FYI.

This story is over 5 years old.

Tech

How GCHQ's Newly Leaked Spy Tools Manipulate the Net

A whole list of tools with bizarre codenames has been revealed, including some that monitor Skype, manipulate online polls, and spread false information.
Image: Shutterstock/scyther5

Just as GCHQ is on trial this week to defend the legality of its mass surveillance programmes, more information about the UK agency's powerful targeted spying and propaganda powers has come to light.

According to documents first disclosed by NBC News, the Joint Threat Research Intelligence Group (JTRIG) is a division within GCHQ essentially tasked with creating and deploying new methods for extracting information, intimidating adversaries, and destroying enemy reputations. The latest documents, called “JTRIG Tools and Techniques” and published by Glenn Greenwald over at the Intercept, detail an agency with extraordinary abilities not only to spy on individuals but to manipulate a whole range of things on the internet, from the outcome of online polls to website pageviews.

Advertisement

The list is allegedly ripped from a Wikipedia-style site that allowed other GCHQ staff to see what the unit are working on, and states that most of these tools are “fully operational, tested and reliable.” Although JTRIG says that some are to be used for very particular instances “(eg if it exploits a provider specific vulnerability)”, and others may be subject to legal restrictions, it adds that “If you don't see it here, it doesn't mean we can't build it.” Each tool also brings another bizarre codename into the surveillance lexicon.

Many of the tools are for surveillance of a specific target. One called SODAWATER regularly downloads a target's Gmail messages; ICE is an “advanced IP harvesting technique” which could in turn help reveal their physical location; MINIATURE HERO allows monitoring of active Skype calls (it isn't clear how Skype's encryption is bypassed); and SPRING BISHOP is used to find private photographs on Facebook.

The JTRIG tools that are most worrying are those that apparently allow the agency to actually change content on the internet. For example, a couple of the tools help censor videos: BUMPERCAR can manipulate the way that service providers report offensive materials, while SILVERLORD is aimed at the "disruption of video-based websites hosting extremist content through concerted target discovery and content removal".

In the other direction, GESTATOR can “amplify”—or increase the exposure—of a video on YouTube, while other tools can artificially increase traffic to a webpage.

The spread of disinformation is another possibility. SCRAPHEAP CHALLENGE is said to allow “perfect spoofing of emails” from Blackberry devices; CLEAN SWEEP to post fake Facebook material for “individuals or entire countries”; and UNDERPASS, which is listed in the documents last modified on 5 July 2012 as still in development, to “change outcome of online polls.”

These sort of tools echo what was previously revealed about JTRIG. Detailed in documents published by the Intercept in February, the division uses psychological methods like honey traps and manipulation techniques, as well as more direct methods such as posting false information.

The abilities to promote certain pieces of information and make others vanish are dangerous for any country that wishes to preserve genuine democratic debate. While GCHQ continues to push its standard line that it operates legally and under strict oversight, those claims may come under greater scrutiny in this week's tribunal.