Spies learn sex and misinformation
A secret unit of British spies trained Kiwis how to be ‘‘cyber magicians,’’ using sex, misinformation and psychological tactics to control the internet.
Documents leaked by journalist Glen Greenwald, through US whistleblower Edward Snowden, show Government Communications Security Bureau agents were briefed by counterparts from the ultra-secret Joint Threat Research Intelligence Group.
Slide show presentations from a top secret ‘‘Five Eyes’’ 2012 intelligence conference reveal tactics including setting ‘‘honey traps’’ and dirty tricks cyber operations. As well being successful in Afghanistan and Iran, the undercover ploys were used on ‘‘hackivists’’ (online political activists) and private companies.
Prime Minister John Key yesterday refused to confirm or deny if the tactics were used by the GCSB. He stressed the foreign spy agency, which has been found to have illegally spied on Kiwis for a decade, must act within the law.
The Government is braced for further revelations on the Five Eyes network from the Snowden archive. But Key was nonchalant. ‘‘I don’t know what Snowden has ... They are of no great consequence, I don’t think.’’
Many of the tactics involved personal attacks, discrediting targets online by using sex, writing false blogs and contacting friends and colleagues. Leaked and negative information posted online and disrupting business links was designed to ruin the reputation of private companies.
The hacktivist collective Anonymous was targeted with cyber attacks. The presentation also detailed how agents could get another country to ‘‘believe a secret’’ by placing information on a compromised computer or making it visible on networks under surveillance.
Greenwald, writing for The Intercept website, said the agencies were ‘‘attempting to control, infiltrate, manipulate and warp online discourse, and in doing so are compromising the integrity of the internet itself.’’
He called the tactics ‘‘extremist’’ and ‘‘dangerous’’, pointing out they did not only target hostile nations or spy agencies, terrorists or nation security threats, but also ‘‘people suspected (but not charged or convicted) of ordinary crimes or ... those who use online protest activity for political ends.’’
Labour said the Government had to ask questions to ascertain if the GCSB used the tactics.
‘‘It goes beyond surveillance. Some of it sounds barely legal,’’ associate intelligence spokesman Grant Robertson said.
‘‘It sounds extreme. If they are using it, it is another blow to the public’s confidence in our intelligence agencies.’’
Feeding information to a company’s rivals was a ‘‘bizarre’’ way for security agencies to behave. ‘‘John Key does need to find out if this is what our agencies were involved in.’’
It is the second set of leaks that shows GCSB agents were swapping tips with their Five Eyes counterparts. Last year Fairfax Media revealed a secret memo from an April 2008 intelligence conference at Britain’s GCHQ.
It showed intelligence agencies from New Zealand, United States, Australia, Canada and Britain canvassed if they could pool medical, religious or legal information harvested during the bulk-collection of metadata. Canadian spies raised concerns.
JTRIG, a unit of the British signals intelligence agency GCHQ, focused on cyber forensics, espionage and covert operations. Its purpose was ‘‘using online techniques to make something happen in the real or cyber world’’, including ‘‘information ops (influence or disruption)’’. Tactics, which follow the ‘‘4 Ds: deny, disrupt, degrade and deceive, included:
- Honey traps: A ‘‘great option’’ and ‘‘very successful when it works’’
- A JTRIG tool called ambassadors reception. It involved sending a virus which would delete emails, encrypt files, make the screen shake, deny service or stop logins
- Methods to ‘‘stop someone communicating’’ by bombarding their phone with text messages and calls – in some cases every 10 seconds, deleting their online presence and blocking up their fax machines
- Changing a profile photo on social networking sites ‘‘can take paranoia to a whole new level’’
- ‘‘false flag operations’’ – posting material online that is falsely attributed to a target
- psychological manipulation, using ‘‘leaders, trust, obedience and compliance’’, to influence online discourse and sow discord