National Security Agency - The Black Vault

1990s
1990s
The aircraft on display at the National Vigilance Park honor
the “silent warriors” who died performing airborne signals
intelligence missions during the Cold War.
there, Kunia had the advantage of proximity to
the Commander in Chief, Pacific (CINCPAC).
In the late 1980s, the cryptologic leadership
began developing the Regional Security
Operations Center (RSOC) concept. Proven
computer and communications technology
allowed NSA to delegate SIGINT authority
to these regional centers, thus avoiding an
overconcentration in the Washington area.
Under the RSOC doctrine, each center would be
“hosted” by one of the military services so that
all services could be represented.
In 1995 the centers opened and NSA began to
transfer missions to them. The Kunia facility was
given a new status as an RSOC.
Over the next decade, the RSOCs evolved from
limited operations centers into mini “regional
NSAs” in Georgia, Texas, Hawaii and Colorado
with the following mission benefits:
• Consolidation of cryptologic operations
• Dispersion of facilities from the
Washington, D.C. area
• Capability of serving as alternate
communications centers
• Representation of all military services.
The concept of “regional NSAs” was reinforced
when NSA suffered a massive computer outage
early in 2000, and the RSOCs, as components
that could operate independently, picked up
the essential missions until NSA was back
in full operation. Today all four centers, now
known as Cryptologic Centers, are operational,
expanding, and provide redundancy in the
event of an emergency.
Expeditionary SIGINT
While resources were decreasing during
the 1990s, customer requirements for NSA’s
services and products were not. To better serve
the Agency’s increasingly diverse customer set,
NSA began deploying personnel as NSA/CSS
representatives (NCR) or as part of Cryptologic
Services Groups (CSG) to intelligence
community partners and military commands.
Their mission was to act as an advocate for
the customer, assisting them in navigating
the NSA enterprise and helping to interpret
their requirements to NSA, in order to better
respond to them. NCRs and CSGs were also
charged with helping partners understand
what the cryptologic system could, and could
not, do for them.
In the years after Operation Desert Storm,
NSA and its military partners in the CSS
began considering how best to extend this
type of close support to warfighters engaged
in future operations. Changes in the nature
of telecommunications and the capabilities
needed to turn modern communications into
actionable intelligence for military consumers
led to an increasingly close partnership
between the civilian and military components
of the enterprise. Modern military commanders
were as interested in the strategic “big
picture” issues as they remained in the tactical
environment on the battlefield.
The increasing military activity of the late
90s led to the birth of Expeditionary SIGINT.
While NSA continued to support military
customers from Fort Meade and field sites
around the world, the Agency also began
pushing the resources of the enterprise
closer to the warfighter. NSA personnel began
joining their CSS colleagues in deployments
with military forces, providing tailored SIGINT
support to operations around the world.
Like the Cryptologic Centers, the NCRs, CSGs,
and Expeditionary SIGINT personnel ensured
continuity of operations for NSA’s customers
and increased NSA’s ability to provide tailored
support in response to critical requirements.
Enhanced Security
The 1990s also saw an increase in the level of
physical security at NSA. Access became more
restricted; no longer could family members
and pizza delivery people get close to the
fence line. After the Oklahoma City bombing
in 1995, an NSA perimeter security fence
was constructed to surround the entire Fort
Meade campus. In addition, the NSA Police
added a K-9 unit in 1998, which greatly
improved the Agency’s capability to check
for explosives during commercial vehicle
inspections and assist in security patrols and
emergency responses.
Improving Computer Security
In the late 1990s, the NSA Systems and Network
Attack Center (SNAC) tackled the difficult
question of how best to improve the security
level of personal computers and servers that
were part of national security systems. This led
to the need to discover software implementation
flaws, probe operational networks for
weaknesses, and develop guidance to harden
systems against attack.
The SNAC made security configuration
guidance publicly available on NSA’s web page,
and released guidance for the Department of
Defense’s (DoD) Windows operating systems
and Unix-like operating systems.
Microsoft provided additional guidance
with SNAC’s full cooperation and public
recommendation. The settings from this effort
were adopted as a baseline for the DoD and
by the National Institute of Standards and
Technology for its Federal Desktop Core
Configuration. Through this effort the federal
Regional Security Operations Centers, like the one in Hawaii pictured above,
provide NSA with the redundancy needed in the event of an emergency.
88 60 Years of Defending Our Nation National Security Agency
National Security Agency 60 Years of Defending Our Nation 89