TAO ANT Catalogue

Audio readout of this entry.

Overview

The TAO ANT Catalogue is the most documented public-record artifact of NSA hardware-implant capability. The catalogue's leakage in December 2013 — approximately six months after the broader Snowden-disclosure cycle began — produced the public-record reconstruction of what the institutional NSA hardware-implant programme actually contained. The catalogue's product entries provide for each implant the institutional unit cost, the operational characteristics, the target platform, the deployment methodology, and the institutional point-of-contact within the ANT division. The scale of the documented programme — approximately fifty implant products, covering substantially every major commercial network-equipment manufacturer (Dell, HP, Cisco, Juniper, Huawei) and substantially every major commercial computing platform (Windows servers, network firewalls, routers, USB peripherals, mobile telephones) — has been the most significant single revelation about NSA technical capability in the post-Snowden record.

The institutional NSA position on the catalogue's authenticity has been the pattern of neither-confirm-nor-deny. NSA Director Keith Alexander, Director of National Intelligence James Clapper, and successive subsequent NSA leadership have neither acknowledged nor denied the catalogue's authenticity. The settled subsequent assessment — drawing on the published Snowden-document corpus, on the academic-and-policy literature, and on the documented operational pattern in subsequent disclosures — is that the catalogue is genuine and that the documented implants existed in the operational inventory at the 2008 publication date.

Origins of TAO

The Tailored Access Operations (TAO) directorate was established within the NSA's Signals Intelligence Directorate in approximately 1997, in response to the institutional recognition that the post-1990s expansion of internet-based communications had shifted the SIGINT operational terrain from the historical telephony-and-radio framework toward a network-and-computing framework that conventional NSA collection methodology had limited operational reach into. The institutional response was the build-up of TAO across the late-1990s and 2000s as the NSA's principal computer-network-exploitation (CNE) capability — the institutional ability to compromise foreign-network endpoints to extract data that conventional cable-and-wireless collection could not access.

The ANT division

The Advanced Network Technology (ANT) division within TAO was the institutional unit responsible for the hardware-and-firmware-implant component of the CNE capability. The division was distinct from the software-implant division (which produced the operational malware payloads — the FOXACID exploitation server, the QUANTUM packet-injection capability, and the broader software-CNE programme) and from the operational-deployment division (the field operators who conducted implant installations). The ANT division's institutional focus was the engineering work — the design, prototyping, manufacture, and operational characterisation of the implant hardware itself.

The institutional pattern that produced the catalogue was the ANT customer-service relationship with the operational TAO operators. The ANT division operated as an internal NSA supplier — operational TAO operators across the field-office network requested specific implants for specific operational needs; ANT supplied the implants from its product inventory or developed new implants for novel target platforms. The catalogue was the institutional product menu — the reference document that TAO operators consulted to identify what implants were available for what target platforms. The 2008 dating of the leaked version suggests that the document was a periodic-update publication rather than a one-off; subsequent reporting has indicated that updated versions across the post-2008 period expanded the product set without changing the institutional pattern.

TAO field-office network

The TAO field-office network across the post-1997 period included the principal TAO operations centre at NSA Maryland (Fort Meade); the TAO field office at the NSA Texas Cryptologic Center on the Medina Annex of Lackland Air Force Base in San Antonio (documented in the post-2013 published record as the principal TAO operational forward-deployment site for the Latin American, Caribbean, and partial Middle East and North African operational areas); the TAO field offices at NSA Hawaii (Kunia, subsequently Wahiawa) and NSA Georgia (Fort Gordon); and substantial TAO presence at NSA/CSS Misawa (the Misawa Security Operations Center at Misawa Air Base, Japan). The San Antonio TAO field office produced the operational deployment of ANT implants across the Latin American operational area, with the documented institutional pattern of supply-chain interdiction operations conducted in cooperation with US Customs and Border Protection at the Texas-Mexico border.⁵

BIOS and firmware persistence implants

The principal product category in the catalogue, accounting for approximately one-third of the documented entries. These implants modify the firmware of the target platform — the BIOS / UEFI of servers and PCs, the firmware of network appliances, the bootloader of mobile devices — to establish ongoing access that survives operating-system reinstallation.

The principal documented products include DEITYBOUNCE (Dell PowerEdge BIOS implant); IRONCHEF (HP ProLiant BIOS implant); JETPLOW (Cisco PIX/ASA firewall firmware implant); FEEDTROUGH (the supporting persistence framework that facilitated firmware-implant installation across multiple platforms); HALLUXWATER (Huawei Eudemon firewall firmware implant); SOUFFLETROUGH (Juniper firewall firmware implant); and the broader set of platform-specific firmware-implant products. The institutional unit cost of these implants ranged from approximately $0 (for development costs amortised across operational use) to approximately $300,000 per operational deployment for the most operationally complex programmes.

USB-cable and peripheral implants

The COTTONMOUTH product family comprised three documented variants. COTTONMOUTH-I was a USB Type-A male connector with embedded radio-frequency communication and key-injection capability; the implant resembled an ordinary USB cable head but contained a complete computing-and-radio platform within the connector. COTTONMOUTH-II was a USB Type-A female connector implant intended for installation within the target host. COTTONMOUTH-III was a single hardware implant concealed in an RJ45 Dual-Stacked USB connector — integrating a TRINITY processor, a USB 2.0 HS hub, switching circuitry, and a HOWLERMONKEY RF transceiver in a combined Ethernet-and-USB port form factor. The institutional unit cost of COTTONMOUTH-I was documented as $20,300 per unit in 2008.

Active network-tap implants

FIREWALK was the documented Ethernet jack implant — a hardware module installed within an Ethernet wall jack that duplicated the network traffic flowing through the jack and forwarded the duplicated traffic via covert RF emission to a nearby NSA collection point. The institutional unit cost of FIREWALK was documented as $10,740 per unit. NIGHTWATCH was a portable receiver and reconstruction computer — the display end of the VAGRANT video-reconstruction chain. RAGEMASTER (an implant concealed in the ferrite of a VGA cable) was the actual screen-content retroreflector; NIGHTWATCH received and reconstructed the VAGRANT signal returned by RAGEMASTER under continuous-wave illumination from a nearby CTX4000 or PHOTOANGLO radar transmitter.

RF-retroreflector implants

The catalogue documented a family of passive radio-frequency retroreflector implants — hardware that did not contain its own radio transmitter but rather re-radiated continuous-wave illumination from a nearby NSA-operated radar transmitter (the CTX4000 and its successor PHOTOANGLO, a joint NSA/GCHQ system that replaced CTX4000 from September 2008). The operational range of the retroreflector illuminators is typically tens of feet. The principal documented products in the ANGRYNEIGHBOR retroreflector family included LOUDAUTO (room-audio retroreflector); SURLYSPAWN (keyboard-keystroke retroreflector); and TAWDRYYARD (low-power-beacon retroreflector for adjacent-implant location). NIGHTSTAND is a separate 802.11 wireless exploitation and packet-injection tool — not a retroreflector — with standoff injection capability at extended ranges using external amplification.

Mobile-platform implants

The catalogue documented mobile-platform implants for the principal pre-2008 mobile platforms. DROPOUTJEEP was the documented iPhone 3G implant — described in the catalogue as having approximately 100% successful operational deployment, with capability to extract SMS, contact list, voicemail, geolocation, hot-microphone audio, and camera capture. GOPHERSET was the documented GSM SIM-card implant. MONKEYCALENDAR was the related GSM-network mobile-calendar exfiltration implant. The mobile-implant inventory expanded substantially across the post-2008 period; subsequent additions have been the subject of subsequent disclosures rather than the original 2008 catalogue.

Supply-chain interdiction methodology

The institutional pattern through which the network-equipment-implant products (JETPLOW, HALLUXWATER, SOUFFLETROUGH) were operationally deployed was the supply-chain-interdiction methodology. The documented pattern was that NSA collection identified a target organisation that had ordered network equipment from a major manufacturer; the implant required for the target platform was identified; the equipment shipment was intercepted at a transit point (typically a US Customs facility, a freight-forwarder hub, or an international airport cargo facility) under coordination between TAO operators and US Customs personnel; the equipment was unboxed at a TAO load-station facility; the appropriate ANT implant was installed; the equipment was reboxed and resealed to factory specification; and the equipment was forwarded to the original recipient with the implant operational. The pattern is most extensively reported in Der Spiegel's 29 December 2013 article Documents Reveal Top NSA Hacking Unit, which documented the load-station methodology with photograph and operational-detail content.¹

Documented deployments

Confirmed Petrobras and adjacent Latin American targets (2010–13). The Snowden-document corpus documented NSA TAO operational targeting of the Brazilian state oil company Petrobras and adjacent Latin American institutional targets across 2010–13. The documented operational implants on these target networks have included JETPLOW-class network-firewall implants and adjacent-platform implants. The disclosure produced the substantial Brazilian-government institutional response across 2013–14, including the public-policy realignment of Brazilian telecommunications-infrastructure policy.

Confirmed Huawei and Chinese-target operational deployments. The documented NSA TAO operational programme codenamed SHOTGIANT — documented in the 22 March 2014 New York Times and Der Spiegel joint disclosure — was the operational programme directed at Huawei Technologies and at Huawei-equipped Chinese-network targets. The documented operational implants on these targets have included HALLUXWATER firmware implants on Huawei Eudemon firewalls and adjacent Huawei-platform implants.⁴

Confirmed EU institutional and Belgian government targets. The documented GCHQ-led operational targeting of the Belgian state telecommunications carrier Belgacom (with NSA awareness and product benefit) across 2010–13 — the operational programme codenamed OPERATION SOCIALIST, documented in the November 2013 and December 2014 Der Spiegel and The Intercept disclosures — implemented JETPLOW-class network-equipment implants and the broader CNE methodology that the ANT catalogue documented.⁷

Alleged Mexican Presidential office targets (2010s). The August 2013 Der Spiegel disclosure of NSA SIGINT product on Mexican President Enrique Peña Nieto's communications has been attributed in subsequent reporting to TAO ANT-class implant deployment on Mexican executive-branch network infrastructure. The Mexican-government institutional position has been that the operational deployment was confirmed; the US-government position has been the institutional pattern of neither-confirm-nor-deny.

Legal and oversight framework

The legal framework within which the ANT catalogue's operational deployment occurred is the post-1981 Executive Order 12333 framework — the US executive-branch foundational instrument for foreign-intelligence collection — under which TAO operations conducted against non-US-person targets located outside the United States occur. The 1978 Foreign Intelligence Surveillance Act framework applies only to operations against US persons or against persons within the United States; ANT-class operations against foreign targets located abroad fall outside FISA's institutional reach.

The subsequent oversight question — whether the ANT catalogue's operational deployment has been constrained by US-domestic constitutional considerations or by international-law considerations — has been the subject of sustained academic-and-policy commentary. The position the US-government institutional record articulates is that the operational deployment is legitimate under EO 12333 authority and conducted within the limits of the EO's institutional constraints. The alternative position — articulated by civil-liberties advocates, by foreign governments whose institutional infrastructure has been operationally targeted, and by portions of the academic literature — is that the operational deployment has exceeded the institutional limits that the broader domestic-and-international legal framework imposes.

The post-2013 institutional reform record on TAO ANT operations has been limited. The 2014 USA Freedom Act's reforms focused on Section 215 bulk-telephony-metadata collection rather than on TAO ANT-class operational targeting. The subsequent institutional reform of TAO operational practice has been internal-NSA institutional adjustment rather than external statutory-framework reform.

Sources and further reading

1. Jacob Appelbaum, Judith Horchert, and Christian Stöcker, Catalog Reveals NSA Has Back Doors for Numerous Devices, Der Spiegel, 29 December 2013 — the principal English-language coverage of the catalogue.
2. Der Spiegel TAO catalogue page set — the documentary publication of the catalogue's product entries, available through Der Spiegel's Snowden archive.
3. Jacob Appelbaum's 30 December 2013 keynote presentation at the 30th Chaos Communication Congress, Hamburg, To Protect and Infect: The Militarization of the Internet — the definitive contemporaneous presentation of the catalogue's content.
4. David E. Sanger and Nicole Perlroth, N.S.A. Breached Chinese Servers Seen as Spy Peril, The New York Times, 22 March 2014 — the SHOTGIANT / Huawei disclosure.
5. Glenn Greenwald, No Place to Hide: Edward Snowden, the NSA, and the U.S. Surveillance State, Metropolitan Books, 2014 — chapters on TAO operations and the supply-chain-interdiction methodology.
6. Matthew M. Aid, The Secret Sentry: The Untold History of the National Security Agency, Bloomsbury Press, 2009 — the principal pre-Snowden book-length NSA history with substantial coverage of TAO operational evolution.
7. Ryan Gallagher, Operation Socialist: The Inside Story of How British Spies Hacked Belgium's Largest Telco, The Intercept, 13 December 2014.
8. National Security Archive Snowden Documents Collection, George Washington University.
9. Bruce Schneier, Data and Goliath: The Hidden Battles to Collect Your Data and Control Your World, W. W. Norton, 2015 — subsequent academic-and-policy analysis of TAO operational pattern.
10. Privacy and Civil Liberties Oversight Board, Report on the Surveillance Program Operated Pursuant to Section 702 of the Foreign Intelligence Surveillance Act, 2 July 2014 — the post-2013 institutional review of the Section 702 framework adjacent to but distinct from EO 12333 TAO operations.