How the NSA Works

Working alongside the Central Security Service, a companion group comprising active military members, the NSA is tasked with a wide range of code-making and code-breaking activities. In other words, the agency encrypts secretive government communications, data and other information to protect it from hackers while actively seeking to uncover and decode the same types of materials from other countries and persons of interest [sources: NSA, NSA].

The director of both organizations is appointed by the Secretary of Defense and approved by the president before taking the reins. The director must be a commissioned military officer with at least a three-star rank. This person also heads U.S. Cyber Command, a "network warfare" unit created in 2005 to protect against terrorist data and network threats [source: NSA].

The NSA and CSS have two official missions: signals intelligence -- commonly known as "SIGINT" -- and information assurance. The agencies collect SIGINT from various sources, including foreign communications, radar and other electronic systems. The work isn't exactly easy. Information is often coded, not to mention shared in foreign languages and sometimes obscure dialects. Meanwhile, information assurance programs are aimed at preventing others from hacking, stealing or otherwise tampering with national security systems and sensitive information. NSA is officially responsible for maintaining the security of the information systems used by the Defense Department and several other government organizations [sources: NSA, NSA].

A shifting focus toward cyber warfare has meant an influx of tech-savvy workers joining the NSA's ranks. The agency hired 3,500 new employees in 2011 and 2012 combined. Many were in fields such as computer science, engineering and intelligence analysis [source: NSA]. But technical majors are not always required. For instance, the NSA says it has hired people for cryptanalysis (analyzing information systems to detect hidden aspects) who majored in music and history as well as mathematics. In general, professionals who are hired for the various NSA positions are placed in development programs where they attend classes, get technical training and rotate through departments. The NSA also offers several paid internships to expose college students to its career opportunities. For more information and to see available jobs, visit the NSA's careers page.

In its more than 60-year history, the NSA has gathered intelligence used in a broad span of government efforts from keeping the Suez Canal open to trade following Egyptian nationalization in the '50s to intercepting key communications from Russian ships during the Cuban missile crisis. In the latter incident, the CIA discovered that the Soviet Union was preparing to install nuclear warheads in Cuba. NSA SIGINT later showed that the stakes had been raised when agents learned through cryptology work that the Russians had taken over control of Cuban air defense controls. NSA-gained intelligence stemmed fears of an all-out nuclear war by showing that Soviet leaders had decided not to challenge a naval quarantine implemented by U.S. forces at Cuban ports [sources: NSA,NSA].

Before and during Operation Desert Storm in 1991, the NSA SIGINT provided intelligence to the U.S. and its allies, as well as secure communications on the battlefield. After the events of 9/11, the NSA came under fire for failing to catch the plot to attack the World Trade Center. The NSA countered that it had intercepted two messages that something major was going to happen on Sept. 11 but there was no information in them on where or what the action would be [sources: NSA, NSA]. At the time too, the NSA was focused on foreign surveillance rather than domestic surveillance. The NSA was also criticized for failing to keep up with the technological advances needed to counter terrorism [source: NOVA].

Since then, the NSA has worked hard to improve its technological capabilities, as the people that the agency keeps its eye on have changed in many ways. No longer are adversaries likely to be wearing a uniform or otherwise readily identifiable. Instead, persons of interest are often those operating in small cells communicating by cell phone and Internet. There is also the dreaded "lone wolf" working virtually on his or her own, like Faizal Shahzad, who was arrested for attempting to bomb Times Square in 2010 [source: Martin].

The events of Sept. 11, 2001 also changed who the target of NSA surveillance would be – it was no longer just people living outside the U.S.

Enacted in 1978, the Foreign Intelligence Surveillance Act was largely designed to ensure that NSA and other federal intelligence agencies could not monitor American citizens' electronic communications without first obtaining a warrant based on probable cause. The act also created an independent Foreign Intelligence Surveillance Court made up of federal judges tasked with reviewing warrant applications [sources: Greenwald, Federal Judicial Center].

Until Edward Snowden's leaks, the 11-member FISA court's operations were cloaked in as much secrecy as the government spooks for which it served as gatekeeper. What we now know is that the gate is almost always open: The court denied only 11 of the nearly 34,000 warrant applications it reviewed between 1979 and 2012. That's an approval rate of about 99.97 percent [source: Barnes].

Meanwhile, lawmakers widened FISA to expand the domestic snooping the NSA and other intelligence agencies could do legally. Shortly after the Sept. 11 attacks, President George W. Bush -- with broad bipartisan support from Congress -- signed into law the USA PATRIOT Act. Among other amendments, the legislation expanded the types of "business records" feds could obtain from companies to include "any tangible thing" related to an investigation to obtain foreign intelligence or protect against terrorism. In a 2002 executive order, Bush also specifically authorized the NSA for the first time to monitor international e-mails and phone calls from people inside the U.S. When news of the program leaked three years later, administration officials said that they still required the NSA to obtain warrants for entirely domestic communications [sources: Bazon, Risen].

The 2008 FISA Amendments Act largely legitimized the NSA wireless monitoring program. The amended law, extended by President Barack Obama and Congress for another five years in December 2012, allows the feds to monitor U.S. citizens' communications with foreign nationals who are the target of an investigation without first obtaining a warrant. Intelligence gatherers need only obtain a warrant under the law where a person in the U.S. is the target of the investigation or the communication is entirely domestic [sources: Granick, Greenwald].

The FISA amendments also allow the NSA to collect bulk information, including data "inadvertently acquired" from completely domestic communications. Just how the government interpreted these provisions wasn't entirely clear until Snowden brought NSA's recent surveillance activities to light.

The documents Snowden leaked detailed two NSA programs previously unknown to the general public. The first involved gathering and reviewing the telephone records of millions of Verizon wireless customers located in the U.S. A FISA court order issued in April 2013 required the company to provide information such as the location, time and duration of calls both within and outside the U.S., as well as the numbers of both parties on a continuing, daily basis. The order did not, however, cover the contents of any given call [source: Greenwald].

The Obama administration and others defended the program, citing various personal privacy safeguards as well as its importance to national security. They specifically noted that the "metadata" obtained didn't include actual underlying phone communications. As a result, FISA did not require an individualized warrant covering each person whose calls were swept up when the NSA reeled in its net [source: Roberts and Ackerman].

The "it's just metadata" argument went out the window when Snowden dropped another round of information, this time about government trolling of people's electronic communications. In a program called "PRISM," NSA collects individuals' Internet information, including search history, the content of e-mails and live chats and file transfers. According to a 41-slide PowerPoint presentation revealed by Snowden, the program is run with the assistance of computing giants like Google, Apple and Facebook, each of which has denied participation. [source: Greenwald and MacAskill].

FISA still bars the feds from spying on Americans' electronic communications and activities completely within the U.S. The problem is that it can be hard to tell whether a particular e-mail, chat or phone call is domestic or foreign. That means a lot of information that is supposed to be off-limits gets "inadvertently" included in the government hauls [sources: Drum, Friedersdorf].

Officials tout certain "minimization procedures" intended to limit the use of wrongly gained data and communications. While this information generally must be destroyed, a pretty big loophole allows the feds to keep and use the info if it relates to a "threat of harm to people or property" [sources: Drum, Friedersdorf].

We wouldn't know about these programs if not for Edward Snowden. Who is he, and how did he get his mitts on the goods?

He's been called a hero and a traitor. The man behind what some say are the most important and others the most dangerous intelligence leaks in recent U.S. history is a 30-year-old technology worker who did a stint with the CIA before signing on with defense contractor Booz Allen Hamilton. Working on an NSA contract in Hawaii, Snowden copied certain classified documents and removed them from his office before telling bosses that he needed a few weeks of leave in order to undergo epilepsy treatments. He then holed up in Hong Kong as word of the NSA spying programs he'd exposed by sending those stolen documents to the press spread like wildfire [source: Greenwald].

Raised in Maryland near NSA headquarters, Snowden earned a GED before enlisting in the Army in 2003. He was later discharged after breaking his legs in a special forces training program. According to Snowden, he worked as an NSA security guard and then in IT security for the CIA. By 2007, the CIA had sent him on assignment to work in Geneva, Switzerland [source: Greenwald].

So how did a guy with a GED rise within the ranks of the nation's premier spy agency and later move on to a $200,000-a-year (or $122,000, depending on who you ask) systems administrator gig at Booz Allen? In an interview with The Guardian, Snowden credited a natural knack for computer programming and technology work [sources: Greenwald, The Washington Post].

Nevertheless, Snowden remained a relatively low-level employee on the national intelligence scale before the leaks. Some experts have said that he was able to get the information he divulged because of the widened sharing among agencies in the wake of Sept. 11. The leaks are also a good example of just how much access Uncle Sam has given private contractors to highly sensitive information following the attacks on the World Trade Center and the Pentagon. Roughly 70 percent of the U.S. intelligence community's budget goes to paying contractors who have been brought on in droves to fill gaps identified following 9/11. In the post-Snowden era, however, lawmakers are reconsidering the business of outsourcing the intelligence work originally intended for the NSA and other government spy groups [source: Bussey].

Want to learn more about government intelligence gathering operations? Take a look at the links on the next page.