British special services Swiss knife: a set of tools for doing cyber war
The Government Communications Center ( GCHQ , Government Communications Headquarters) - a UK intelligence agency responsible for conducting electronic intelligence and for protecting the information of government and military agencies - has developed a wide range of tools to fully control the Internet. I propose to look at what is hidden in their sleeves.
A set of software tools secret British agency GCHQ is similar to the menu of an expensive restaurant. There are tools for every taste that allow you to sow misinformation throughout the network, including juggling the results of online polls, increasing the number of web page views, raising the set comments on YouTube in the rating and artificially moving the required videos to the “forbidden” section. The possibilities listed in the documents promulgated by Edward Snowden include even the good old tools for young phone hooligans, allowing you to call two absolutely unaware people on the phone by telephone.
The tools created by the Joint Threat Research Group (JTRIG) combine the most striking methods of propaganda and Internet deception among all those published by Snowden. The previously disclosed documents show in detail how the agency uses fake blogs, false flag operations, fabricated compromising materials and psychological manipulations aimed at online activists, monitoring WikiLeaks visitors, and spying on YouTube and Facebook users.
When the discussion of a new bill began that gives the government greater powers in terms of intelligence (Prime Minister James Cameron described this document as “urgent need” to ensure “public safety”), WikiLeaks had a new secret document called “Instruments and Techniques of the Joint Research Group threats ”, which showed from a bird's-eye view how behind-the-scenes and“ barbarous ”are the technologies used by the agency. The document contains a list of technologies available for use by other divisions of GCHQ when they need the dark side of the power of the Internet, and can be used by hackers as a mini-bar, from which you can take everything you need if necessary.
')
Instruments are given boastful names. They contain crude methods of online combat, including those that are strictly forbidden for use in the UK and the USA, including DDoS attacks and “phone bombs”. However, there are also completely new tactics aimed at changing political sentiments and the implementation of propaganda, including the ability to monitor Skype users in real time, which again raises the question of M $ cooperation with spy agencies and potential vulnerabilities in Microsoft's encryption algorithms.
Here are examples of how program features are described:
UNDERPASS ("Underpass") - a change in the results of online voting.
BADGER ("Badger") / WARPARTH ( probably a typo, most likely meant WARPATH - "Path of War" ) - mass email / SMS messaging to support an information operation.
SILVERLORD - the destruction of sites with extremist video content.
MINIATURE HERO (“Miniature Hero”) - real-time monitoring of calls from Skype outside and Skype-to-Skype, as well as chat and a list of contacts.
SPRING BISHOP ("Spring Bishop") - getting private photos from Facebook.
ANGRY PIRATE ("Evil Pirate") - lock user account on a given computer.
GATEWAY and SLIPSTREAM - artificially increasing traffic and views.
GESTATOR - increasing the popularity of the message (usually video) on well-known sites (mainly on YouTube).
There are other tools that include targeted DDoS attacks using P2P networks, tools for monitoring Ebay auction, spoofing email addresses and connecting two arbitrary phones.
Despite the fact that many tactics are marked as being in development, the threat research team considers them quite functional and ready to use. “We list the tools that are to work or are at the final stage of development,” they say.
The threat research team encourages colleagues to think broadly: “Do not think this is the final list. If a tool is not in the catalog, we can easily create it. ”
The document is part of a large Wiki archive used by the agency for internal discussion of online surveillance activities and ongoing online wrestling activities. The last time the document was changed in 2012 and at that time had 20,000 views.
The agency declined to comment in any way on the document that appeared and noted only that it always acts in strict accordance with the letter of the law, and the leak itself is the subject of a thorough investigation.
The British organization Privacy International, which monitors violations of rights and freedoms, has sued the security agency over the use of illegal surveillance software on the Internet and mobile phone users. However, the agency still adheres to its tactics and does not disclose its practices, since This can lead to a deterioration in public opinion.
Regarding the oversight of the activities of the agency, questions were raised about whether the top managers of the security services knew about what was happening in the agency.
Chris Hyun, a former minister and member of the security council until 2012, insisted that the ministers were completely unaware of the largest espionage program - Tempora, not to mention cases of theft of email, contacts, monitoring user activity on social networks and his search requests. As noted by Hyun in an interview for the Guardian magazine, when it comes to GCHQ or the NSA, my “privileged information” pales in comparison to the information disclosed by Edward Snowden.
Translator's comment. I urge to limit ourselves to fervent comments, because as the rules state, “Habr is not a place for politics”. I propose to concentrate on the technical side of the aspect, and leave the "deep" conclusions to yourself.
A set of software tools secret British agency GCHQ is similar to the menu of an expensive restaurant. There are tools for every taste that allow you to sow misinformation throughout the network, including juggling the results of online polls, increasing the number of web page views, raising the set comments on YouTube in the rating and artificially moving the required videos to the “forbidden” section. The possibilities listed in the documents promulgated by Edward Snowden include even the good old tools for young phone hooligans, allowing you to call two absolutely unaware people on the phone by telephone.
The tools created by the Joint Threat Research Group (JTRIG) combine the most striking methods of propaganda and Internet deception among all those published by Snowden. The previously disclosed documents show in detail how the agency uses fake blogs, false flag operations, fabricated compromising materials and psychological manipulations aimed at online activists, monitoring WikiLeaks visitors, and spying on YouTube and Facebook users.
When the discussion of a new bill began that gives the government greater powers in terms of intelligence (Prime Minister James Cameron described this document as “urgent need” to ensure “public safety”), WikiLeaks had a new secret document called “Instruments and Techniques of the Joint Research Group threats ”, which showed from a bird's-eye view how behind-the-scenes and“ barbarous ”are the technologies used by the agency. The document contains a list of technologies available for use by other divisions of GCHQ when they need the dark side of the power of the Internet, and can be used by hackers as a mini-bar, from which you can take everything you need if necessary.
')
Instruments are given boastful names. They contain crude methods of online combat, including those that are strictly forbidden for use in the UK and the USA, including DDoS attacks and “phone bombs”. However, there are also completely new tactics aimed at changing political sentiments and the implementation of propaganda, including the ability to monitor Skype users in real time, which again raises the question of M $ cooperation with spy agencies and potential vulnerabilities in Microsoft's encryption algorithms.
Here are examples of how program features are described:
UNDERPASS ("Underpass") - a change in the results of online voting.
BADGER ("Badger") / WARPARTH ( probably a typo, most likely meant WARPATH - "Path of War" ) - mass email / SMS messaging to support an information operation.
SILVERLORD - the destruction of sites with extremist video content.
MINIATURE HERO (“Miniature Hero”) - real-time monitoring of calls from Skype outside and Skype-to-Skype, as well as chat and a list of contacts.
SPRING BISHOP ("Spring Bishop") - getting private photos from Facebook.
ANGRY PIRATE ("Evil Pirate") - lock user account on a given computer.
GATEWAY and SLIPSTREAM - artificially increasing traffic and views.
GESTATOR - increasing the popularity of the message (usually video) on well-known sites (mainly on YouTube).
There are other tools that include targeted DDoS attacks using P2P networks, tools for monitoring Ebay auction, spoofing email addresses and connecting two arbitrary phones.
Despite the fact that many tactics are marked as being in development, the threat research team considers them quite functional and ready to use. “We list the tools that are to work or are at the final stage of development,” they say.
The threat research team encourages colleagues to think broadly: “Do not think this is the final list. If a tool is not in the catalog, we can easily create it. ”
The document is part of a large Wiki archive used by the agency for internal discussion of online surveillance activities and ongoing online wrestling activities. The last time the document was changed in 2012 and at that time had 20,000 views.
The agency declined to comment in any way on the document that appeared and noted only that it always acts in strict accordance with the letter of the law, and the leak itself is the subject of a thorough investigation.
The British organization Privacy International, which monitors violations of rights and freedoms, has sued the security agency over the use of illegal surveillance software on the Internet and mobile phone users. However, the agency still adheres to its tactics and does not disclose its practices, since This can lead to a deterioration in public opinion.
Regarding the oversight of the activities of the agency, questions were raised about whether the top managers of the security services knew about what was happening in the agency.
Chris Hyun, a former minister and member of the security council until 2012, insisted that the ministers were completely unaware of the largest espionage program - Tempora, not to mention cases of theft of email, contacts, monitoring user activity on social networks and his search requests. As noted by Hyun in an interview for the Guardian magazine, when it comes to GCHQ or the NSA, my “privileged information” pales in comparison to the information disclosed by Edward Snowden.
Translator's comment. I urge to limit ourselves to fervent comments, because as the rules state, “Habr is not a place for politics”. I propose to concentrate on the technical side of the aspect, and leave the "deep" conclusions to yourself.
Source: https://habr.com/ru/post/230273/
All Articles