Skip to main content

Angry Pirate, Imperial Barge: GCHQ's secret spy programmes revealed

The hacking and spying techniques of the UK's Government Communications headquarters (GCHQ) have been exposed in the latest leak by Edward Snowden. The wide-ranging techniques include invasive methods for online surveillance, as well as some of the very techniques that the US and UK have harshly prosecuted young online activists for employing, including distributed denial of service (DDoS) attacks and "call bombing."

The document is set out in a massive Wikipedia-style archive used by GCHQ to internally discuss its surveillance and online deception activities.

GCHQ has refused to provide any comment beyond claiming that it acts "in accordance with a strict legal and policy framework" and is subject to "rigorous oversight."

"It is a longstanding policy that we do not comment on intelligence matters," the spy organisation said in a statement.

"Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the secretary of state, the interception and intelligence services commissioners and the Parliamentary Intelligence and Security Committee."

Alan Woodward, a security consultant who worked for GCHQ, said: "If you read the mission statement of any signals intelligence organisation, all the listed techniques are what you'd expect them to be doing.

"But it's very unhelpful for the details to leak out because as soon as you reveal to people how something is being done they can potentially take steps to avoid their information being collected.

"We've already seen it happen when various forms of interception were revealed previously with the Snowden leaks."

Last week, the UK government began pushing through legislation that requires phone and Internet companies to store information about customers' communications, and to hand it over to authorities on request.

Here's a list of how JTRIG describes its capabilities, replete with boastful spy codenames:

  • "Change outcome of online polls" (UNDERPASS)
  • "Mass delivery of email messaging to support an Information Operations campaign" (BADGER) and "mass delivery of SMS messages to support an Information Operations campaign" (WARPARTH)
  • "Disruption of video-based websites hosting extremist content through concerted target discovery and content removal." (SILVERLORD)
  • "Active skype capability. Provision of real time call records (SkypeOut and SkypetoSkype) and bidirectional instant messaging. Also contact lists." (MINIATURE HERO)
  • "Find private photographs of targets on Facebook" (SPRING BISHOP)
  • "A tool that will permanently disable a target's account on their computer" (ANGRY PIRATE)
  • "Ability to artificially increase traffic to a website" (GATEWAY) and "ability to inflate page views on websites" (SLIPSTREAM)
  • "Amplification of a given message, normally video, on popular multimedia websites (Youtube)" (GESTATOR)
  • "Targeted Denial Of Service against Web Servers" (PREDATORS FACE) and "Distributed denial of service using P2P. Built by ICTR, deployed by JTRIG" (ROLLING THUNDER)
  • "A suite of tools for monitoring target use of the UK auction site eBay (" (ELATE)
  • "Ability to spoof any email address and send email under that identity" (CHANGELING)
  • "For connecting two target phone together in a call" (IMPERIAL BARGE)