Hacking guidelines for UK spies published

The UK government has published guidlines for the use of computer hacking by the intelligence and security services.
Written by Steve Ranger, Global News Director

The UK government has published a set of draft guidelines concerning the use of electronic hacking and bugging devices by the security and intelligence services.

While it has been long assumed that the intelligence services used such techniques as part of intelligence gathering and surveillance, it's unusual that such actions are acknowledged publicly.

The draft guidelines, titled Equipment Interference Code of Practice and published by the Home Office, provides a legal framework for the activities of the UK's security and intelligence agencies at home and abroad. The code of conduct is sets how such activities should be authorised under UK law - although clearly other countries may take a dim view of such behaviour taking place on their soil.

The code details when the agencies can under UK law legally interfere with "equipment producing electromagnetic, acoustic and other emissions" - in other words, hacking and bugging devices including computers, servers, routers, laptops, and mobile phones - to either obtain information or conduct surveillance.

The guidance includes details on when warrants can be issued before such activity takes place, how the agencies should deal with collateral intrusion (spying on the wrong person, for instance), and dealing with content subject to legal privilege, as well as guidance on who information should be shared with and how it should be stored or eventually destroyed.

The code of conduct gives a rare insight into the decision-making around hacking and surveillance by intelligence services: for example it notes while a warrant usually lasts six months, warrants might have to be renewed because of the need to remove whatever spies have put in place: "Because of the time it can take to remove the means of interference it may also be necessary to renew an equipment interference warrant in order to complete the removal," it notes.

James Brokenshire, minister for immigration and security, said the code of practice details the safeguards applied to techniques including the use of computer network exploitation "to identify, track, and disrupt the most sophisticated targets".

The ability to read or listen to a suspect's communications or to interfere with his or her computer equipment are among the most important, sensitive, and closely scrutinised powers available to the state, according to Brokenshire. "As the threat to the UK from terrorism, espionage, and organised crime has diversified, these powers have become more important," he added.

"There are limits on what can be said in public about this work. But it is imperative that the government is as open as it can be about these capabilities and how they are used," Brokenshire said. A consultation on the new code of practice is open until 20 March.

The internet surveillance and hacking capabilities of the intelligence services have been thrust into the spotlight thanks the revelations from NSA contractor Edward Snowden.

According to leaked documents for example GCHQ launched a distributed denial of service attack against a chatroom used by Anonymous, while another document also revealed a shopping list of tools that GCHQ can use against targets such as 'Swamp Donkey' a tool that will silently locate all predefined types of file and encrypt them on a targets machine. It has also been claimed that GCHQ was involved in the hacking of Belgian telecoms operator Belgacom from around 2010.

Read more

Editorial standards