Snowden Document Exposes Extensive List of British Spying Tools

The Government Communication Headquarters (GCHQ) — Britain’s National Security Agency (NSA) equivalent — commands a wide-ranging set of tools that enable it to hack into popular social media and communications outlets and plant false information on the Internet, according to a document published by The Intercept Monday. The long list of options ranges from inflating the results of online polls to allowing the agency to monitor Skype communications in real time, though the details of that capability remain murky.

The full document, which is dated from 2012, detailing the code names of various capabilities is the latest revelation from the trove of classified information leaked to reporters by former government contractor Edward Snowden. Journalist Glenn Greenwald published the list of GCHQ capabilities in the same publication that revealed the NSA and FBI were targeting several Muslim American leaders last week under the Foreign Intelligence Service Act.

As Greenwald puts it, the tools “allow GCHQ to seed the internet with false information.” Created by the the GCHQ’s Joint Research Threat Intelligence Group (JRTIG), the arsenal of hacking options can falsely impact page view counts. Another tool called Silver Specter allows for scanning over TOR, software intended to protect users privacy online. The NSA attempted to attack TOR users, according to an October Guardian based on the Snowden files.

The JRTIG tools go beyond what we’ve seen in the past, targeting particular social networking outlets. It is unclear from the document how complicit companies were in the programs, like the program that targeted Skype. Microsoft uses advanced encryption in Skype, and the company has said it only complies with legal requests to turn over information to authorities when they refer to specific accounts. But the report claims JRTIG was capable of accessing user’s contact lists and providing real time call and instant messaging records of targets.

Another operative tactic allows the agency to find photos of specific targets on Facebook that were not available to the public. The agency also claims to have the ability to amplify messages on popular multimedia websites, such as YouTube. Facebook and Google did not immediately respond to a request for comment, and it is unclear from Greenwald’s report if the companies are aware of or complicit in such practices.

The code names for the programs are listed in a page that looks similar to a Wikipedia page as Greenwald says. It was updated as recently as July 2012, and the long list is apparently not a comprehensive catalog.

“If you don’t see it here, it doesn’t mean we can’t build it,” JTRIG says at the top of the list of programs, which includes the following code names and descriptions:

  • UNDERPASS – “Change the outcome of online polls.”
  • SILVERLORD- “Disruption of video-based websites hosting extremist content through concerted target discovery and content removal.”
  • CHANGELING- “Ability to spoof any email address and send email under that identity.”
  • IMPERIAL BARAGE- “For connecting two target phone together in a call”

I sent a list of questions to GCHQ about The Intercept revelations, and as seems to be typical intelligence agency practice, it simply responded with a vague, blanket response. The agency deflected my questions about how GCHQ obtains permission to use these particular tools on targets or if the companies these programs target like Microsoft or Facebook are aware of the tools’ existence.

“It is a longstanding policy that we do not comment on intelligence matters,” the GCHQ said. “Furthermore, all of GCHQ’s work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position.”

The statement appears to be the same as the one the agency issued to The Intercept. Greenwald expresses skepticism that the agency is subject to “rigorous oversight,” citing a former cabinet minister Chris Huhne who has insisted that the ministers were in “utter ignorance” about one of the largest GCHQ programs Tempora, which allows the UK to collect, store and analyze communications much like the American PRISM program.

The document was revealed as the British parliament is set to consider an emergency surveillance law. The law would require telecom companies to retain customer data for a year, a practice that had previously been in place but was thrown out by a European Union court in the spring. Privacy groups and Snowden have denounced the legislation, saying it is happening too fast without enough of a public debate about human rights.

Today’s revelations in the Intercept cast further doubt on the U.K. spy agency’s concern for privacy rights and free speech, given the particularly invasive nature of the techniques detailed here.  It is unclear from Greenwald’s report whether all of these programs were used and how often they are used. The document notes that sometimes the tools can’t be used because of operational requirements. It goes into some details about why some tactics may not be operational and, almost as an after thought, says “There may also be legal restrictions.”