WASHINGTON — Documents from fugitive former government contractor Edward Snowden spell out new details of AT&T’s cooperation with National Security Agency spying and an NSA operation with teams of elite hackers in San Antonio breaking into computers around the world.

NSA Texas hackers aimed at Mexico, Cuba, Columbia, Venezuela and unspecified targets in the Middle East, documents showed. An offensive targeting Mexican leaders — called “WhiteTamale” — proved especially productive.

Documents from Snowden’s archive disclosed this month by the New York Times and ProPublica detailed AT&T’s involvement in NSA’s interception of email traffic at a time when AT&T made its headquarters in San Antonio. AT&T moved its corporate offices to Dallas in 2008.

Among those documents, a slide presentation shows San Antonio among the hubs of fiber-optic circuitry used in data interception under an NSA program called Fairview.

Together, the disclosures underscore San Antonio’s central role in intelligence gathering over the years.

The Snowden documents related to hacking started trickling out 20 months ago. They confirm one of the missions of NSA Texas in San Antonio — a growing role in Tailored Access Operations, the program of gathering intelligence by penetrating computers of foreign targets.

A slide presentation labeled top secret disclosed in December 2013 by Der Spiegel, the German news magazine, projected that in San Antonio, the operation known as TAO would expand from a staff of 57 in 2008 to 270 this year.

Documents describe TAO missions beyond hunting terrorists. The “WhiteTamale” offensive was directed at the former Mexican Public Security Secretariat, the federal ministry of the Mexican Executive Cabinet dissolved by President Enrique Peña Nieto in a 2013 reorganization.

Another document, an NSA memo from November 2010, tells how, in May of that year, TAO “successfully exploited” an email server to gain access in Mexico to then-President Felipe Calderón’s public email account. The intrusion was first made public by Der Spiegel.

The memo said the domain penetrated “contained diplomatic, economic and leadership communications which continue to provide insights into Mexico’s political system and internal stability.”

“Your data is our data, your equipment is our equipment — any time, any place by any legal means,” was an NSA motto noted in a 2006 internal newsletter, another of the documents taken by Snowden and revealed earlier this year by the German magazine.

‘War in cyberspace’

The NSA has transformed the former Sony chip plant on San Antonio’s Northwest Side into one of the largest government intelligence hubs outside of Fort Meade, Maryland, while offering scant information on its operations.

The NSA did not respond to inquiries about NSA Texas or the leaked documents.

The agency’s San Antonio facility, along with agency operations in Hawaii and at Fort Gordon, Georgia, are part of a network of military and civilian hackers centered in Fort Meade in a suite of offices called the Remote Operations Center.

Among the leaked documents is an internal NSA newsletter trumpeting the cyber force as critical in pursuing the goal of “global network dominance.” The newsletter notes expansions in Texas, Hawaii and Georgia.

As recently as last month, the NSA posted job openings in San Antonio and Hawaii for a “very important mission” described as network defense and computer network exploitation.

“In order to carry out these functions, NSA is looking for people who are highly skilled and impassioned about winning the war in cyberspace. These are NOT your average computer science or engineering jobs,” ads published on the NSA website read.

An NSA internal newsletter from September 2006 posted in January on Der Spiegel’s website describes the allure of being a government hacker.

“What if your job was to exploit a target’s computer, collect voice cuts from an adversaries (sic) phone system, use a terrorist’s web-based email account to infect them with a Trojan Horse (malicious program) and assist the military in locating a high-value terrorist target for capture — all in a day’s work? Then you would be working at the Remote Operations Center.”

Another slide points to the breadth of the mission by noting needs of U.S. agencies “for intelligence on drug trafficking, people smuggling and border security issues,” calling the spying a potential “gold mine for multiple customers.”

In 2009, four years before the purloined documents came to light, intelligence historian Matthew Aid disclosed TAO’s existence in his book, “The Secret Sentry.” He wrote that the NSA is “secretly tapping into thousands of foreign computer systems and accessing password-protected hard drives and email accounts of targets around the world.”

In an interview, Aid said the operation continues to be highly successful even if prominent foreign targets have stiffened computer defenses.

“TAO remains one of the biggest, if not the biggest, producer of intelligence in President (Barack) Obama’s daily briefing,” he said.

The documents below, provided by the New York Times, reveal the NSA's connection to telecommunications companies.

Critics’ contention

The government has acknowledged the role of telecom companies in surveillance, cooperation that officials say yields intelligence that has disrupted terrorist networks.

Even so, critics, among them former AT&T customers suing in federal court, contend programs such as Fairview amount to unwarranted surveillance that subjects millions of Americans to search and seizure of their online correspondence and conversations.

In another court case, the NSA won a favorable ruling Friday when the U.S. Court of Appeals for the District of Columbia overturned an earlier decision that the agency's bulk collection of millions of Americans' phone records was illegal.

Rather than collecting telecom companies' Internet records, this program obtains and stores electronic copies of phone numbers dialed.

The Fairview program documents disclosed this month, dating from 2003 to 2013, outline the extent of cooperation by AT&T. One of the leaked documents refers to a “key corporate partner with access to international cables, routers and switches.”

The documents describe Fairview, which began in 1985, as a program operated by the NSA’s Special Source Operations division and an unnamed corporate partner with a “highly collaborative nature.” The New York Times and ProPublica identified that partner as AT&T.

AT&T declined to answer questions about the disclosure.

In an emailed statement, the company said: “We do not provide information to any investigating authorities without a court order or other mandatory process other than if a person’s life is in danger and time is of the essence.”

A Fairview slide presentation refers to “access to massive amounts of data” obtained under a variety of legal authorities, adding up to billions of emails that flowed across AT&T’s networks.

One of the slides displays icons showing AT&T VoIP (voice over the Internet) router complex at San Antonio and two dozen other sites across the country, including Houston and Dallas.

The slide also shows an AT&T circuit switch in San Antonio, one of about 16 in its domestic operation. Another slide notes “midpoint collection” at switches and routers in the cooperative effort.

In federal court in California, where methods of alleged interception have been introduced as evidence, the NSA has fought to limit release of details about alliances with AT&T and other telecom partners. Earlier this year, a judge threw out parts of the lawsuit after the government argued that mounting a defense could reveal state secrets.

The case, begun by AT&T customers in 2006, originally named AT&T as the defendant. But legislation in 2008 granted telecommunications companies retroactive immunity for their cooperation. The case is being pursued now against the NSA and former government officials.

Lawyers for the Electronic Frontier Foundation, a nonprofit focused on civil liberties in digital communications, represent the AT&T customers. They offer a scenario for interception based partly on evidence from a retired AT&T technician.

In a declaration in the case, the former technician, Mark Klein, described visits from NSA personnel to an AT&T hub in San Francisco where he worked and methods of routing Internet traffic to a secure room called “SG3.”

Government lawyers refer to Klein’s declaration as hearsay.

Lawyers for the AT&T customers argue that Klein describes the initial step in mass surveillance that violates the Fourth Amendment, which protects people’s “houses, papers and effects against unreasonable searches and seizures.”

In a brief filed this month, the lawyers spelled out how they believe the surveillance works.

Communications — including emails, Internet phone calls and even Web browsing — are copied, which is necessary for filtering in order to eliminate domestic-only communications and leave only those communications with one end outside of the United States.

After filtering, which the lawyers contend fails to leave out many domestic communications, data is searched by means of “selectors” such as emails, phone numbers or other identifiers of potential terrorists.

Then, the plaintiffs' lawyers assert, the filtered information is retained in a government data base.

Andrew Crocker, a lawyer for the AT&T customers, contended the documents buttress their case and show AT&T facilities around the country where interception occurs.

“It bolsters … what we’ve been saying all along — that AT&T has been collaborating with NSA for a very long time,” Crocker said.

The AT&T customers face obstacles in the case, among them courts’ concerns about protecting national security.

In addition, there’s little in the way of court rulings on the legality of government spying on personal documents, which is why plaintiffs are relying in part on a 79-year-old case involving William Randolph Hearst.

In a federal appellate court case in 1936 related to telegrams, Hearst, the newspaper magnate, achieved a precedent when the court ruled that “dragnet seizure” by the Federal Communications Commission was illegal.

The FCC had subpoenaed Hearst’s telegrams to and from his newspaper employees and dispatched agents to telegraph offices in Washington to collect them.

“It doesn’t matter what technology is being used, it’s the behavior itself,” Crocker argued. “That’s what this case is about.”

bill.lambrecht@hearstdc.com