Fake URL shortening service was part of British online spy operation

Iran protestsAn internet website that offered free URL shortening services appears to have been a front created by British intelligence in order to spread messages and monitor activists involved in protests in Iran and the Arab world. The website was used heavily during the Iranian presidential election protests of 2009, which became known as the Iranian Green Movement. After a brief hiatus, the website was used again in 2011, as the Arab Spring revolts in North Africa and the Middle East were intensifying. The information pointing to the use of the website comes from documents leaked by Edward Snowden, the American former intelligence employee who has been granted political asylum in Russia.

According to the leaked documents, the website, lurl.me, was devised by a specialist until of the Government Communications Headquarters (GCHQ), Britain’s intelligence agency that collects signals intelligence. The unit, called Joint Threat Research Intelligence Group (JTRIG), devised the website as part of an operation codenamed DEADPOOL. The leaked documents state that the purpose of the website was to operate as a “shaping and honeypot” tool, by helping disseminate messages in support of the protests while at the same time allowing the GCHQ to monitor the protesters’ online activities. Lurl.me first appeared in June 2009 as a self-described “free URL shortening service”, using the slogan: “we help you get links to your friends and family fast”. It was used repeatedly on Twitter and other social media platforms to spread messages against the government of Iran. But the vast majority of social media accounts that made use of the website, like @2009iranfree, were operational only for a short period of time, had few followers, and ceased all activity at the end of the Iranian Green Movement. By that time, hardly anyone was using lurl.me. But the website made its appearance again on social media in April of 2011, with messages against the government of Syria. According to Vice’s Motherboard website, Tweets using the lurl.me service appeared to be active only between 9 a.m. and 5 p.m. UK time, and only on weekdays.

Both in 2009 and 2011-2013, lurl.me was used to instruct anti-government activists on how to avoid being monitored by the authorities. Some links contained instructions on how to access the Internet via satellite. Others provided directions on using proxies to access websites that were blocked by the authorities. At the same time, however, the documents leaked by Snowden show that the GCHQ also used the service to track the activities of anti-government activists who clicked on the lurl.me links, and even to ‘deanonymize’ (=to establish the real identity) of these users.

IntelNews first reported on JTRIG in February 2014, when its existence was first revealed by Snowden. The specialist unit has been associated with targeting self-described ‘hacktivist’ groups like Anonymous or LulzSec, using malware, social engineering, and other techniques. JTRIG also appears to have conducted online intelligence operations against the government of Argentina.

Motherboard reports that lurl.me was last used in November 2013, shortly after Snowden began leaking files from his secret hiding place in Russia. Motherboard said it contacted GCHQ for a reaction to the lurl.me allegations, but the agency said it would “not comment on intelligence matters”.

Author: Joseph Fitsanakis | Date: 02 August 2016 | Permalink

Joint British-American operation hacked Israeli drones, documents show

RAF base CyprusBritish and American intelligence services worked together to hack Israeli unmanned aerial vehicles in order to acquire information on the Jewish state’s military intentions in the Middle East, according to documents leaked last week. Online publication The Intercept, said the operation was code-named ANARCHIST and was a joint project of Britain’s General Communications Headquarters (GCHQ) and America’s National Security Agency (NSA). The publication said it acquired documents about the operation from former NSA contractor Edward Snowden, who defected to Russia in 2013 and was offered political asylum by Moscow.

In an article published on Thursday, The Intercept said the joint GCHQ-NSA operation was headquartered in a Royal Air Force military facility high on the Troodos Mountains in the Mediterranean island of Cyprus. The documents provided by Snowden suggest that British and American spies were able to collect footage captured by the Israeli drone for at least two years, namely in 2009 and 2010. It is not clear whether that period included the first three weeks of January 2009, when the Gaza War was fought between Israel and Hamas. During that time, there were persistent rumors that Tel Aviv was seriously considering launching air strikes against Iran.

According to The Intercept, the main goal of operation ANARCHIST was to collect information about Israeli “military operations in Gaza” and watch “for a potential strike against Iran”. Additionally, the UK-US spy program “kept tabs on the drone technology Israel exports around the world”, said the article. According to one GCHQ document cited by The Intercept, the access to Israeli drone data gained through ANARCHIST was “indispensable for maintaining an understanding of Israeli military training and operations”.

Speaking on Israel’s Army Radio on Friday, Israel’s Minister for National Infrastructure, Energy and Water, Yuval Steinitz, said he was not surprised by the revelations. “We know that the Americans are spying on the whole world, including their friends”, said Steinitz. But it was “disappointing”, he said, given that Israel had “not spied” on the US “for decades”. Israeli intelligence agencies had “not collected intelligence or attempted to crack the encryption of the United States”, said the Minister, implying that recent revelations of US spying on Israel may cause a change of strategy in Israeli intelligence policy.

Author: Joseph Fitsanakis | Date: 01 February 2016 | Permalink

MI6 spy found dead in 2010 may have used female disguise, says expert

Gareth WilliamsA British intelligence officer, who was found dead in his London apartment in 2010, was not a transvestite, as some media reports have speculated, but probably worked undercover dressed as a woman, according to a leading forensic investigator. Gareth Williams, a mathematician in the employment of Britain’s signals intelligence agency, GCHQ, had been seconded to MI6, Britain’s external intelligence agency, to help automate intelligence collection. He had also worked with several United States agencies, including the Federal Bureau of Investigation and the National Security Agency. But his career came to an abrupt end in August 2010, when he was found dead in a padlocked sports bag at his home in Pimlico, London.

The discovery of £15,000 ($20,000) worth of women’s clothing in Williams’ apartment caused some in the British media to speculate that sexual jealousy may have behind the spy’s death. British tabloid The Sun suggested at the time that Williams was “a secret transvestite who may have been killed by a gay lover”. There were also reports that police investigators themselves suspected that Williams’ death may have been the result of “a sex game gone wrong”. This appeared to be substantiated by the discovery that Williams had visited gay bars and drag nightclubs in London in the weeks before his death. Subsequent reports, however, suggested that law enforcement investigators described Williams’ death as “a neat job”, a term used to refer to professional killings. There have also been official denials by police that Williams’ murder was sex-related.

Now a leading forensic investigator has said that Williams was not a transvestite and that he probably dressed in women’s clothing for his job with MI6. Peter Faulding, who specializes in deaths within confined spaces, and has advised British and American law enforcement agencies, has previously spoken publicly against the theory that Williams locked himself in the bag. He said he tried without success to lock himself in the same type of bag 300 times before discounting the self-lock theory. Faulding spoke again to The Sun last week, this time to suggest that there is no evidence that the late MI6 spy was a transvestite. “The key question never asked was: were these clothes used for his job?” he said, referring to the feminine attire found in Williams’ apartment. He told The Sun that the clothes were “used for work, rather than pleasure”. “I am certain he made a very convincing female”, said Faulding. “He was slim, with feminine features, and as a cyclist he shaved his legs”.

Author: Ian Allen | Date: 21 September 2015 | Permalink

UK spied on Argentina to prevent second Falklands war, papers show

Port Stanley, FalklandsBy JOSEPH FITSANAKIS | intelNews.org
The British government carried out an extensive program of intelligence collection and psychological operations in Argentina until 2011, because it was concerned about the security of the Falkland Islands, according to newly leaked documents. In 1982, the two countries went to war over the islands, which are ruled by Britain but are claimed by Argentina. The 74-day conflict, which killed nearly 1,000 soldiers and civilians on both sides, ended in defeat for the Argentinian forces and solidified British authority in the South Atlantic territory. But Argentina continues to dispute Britain’s rule over the Falklands, which it calls Malvinas, and has repeatedly threatened to take them over.

Documents released last week by Argentine online news portal TN.com, reveal that a consortium of British intelligence units implemented a broad program of spying and propaganda operations against Argentina. The program, codenamed Operation QUITO, lasted from 2006 to 2011, and was aimed at hampering perceived efforts by the Argentine government to subvert British rule in the Falklands. The news portal said it received the documents from Edward Snowden, an American former intelligence contractor who currently lives in Russia under political asylum. According to TN.com, the secret program was implemented by the Joint Threat Research Intelligence Group (JTRIG, as reported by intelNews in February 2014). It is believed that JTRIG is an office operating under the command of the Government Communications Headquarters (GCHQ), Britain’s signals intelligence agency. Its focuses on psychological operations —known in Britain as “effects operations”— which are aimed at discrediting their targets through sabotage and misinformation campaigns.

According to the newly released documents, JTRIG launched Operation QUITO as a “long-term, far reaching” program that included the interception of communications of Argentine politicians, the planting of computer viruses on Argentine networks and the spreading of misinformation or pro-British propaganda online. As of Sunday night there had been no official response to the news report from either the Argentine or the British governments.

German-British intelligence dispute worsens: media reports

GCHQ center in Cheltenham, EnglandBy JOSEPH FITSANAKIS | intelNews.org
An intelligence-sharing dispute between Britain and Germany, which was sparked by revelations about Anglo-American espionage against Berlin, is turning into a “burgeoning crisis”, according to German media reports. Relations between Germany and the United Kingdom worsened in September, after the revelation of TREASURE MAP, a top-secret program led by the US National Security Agency, which allegedly allows American spies to map the entire network of German telecommunications providers. Reports suggest that TREASURE MAP enables the NSA and its British counterpart, the Government Communications Headquarters, to map the German Internet and reveals the addresses and locations of individual subscribers’ routers, as well as those of targeted computer and smart-phone users.

Late last year, the German parliament set up a body known informally as the NSA investigative commission, and tasked it with probing the allegations of American and British spying activities against the German state. In February, however, German newsmagazine Focus reported that British intelligence officials issued formal warnings aimed at their German counterparts, telling them that London would reconsider its intelligence cooperation with Berlin should the German parliament proceed with the probe into alleged British spying on German soil. According to Focus, British officials were concerned that such an inquiry by the NSA investigative commission would unearth British intelligence activities and would debate them openly during parliamentary sessions.

Earlier this week, the German broadsheet Süddeutsche Zeitung said that Gerhard Schindler, head of the German intelligence agency BND, tried to convince members of the NSA investigative commission to avert public disclosures of GCHQ activities in Germany. The parliamentarians’ response was reportedly extremely negative, with some members of the commission threatening to launch a lawsuit against any attempt to censor its proceedings. Süddeutsche Zeitung added that Schindler had been recalled from his holidays this week and had spent several days feverishly briefing German politicians about the ongoing dispute with London. According to the paper, the British government insists that all intelligence cooperation with Germany will be suspended should the parliamentary committee proceed with its investigation. Berlin considers this prospect “an unconcealed threat”, said the paper, and added that such an eventuality would “certainly go against the spirit of the European Union and could even be a breach of European cooperation treaties”.

UK spies intercepted emails from top European, American media

GCHQ center in Cheltenham, EnglandBy JOSEPH FITSANAKIS | intelNews.org
Britain’s communications-interception agency captured private emails from journalists and editors in some of the world’s top media, including The New York Times, the BBC, The Washington Post, and NBC. British broadsheet The Guardian said on Monday that the interception occurred in 2008 by experts in the General Communications Headquarters (GCHQ), which spies on international communications on behalf of the British government. The London-based newspaper said the emails were among 70,000 that were captured during a 10-minute interception drill that took place in 2008. The exercise involved the installation of a number of taps on fiber-optic cables, which function as superhighways of digital signals exchanged between users around the world. The messages captured included emails sent by journalists and editors working for some of the world’s most recognizable media in Britain, France and the United States. Following the exercise, the content of the intercepted messages was posted on GCHQ’s internal servers, where any one of its employees with access to the organization’s intranet could read them. The Guardian said it based its revelation on internal GCHQ files disclosed by Edward Snowden, a former contractor for GCHQ’s American counterpart, the National Security Agency, who defected to Russia in 2013. The purpose of the British spy agency’s exercise is not known, nor is there any information in the leaked documents to show whether journalists and their editors were deliberately targeted by GCHQ. However, the paper said that another document leaked by Snowden contains an “information security assessment”, in which GCHQ targeting officers listed “investigative journalists” in a detailed hierarchical list of security threats, which included computer hackers and terrorists. The document cautions that “journalists and reporters […] specializing in defence-related exposés […] represent a potential threat to security”. The Guardian contacted GCHQ but was told by a spokesman that the organization has a “longstanding policy that we do not comment on intelligence matters”. The spokesman added, however, that the agency’s interception activities are subject to “rigorous oversight, including from the secretary of state”.

British spy agencies launch recruitment drive for Russian speakers

MI5 HQ Thames HouseBy JOSEPH FITSANAKIS | intelNews.org
Amid mounting tensions between Russia and the West, British spy agencies have announced an ambitious recruitment campaign aimed at hiring a new generation of Russian-language specialists. The Security Service, known as MI5, which is responsible for domestic security and counterintelligence, posted an advertisement on its website this week, alerting potential applicants that the job search for Russian-language speakers will officially launch “in mid-November 2014”. The recruitment campaign, which is described on the spy agency’s website as “an exciting opportunity to match your language skills to a position in MI5”, appears to be jointly administered with the General Communications Headquarters (GCHQ), Britain’s signals intelligence agency, which is tasked with intercepting foreign communications. The move takes place in a wider context of deteriorating relations between Moscow and Western Europe, notably in response to Russia’s ongoing invasion of southeastern Ukraine and annexation of Crimea. Some suggest that there has also been a low-intensity intelligence war taking place between London and Moscow ever since the assassination in the British capital of former KGB officer Alexander Litvinenko. In late 2012, an officer of the Royal Navy was captured during a counterintelligence sting operation while trying to sell top-secret British government documents to people he believed were Russian intelligence operatives. A few months later, the British government let it be known of its increasing annoyance by persistent allegations made in the Russian media that Denis Keefe, the UK’s deputy ambassador to Moscow, was “an undercover spy, with his diplomatic position serving as a smokescreen”. In March of 2013, Oleg Gordievsky, the Soviet KGB’s former station chief in London, who defected to the UK in the 1980s, alleged in an interview that Russia operates as many spies in Britain today as it did during the Cold War. His comments were echoed earlier this year by the former director of MI5, Jonathan Evans, who said that there had been no change in the number of undeclared Russian intelligence officers operating in Britain since the end of the Cold War. Evans said that up to 50 undeclared Russian military and civilian spies were believed to be operating in Britain at any given moment. In June of this year, intelNews reported that the crisis in Crimea had caused the British military to hurriedly reach out to hundreds of retired Russian-language analysts who left the service at the end of the Cold War, most of whom are now in their 60s.

Follow

Get every new post delivered to your Inbox.

Join 1,362 other followers