Skip to main content

GCHQ exposed mining entire nations for hacking vulnerabilities

The UK's Government Communications Headquarters (GCHQ) spy agency has been exposed scanning entire countries for server weaknesses that allow it to exploit vulnerable ports. According to reports, it does this using a tool called Hacienda, which is Spanish for estate.

The accusations came out in German newspaper Heise.

Related: GCHQ shocked by "intimate bodyparts" while spying on millions of webcams

"In 2009, the British spy agency GCHQ made port scans a 'standard tool' to be applied against entire nations," Heise reports. "Twenty-seven countries are listed as targets of the Hacienda."

Hacienda has the ability to carry out a so-called "port scan" of all of the servers in a country to provide information on user endpoints and scan for potential vulnerabilities. Targeted services include SSH, HTTP and FTP, among others.

The ability to port scan is not new, but such widespread and indiscriminate use by government spies, including 27 countries scanned even before 2009, is a new and shocking development in the Edward Snowden scandal.

"It is a longstanding policy that we do not comment on intelligence matters," said a GCHQ spokesperson.

"All of GCHQ's work is carried out in accordance with a strict legal and policy framework, which ensures that our activities are authorised, necessary and proportionate, and that there is rigorous oversight, including from the Secretary of State, the Interception of Communications and Intelligence Services Commissioners and the Parliamentary Intelligence and Security Committee. All our operational processes rigorously support this position."

Read more: The year the NSA hacked the world: A 2013 PRISM timeline (Part I)