British spies have developed “dirty tricks” for use against nations, hackers, terror groups, suspected criminals and arms dealers that include releasing computer viruses, spying on journalists and diplomats, jamming phones and computers, and using sex to lure targets into “honey traps.”
Documents taken from the National Security Agency by Edward Snowden and exclusively obtained by NBC News describe techniques developed by a secret British spy unit called the Joint Threat Research and Intelligence Group (JTRIG) as part of a growing mission to go on offense and attack adversaries ranging from Iran to the hacktivists of Anonymous. According to the documents, which come from presentations prepped in 2010 and 2012 for NSA cyber spy conferences, the agency’s goal was to “destroy, deny, degrade [and] disrupt” enemies by “discrediting” them, planting misinformation and shutting down their communications.
Both PowerPoint presentations describe “Effects” campaigns that are broadly divided into two categories: cyber attacks and propaganda operations. The propaganda campaigns use deception, mass messaging and “pushing stories” via Twitter, Flickr, Facebook and YouTube. JTRIG also uses “false flag” operations, in which British agents carry out online actions that are designed to look like they were performed by one of Britain’s adversaries.
The documents also show that a one-time signals surveillance agency, GCHQ, is now conducting the kinds of active espionage operations that were once exclusively the realm of the better-known British spy agencies MI5 and MI6.
- a computer virus called Ambassadors Reception was “used in a variety of different areas” and was “very effective.” When sent to adversaries, says the presentation, the virus will “encrypt itself, delete all emails, encrypt all files, make [the] screen shake” and block the computer user from logging on.
- a “honey trap” described by British cyber spies in the 2012 PowerPoint presentation sounds like a version of Internet dating, but includes physical encounters. The target is lured “to go somewhere on the Internet, or a physical location” to be met by “a friendly face.” The goal, according to the presentation, is to discredit the target. A “honey trap,” says the presentation, is “very successful when it works.”
- “Royal Concierge” exploits hotel reservations to track the whereabouts of foreign diplomats and send out “daily alerts to analysts working on governmental hard targets.” The British government uses the program to try to steer its quarry to “SIGINT friendly” hotels, according to the presentation, where the targets can be monitored electronically – or in person by British operatives.
- potential operation that would utilize a technique called “credential harvesting” to select journalists who could be used to spread information. According to intelligence sources, spies considered using electronic snooping to identify non-British journalists who would then be manipulated to feed information to the target of a covert campaign. The journalist’s job would provide access to the targeted individual, perhaps for an interview. Documents do not specify whether the journalists would be aware or unaware that they were being used to funnel information. The journalist operation was never put into action, according to sources.
- In Afghanistan the British used a blizzard of text messages, phone calls and faxes to “significantly disrupt” Taliban communications, with texts and calls programmed to arrive every minute.
- In a set of operations that intelligence sources say were designed to stop weapons transactions and nuclear proliferation, JTRIG used negative information to attack private companies, sour business relationships and ruin deals.
- British cyber spies also used blog posts and information spread via blogs in an operation against Iran.
- Other effective methods of cyber attack listed in the documents include changing photos on social media sites and emailing and texting colleagues and neighbors unsavory information.
— MarthaGroup (@marthagroup) February 7, 2014