This page from GCHQ’s internal GCWiki, dated 24 April 2012 describes procedures for searching through financial data retained by the agency, and cites examples of some of its sources: see the Intercept article Airport Police Demanded An Activist’s Passwords. He Refused. Now He Faces Prison In The UK, 23 September 2017.
This CSE (then CSEC) presentation from 2012 describes the Canadian agency’s file download monitoring operation: see the Intercept article Canada Casts Global Surveillance Dragnet Over File Downloads, 28 January 2015.
This undated presentation from NSA’s Network Analysis Center describes agency techniques for overcoming Virtual Private Networks (VPNs): see the Der Spiegel story Prying Eyes: Inside the NSA’s War on Internet Security, 28 December 2014.
This undated NSA slide provides the locations of FORNSAT sites run by the agency and its Five Eyes partners worldwide: see the Der Spiegel article The NSA in Germany: Snowden’s Documents Available for Download, 18 June 2014.
This extract is taken from an undated dictionary produced by NSA Special Source Operations, providing glosses for several terms associated with MYSTIC operations. The name of one country has been redacted: see the Intercept article Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas, 19 May 2014.
This undated NSA Special Source Operations memo explains MYSTIC a collaboration between various US agencies that collects signals from telecoms networks by means of devices have been installed for ostenisbly “legitimate commercial services”: see the Intercept article Data Pirates of the Caribbean: The NSA Is Recording Every Cell Phone Call in the Bahamas, 19 May 2014.
Selected slides, some with speaking notes, drawn from a 2010 NSA presention, describe the aims of the agency’s operations against Chinese company Huawei: see the New York Times article N.S.A. Breached Chinese Servers Seen as Security Threat, 22 March 2014.