GCHQ’s Bag of Online Dirty Tricks (and Quisquater, “Fuck the EU,” Ukraine/Torture, First Look)

NBC covers some of GCHQ’s work on the “sword” side of life as the electronic sword and shield of the British empire.

Everything from online gaslighting (changing people’s social media profile photos) to AMBASSADORS RECEPTION, a virus that encrypts itself, deletes email, encrypts files, causes the screen to shake (!) and keeps the person from logging on to the computer.

Even deleting their profile — from the presenter noites, “Ability to delete a target’s online presence. Very annoying!!”

Also real-world hijinks from honey traps (sexual encounters used here to discredit the target) to “credential harvesting” — the fine art of picking journalists to spread disinformation to a particular target.

The Snowden-leaked files make it clear all this stuff is very much in active use, being used by the agencies to disrupt business deals, discredit people, jack up the paranoia level, and generally make targets’ lives hell.

All of the techniques are rude and crude and nothing most of you probably couldn’t come up with over a warm pint or two, but… now the world knows the Big Boys actually DO this stuff.

Note that for “information operations” work they specify “use of open source info and/or releasable Sigint items.”

What makes a “releasable” SIGINT item?

Note as well the quote from an intelligence insider saying the Brits were ““slightly ahead” of U.S. spies” in using these tactics. In other words, yep, the US pulls this kind of stuff too.

More details on the Quisquater Five-Eyes-hacking-cryptographers hack. From Quisqater himself. http://cryptome.org/2014/02/quisquater-comments.htm

Someone (probably Russian intelligence) released audio of a US diplomat telling her boss, “fuck the EU.” (WRT Ukraine) The EU is… not amused. The German foreign ministry’s spokesperson observed in those-who-live-by-the-sword fashion… “Yeah, surveillance is stupid.” (quote not linked to here) https://www.youtube.com/watch?v=MSxaa-67yGM#t=3m0s

Speaking of Ukraine — opposition activists tortured (by Russian speaking men) using molten metal poured on their faces. Pretty hardcore brutal shit. (German language source) https://www.taz.de/Ukrainischer-Oppositioneller-gefoltert/!132495/

First Look (the Omidyar/Greenwald/Poitras/Scahill venture) announces they’re launching ahead of time because “in recent weeks, there has been a dramatic escalation in the threats against journalists reporting on the NSA story” and they aim to be the necessary publisher of last resort. https://firstlook.org/#/blog/FirstMagazine

http://msnbcmedia.msn.com/i/msnbc/sections/news/snowden_cyber_offensive1_nbc_document.pdf
http://www.nbcnews.com/news/investigations/snowden-docs-british-spies-used-sex-dirty-tricks-n23091

“British spies have developed “dirty tricks” for use against nations, hackers, terror groups, suspected criminals and arms dealers that include releasing computer viruses, spying on journalists and diplomats, jamming phones and computers, and using sex to lure targets into “honey traps.”[…]

According to the documents, which come from presentations prepped in 2010 and 2012 for NSA cyber spy conferences, the agency’s goal was to “destroy, deny, degrade [and] disrupt” enemies by “discrediting” them, planting misinformation and shutting down their communications.

Both PowerPoint presentations describe “Effects” campaigns that are broadly divided into two categories: cyber attacks and propaganda operations. The propaganda campaigns use deception, mass messaging and “pushing stories” via Twitter, Flickr, Facebook and YouTube. JTRIG also uses “false flag” operations, in which British agents carry out online actions that are designed to look like they were performed by one of Britain’s adversaries.[…]

One intelligence official also said that the newest set of Snowden documents published by NBC News that describe “Effects” campaigns show that British cyber spies were “slightly ahead” of U.S. spies in going on offense against adversaries, whether those adversaries are hackers or nation states. The documents also show that a one-time signals surveillance agency, GCHQ, is now conducting the kinds of active espionage operations that were once exclusively the realm of the better-known British spy agencies MI5 and MI6.

According to notes on the 2012 documents, a computer virus called Ambassadors Reception was “used in a variety of different areas” and was “very effective.” When sent to adversaries, says the presentation, the virus will “encrypt itself, delete all emails, encrypt all files, make [the] screen shake” and block the computer user from logging on.[…]

The version of a “honey trap” described by British cyber spies in the 2012 PowerPoint presentation sounds like a version of Internet dating, but includes physical encounters. The target is lured “to go somewhere on the Internet, or a physical location” to be met by “a friendly face.” The goal, according to the presentation, is to discredit the target.[…]

The 2010 presentation also describes another potential operation that would utilize a technique called “credential harvesting” to select journalists who could be used to spread information. According to intelligence sources, spies considered using electronic snooping to identify non-British journalists who would then be manipulated to feed information to the target of a covert campaign. Apparently, the journalist’s job would provide access to the targeted individual, perhaps for an interview. The documents do not specify whether the journalists would be aware or unaware that they were being used to funnel information.[…]

In a set of operations that intelligence sources say were designed to stop weapons transactions and nuclear proliferation, JTRIG used negative information to attack private companies, sour business relationships and ruin deals.

The British cyber spies also used blog posts and information spread via blogs in an operation against Iran.

Other effective methods of cyber attack listed in the documents include changing photos on social media sites and emailing and texting colleagues and neighbors unsavory information. The documents do not give examples of when these techniques were used, but intelligence sources say that some of the methods described have been used by British intelligence to help British police agencies catch suspected criminals.

The documents from 2010 note that “Effects” operations, GCHQ’s offensive push against Britain’s enemies, had become a “major part” of the spy agency’s business.”

Advertisements
%d bloggers like this: