Tag Archives: GCHQ

Interview: Richard Dearlove—I spy nationalism

A former head of MI6 says that, though the White House commands our attention, Europe is the greater worry.

Richard Dearlove frowned at the coffee pot on the table before him, as he pondered the phenomenon of Donald Trump. “I think he’s very strongly nationalist,” he said, pouring himself a small cup. The room, at a discreet location in central London, was large and empty of other people, its walls lined with 19th-century portraits. Is Trump the start of something worrying, I asked. “I think it depends on how fundamental this shift in politics in the US and other countries is,” he replied, speaking slowly. “I think the jury’s out on how far it is going to go.”

Continue reading Interview: Richard Dearlove—I spy nationalism

Advertisements

The New Snowden Revelation Is Dangerous for Anonymous — And for All of Us

Photo: Jim Merithew/WIRED

The latest Snowden-related revelation is that Britain’s Government Communications Headquarters (GCHQ) proactively targeted the communications infrastructure used by the online activist collective known as Anonymous.

Specifically, they implemented distributed denial-of-service (DDoS) attacks on the internet relay chat (IRC) rooms used by Anonymous. They also implanted malware to out the personal identity details of specific participants. And while we only know for sure that the U.K.’s GCHQ and secret spy unit known as the “Joint Threat Research Intelligence Group” (JTRIG) launched these attacks in an operation called “Rolling Thunder,” the U.S.’ NSA was likely aware of what they were doing because the British intelligence agents presented their program interventions at the NSA conference SIGDEV in 2012. (Not to mention the two agencies sharing close ties in general.)

Whether you agree with the activities of Anonymous or not — which have included everything from supporting the Arab Spring protests to DDoSing copyright organizations to doxing child pornography site users — the salient point is that democratic governments now seem to be using their very tactics against them.

The key difference, however, is that while those involved in Anonymous can and have faced their day in court for those tactics, the British government has not. When Anonymous engages in lawbreaking, they are always taking a huge risk in doing so. But with unlimited resources and no oversight, organizations like the GCHQ (and theoretically the NSA) can do as they please. And it’s this power differential that makes all the difference.

There are many shades of gray around using denial-of-service attacks as a protest tactic. Unlike a hack, which involves accessing or damaging data, a DDoS attack renders a web page inaccessible due to an excessive flood of traffic. As an anthropologist who has studied hacker culture, hacktivism, and Anonymous in particular, I struggled to find some black-and-white moral certitude for such activities. But as one member of Anonymous told me: “Trying to find a sure fire ethical defense for Anonymous DDoSing is going to twist you into moral pretzels.”

Judging the “moral pretzel” of DDoS attacks requires understanding the nuances of how they are carried out, and DDoS attacks tend to be problematic no matter what the motivation. Still, they’ve been a worthwhile exercise in experimenting with a new form of protest in an increasingly digital era. In the case of Anonymous, this form of protest came about because of the banking blockade against WikiLeaks. While the protest was rooted in deceit (they used botnets and many of their participants did not know that), it was certainly not destructive (especially since it was leveled against a large organization that could withstand it). The whole point was to get media attention, which they did.

But here’s the thing: You don’t even need to believe in or support DDoS as a protest tactic to find the latest Snowden revelations troubling. There are clearly defined laws and processes that a democratic government is supposed to follow. Yet here, the British government is apparently throwing out due process and essentially proceeding straight to the punishment — using a method that is considered illegal and punishable by years in prison. Even if DDoS attacks would do more damage upstream (than to IRC), it’s a surprising revelation.

This is the kind of overreaction that usually occurs when a government is trying to squash dissent.

The real concern here is a shotgun approach to justice that sprays its punishment over thousands of people who are engaged in their democratic right to protest simply because a small handful of people committed digital vandalism. This is the kind of overreaction that usually occurs when a government is trying to squash dissent; it’s not unlike what happens in other, more oppressive countries.

Since 2008, activists around the world have rallied around the name ‘Anonymous’ to take collective action and voice political discontent. The last two years in particular have been a watershed moment in the history of hacktivism: Never before have so many geeks and hackers wielded their keyboards for the sake of political expression, dissent, and direct action.

Even though some Anonymous participants did engage in actions that were illegal, the ensemble itself poses no threat to national security. The GCHQ has no business infecting activists’ systems with malware and thwarting their communications. And if we’re going to prosecute activists and put them in jail for large amounts of time for making a website unavailable for 10 minutes, then that same limitation should apply to anyone who breaks the law — be they a hacker, our next door neighbor, or the GCHQ.

As it is, the small subset of Anonymous activists who engaged in illegal civil disobedience face serious consequences. These activists — on both sides of the Atlantic — are currently paying a steep price for breaking the law, because the current form of the laws under which they’re charged (the Computer Misuse Act in the U.K., and the CFAA in the U.S.) tend to mete out more excessive and often disproportionate punishments compared to analogous offline ones. For instance, physical tactics such as trespass or vandalism of property rarely result in serious criminal consequences for participants and tend to be minor civil infractions instead of federal crimes. Yet that same nuance — which fundamentally recognizes the intention and the consequences of such protest actions — is rarely extended to online activities. Criminal punishments for such acts can stretch out to years, disrupt lives, lead to felony charges on employment records, and result in excessively high fines.

If we’re going to prosecute activists for making a website unavailable for one minute, then that same limitation should apply toanyone who breaks the law.

To put this in perspective: In Wisconsin alone a man was fined for running an automated DDoS tool against the Koch Industries website for 60 seconds. (He was protesting the billionaire Koch brothers’ role in supporting the Wisconsin governor’s effort to reduce the power of unions and public employees’ right to engage in collective bargaining.) The actual financial losses were less than $5,000, but he was charged a fine of $183,000 — even though a far worse physical crime in the same state was only fined $6400.

In the U.K., Chris Weatherhead — who didn’t directly contribute to a DDoS campaign but ran the communication hub where the protests were coordinated — received a whopping 18-month sentence. This is even more time than was given to hackers who broke into computer systems, stole data, and dumped it on the internet.

Based on these and other sentences already handed out, it’s clear that judges consider Anonymous’ actions to be serious and punishable. Scores of Anonymous hacktivists have already been arrested or jailed.

Meanwhile, agencies like the GCHQ face no such risks, deterrents, consequences, oversight, or accountability. This scenario is all the more alarming given that some of Anonymous’ actions may be illegal and might warrant attention from some law enforcement agencies — but do not even come close to constituting a terrorist threat. And that means we’re inching into the same territory as the dictatorial regimes criticized by democratic governments for not respecting internet freedoms.

United Kingdom’s GCHQ Has Secret Warrantless Surveillance Arrangements With Foreign Intelligence Agencies

GCHQ banksy

The UK government has admitted for the first time that its intelligence agencies can access data collected by other international agencies about UK citizens without a warrant.

Human rights groups Privacy International, Liberty and Amnesty International have revealed that the UK’s Government Communications Headquarters (GCHQ) had almost limitless access to a “massive searchable database” compiled by the NSA and other overseas partners, which includes information about British citizens caught in surveillance operations.

The revelations were heard at a private hearing at the Investigatory Powers Tribunal, the UK surveillance watchdog, after the three groups brought GCHQ to court in July this year.

“On the face of the descriptions provided to the claimants, the British intelligence agencies can trawl through foreign intelligence material without meaningful restrictions and can keep such material, which includes both communications content and metadata,” the groups said in a joint statement.

Edward Snowden’s revelations included details of warrantless surveillance of US and UK citizens.

“The ‘arrangements’, as they are called by government, also suggest that intercepted material received from foreign intelligence agencies is not subject to the already weak safeguards that are applied to communications that are intercepted by the UK’s Tempora programme.”

document submitted by the UK government to the court shows that GCHQ’s interception and collection of communications gathered by foreign intelligence agencies about UK citizens is permitted, if it is not a “deliberate circumvention” of the Regulation of Investigatory Powers Act (Ripa).

It is stated that a warrant is not necessary for GCHQ if it is “not technically feasible” and it is “necessary and proportionate” for the agency to gather the information.

“[A] Ripa interception warrant is not as a matter of law required in all cases in which unanalysed intercepted communications might be sought from a foreign government,” the document states.

According to MI5’s own website, the “interception of communications includes listening to the calls made on a telephone or opening and reading the contents of a target’s letters or e-mails” and “is only allowed under the authority of a warrant signed by a Secretary of State [usually the Home Secretary]”.

The issue of warrantless surveillance was brought to light last year by the whistleblower Edward Snowden, the former contract worker for the National Security Agency (NSA). Since then privacy advocates and campaigners have been fighting to curtail the powers of intelligence agencies around the world.

“We now know that data from any call, internet search, or website you visited over the past two years could be stored in GCHQ’s database and analyzed at will, all without a warrant to collect it in the first place,” said Privacy International’s deputy director Eric King.

“It is outrageous that the government thinks mass surveillance, justified by secret ‘arrangements’ that allow for vast and unrestrained receipt and analysis of foreign intelligence material is lawful.”

Spy chief says Cheltenham’s GCHQ is not Big Brother

GCHQ boss Sir Iain Lobban has said people should worry more about private firms snooping on them than spy agencies.

In an interview with The Daily Telegraph, the director of the Cheltenham-based listening post said commercial companies know everything about people and share the data.

Sir Iain told the paper: “Look, who has the info on you? It’s the commercial companies, not us, who know everything – a massive sharing of data,” he said.

“The other day I bought a watch for my wife. Soon there were lots of pop-up watches advertising themselves on our computer, and she complained. ‘It’s that bloody internet’ I tell her.”

The Independent newspaper also reported that it takes GCHQ three times longer to crack codes used by terrorsts.

It said Sir Iain has been reported as saying it used to take two weeks to decipher communications but it now takes six after terrorists changed procedures after revelations by whistleblower Edward Snowden.

Theresa May, the Home Secretary, wants to expand snooping powers to make it easier for the police and intelligence agencies to monitor suspect activity in an ever expanding online world.

It is feared the capability to track terrorists and extremists is diminishing because of their increased use of social media such as chat rooms and Skype.

Internet companies are not required to store such levels of detail of their customer activity and agencies fear it is leaving gaps in monitoring abilities.

The Liberal Democrats killed off a recent attempt to expand the powers, dubbed the snooper’s charter, but Mrs May has pledged to revive the proposals if the Conservatives win an overall majority at the next election.

An investigation by the Guardian newspaper suggests data from mobile phone companies EE, Vodafone and Three is passed automatically when requested by the police.

Snooping powers, including access to phone and internet records, is governed by the Regulation of Investigatory Powers Act (Ripa).

The controversial law, which was designed to tackle terrorism and serious crime, has faced fresh criticism after it emerged police used it to obtain phone records of journalists at the Sun and the Mail on Sunday.

Police make requests for information on possible suspects under the law but the Guardian investigation revealed they are rarely reviewed by the phone companies but are processed on an automated system.

Only O2 required staff to assess each request before passing on data.

Eric King, deputy director of Privacy International, a transparency watchdog, said: “It’s as good as giving police direct access.”

NSA, GCHQ have secret access to German telecom networks – report

Reuters / Kai Pfaffenbach

US and UK intelligence services have secret access points for German telecom companies’ internal networks, Der Spiegel reports, citing slides created in the NSA’s ‘Treasure Map’ program used to get near-real-time visualization of the global internet.

The latest scandal continues to evolve around the US’ NSA and the British GCHQ, both of which appear to be able to eavesdrop on German giants such as Deutsche Telekom, Netcologne, Stellar, Cetel and IABG network operators, according to Der Spiegel’s report based on material disclosed by Edward Snowden.

The Treasure Map program, dubbed “the Google Earth of the Internet,” allows the agencies to expose the data about the network structure and map individual routers as well as subscribers’ computers, smartphones and tablets.

 

The German telecoms had “access points” for technical supervision inside their networks, marked as red dots on such a map, shown on one of the leaked undated slides, Spiegel reports, warning it could be used for planning sophisticated cyber-attacks.

The Treasure map, first mentioned by the New York Times last year, provides “a near real-time, interactive map of the global Internet,” offering a “300,000 foot view of the Internet,” as it gathers Wi-Fi network and geolocation data as well as up to 50 million unique Internet provider addresses.

The Federal Office for Information Security (BSI) spokesman told the DPA news agency that the Federal Office for the Protection of the Telekom has been informed, and that the authorities are analyzing the situation.

One of the companies, Stellar, meanwhile voiced fury over US and British spying. “A cyber-attack of this kind clearly violates German law,” said one if its heads.

Deutsche Telekom and Netcologne said they had not identified any data breaches but Deutsche Telekom’s IT security chief Thomas Tschersich said, that the “access of foreign secret services to our network would be totally unacceptable.”

“We are looking into any indication of a possible manipulation. We have also alerted the authorities,” he stated.

The headquarters of Deutsche Telekom AG in Bonn, Germany (Reuters / Ina Fassbender)

The headquarters of Deutsche Telekom AG in Bonn, Germany (Reuters / Ina Fassbender)

GCHQ said that its work “is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorized, necessary and proportionate, and that there is rigorous oversight” by other government agencies, Bloomberg news reported. The NSA is yet to comment on the latest round of allegations involving Treasure Map.

The US and Germany have been at odds because of a spying row which has bubbled ever since Edward Snowden’s National Security Agency revelations in June 2013.

In October, it was revealed the NSA had been spying on German Chancellor Angela Merkel’s calls since 2002.

A German parliamentary committee has since been holding hearings on the NSA’s spying activities in Germany. Berlin also announced it had discovered an alleged American spy in the country’s Defense Ministry.

While most of the criticism is focused on the US, some believe it’s the German leadership’s inability to react properly to the NSA tapping leaks that’s led to yet another spying scandal. Merkel’s opponents have repeatedly blamed her for too mild a response to the NSA global surveillance revelations.

Germany has also been involved in scandals surrounding the country’s own spying activity. In August, it was reported that German foreign intelligence agency has been tapping Turkey for almost four decades as well as having eavesdropped on at least one telephone conversation of US Secretary of State John Kerry.

Snowden documents: Vodafone-bought firm helped GCHQ

Vodafone Abhörskandal

Media reports indicate that a British cable firm now owned by Vodafone helped Britain’s spy agency GCHQ eavesdrop on millions of Internet users. The reports cite documents released by US whistleblower Edward Snowden.

The revelations are the result of a joint investigation involving the Munich-based German national newspaper Süddeutsche Zeitung, the German public broadcasting stations WDR and NDR, as well as the British private television station Channel 4.

Previously unreleased documents examined by the journalists involved as well as experts consulted in the course of their investigation indicated that the British intelligence agency GCHQ was able to access underwater telecommunications cables owned by Cable & Wireless. It was purchased by Vodafone in 2012.

The reports said that Cable & Wireless was part of a GCHQ program known as “Mastering the Internet,” in which private companies cooperated with British intelligence gatherers to help them tap into Internet traffic data.

The Snowdon documents, which refer to Cable & Wireless by the pseudonym “Gerontic,” showed that the company provided access to around 30 underwater cables, allowing it to gather data on millions of internet users around the globe.

The Channel 4 report alleged that Cable & Wireless rentered space to GCHQ to access a cable linked to the southern English region of Cornwall.

According to the Süddeutsche report, some of the documents indicate that in 2009 around 70 percent of the Internet data gleaned by GCHQ was accessed via Cable & Wireless, before it was purchased by Vodafone. They also show that the Cable & Wireless was paid six million pounds, (7.5 million euros, $9.4 million) in return.

GCHQ declined to comment on the Channel 4 report.

UK: Snowden documents: Vodafone-bought firm helped GCHQ

‘No unlawful activity’

Asked by Channel 4 about the documents, Vodafone issued a statement saying that it had found no evidence of any wrongdoing by Cable & Wireless.

“We have found no indication whatsoever of unlawful activity within Vodafone or Cable & Wireless and we do not recognise any of the UK intelligence agency programmes identified,” the statement said. “Furthermore, Vodafone does not own or operate the cables referred to.”

Previously classified documents leaked by Edward Snowden since mid-2013 have revealed the previously unknown scale of mass surveillance conducted by the US National Security Agency and other spy agencies, including the GCHQ, on private citizens and politicians alike.

‘Five Eyes’

Both the NSA and GCHQ are part of the so-called “five eyes” intelligence cooperation alliance, which also includes spy agencies in Australia, New Zealand and Canada.

A revelation that the NSA tapped into German Chancellor Angela Merkel’s cellular phone caused considerable consternation in Berlin last year.

Snowden currently resides in Russia, which has granted him temporary residency after he fled there on the run from US authorities, which want to put him on trial on a series of charges.

Ex-NSA And GCHQ Spooks Showcase Intel Platform

Security firm Darktrace seeks expansion in SME market with new threat visuals.

Darktrace, a cybersecurity company comprised of ex-spooks from NSA and GCHQ, has revealed details of its new behavioural analytics software.

The firm’s Cyber Intelligence Platform (DCIP) and Threat Visualizer was showcased at a roundtable in central London today, which uses machine learning to detect anomalous behaviour that potentially threatens an organisation.

Nicole Eagan, chief executive of the firm, said: “We have to help companies to know their network, and know their employees’ behaviour better than the adversaries.”

DCIP takes the form of a box that sits on a network and monitors activity, generating alerts for the customer dashboard and data that analysts from Darktrace compile into threat intelligence reports at the end of every week.

Though the company offers it as an on premise service, they have seen some of their clients buying it and offering it as a managed service.

Eagan said that many of their competitors were suffering because they had built their products in labs, as opposed to testing them in realistic situations, adding that her own firm was “in a pretty steep growth curve”.

Darktrace has dealt with large companies over a broad range of industries so far, including energy, aviation and transport, but is now looking to extend itself to SMEs.

Though originating in the UK, with headquarters and development offices in Cambridge, the firm now has premises as far afield as Paris, Milan, New York and San Francisco, with an American headquarters in Washington, DC.