4 NSA terms you should know

August 1, 2013, at 1:41 PM

A corollary to the principle of "security through obscurity" is that acronyms and special languages add to the mystique of a privileged class with access to secret information. Since the documents given to the Guardian by Edward Snowden are replete with what people at the NSA call "Mothership speak," (see below), it's difficult for even informed observers who don't have the proper security clearance to understand what everything means. Here's a cheeky, if accurate, guide to NSA bureaucratese that the ACLU and Slate put together.

What follows is a brief guide to the four most important words and acronyms you need to know as you wade through the NSA files, past, present, and future.

F6 — Technically, it refers to the headquarters of the Special Collection Service, which is a joint field activity run by NSA and CIA that operates collection sites in "denied" areas. But within NSA, F6 refers to SCS itself, basically, and by extension all of the SCS sites. (There are 75 SCS field sites across the world.) The NSA doesn't acknowledge the existence of SCS because most of its employees work under State Department cover overseas. SCS operations technicians are trained by both the CIA and the NSA; they don't recruit case officers, but they must be able to operate without detection in places where the U.S. isn't technically supposed to operate. You will very rarely, if ever, see anyone acknowledge that they used to serve in the SCS. Instead, they might say generally that they worked at an NSA field site overseas somewhere.

SI — "Special Intelligence" — the general category of sensitive compartmented information that deals with the sources and methods of signals intelligence collection. You'll notice that most of the documents leaked by Snowden are marked TOP SECRET double-forward-slash SI, or sometimes "COMINT," which is interchangeable. To read that document, a person with a TOP SECRET clearance needs to be eligible for the "SI" compartment, have signed a non-disclosure agreement specific to that compartment, and have a need to know about how, in general, signals intelligence works.

SCI — Sensitive Compartmented Information — specially protected national security secrets dealing principally with sources and methods. In the context of the NSA's daily work, the methods refer to the processes that you've read about — PRISM, XKEYSCORE — and the sources refer to the way signals intelligence is collected at its point of origin. (There are other types of SCI, include TK [Talent-Keyhole], for spy satellite operations, HCS [HUMINT Control System], for human source operations, KL [or Klondike], for the finished product of imagery and multispectral sensors. There are also CLASSIFIED categories of SCI, where even the very idea that the U.S. would have access to the type of information processed is enough to give classifying authorities the jitters. The product of cyber penetrations used to have its own classified SCI category; now, cyber product is so common and so interlinked with SIGINT that the classified category has been dissolved and folded into the unclassified SI category.

GSO/SSO/TAO — Global Source Operations, Special Source Operations, Tailored Access Operations. This is how NSAers categorize the methods, aperture, and sensitivity of the technical means used to access raw data. Global Source Operations refers generally to NSA projects that can passively suck in lots of data without having to tap anything or get secret access to a physical location. Think: Large satellites, microwave intercept sites in friendly countries, open source collection. Special Source Operations generally entail the placement of a sensor, system or gulper, or whatever you want to call it in a specific non-permitted or not acknowledged location or facility. Think: PRISM, the F6 sites (see above), embassy phone taps, bugs in some Chinese leader's home. Tailored Access Operations are generally, but not exclusively, remote operations designed to collect intelligence using computer networks, or controlling the "flow" of information remotely by hacking into those networks. Think: Stuxnet. Obviously, there are areas overlap between the three categories.






Subscribe to the Week