Documents

GCHQ – Mobile Networks in My NOC World (2011)

Dec. 13, 2014

1/22
Download
Page 1 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 Mobile Networks in World Head of GCHQ NAC This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Mobile Networks in World Head of GCHQ NAC This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 2 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 What is a MyNOC ? • MyNOC – My Network Operations Centre – A Space – A Concept This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 What is a MyNOC ? • MyNOC – My Network Operations Centre – A Space – A Concept This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 3 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 A Space • • • • • • • • • • • Analyst Desktop X 10 Un-attributable internet X 10 JTRIG Desktop HIGHNOTE – CNE Toolsuite COPPERHEAD – CNE Attack box NEXUS (BSS Desktop) CADDIS (SIS Desktop) NRT Tipping Display 65” VTC/Collaborative Monitor and Projector Virtual Whiteboarding tool and Whiteboard Secure telpehony / storage This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 A Space • • • • • • • • • • • Analyst Desktop X 10 Un-attributable internet X 10 JTRIG Desktop HIGHNOTE – CNE Toolsuite COPPERHEAD – CNE Attack box NEXUS (BSS Desktop) CADDIS (SIS Desktop) NRT Tipping Display 65” VTC/Collaborative Monitor and Projector Virtual Whiteboarding tool and Whiteboard Secure telpehony / storage This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
Page 4 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 A Space This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 A Space This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
Page 5 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 Interlopers in A Space This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on exemption under ot her UK information
TOP SECRET STRAP 2 Interlopers in A Space This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on exemption under ot her UK information
Page 6 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 A Concept • Collaboration environment bringing together capability from across GCHQ. • Appropriate resources identified / Appropriate prioritisation • Formalised planning process – – – – Clear Focused objectives Selection of Operations Manager Preparation Review • Assessment and feasibility • Professional Operations Manager – Ensure operation is focused on stated objectives – Ensures operation is legal – Protects information equities This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 A Concept • Collaboration environment bringing together capability from across GCHQ. • Appropriate resources identified / Appropriate prioritisation • Formalised planning process – – – – Clear Focused objectives Selection of Operations Manager Preparation Review • Assessment and feasibility • Professional Operations Manager – Ensure operation is focused on stated objectives – Ensures operation is legal – Protects information equities This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 7 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 MyNOC & NAC • NAC tasked with development of “greater good” capability in Mobile/Mobile Internet environment. • Due to lack of progress decision made to sponsor three MyNOC events: – OP WYLEKEY – Exploitation of International Mobile Billing Clearing Houses – OP SOCIALIST – Exploitation of GRX Operator – OP INTERACTION – Development of in-depth knowledge of Mobile Gateways. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 MyNOC & NAC • NAC tasked with development of “greater good” capability in Mobile/Mobile Internet environment. • Due to lack of progress decision made to sponsor three MyNOC events: – OP WYLEKEY – Exploitation of International Mobile Billing Clearing Houses – OP SOCIALIST – Exploitation of GRX Operator – OP INTERACTION – Development of in-depth knowledge of Mobile Gateways. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
Page 8 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 MyNOC Team assemble • Operations Manager • Network Analysts ( NAC Cheltenham, NAC Bude & NAC Cyprus) • Dataminer (GTAC) • Open Source Specialist • JTRIG Analysts (Cheltenham & Bude) • CNE Operators (Cheltenham CNE & Scarborough CNE) • VPN Expert (Crypt SD) • EREPO Expert (CNE) • Protocol Analyst (GTE) • Production Tasking Co-ordinator (PTC) • Trainee Ops Managers This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 MyNOC Team assemble • Operations Manager • Network Analysts ( NAC Cheltenham, NAC Bude & NAC Cyprus) • Dataminer (GTAC) • Open Source Specialist • JTRIG Analysts (Cheltenham & Bude) • CNE Operators (Cheltenham CNE & Scarborough CNE) • VPN Expert (Crypt SD) • EREPO Expert (CNE) • Protocol Analyst (GTE) • Production Tasking Co-ordinator (PTC) • Trainee Ops Managers This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
Page 9 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 One Month Later – OP SOCIALIST • Scoping session conducted – main focus to be on enabling CNE access to BELGACOM GRX Operator • Ultimate Goal – enable CNE access to BELGACOM Core GRX Routers from which we can undertake MiTM operations against targets roaming using Smart Phones. • Secondary focus – breadth of knowledge on GRX Operators • Operations Manager assigned, team assembles This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 One Month Later – OP SOCIALIST • Scoping session conducted – main focus to be on enabling CNE access to BELGACOM GRX Operator • Ultimate Goal – enable CNE access to BELGACOM Core GRX Routers from which we can undertake MiTM operations against targets roaming using Smart Phones. • Secondary focus – breadth of knowledge on GRX Operators • Operations Manager assigned, team assembles This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 10 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 Preparation work • Identified static web gateways and IP range used by engineers and tasked for QUANTUM operations • Identification and tasking of optimal bearers • TDI data mining identified potential for exploitation of LinkedIn as a vector for QI – QI capability developed for LinkedIn • WOODCUTTER logs analysed for usage by BELGACOM. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Preparation work • Identified static web gateways and IP range used by engineers and tasked for QUANTUM operations • Identification and tasking of optimal bearers • TDI data mining identified potential for exploitation of LinkedIn as a vector for QI – QI capability developed for LinkedIn • WOODCUTTER logs analysed for usage by BELGACOM. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 11 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 MyNOC Focus • Expand collection and capability to enable better exploitation of Belgacom. • Identify key staff at BICS, and selectors used by these individuals for QI. • Map the network to better understand the Belgacom Infrastructure. • Investigate VPN links from BICS to other telecoms providers. • Investigate the vulnerability of the MyBICS Reporting Tool. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 MyNOC Focus • Expand collection and capability to enable better exploitation of Belgacom. • Identify key staff at BICS, and selectors used by these individuals for QI. • Map the network to better understand the Belgacom Infrastructure. • Investigate VPN links from BICS to other telecoms providers. • Investigate the vulnerability of the MyBICS Reporting Tool. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
Page 12 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 Infrastructure This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Infrastructure This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 13 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
TOP SECRET STRAP 2 This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ o
Page 14 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 Key BELGACOM staff • Identify Belgacom employees – NOC staff – In areas related to maintenance or security • Selectors to enable QUANTUM targeting – Use of LinkedIn noted – Use of Slashdot.org noted • MUTANT BROTH used to identify TDI/Selectors coming from identified range/proxy • QI capability enhanced to allow shots on LinkedIn • QI capability enhanced to allow ‘white listing’ when shooting on proxy This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Key BELGACOM staff • Identify Belgacom employees – NOC staff – In areas related to maintenance or security • Selectors to enable QUANTUM targeting – Use of LinkedIn noted – Use of Slashdot.org noted • MUTANT BROTH used to identify TDI/Selectors coming from identified range/proxy • QI capability enhanced to allow shots on LinkedIn • QI capability enhanced to allow ‘white listing’ when shooting on proxy This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 15 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 NOC IP range search in MUTANT BROTH This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 NOC IP range search in MUTANT BROTH This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 16 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 NOC IP range – Target identifiers for QUANTUM INSERT This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 NOC IP range – Target identifiers for QUANTUM INSERT This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 17 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 Real-time picmre of QI
TOP SECRET STRAP 2 Real-time picmre of QI
Page 18 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 GTAC effort • • • • • • • • • • IR21 extractions Website research – domains visited from target gateway IPs TDI harvesting Identified owners of TDIs / finding new potential targets Identified the FTP service User agent analysis Laptop identification Mail server analysis SSL research GRX analysis This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on exemption under ot her UK information
TOP SECRET STRAP 2 GTAC effort • • • • • • • • • • IR21 extractions Website research – domains visited from target gateway IPs TDI harvesting Identified owners of TDIs / finding new potential targets Identified the FTP service User agent analysis Laptop identification Mail server analysis SSL research GRX analysis This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on exemption under ot her UK information
Page 19 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 What MyNOC Priority gets you • • • • • • Dedicated resources Priority tasking of access Priority utilisation of CNE Operator resources Priority utilisation of CNE Developer resources Priority use of enabling community (GTE, GTAC, JTRIG) Priority time of legalities bodies This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on exemption under ot her UK information
TOP SECRET STRAP 2 What MyNOC Priority gets you • • • • • • Dedicated resources Priority tasking of access Priority utilisation of CNE Operator resources Priority utilisation of CNE Developer resources Priority use of enabling community (GTE, GTAC, JTRIG) Priority time of legalities bodies This information is exempt from disclosure under t legislation. Refer disclosure requests to GCHQ on exemption under ot her UK information
Page 20 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 OP SOCIALIST Outcome • In MyNOC: – CNE Access to BELGACOM – MERION ZETA – 6 endpoints into Engineer/support staff IP range – 2 endpoints into BELGACOM DMZ (from prep VA work) – Optimal Bearers identified providing good access to BELGACOM proxy. • Post MyNOC: – Optimal Bearers continue to allow QI against BELGACOM engineers/proxy – Internal CNE access continues to expand – getting close to access core GRX Routers – currently on hosts with access – NAC continue to support with Network Analysis of internal networks, network understanding research on credentials and identification of engineers/system administrators and their specific roles. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 OP SOCIALIST Outcome • In MyNOC: – CNE Access to BELGACOM – MERION ZETA – 6 endpoints into Engineer/support staff IP range – 2 endpoints into BELGACOM DMZ (from prep VA work) – Optimal Bearers identified providing good access to BELGACOM proxy. • Post MyNOC: – Optimal Bearers continue to allow QI against BELGACOM engineers/proxy – Internal CNE access continues to expand – getting close to access core GRX Routers – currently on hosts with access – NAC continue to support with Network Analysis of internal networks, network understanding research on credentials and identification of engineers/system administrators and their specific roles. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 21 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 MyNOC leave behinds for NAC • • • • • • • • • Focused working in small groups Regular Brainstorming sessions Professional Operational Management Network becomes Target – Target approach to Network Problems Awareness of JTRIG and Open-source information specialist capabilities and how they can support Network Analysis. Steerage of access for Network Analysis gain Closer working between NAC and CNE Joint working between NACs More NAC MyNOC/Focus efforts to come…. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 MyNOC leave behinds for NAC • • • • • • • • • Focused working in small groups Regular Brainstorming sessions Professional Operational Management Network becomes Target – Target approach to Network Problems Awareness of JTRIG and Open-source information specialist capabilities and how they can support Network Analysis. Steerage of access for Network Analysis gain Closer working between NAC and CNE Joint working between NACs More NAC MyNOC/Focus efforts to come…. This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
Page 22 from GCHQ – Mobile Networks in My NOC World (2011)
TOP SECRET STRAP 2 Questions ? This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on
TOP SECRET STRAP 2 Questions ? This information is exempt from disclosure under the Freedom of Information Act 2000 and may be subject to exemption under ot her UK information legislation. Refer disclosure requests to GCHQ on