This GCHQ research report dated 20 September 2011, cowritten by researchers at Heilbronn Institute for Mathematical Research based at the University of Bristol, concerns the use of data mining techniques to develop usable intelligence as well as the contradictions that arise from the use of algorithms to identify wrong doers, or potential wrong doers. The paper also provides a great deal of background information on GCHQ operations and the detailed discussion of network theory demonstrates the power of metadata collection: see the Boing Boing article Doxxing Sherlock, 2 February 2016.
This undated presentation from NSA’s UK-based Menwith Hill station describes the various uses of open source intelligence (OSINT) in computer network operations, including the monitoring of hacker forums and spotting opportunities for so-called “Fourth Party Collection”: see the Intercept article XKEYSCORE: NSA’s Google for the World’s Private Communications, 1 July 2015.
This 2010 NSA presentation describes Project Camberdada, an attempt to subvert popular antivirus software by means of surveilling email traffic: see the Intercept article Popular Security Software Came Under Relentless NSA and GCHQ Attacks, 22 June 2015.
This 2011 CSEC presentation describes how the agency analysed SNOWGLOBE, which it considered “to be a state-sponsored CNO effort, put forth by a French intelligence agency”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
This 7 January 2008 post from NSA Menwith Hill Station’s internal Horizon newsletter describes the practice of piggybacking on other states’ computer network exploitation operations: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
This CSEC presentation for a November 2010 conference outlines CSEC capabilities in the recognition of trojans and other “network based anomolies”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
This April 2012 training presentation produced by Navy Information Operations Command Maryland states that “the next major conflict will start in cyberspace”: see the Der Spiegel article The Digital Arms Race: NSA Preps America for Future Battle, 17 January 2015.
This document, produced by the NSA and the US military’s Joint Functional Component Command – Network Wardare, provides a briefing on, and classification guide to, the highly sensitive group of “core computer network operations secrets” codenamed SENTRY EAGLE: see the Intercept article Core Secrets: NSA Saboteurs in China and Germany, 10 October 2014.