GCHQ secret unit uses DDOS attack tactics against Anonymous – Snowden leak

5 Feb, 2014 08:48 / Updated 11 years ago

British intelligence has its own hacker subdivision that uses questionable practices for hunting down enemies of the state, reveals a new leak from Edward Snowden. GCHQ is fighting Anonymous and LulzSec hacktivists with DDoS attacks and malware.

A classified document obtained by NBC News reveals that the British secret service is brandishing a cyber-sword in the guise of the Joint Threat Research Intelligence Group (JTRIG), an intelligence unit not constrained by domestic or international laws.

The JTRIG unit is staging distributed denial of service (DDoS) cyber-attacks, implanting malware to disclose identities of hackers in order to prevent their communications. JTRIG is such a secret unit that its very name has never been mentioned anywhere before.

A PowerPoint presentation prepared for a 2012 NSA conference called SIGDEV, obviously from the collection of documents from the former NSA contractor, Edward Snowden, contains information about the Rolling Thunder operation against Anonymous hacktivists. JTRIG organized a DDoS attack on the internet relay chat (IRC) used by Anonymous, which reportedly resulted in 80 percent of the users quitting internet chat rooms.

The fact that the presentation was made at a conference of America’s National Security Agency is particularly interesting. It means that the NSA was informed about such governmental activities in the UK.

A DDoS attack is a criminal offence in most countries, the US and UK included. For example, in the UK a person found guilty of a cyber attack would be charged in accordance with the Computer Misuse Act, while in the US such illegal activities are prosecuted with the Computer Fraud and Abuse Act (CFAA).

Besides that, according to cyber experts, a DDOS attack takes down an entire server, with all websites hosted on it, along with other severs operated by the same Internet Server Provider (ISP). This means that while attacking Anonymous chat rooms, JTRIG was actually disabling other web resources that had no connection to Anonymous whatsoever.

If the fact of a DDoS attack by a secret service gets some independent proof, it would mean that Britain will become the first state incriminated in staging a cyber-attack, internationally recognized as unlawful.

“Law enforcement and intelligence officials must be able to pursue individuals who are going far beyond speech and into the realm of breaking the law: defacing and stealing private property that happens to be online,” said the former head of the US National Counterterrorism Center and now an NBC News analyst Michael Leiter, noting that “there must, of course, be limitations”.

“No one should be targeted for speech or thoughts, but there is no reason law enforcement officials should unilaterally declare law breakers safe in the online environment,” said Leiter.

“Targeting Anonymous and hacktivists amounts to targeting citizens for expressing their political beliefs,” said NBC News’ Gabriella Coleman, an anthropology professor at McGill University.

In another NSA document in possession of NBC News, a JTRIG official maintains that the unit’s activities are definitely not limited to computer network protection. JTRIG is staging attacks itself, Such as “Active Covert Internet Operations” and “Covert Technical Operations”. The unit is vigorously using cyber tools to disrupt enemy communications, engaging in computer and phone jamming, breaching email accounts and conducting ‘false flag’ operations.

The Anonymous global hacker community emerged in 2011, and conducted the “Operation Payback” campaign, a series of attacks against government websites in Britain and the US in protest against the prosecution of Chelsea Manning, who handed over thousands of classified US military documents to WikiLeaks. They also attacked several financial organizations, such as credit card companies and the PayPal pay service for blocking donations support to WikiLeaks.