GCHQ has developed a toolkit of software programs used to manipulate online traffic, infiltrate users' computers and spread select messages across social media sites including Facebook and YouTube.
The UK spy agency's dark arts were revealed in documents first published by The Intercept, and each piece of software is described in a wiki document written up by GCHQ's Joint Threat Research Intelligence Group (JTRIG). The document, which reads like a software inventory, calls the tools part of the agency's "weaponised capability."
Some of the most interesting capabilities of the tools on the list include the ability to seed the web with false information — such as tweaking the results of online polls — inflating pageview counts, censoring video content deemed "extremist" and the use of psychological manipulation on targets — something similar to a research project conducted with Facebook's approval, which resulted in heavy criticism and outrage levied at the social media site.
A number of interesting tools and their short descriptions are below:
- ASTRAL PROJECTION: Remote GSM secure covert Internet proxy using TOR hidden service
- POISON ARROW: Safe malware download capability
- AIRWOLF: YouTube profile, comment and video collection
- BIRDSTRIKE: Twitter monitoring and profile collection
- GLASSBACK: Technique of getting a target's IP address by pretending to be a spammer and ringing them. Target does not need to answer.
- MINIATURE HERO: Active skype capability. Provision of realtime call records (SkypeOut and SkypetoSkype) and bidirectional instant messaging. Also contact lists.
- PHOTON TORPEDO: A technique to actively grab the IP address of MSN messenger user
- SPRING-BISHOP: Finding private photos of targets on Facebook
- BOMB BAY: The capacity to increase website hits, rankings
- BURLESQUE: The capacity to send spoofed SMS messages
- GESTATOR: Amplification of a given message, normally video, on popular multimedia websites (YouTube)
- SCRAPHEAP CHALLENGE: Perfect spoofing of emails from Blackberry targets
- SUNBLOCK: Ability to deny functionality to send/receive email or view material online
- SWAMP DONKEY: A tool that will silently locate all predefined types of file and encrypt them on a targets machine
- UNDERPASS: Change outcome of online polls (previously known as NUBILO).
- WARPATH: Mass delivery of SMS messages to support an Information Operations campaign.
- HUSK: Secure one-on-one web based dead-drop messaging platform.
The list, dated from 2012, says that most of the tools are "fully operational, tested and reliable,” and adds: "Don't treat this like a catalogue. If you don't see it here, it doesn't mean we can't build it."
"We only advertise tools here that are either ready to fire or very close to being ready," the document notes.
The release of these documents comes in the same week that the UK intelligence agency's spying activities are being investigated by surveillance watchdog the Investigatory Powers Tribunal (IPT). Civil liberty groups set a legal challenge against the GCHQ in order to question the legal standing of schemes such as Tempora — a project revealed in the NSA scandal that showed the agency placed data interceptors on fiber-optic cables that carry Internet traffic to and from the UK.