National Security Agency / The Unofficial Org Chart. (C) 2014 Marc Ambinder, Inc.

Get Started. It's Free
or sign up with your email address
Rocket clouds
National Security Agency / The Unofficial Org Chart. (C) 2014 Marc Ambinder, Inc. by Mind Map: National Security Agency / The Unofficial Org Chart. (C) 2014 Marc Ambinder, Inc.

1. SURPUUSHANGAR -- covert mechanism to ingest unclassified traffic into high side servers

2. Special FISA adjudication

3. S3221: (persistence software)

4. SATC

5. V -- NATIONAL THREAT OPERATIONS CENTER (CYBER)

5.1. V1 Staff Services

5.2. V2 Analysis

5.3. V3 Operations

5.3.1. V34 -- Next Generation Wireless (NGW)

6. FROM THERE to Ft. Meade -- How data moves at NSA

6.1. NUCLEON — Global content database

6.1.1. CONVEYENCE DNI content database

6.2. WRANGLER — Electronic Intelligence intercept raw database

6.3. ONEROOF — Main tactical SIGINT database (Afghanistan), consisting of raw and unfiltered intercepts, associated with Coastline tool

6.4. PROTON — Large SIGINT database for time-sensitive targets/counterintelligence. Associated with Criss-Cross tool.

6.5. MARINA / MAINWAY Internet metadata collection database / SIGINT metadata collection database

6.5.1. PINWALE — SIGINT content database

6.6. CULTWEAVE

6.7. FASCIA -- major metadata ingest processor that sends to Ft. Meade stuff that NSA collects out there

6.8. FASTBALL -- automated DNI analytical processing system

6.9. FALLOUT -- major content ingest processor that sends to Ft. Meade in raw, unstructured form for later processing. Generally for unstructured data.

6.10. TUNINGFORK

6.11. Reporting tools

6.11.1. CPE

6.11.2. Voice master

6.11.3. Center mass

6.11.4. Gist Queue

6.11.5. YELLOWSTONE -- assigns metrics for allocation and distributing ingested SIGINT product.

6.11.6. TAC

6.11.7. AHMS

6.11.8. SKYWRITER

6.12. PRESSUREWAVE

6.13. FASTSCOPE

7. Top Priority SIGINT Missions

7.1. Support to USSS / presidential protection and national programs, including, under special authorities, NSSEs

7.2. Warning / imminent military and strategic threats from China, Russia,

7.3. Counter-foreign intelligence and counter-intelligence

7.4. CT/CN/CP/CE

7.5. Collection on military plans and strategies of China, Russia, Iran, North Korea, Israel

7.6. Ballistic missile defense

7.7. Domestic electronic CT wall

7.8. Political intelligence

7.9. Iranian, North Korean, Israeli, Pakistani proliferation and defensive CI activities

8. Requirements and Tasking

8.1. NIPF

8.2. IIR

8.3. Colesium

8.4. Validation

8.4.1. DNI Mission Managers

8.4.2. SOO / SigDev

8.4.3. NSRTasking

8.4.4. Deconfliction

8.4.5. Successor to Echelon

8.4.6. S34

9. Collection types

9.1. Midpoint collection

9.2. CNE enabled implants

9.3. Endpoint collection

9.4. Corporate access point collection

9.5. Overhead collection

9.6. foreign satellite collection

9.7. Clandestine signal collection

9.8. Undersea collection

9.9. Airborne collection

9.10. Close access point collection

10. COLLECTION MECHANISMS

10.1. Open Source

10.2. SIGINT satellites (NEMESIS, INTRUDER, RAVEN, QUASAR, ORION)

10.3. Mobile collection platforms (EP-3s, U-2s, etc

10.4. F6/Special Collection Service emplaced sensors, CANEX

10.5. F6/Special Collection Service embassy-based listening posts // BIRDCATCHER /EINSTEIN /CASTANET

10.6. RF Collection Sites

10.7. Collection relay mechanisms

10.7.1. SIGINT satellites and relays

10.7.2. SCS base stations

10.7.3. Encrypted packets on the regular internet

10.7.4. Hard cables / fiber optics

10.7.5. DTS covert

10.7.6. SRP platforms

10.7.7. Cables provided by ISPs

10.8. FISA (PRISM, FAA 702) BR FISA PR/TT FISA, FISA ESTABLISHMENT, FAA 704, 705(b)

10.9. ,

10.10. Upstream collection (ingests at fiber hubs -- FAIRVIEW, etc)

10.11. Undersea cable taps (20 worldwide)

10.12. Cable hub splitters

10.13. Direct corporate partner network access points

10.14. Foreign country partner interfaces (FIVE EYES, etc)

10.15. Clandestine foreign telecom hub collection

10.16. FORNSAT intercepts (Stellar, Sounder, Snick, Moonpeny, Carboy, Timberline, Indira, Jacknife, Ironsand, Ladylove) See: http://electrospaces.blogspot.com/2013/12/nsas-global-interception-network.html for details

10.17. Ground SIGINT/FISINT collection sites

10.18. NSA, CIA and FBI implants

10.18.1. New info

10.19. LOPERS -- Public Branch Telephone System collection

10.20. Navy Underwater Reconnaissance Office

10.21. Midpoint collection -- surreptitious collection from nodes place in the middle of data links

11. Other major NSA tools and databases

11.1. TWISTEDPATH

11.2. CREEK

11.3. SPITGLASS

11.4. JOLLYROGER

11.5. CADENCE

11.6. GLOBALREACH

11.7. Broom Stick

11.8. JUGGERNAUT -- mobile/data communications collection

11.9. DRTBOX -- possible system for obtaining information from cell phones

11.10. Boundless Informant -- collection volume, type, location and platform visualization too

11.11. MUTANT BROTH

11.12. TRACfin -- financial information database

12. NSA Nitty Gritty -- databases, tasking systems and analytical interfaces

12.1. SIGINT ANALYTICAL and PROCESSING TOOLS

12.1.1. AQUADOR — Merchant ship tracking tool

12.1.2. ASSOCIATION Selector correlation and analysis tool

12.1.3. BANYAN — NSA tactical geospatial correlation database

12.1.4. WealthyCluster -- data mining tool for CT

12.1.5. TUSKATTIRE - data processing system

12.1.6. ShellTrumpet -- metadata processing

12.1.7. MESSIAH/WHAMI — ELINT processing and analytical database

12.1.8. TAPERLAY -- Global database of telephone numbers/selectors by type (GSM,etc)

12.1.9. OCTSKYWARD - GSM tool

12.1.10. TWINSERPENT -- phone book tool

12.1.11. WRTBOX -- collection from PSTN overseas

12.1.12. Tools

12.1.12.1. Unified Targeting Tool

12.1.12.2. CHALKFUN -- metadata location record database

12.1.12.3. SPYDER -- SMS/metadata query tool

12.1.12.4. XKEYSCORE global SIGINT analysis system

12.1.12.5. AIRGAP — Priority missions tool used to determine SIGINT gaps

12.1.12.6. TRAFFICTHIEF — Raw SIGINT viewer and sorter for data analysis

12.1.12.7. TRANSx

12.1.12.8. Bpundless Informant

12.1.13. DISHFIRE -- SMS collection and analysis from digital network information and records ingested by the MUL:KBONE database

12.2. COLLECTION REQUIREMENTS AND TASKING

12.2.1. CASPORT -- main NSA corporate / access identification tool used to control product dissemination

12.2.2. OCTAVE/CONTRAOCTIVE — Collection mission tasking tool -- where "selectors" live

12.2.2.1. PEPPERBOX -- database of targeting requests

12.2.3. HOMEBASE — A tactical tasking tool for digital network identification

12.2.4. SURREY DNI / SIGINT tasking database

12.2.5. DISHFIRE -- Associational and relational database for political and strategic intelligence by key selectors

12.2.6. AGILITY -- database of foreign intelligence selectors (non CT)

12.2.7. CHIPPEWA -- system to exchange SIGINT tasking / data with allies

12.3. DNI/DNR and network penetration tools and system

12.3.1. CNO TOOLS

12.3.1.1. SHARKFINN

12.3.1.2. BROKENTIGO

12.3.1.3. EMBRACEFLINT

12.3.1.4. LONGHAUL

12.3.1.5. EGOTISTICAL GOAT / EGOTISTICAL GIRAFFE

12.3.1.6. ATLAS -- DNI geolocation and network information tool

12.3.1.7. DANAUS -- DNS discovery tool / reverse DNS

12.3.1.8. BLACKPEARL -- survey information tool

12.3.1.9. ERRONEOUS INGENUITY

12.3.1.10. TIDALSURGE -- DNI router configuration discovery

12.3.1.11. ATHENA -- port discovery probe tool

12.3.1.12. SNORT — Repository of computer network attack techniques/coding

12.3.1.13. TREASUREMAP -- Global Internet Mapping/Analysis tool

12.3.1.13.1. PACKAGED GOODS -- global internet exploitation tool / traces routes of information

12.3.1.14. EVILOLIVE -- IP Geolocation

12.3.1.15. HYPERION -- IP to IP communication survey tool

12.3.1.16. WIRESHARK — Repository of malicious network signatures

12.3.1.17. TRITON -- TOR node search tool

12.3.1.18. ISLANDTRANSPORT -- Enterprise Message Service processor

12.3.2. FOXACID

12.3.3. TOYGRIPPE -- VPN collection

12.3.3.1. FRIARTUCK

12.3.3.2. MASTERSHAKE -- VSAT Terminal emulator

12.3.4. TURBULENCE -- global "advanced forward defense" internet architecture built for NSA; employs the QUANTUM THEORY system, global distributed passive sensors to detect target traffic and tip a centralized command/control node (QFIRE).

12.3.4.1. TURMOIL --High-speed passive collection systems intercept foreign target satellite, microwave, and cable communications as thev transit the globe

12.3.4.1.1. TURBINE -- active SIGINT collection off of TURBULENCE architecture

12.3.4.2. TUELAGE -- active CND off the TURBULENCE architecture

12.3.4.3. TUMULT -- Stage 0 server for TURBULENCE architecture

13. SIGDEV/TARGET APPROVAL/COMPLIANCE

13.1. PRODUCT LINE TOPIC OFFICE OF PRIMARY INTEREST offices

13.2. FISA Special Adjudication Office

13.3. S2I5 Compliance Staff

13.4. S343 Prioritizing and Approval of Targets

13.5. SV SIGINT Governance and Compliance Division

13.6. FBI

13.7. OGC

14. Sources: author’s reporting and research; Cryptome.org; Matthew Aid, Edward Snowden documents; Top Level Telecommunications website; http://electrospaces.blogspot.com), reporting in the Guardian, New York Times, Washington Post

15. M: Human Resources — Q: Security and Counterintelligence

15.1. Q2: Office of Military Personnel

15.2. Q3: Office of Civilian Personnel

15.3. QJ1: HR operations/global personnel SA

15.4. Q43: Information Policy Division

15.5. Q5: Office of Security

15.6. Q509: Security Policy Staff

15.7. Q51: Physical Security Division

15.8. Q52: Field Security Division

15.9. Q55: NSA CCAO

15.10. Q56: Security Awareness

15.11. Q57: Polygraph

15.12. Q7: Counterintelligence

15.13. Q123

16. Cross-functional units // co-located with SID S2 Production Lines

16.1. Integrated Broadcast Support Services Office — Provides SIGINT "RSS" feeds to customers

16.2. DEFSMAC: Defense Special Missile and Aerospace Center

16.3. Unified Cryptologic Architecture Office

16.3.1. Integration

16.3.2. Systems Engineering/Architecture Analyses and Issues

16.3.3. Architecture

16.3.4. Process

16.3.5. Planning and Financial Management

16.4. Plans and Exercise Office

16.4.1. NSA Continuity Programs Office

16.4.2. Military Exercise Office

16.4.3. Continuity Engineering Office

16.5. J2 Cryptologic Intelligence Unit (collects intelligence on worldwide cryptologic efforts).

17. Directorate for Education and Training

18. Directorate for Corporate Leadership

19. Foreign Affairs Directorate — Liaison with foreign intelligence services, counter-intelligence centers, UK/USA and FIVE EYES exchanges

19.1. Office of Export Control Policy

19.2. SUSLOs

19.3. UKUSA governing council

20. NSA Acquisitions and Procurement Directorate

20.1. Program Executive Office — Oversees acquisition of major NSA backbone projects like TRAILBLAZER, CMM, REBA, JOURNEYMAN, and ICEBERG

20.2. Advanced Analytical Laboratory

20.3. Corporate Assessments Offices

20.4. Rebuilding Analysis Program Office

20.5. Knowledge System Prototype Program Office

20.6. Maryland Procurement Office

20.6.1. Acquisitions Program Manager for Signals Intelligence

20.6.2. Acquisitions Program Manager for Research

20.7. Acquisition Logistics Integrated Product Team

21. Information Assurance Directorate

21.1. IC: Cyber Integration Division

21.2. IE: Engagement Division

21.2.1. Client Engagement and Community Outreach Group

21.2.2. Interagency Operations Security Support Staff (OPSEC)

21.3. I2: Trusted Engineering Solutions

21.3.1. I2N: Office of National and Nuclear Command Capabilities — Provides the launch codes for nuclear weapons

21.3.1.1. Electronic Key Support Central Management Facility — Provides over-the-air code keying for the entire national security establishment

21.3.2. Information Technology Infrastructure Services (ITIS) System Office

21.4. I3: Information Operations

21.4.1. Mission Integration Office

21.4.2. Technical Security Evaluations

21.4.3. Red Cell — Conducts surprise penetrations of U.S. government networks

21.4.4. Blue Cell — Conducts audits of U.S. government networks

21.4.5. HUNT: Advanced adversary network penetration cell — Monitors NSA networks 24/7 to detect advanced cyber penetrations

21.4.6. Joint Communications Security Monitoring Agency

21.5. I4: Fusion, Analysis, Mitigation

22. Research Directorate

22.1. R1: Math

22.2. R2: Trusted Systems

22.3. R3: LPS — Physical science lab

22.4. R4: LTS — Telecom science lab ( high-speed networks, wireless communications, and quantum key distribution)

22.5. R05: Center for the Advanced Study of Language

22.6. R6: Computer and Information Science

22.7. RX: Special Access Programs/Compartmented Research

23. Signals Intelligence Directorate

23.1. S1: Enterprise Engagement and Mission Management

23.1.1. A&R Watch (K Watch Ops) 199

23.1.2. S11: Customer Gateway

23.1.3. S12: Information Sharing and Services Branch

23.1.3.1. Partnership Dissemination Cell

23.1.4. S124: Staff Services Division

23.1.5. NSA Commercial Solutions Center

23.1.6. S17 Strategic Intelligence Issues

23.1.7. S1E -- Electromagnetic Space Program Office

23.1.8. S1P Plans and Exercise Division

23.1.8.1. S1P1 -- SOCOM/NORTHCOM SIGINT planning

23.1.8.2. S1P2 - Combatant Commands SIGINT planning

23.2. S2: Analysis and Production Centers

23.2.1. FISA Special Adjudication Office — Provides 24/7 support to each product line shift to facilitate rapid FISA processing

23.2.2. NSA Product Lines

23.2.2.1. S2A: South Asia

23.2.2.1.1. S25A51 -- South Asian Language Analysis Branch

23.2.2.1.2. S25A52 -- South Asian Reporting Branch

23.2.2.1.3. S25A4 -- Pakistan

23.2.2.2. S2B: China and Korea

23.2.2.3. S2I: Counterterrorism Production Center

23.2.2.3.1. S2IX: Special Counterterrorism Operations // CT Special Projects

23.2.2.3.2. S2I42 -- Hezbollah Team

23.2.2.3.3. S2I5 Advanced Analysis Division (FISA analysis) program manager, deputy program manager, 5 shift supervisors, 125 analysts

23.2.2.3.4. S2I43 -- NOM Team

23.2.2.3.5. Counterterrorism Mission Aligned Cell (CT-MAC) -- sensitive counter-terrorism support to CIA

23.2.2.3.6. S2I4 Homeland Mission Center

23.2.2.3.7. Metadata Analysis Center

23.2.2.4. S2C: International Security

23.2.2.4.1. S2C42 -- Western Europe and Strategic Partnership Division

23.2.2.4.2. S2C41 Mexico Team

23.2.2.4.3. S2C32 European States Branch

23.2.2.5. S2D: Counter-foreign intelligence

23.2.2.6. S2E: Middle East/Asia

23.2.2.7. S2F: International Crime

23.2.2.8. S2G: Counterproliferation

23.2.2.9. S2H: Russia

23.2.2.10. S2T: Current Threats

23.2.2.10.1. S2T3: NSA/CSS Threat Operations Center

23.2.2.11. S2J: Weapons and Space

23.2.2.12. S203: Access Team for Operations Staff

23.2.3. K -- National Security Operations Center

23.2.3.1. National Security Operations Center — Main NSA intelligence watch facility

23.2.3.1.1. DECKPIN — NSA crisis cell activated during emergencies

23.2.3.1.2. Homeland Security Analysis Center

23.2.3.1.3. CMM — Cryptologic Management Mission program office

23.3. S3: Data Acquisition

23.3.1. S31: Cryptologic Exploitation Services

23.3.1.1. Signals and Surveys Analysis Division

23.3.1.1.1. Technical Exploitation Center

23.3.1.1.2. Project BULLRUN

23.3.1.2. S3132: Protocol, Exploitation, and Dissemination Cell — Shunts SIGINT by type to databases

23.3.1.3. S31174 Office of Target Pursuit

23.3.2. S32: Tailored Access Operations

23.3.2.1. Network Warfare Team — Liaison with military

23.3.2.2. S321: Remote Operations Center

23.3.2.2.1. Network Ops Center

23.3.2.2.2. Operational Readiness

23.3.2.2.3. Interactive Operations Division

23.3.2.2.4. POLARBREEZE

23.3.2.3. S322 Advanced Network Technologies

23.3.2.3.1. S3222: (software implants)

23.3.2.3.2. S32221: ?

23.3.2.3.3. S32222: (routers, servers, etc.)

23.3.2.3.4. S3223: (hardware implants)

23.3.2.3.5. S3224: ?

23.3.2.3.6. S32241: ?

23.3.2.3.7. S32242: (GSM cell)

23.3.2.3.8. S32243: (radar retro-refl.)

23.3.2.4. S323: Data Network Technologies (researches how to penetrate secure networks)

23.3.2.4.1. Production Operations Division

23.3.2.5. S324: Telecommunications Network Technologies — Develops technologies to penetrate telecom networks

23.3.2.6. S325: Mission Infrastructure Technologies — Operational computer network exploitation and enemy infrastructure vulnerability mapping

23.3.2.6.1. Transaction Branch

23.3.2.7. S327: Targeting and Requirements

23.3.2.8. S328: Access Technologies Operations (computer network attack) — Works with CIA's TMO

23.3.2.9. S32P. TAO Program Planning Integration

23.3.2.10. Access Operations Division — Works with CIA's Technology Management Office / information Operations Division to break into foreign / CI networks

23.3.2.10.1. TURMOIL -- NSA cover term for installation/maintenance and operation of filters, servers and splitters on servers of corporate partners w/ their permission for SIGINT and CNE operations. Each diversion device is called a QUANTUM

23.3.2.10.2. GENIE SIGADs - 3136 (domestic) / 3137 (foreign)

23.3.2.10.3. SSO Close Access Domestic Collection Systems on foreign targets SIGAD US-3136

23.3.3. S33: Link Access // Global Access Operations

23.3.3.1. S332: Terrestrial SIGINT

23.3.3.1.1. OCELOT (FORNSAT)

23.3.3.2. S333: Overhead SIGINT

23.3.3.2.1. Overhead Collection Management Center

23.3.3.2.2. SSPO

23.3.3.3. S33P ISR Portfolio Management Office

23.3.3.3.1. S33P2 Technology Integration Division

23.3.3.3.2. S33P3 Tactical SIGINT Technology Office

23.3.3.4. Community ELINT Management Office

23.3.3.5. VOXGLO -- major cyber and enterprising computing project

23.3.3.6. OCEANSURF Program Office — $450m systems engineering hub

23.3.4. S35 Special Source Operations

23.3.4.1. Cable programs

23.3.4.1.1. LITHIUM

23.3.4.1.2. MADCAPOCELOT - STORMBREW collection program using SIGAD 3140

23.3.4.1.3. DARKTHUNDER

23.3.4.1.4. WINDSTOP

23.3.4.1.5. OAKSTAR -- filtered high-volume collection off international cable transit nodes and foreign access points under FAA/Transit authority and EO12333. Divided by SIGAD and production source.

23.3.4.1.6. SERENADE

23.3.4.1.7. INCENSOR

23.3.4.2. SIGAD US-990 -- Overseas transit switch collection of international communications from FAIRVIEW partner

23.3.4.2.1. US-984T FISA collection from FAIRVIEW corporate access point

23.3.4.3. S352: PRINTAURA — NSA unit involved in data filtering; program office for TRAFFICTHIEF tool

23.3.4.4. Mission Support Hub

23.3.4.5. Large Area Access Working Group

23.3.4.6. S353 -- SIGAD US-984 Collection Programs

23.3.4.6.1. SIGAD US-984 BLARNEY (digital network intelligence / dial number recognition collection from FISA court order approved targets, like spies, agents of foreign powers / traffickers using data flowing through US circuits and nodes. Producer digraph for BLARNEY is AX

23.3.4.6.2. SIGAD US-984X -- FISA Amendments Act collection w/ various programs (including PRISM) on CT, CI, CP and CE targets. Selector must be certified and foreign.

23.3.4.6.3. STORMBREW

23.3.4.7. S3520 -- Office of Target Reconnaissance and Survey

23.3.5. S353 -- Portfolio Management Office

23.3.5.1. AIRSTEED Program Office — Cell phone tracking

23.3.5.1.1. Tactical Platforms Division

23.3.5.2. Crosshair Net Management Center/Crosshair Support Center — Directing finding

23.3.5.3. Radio Frequency Targeted Operations Office

23.3.5.3.1. RFTO Special Projects Office

23.3.6. S34: Collection Strategies and Requirements Center

23.3.6.1. S342: Collection Coordination and Strategies -- resource allocation and metrics

23.3.6.2. S343: Targeting and Mission Management — Approves targets for analysts/makes sure that SIGINT targeting matches intelligence requirements

23.3.6.3. S344: Partnership and Enterprise Management

23.4. SV -- Signals Intelligence Directorate Oversight and Compliance

23.4.1. SV4 FISA Compliance and Processing

23.5. SSG -- SIGDEV Strategy and Governance

23.5.1. SSG 1

23.5.2. SSO Optimization staff

24. F6: Special Collection Service HQ (Beltsville, MD) —STATEROOM-- Joint CIA/NSA field collection agency operating from embassies and other denied locations. Director reports to DIRNSA

25. SCI COMPARTMENTS

25.1. SI or COMINT -- top-level SCI compartment; denotes sensitive SiGINT, DNI and cyber sources and methods

25.1.1. ECI -- COMINT subcompartment. with further subcompartments, which protect NSA relationships with other government agencies and private companies as well as specific sources, cryptalanaric breakthroughs and capabilities

25.1.1.1. ECI-FGT --> SCS Product

25.1.1.2. ECI-AMB Ambulate

25.1.1.3. ECI-PIQ Picaresque

25.1.1.4. ECI compartments include PIEDMONT, PENDLETON, PITCHFORK, PAWLEYS, AUNTIE, PAINTEDEAGLE

25.2. VRK -- exceptionally sensitive sources of national and strategic importance

25.3. RAGTIME -- protects "product " gathered from FISA intercepts

25.4. RAMPART --codeword for foreign leader SIGINT - RAM-A, RAM-X, RAM-T, RAM-M

25.5. PANGRAM

25.6. TSP -

26. T: Technical Directorate

26.1. TE: Enterprise Systems Engineering and Architecture

26.2. TS: Information Systems and Security

26.2.1. Public Key Infrastructure (PKI) Program Management Office (PMO)

26.3. TT: Independent Test and Evaluation

26.4. T1: Mission Capabilities

26.4.1. T132 — The "scissors" team: division that physically separates traffic by type once it's been ingested

26.4.2. Strategic SATCOM Security Engineering Office

26.4.3. T1221

26.5. T2: Business Capabilities

26.6. T3: Enterprise IT Services

26.6.1. T3221: Transport Field Services

26.6.2. T334: National Signals Processing Center

26.6.3. T335: Deployable Communications Operations

26.6.4. T332 Global Enterprise Command Center

26.7. T5: CARILLION — High performance computing center

26.8. T6: Technical SIGINT and Ground Capabilities

26.9. OTRS -- Office of Target Reconnaissance and Survey -- provides rapid technological solutions for tactical SIGINT problems

27. Large domestic operating field sites

27.1. Columbia, MD

27.2. Friendship Annex, Linthicum, MD

27.3. Finksberg, MD

27.4. Bowie, MD

27.5. College Park, MD

27.6. Ft. Belvoir, VA

27.7. Fairfax, VA

27.8. Washington, DC

27.9. Ft. Detrick (Site R)

27.10. Camp Williams, UT

27.11. NSA Georgia (Ft. Gordon)

27.12. NSA Texas (Lackland AFB, San Antonio)

27.13. Greenville, TX

27.14. NSA Denver (Aurora), co-located with CIA's National Resources Division

27.15. NSA Oak Ridge (Tennessee)

27.16. Yakima, WA JACKNIFE

27.17. Winter Harbor, ME

27.18. Formerly: Sugar Grove, WV, Rosman, NC TIMBERLINE

27.19. NSA Continuity of Government site

27.20. NSA CMOC -- Cheyenne Mounfain

27.21. NSA Field Stations — Remote collection and analytical facilities

27.21.1. F74: Meade Operations Center — 24/7 SIGINT support to deployed military units

27.21.2. SORC/FP: Special Operations Readiness Cells (Focal Point) — Support to special operations forces as part of the Focal Point Special Access Program

27.22. NSA Kunia

28. Office of the Director, NSA (DIRNSA)

28.1. D01: Director’s Operation Group (DOG)

28.2. D05: Director’s Secretariat

28.3. D07: Office of Protocol

28.4. D08: Homeland Security Support Office (HSSO)

28.5. D1: Office of the Inspector General (OIG)

28.6. D2: Office of the General Counsel (OGC)

28.7. D5: Corporate Assessments Office

28.8. D5T: Technology Test and Evaluation

28.9. D6: Office of Equal Employment Oppertunity

28.10. Logo of the Central Security Service (CSS)

28.11. D7: Central Security Service (CSS)

28.12. D709: CSS Staff and Resources

28.13. D7D: Cryptologic Doctrine Office

28.14. D7P: Office of Military Personnel

28.15. D7R: Director's Reserve Forces Advisor

28.16. DC: Director’s Chief of Staff

28.17. DC0: Support

28.18. DC3: Policy

28.19. DC31: Corporate Policy

28.20. DC32: Information Policy

28.21. DC321: Freedom of Information Act and Privacy Act (FOIA/PA)

28.22. DC322: Information Security and Records Management

28.23. DC3221: Information Security Policy

28.24. DC3223: Records Management Policy

28.25. DC323: Automated Declassification Services

28.26. DC33: Technology Security, Export, and Encryption Policy

28.27. DC4: Corporate Strategic Planning and Performance

28.28. DC6: External Relations & Communications

28.29. DC8: Corporate Management Services

28.30. Unified Cryptologic Architecture Office