA. The NSA said this change added security. Later, a weakness was found in the older algorithm that didn't affect SHA-1. Because of weaknesses in SHA-1, it is no longer recommended for digital signatures.

A new hash standard, SHA-3, was chosen in 2012. The process was similar to choosing AES. But some changes were made to the chosen algorithm, which raised doubts about its security.

Clipper Chip

The NSA was worried that strong encryption would make it hard to wiretap. So, in 1993, they suggested the idea of key escrow. They introduced the Clipper chip. This chip offered strong protection but allowed law enforcement to access encrypted data. The idea was strongly opposed and didn't go anywhere. However, the NSA's Fortezza encryption cards, made for the Clipper project, are still used in government. The NSA later made public the design of the Skipjack cipher used on these cards.

Dual EC DRBG Random Number Generator

The NSA promoted a random number generator called Dual EC DRBG in 2007. This led to ideas that it had a "backdoor" that would let the NSA access encrypted data. This is now thought to be true. Both the NIST and RSA now advise against using this random number generator.

Perfect Citizen

Perfect Citizen is an NSA program to check for weaknesses in U.S. critical infrastructure. It was reported to be a system of sensors to detect cyber attacks on computer networks. It is funded by a national cybersecurity plan.

Academic Research

The NSA has invested millions of dollars in academic research. They have sometimes tried to stop the publication of academic research on cryptography. For example, some encryption methods were held back at the NSA's request. In 2013, the NSA released a 643-page research paper. It was called "Untangling the Web: A Guide to Internet Research." It was written by NSA employees to help others search for information on the public internet.

Patents

The NSA can file for patents secretly. Unlike normal patents, these are not made public and do not expire. But if someone else applies for the same patent, the NSA's patent is revealed and granted to them.

One of the NSA's public patents describes a way to find the location of a computer on the internet. This is based on how long it takes for network connections to respond. The NSA is also said to use a similar technology called trilateralization. This allows real-time tracking of a person's location using cellphone tower data.

NSA Symbols and Memorials

National Security Agency.svg

The NSA's symbol has an eagle inside a circle. The eagle holds a key in its talons. The eagle stands for the agency's national mission. The shield on its chest has red and white bands, like the Great Seal of the United States. The key comes from the symbol of Saint Peter and stands for security.

When the NSA was created, it didn't have its own symbol. It used the Department of Defense's symbol. The NSA adopted its first symbol in 1963. The current NSA symbol has been used since 1965. The Director at the time ordered its creation.

The NSA's flag has the agency's seal on a light blue background.

They Served In Silence - National Cryptologic Museum - DSC07636
The National Cryptologic Memorial.

People working for the NSA have been in dangerous situations. The USS Liberty incident in 1967 and the USS Pueblo incident in 1968 are examples of losses during the Cold War.

The National Security Agency/Central Security Service Cryptologic Memorial honors and remembers the military and civilian personnel who died during these intelligence missions. It is made of black granite. It has 171 names carved into it as of 2013. It is located at NSA headquarters. Since 2001, the stories of those who died have been made public.

Legal and Privacy Questions

In the United States, there have been legal arguments about what information the NSA can collect and how much freedom it has. In 2015, the government made small changes to how it collects phone records. The surveillance programs were ruled unlawful in September 2020.

Wiretaps Without Warrants

On December 16, 2005, The New York Times reported something important. Under pressure from the White House, the NSA had been tapping phone calls made to people outside the country. They did this without getting warrants from a secret court. This was done to stop terrorism.

Edward Snowden's Revelations

Edward Snowden is a former American intelligence contractor. In 2013, he revealed secret programs by the NSA. He showed how the U.S. government was collecting huge amounts of personal communications. This included emails, phone locations, and web histories of American citizens. They did this without people knowing. Snowden said he released this information because he feared a "surveillance state." He believed that "the greatest danger to our freedom... comes from the reasonable fear of omniscient State powers."

In March 2014, General Martin Dempsey said that most of the documents Snowden took were about military capabilities. They were not about spying on domestic activities. In May 2014, former NSA director Keith Alexander said there was no exact way to count how many documents Snowden took. But he thought it might be over a million.

Other Surveillance Activities

In January 2006, a lawsuit was filed against President George W. Bush. It challenged the NSA's spying on people in the U.S. without warrants.

In August 2006, a U.S. judge ruled that the NSA's warrantless surveillance program was illegal. However, a higher court later overturned this decision.

In September 2008, the Electronic Frontier Foundation (EFF) filed a lawsuit against the NSA. They claimed the NSA had an "illegal and unconstitutional program of dragnet communications surveillance." This was based on information from a former AT&T employee.

Because of the USA Freedom Act passed in June 2015, the NSA had to shut down its bulk phone surveillance program. This happened on November 29, 2015. The USA Freedom Act stops the NSA from collecting phone data without a warrant for terrorism investigations. Now, the agency must ask telecom companies for records, which they keep for six months.

AT&T Internet Monitoring

In May 2008, Mark Klein, a former AT&T employee, said his company helped the NSA. He claimed AT&T installed special hardware to monitor network communications. This included traffic between U.S. citizens.

Data Mining

In 2008, it was reported that the NSA used its powerful computers to analyze "transactional" data. This data was collected from other government agencies.

An advisory group for the Obama administration suggested in 2013 that the government should regularly review its activities. This includes attacks that use unknown weaknesses in computer programs. A cybersecurity expert said in 2014 that the NSA had no warning about Heartbleed, a major computer security flaw.

Evidence Obtained Illegally

In August 2013, it was revealed that NSA intelligence was given to the Drug Enforcement Administration (DEA) and the Internal Revenue Service (IRS). This included wiretaps from both foreign and domestic sources. This information was illegally used to start criminal investigations of U.S. citizens. Law enforcement agents were told to hide how the investigations began. They had to pretend they found the evidence legally.

Obama Administration Actions

In 2009, the NSA accidentally intercepted communications from U.S. citizens, including a Congressman. The Justice Department believed this was unintentional. They worked to fix the problems.

Polls in June 2013 showed mixed feelings among Americans about the NSA's secret data collection. Some polls found that most Americans disapproved, while others found that most were in favor.

Section 215 Data Collection

On April 25, 2013, the NSA got a court order. It required Verizon to give the NSA phone call data every day for three months. This information included phone numbers, location data, call duration, and time. It did not include the content of the conversations. This order was based on a part of the Patriot Act.

In August 2013, new details about the NSA's data mining were revealed. Most emails going into or out of the U.S. were captured and analyzed for keywords. Emails that didn't match were deleted.

The usefulness of collecting so much data to prevent terrorist attacks is debated. Many studies say this system is not effective. One report found that the NSA "had no discernible impact on preventing acts of terrorism."

Supporters of the program say that while data alone can't prevent attacks, it helps "connect the dots." It can quickly link suspicious foreign numbers to domestic numbers. This helps tell the difference between suspicious activity and real threats. For example, the NSA director said that analyzing phone data after the Boston Marathon bombing helped show that rumors of another attack were false.

Many people argue that collecting this data is an illegal invasion of privacy. A U.S. judge, Richard J. Leon, said in 2013 that the program "likely violates the Constitution." He said, "I cannot imagine a more 'indiscriminate' and 'arbitrary invasion' than this systematic and high-tech collection and retention of personal data on virtually every single citizen."

On May 7, 2015, a U.S. court ruled that the NSA's program of collecting Americans' phone records in bulk was illegal. It said that the law did not clearly allow this. This ruling meant the program expired on June 1, 2015. The new law, the USA Freedom Act, allows the NSA to still access data. But now, the phone companies store the data themselves. This change did not affect other NSA methods, like Upstream collection. This is where the NSA collects data directly from the internet's main cables.

Under the Upstream collection program, the NSA paid telecom companies a lot of money to collect data. While companies like Google say they don't give "direct access" without a court order, the NSA had access to emails, phone calls, and cellular data. Now, telecom companies keep user data for at least 18 months and provide it to the NSA when asked. This ruling made it illegal for the NSA to store specific phone records in bulk.

Fourth Amendment Concerns

A declassified document showed that 17,835 phone lines were improperly monitored from 2006 to 2009. This violated rules. Only 11% of these lines met the legal standard for suspicion.

The NSA tracks the locations of hundreds of millions of cellphones every day. This allows them to map people's movements and relationships. The NSA has access to communications from Google, Microsoft, Facebook, Yahoo, YouTube, AOL, Skype, and Apple. They collect hundreds of millions of contact lists each year. They have also weakened much of the internet's encryption. This makes most encryption vulnerable to attacks.

In the U.S., the NSA collects and stores phone call data. This includes over 120 million Verizon subscribers. They also intercept huge amounts of internet communications. The government's legal argument was that all U.S. communications could be "relevant" to a terrorism investigation. The NSA also gives foreign intelligence to the DEA and IRS. These agencies use it to start criminal investigations. Agents are then told to "recreate" the investigation trail to make it look legal.

The NSA also spies on influential Muslims. They do this to get information that could be used to discredit them. These targets are not suspected of crimes. But they hold religious or political views that the NSA considers "radical."

A 2014 report said that 90% of people under surveillance in the U.S. are ordinary Americans. They are not the intended targets.

Congressional Oversight

The U.S. House and Senate Intelligence Committees oversee the NSA. Other members of Congress have been denied access to information about the agency. The United States Foreign Intelligence Surveillance Court, which regulates the NSA, says it cannot check how often the NSA breaks its own secret rules. It has been reported that the NSA violated its own data access rules thousands of times a year. Many of these violations involved large-scale data collection. Some NSA officers even used data to spy on people they were interested in. Most violations were reported by the NSA itself.

The NSA has "generally disregarded the special rules" for sharing U.S. citizen information. They illegally share it with other law enforcement agencies. A 2009 court opinion said that rules limiting data searches were "so frequently and systemically violated" that they never worked. In 2011, the same court noted that the amount of foreign internet data the NSA collected was "fundamentally different from what the court had been led to believe." Email contact lists (including U.S. citizens') are collected in foreign locations to get around U.S. laws.

Legal opinions on the NSA's bulk collection program differ. In December 2013, U.S. District Judge Richard Leon ruled that the program likely violates the Constitution. He called it "almost-Orwellian." He said, "I cannot imagine a more 'indiscriminate' and 'arbitrary invasion' than this systematic and high-tech collection and retention of personal data on virtually every single citizen."

Later that month, U.S. District Judge William Pauley ruled that the NSA's collection of phone records is legal and helpful in fighting terrorism. He said it was like a "wide net that could find and isolate gossamer contacts among suspected terrorists." He noted that similar data collection before 9/11 might have prevented the attack.

Official Responses

In March 2013, Senator Ron Wyden asked the Director of National Intelligence, James Clapper, if the NSA collected data on millions of Americans. Clapper replied, "No, sir. ... Not wittingly." This statement was questioned in June 2013 when details of the PRISM program were published. These showed that the NSA could access data from nine internet companies. Wyden said Clapper did not give a "straight answer." Clapper later said, "I responded in what I thought was the most truthful, or least untruthful manner."

NSA whistleblower Edward Snowden also revealed XKeyscore. This is a top-secret NSA program that allows the agency to search huge databases of "metadata as well as the content of emails and other internet activity." It can search by name, phone number, IP address, keywords, and more. XKeyscore "provides the technological capability... to target even US persons for extensive electronic surveillance without a warrant."

Regarding the need for these programs, General Alexander said in June 2013 that the NSA's data collection helped prevent 54 terrorist "events." He said it provided the first clue in almost all these cases. On July 31, NSA Deputy Director John Inglis admitted that these intercepts were not vital in stopping any terrorist attacks. But he said they were "close" to vital in finding and convicting four men who sent money to a terrorist group.

The U.S. government has tried to dismiss lawsuits against its surveillance. It has also given legal protection to internet companies that helped with domestic surveillance.

The U.S. military has blocked access to parts of The Guardian website for thousands of defense personnel. This happened across the country and in Afghanistan, the Middle East, and South Asia.

An October 2014 United Nations report said that mass surveillance by the U.S. and other countries violates international treaties. These treaties guarantee privacy rights.

Responsibility for Ransomware Attack

A computer exploit called EternalBlue was created by the NSA. It was used in the worldwide WannaCry ransomware attack in May 2017. This exploit had been leaked online by a hacking group a month before the attack. Many experts blamed the NSA for not telling others about the weakness. They also blamed the NSA for losing control of the EternalBlue tool. Edward Snowden said that if the NSA had "privately disclosed the flaw... when they found it, not when they lost it, [the attack] might not have happened."

Activities of Former Employees

A former NSA employee, David Evenden, left to work for a defense company in the United Arab Emirates. In 2015, he was asked to hack Qatar. This was to see if they were funding a terrorist group. He quit after learning his team hacked emails between a Qatari Sheikha and Michelle Obama. When he returned to the U.S., he reported his experiences to the FBI. This shows a trend of former NSA employees starting their own companies. They then work for countries like Turkey, Sudan, and Russia.

2021 Denmark-NSA Collaborative Surveillance

In May 2021, it was reported that the Danish Defence Intelligence Service worked with the NSA. They wiretapped other EU members and leaders. This caused a lot of anger among EU countries. They demanded explanations from the Danish and American governments.

See Also

Kids robot.svg In Spanish: Agencia de Seguridad Nacional para niños

  • Australian Signals Directorate (ASD) – Australia
  • GCHQ – United Kingdom
  • Ghidra (software)
  • Mass surveillance in the United Kingdom
  • National Intelligence Priorities Framework
  • Unit 8200—Israel's equivalent to the NSA
kids search engine
National Security Agency Facts for Kids. Kiddle Encyclopedia.