‘Dirty tricks’: UK spies use sex, cyber attacks to discredit targets – Snowden leaks
Documents leaked by the US National Security Agency whistleblower and published by NBC news Friday detail strategies used by the Joint Threat Research and Intelligence Group (JTRIG), a spy unit whose existence has been classified, to “destroy, deny, degrade [and] disrupt” adversaries. The slides, which were used in 2010 and 2012, showed that the JTRIG completed their mission by “discrediting” them via misinformation and hacking their communications.
The leak details two primary methods of attack, cyber operations and propaganda efforts. The propaganda missions include mass messaging and the manipulation of stories on social media platforms like Twitter, Flickr, Facebook, YouTube.
The cyber-attacks primarily include distributed denial of service (DDoS) attacks, made famous by hackers who overtake millions of computers and direct all of their internet traffic to one site, overwhelming that URL and effectively shutting it down for an amount of time.
Eric King, an attorney who currently teaches IT law at the London School of Economics, told NBC it is “remarkable” that the GCHQ has become so adept at launching DDoS attacks without “clear lawful authority,” and even as the British government has criticized similar strategies used by other governments.
“GCHQ has no clear authority to send a virus or conduct cyber-attacks,” he said. “Hacking is one of the most invasive methods of surveillance.”
The slides also point out that the British were “slightly ahead” of US spies regarding offensive operations and that the GCHQ had absorbed many of the responsibilities formerly under the domain of the MI5 and MI6 spy agencies.
Yet the clandestine activities outlined in the Snowden documents also exit the digital world and enter one reminiscent of a John le Carre novel. The 2012 presentation describes the “honey trap” method of discrediting a target with the timeless art of seduction. The individual is lured “to go somewhere on the internet, or a physical location” where they are then “met by a friendly face.”
No specific instances where the “honey trap” was successfully employed is mentioned, but a so-called “Royal Concierge” program took advantage of hotel reservation systems to track the physical location of foreign diplomats and issue “daily alerts to analysts working on governmental hard targets.” Royal Concierge then attempts to manipulate the reservation so the diplomat in question stays at a hotel friendly to the GCHQ’s SIGINT (signal-intelligence) program. Others are tracked so they can be monitored in-person.
The slides encourage agents to monitor targets through “close access technical operations” and ask them to consider “Can we influence hotel choice? Can we cancel their visits?”
Also mentioned in the 2010 presentation is a technique known as “credential harvesting” that seeks to manipulate journalists into giving tainted information to an intelligence target. Whether or not the journalist would be aware of their role is unclear but the slides do indicate a reporter could be used to gain access to a target, perhaps through an interview, and then have their conversation monitored by the GCHQ.
Joel Simon, executive director of the Committee to Protect Journalists, told NBC the very notion of “credential harvesting” should be a “wake up call” to media personnel.
“All journalists generally are then vulnerable to the charge that they work at the behest of an intelligence agency,” he said.