Embassy Espionage: Top Secret NSA Spy Hub In New Delhi

Updated on

The National Security Agency (NSA) of the United States had plans to install a super spy software named APPARITION in New Delhi, a recent ‘top secret’-marked NSA document leaked by CIA contractor-turned whistleblower Edward Snowden has revealed.

SCS stands for Special Collection Service (SCS), is a highly classified joint CIA–NSA program charged with inserting eavesdropping equipment in difficult-to-reach places, such as foreign embassies, communications centers, and foreign government installations. The SCS program was established in the late 1970s during the Cold War between the United States and the Soviet Union. Around this time, SCS operatives reportedly hid eavesdropping devices in pigeons perched on the windowsills of the Soviet Embassy in Washington, D.C. Headquartered in Beltsville, Maryland, the SCS has been described as the United States’ “Mission Impossible force”.


According to documents leaked by Edward Snowden, the SCS is part of a larger global surveillance program known as STATEROOM. STATEROOM is the code name of a highly secretive signals intelligence collection program involving the interception of international radio, telecommunications and internet traffic. It is operated out of the diplomatic missions of the signatories to the UKUSA Agreement and the members of the ECHELON network including Australia, New Zealand, Britain, Canada and the United States. In almost a hundred U.S. embassies and consulates worldwide, Stateroom operations are conducted by the SCS.

In October 2013, reports by former NSA contractor Edward Snowden led to the revelation of the SCS having systematically wiretapped Chancellor of Germany Angela Merkel’s private cell phone over a period of over 10 years, among other activities to wiretap and systematically record large amounts of European and South American leaders’ and citizens’ communications.

APPARITION becomes a reality new corporate VSAT geolocation capability sees its first deployment (from the Top Secret document)

The first operational version of APPARITION achieved Initial Operating Capability (IOC) at Misawa, Japan, in late September. APPARITION is a precision geolocation capability for targeting foreign very small aperture satellite terminals (VSAT) — an important target, because VSATs are often used by Internet cafes and foreign governments in the Middle East. APPARITION builds on the success of the GHOSTHUNTER prototype developed at Menwith Hill Station, a tool that enabled a significant number of capture-kill operations against terrorists.

Going Global

The GHOSTHUNTER prototype capitalized on the co-location of Overhead SIGINT and FORNSAT at Menwith Hill Station to combine collection from both apertures to perform precise geolocations of VSATs. With APPARITION, this capability will not be limited to collocated sites; it will now be possible for collection from sites worldwide to be combined with Overhead collection. Plans call for APPARITION to be deployed to a number of FORNSAT and Special Collection Service (SCS) sites in the coming years.


This first APPARITION system builds on lessons learned from the initial GHOSTHUNTER implementation, and represents a more generic concept of operations (CONOP) for use worldwide. Rather than “chasing” the targets when they come on-line in a reactive approach, APPARITION uses an “industrial survey” concept that proactively targets and geolocates VSATs and populates the MASTERSHAKE database with the results. This approach reduces response time: by interrogating the database, a geolocation of the VSAT can be provided within seconds of the target appearing on-line

Future Plans

Plans are well advanced to install APPARITIONs at SCS sites in New Delhi, Ankara, Kuwait, and Istanbul before the end of this year, and at 27 FORNSAT/SCS sites worldwide, including Second Party locations, in the next two years. APPARITION has transitioned to using agile development methods and short, incremental development spirals, an approach that allows rapid evolution of the system. This has resulted in two further VSAT signals — LinkStar and single channel per carrier (SCPC) – being incorporated into the baseline within 2 months of IOC, thereby increasing the number of targets that can be geolocated.

On 23 November 2013, the Dutch newspaper NRC Handelsblad released a top secret NSA presentation leaked by Edward Snowden, which shows the presence of SCS operations in numerous U.S. diplomatic missions located in numerous cities including New Delhi in India.

A management presentation dating from 2012 explains how the NSA collects information worldwide. In addition, the presentation shows that the intelligence service uses Computer Network Exploitation (CNE) in more than 50,000 locations. CNE is the secret infiltration of computer systems achieved by installing malware, malicious software.

The NSA computer attacks are armed by a special department called TAO (Tailored Access Operations). Public sources show that this department employs more than a thousand hackers. As recently as August 2013, the Washington Post published articles about these NSA TAO cyber operations. In these articles The Washington Post reported that the NSA installed an estimated 20,000 ‘implants’ as early as 2008. These articles were based on a secret budget report of the American intelligence services. By mid-2012 this number had more than doubled to 50,000, as is shown in the presentation TVNZ laid eyes on.

The malware can be controlled remotely and be turned on and off at will. The ‘implants’ act as digital ‘sleeper cells’ that can be activated with a single push of a button. According to the Washington Post, the NSA has leg carrying out this type of cyber operation since 1998.

The APPARITION program pinpoints the locations of people accessing the Internet across sensitive locations. Subsequent actionable intelligence information may lead to sending lethal Reaper drones to eliminate the target. The Top Secret reports speak of an SCS surveillance unit being set up in the embassy campus in New Delhi that operated under the codename DAISY.

Is this NSA’s Secret Spy Hub in New Delhi still operational? Only a thorough inspection of the US Embassy in New Delhi can tell. This is just one of the many such case studies that demonstrate clearly the Indian government’s lack of understanding about even the basic tenets of information warfare. Sadly, without any concept of a comprehensive national security doctrine what is at stake is the very sovereignty of our country.

NSAShelley Kasli for GreatGameIndia. For a thorough understanding of how the gathering of information by the East India Company laid the foundations of this hi-tech modern surveillance program read our exclusive research report on the issue Digital India in the Age of Information Warfare published in GreatGameIndia – India’s only quarterly magazine on Geopolitics and International Affairs.


Spy Suspect May Have Revealed U.S. Bugging
Weapons of the Secret War
How America Spies on Europe and the UN
Embassy Espionage: The NSA’s Secret Spy Hub in Berlin
Top Secret NSA Document APPARITION
NSA infected 50,000 computer networks with malicious software
Digital India In The Age Of Information Warfare

Article by Great Game India

Leave a Comment