GCHQ leak lists cyber-spies’ hacks
The latest stories from the Technology section of the BBC News web site.{}
15 July 2014
Last updated at 12:06
A document that appears to list a wide variety of GCHQ’s cyber-spy tools and techniques has been leaked online.
It indicates the agency worked on ways to alter the outcome of online polls, find private Facebook photos, and send spoof emails that appeared to be from Blackberry users, among other things.
The document is alleged to have been among those leaked by former US intelligence analyst Edward Snowden.
One expert said the release, published on the site Intercept, was “damaging”.
Alan Woodward, a security consultant who has done work for GCHQ, the UK’s intelligence agency, said: “If you read the mission statement of any signals intelligence organisation, all the listed techniques are what you’d expect them to be doing.
“But it’s very unhelpful for the details to leak out because as soon as you reveal to people how something is being done they can potentially take steps to avoid their information being collected.
“We’ve already seen it happen when various forms of interception were revealed previously with the Snowden leaks.”
Glenn Greenwald, the journalist who published the latest document, noted in his article that an earlier inquiry by the European Parliament’s Civil Liberties Committee had called into question the “legality, necessity and proportionality” of the data-collection activities of GCHQ and the US National Security Agency (NSA), for which Mr Snowden worked.
He also highlighted that the article’s publication coincided with the start of a legal challenge brought by Privacy International, Liberty and other civil rights groups that claimed the UK’s security agencies had acted unlawfully.
However, GCHQ denies it is at fault.
“It is a longstanding policy that we do not comment on intelligence matters,” it said in a statement.
“Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the Parliamentary Intelligence and Security Committee.”
Swamp donkey
More than 100 projects are included in the document, which appears to be from a Wikipedia-style listing for GCHQ’s Joint Threat Research Intelligence Group.
Many involve eccentric codenames.
For example, the ability to send an audio message to a large number of telephones and/or “repeatedly bomb” a target number with the same message is called Concrete Donkey – the name of a weapon in the video game Worms.
Other examples include:
- Angry Pirate – a tool to permanently disable a target’s account on their computer
- Bomb Bay – the capacity to increase website hits/rankings
- Cannonball – the ability to send repeated text messages to a single target
- Gestator – a tool to make a message, normally a video, more visible on websites including YouTube
- Glitterball – software to help agents carry out operations in Second Life and other online games
- Birdstrike – Twitter monitoring and profile collection
- Fatyak – public data collection from the business-focused social network LinkedIn
- Spring Bishop – a tool to find private pictures of targets on Facebook
- Changeling – the ability to spoof any email address and send messages under that identity
- Bearscrape – a tool to extract a computer’s wi-fi connection history
- Miniature Hero – the ability to source real-time call records, instant messages and contact lists from Skype
- Swamp donkey – a way to send a modified Excel spreadsheet document that silently extracts and runs malware on the target’s computer
- Underpass – a tool to change the result of online polls
Some of the schemes are listed as being operational while others are said to be still at the design, development or pilot stages.
However, it is not clear exactly how out-of-date the list is.
The document states it was last modified in July 2012, but includes a note saying: “We don’t update this page anymore, it became somewhat of a Chinese menu for effects operations.”
Staff are instead directed to an alternative page, which has not been leaked.
“The accusation that GCHQ has been manipulating polls and influencing and distorting political discourse is incredibly serious,” said Emma Carr, acting director of the Big Brother Watch campaign group.
“The UK is always the first to point the finger at countries if there is a whiff of corruption or interference within a democratic process, so if senior ministers are aware that this is taking place then this absolutely stinks of hypocrisy.
“It is essential that the government directly addresses these accusations, otherwise they are at risk of losing the international moral high ground.”
Source Article from http://www.bbc.co.uk/news/technology-28306819#sa-ns_mchannel=rss&ns_source=PublicRSS20-sahttp://www.bbc.co.uk/news/technology-28306819#sa-ns_mchannel=rss&ns_source=PublicRSS20-saBBC News – Technology
You must log in to post a comment.