GCHQ's Covert Operations Hit the Spotlight Again
One of LulzSec's Founders Sheds More Light on JTRIG's Ways
The Government Communication Headquarters (GCHQ) is the UK equivalent of US' NSA, and it's an institution with a lot of history and tradition. During World War II, for example, it employed Alan Turing who played a key role in breaking the German Enigma machine and bringing the war to an end. If Mr. Turing were alive today, he would probably be a bit unsure about the methods GCHQ uses at the moment.
In 2014, Britain's biggest intelligence agency received plenty of media attention when former NSA employee, Edward Snowden, leaked a few interesting PowerPoint presentations. The top-secret documents revealed that a special organization runs inside GCHQ. It's called Joint Threat Research Intelligence Group (JTRIG), and the practices it employs to do its job are, in some people's opinion, illegal.
Snowden's documents revealed that JTRIG could tap into fiber optic cables and monitor tons upon tons of data. Encryption of the information sent and received by social networks wasn't widely adopted back in 2014, which means that the intelligence agency had the ability to see what you as well as millions of other people like, watch, and share on Facebook, YouTube, and Twitter. This way, JTRIG was able to foresee some of the geopolitical events triggered by social unrest. This wasn't the only thing revealed by Edward Snowden's leaks.
The documents talk about the "4 Ds" - Deny, Disrupt, Degrade, Deceive. The methods used to achieve those 4 Ds include:
- Bombarding the target with phone calls
- Tampering with the target's social media profiles
- Deleting all sorts of Internet presence
- Releasing incorrect information on the Internet
- Setting up honey traps
JTRIG is also ready to spread a virus called Ambassadors Reception to achieve its goal. The malware is pretty potent. It can encrypt itself as well as the other files on the system, it can delete emails, it can make the screen shake, and it can lock users out of their computers. The presentations show that GCHQ's officers are even willing to organize a Denial of Service attack against people who they don't like very much. The targets range from individuals who are close to certain regimes to black hat hackers.
Speaking of black hat hackers, a person by the name of Mustafa Al-Bassam recently decided to shed some more light on JTRIG, its operations, and its goals. Mr. Al-Bassam should know what he's talking about. He is the founding member of the infamous LulzSec group, which stood behind some pretty high profile attacks back in 2011. His days of bringing the CIA website down are long gone, and he now works as a security consultant for a company specializing in online payment solutions. Still, he does have a few words to say about JTRIG.
According to him, before Snowden's leak, GCHQ's secret division used a URL shortening service called Lurl.me to deanonymize another member of the LulzSec group. This way, intelligence officers were able to get to the said member's Facebook profile and email accounts. They were also able to monitor conversations within the group.
Image 1. Lurl.me service
The Lurl.me service was used for far more than exposing the personal data of hackers. Al-Bassam says that JTRIG established fake Twitter profiles and employed Lurl.me links extensively during the 2009 Iranian Presidential Elections and the Arab Spring from 2011. The covert intelligence officers said that the shortened URLs would lead Iranians and Syrians to information that had not been censored by the regimes. The tweets can only be interpreted as an attempt to influence the public's opinion, and this theory is also backed up by some of the documents Edward Snowden leaked in 2014. It's difficult to determine how effective this tactic was, but Al-Bassam noticed that the Twitter accounts were only active during UK working hours and that they were mainly in English which shows that JTRIG was somewhat shorthanded at the time.
In 2011, GCHQ's covert division also established a Blogspot account and urged Syrian Internet users to employ a couple of proxies to bypass government censorship. The Snowden documents show that setting up proxies and making people use them can help JTRIG organize Man-in-the-Middle attacks. In other words, JTRIG can use the proxies to spy on people. Not surprisingly, there's no shortage of individuals who are less than ecstatic about this.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.