GCHQ reportedly infiltrated and attacked hacktivist groups

Leaked documents suggest the agency used denial-of-service tactics and assisted law enforcement in identifying Anonymous members

British intelligence agency Government Communications Headquarters (GCHQ) has reportedly infiltrated hacktivist groups and used denial-of-service and other techniques to disrupt their online activities.

A PowerPoint presentation that GCHQ prepared for a 2012 conference organized by the U.S. National Security Agency reveals that one of the agency's units, called the Joint Threat Research Intelligence Group (JTRIG), collected information on "hacktivists" -- politically motivated hackers -- and shared it with law enforcement agencies. The unit also used denial-of-service techniques to disrupt the hacktivists' communication channels.

The slides were among the documents leaked by former NSA contractor Edward Snowden and were published Wednesday by NBC News. JTRIG used human intelligence techniques to gather information about members of Anonymous and LulzSec, two related groups of hacktivists that attacked the websites of various companies, organizations and governments, NBC News reported.

The leaked slides provide two examples of JTRIG intelligence gathering that targeted two hackers using the online handles GZero and p0ke.

In one IRC (Internet Relay Chat) log included in a slide, an undercover JTRIG agent responds to a request from a hacker looking to buy access to a website with 10,000 or more unique daily visitors. The discussion suggests the hacker intended to install an exploit on the site to infect the computers of visitors with botnet malware so they could be used to support Operation Payback, a large-scale DDoS (distributed denial-of-service) campaign launched by Anonymous in 2010 against pro-copyright organizations and a variety of companies including PayPal, MoneyBookers, Visa, Mastercard and Amazon.

In another chat log, the agent is contacted by a user named GZero who says the first hacker works with him and who also expresses interest in buying traffic for use with an exploit pack.

JTRIG's reporting on GZero led to his identification and arrest, one of the slides says. Edward Pearson, a 23 year old from York, England, was identified by law enforcement as GZero. He was sentenced in 2012 to two years in prison for using Trojan programs like Zeus and SpyEye to steal credit card details and PayPal credentials.

Another chat log in the GCHQ slides shows a user named p0ke telling another one, named Topiary, that he hacked into a government database and extracted the names, email addresses and phone numbers of 700 U.S. Federal Bureau of Investigation employees. In a later private chat with a JTRIG agent p0ke says that he compromised usda.gov, the website of the U.S. Department of Agriculture.

P0ke was identified by JTRIG, but was never arrested for hacking into government databases, NBC News reported. However, an 18-year-old teenager from Scotland named Jake Davis was identified as Topiary and was arrested in 2011. He later pled guilty to computer related crimes and was sentenced to 24 months in a youth detention center.

The GCHQ slides also mention an operation code-named Rolling Thunder that disrupted an Anonymous IRC server by using denial-of-service techniques. One chat between Anonymous supporters included in the slides suggest the server was hit by a SYN flood -- a type of denial-of-service attack involving a flood of SYN requests -- which resulted in downtime of over 30 hours.

JTRIG agents also sent messages that read "DDOS and hacking is illegal, please cease and desist" to Anonymous supporters via Facebook, Twitter, email, Skype and other instant messaging applications, NBC News reported, citing a slide that is not among those published. The outcome of this type of activity, which GCHQ calls "information operations," was that 80 percent of those messaged did not show up in Anonymous' IRC channel one month later.

Join the newsletter!

Error: Please check your email address.
Rocket to Success - Your 10 Tips for Smarter ERP System Selection

Tags Government use of ITNational Security Agencyonline safetysecurityGovernment Communications HeadquarterslegalspywaregovernmentprivacyCriminal

Keep up with the latest tech news, reviews and previews by subscribing to the Good Gear Guide newsletter.

Lucian Constantin

IDG News Service
Show Comments

Most Popular Reviews

Latest Articles

Resources

PCW Evaluation Team

Ben Ramsden

Sharp PN-40TC1 Huddle Board

Brainstorming, innovation, problem solving, and negotiation have all become much more productive and valuable if people can easily collaborate in real time with minimal friction.

Sarah Ieroianni

Brother QL-820NWB Professional Label Printer

The print quality also does not disappoint, it’s clear, bold, doesn’t smudge and the text is perfectly sized.

Ratchada Dunn

Sharp PN-40TC1 Huddle Board

The Huddle Board’s built in program; Sharp Touch Viewing software allows us to easily manipulate and edit our documents (jpegs and PDFs) all at the same time on the dashboard.

George Khoury

Sharp PN-40TC1 Huddle Board

The biggest perks for me would be that it comes with easy to use and comprehensive programs that make the collaboration process a whole lot more intuitive and organic

David Coyle

Brother PocketJet PJ-773 A4 Portable Thermal Printer

I rate the printer as a 5 out of 5 stars as it has been able to fit seamlessly into my busy and mobile lifestyle.

Kurt Hegetschweiler

Brother PocketJet PJ-773 A4 Portable Thermal Printer

It’s perfect for mobile workers. Just take it out — it’s small enough to sit anywhere — turn it on, load a sheet of paper, and start printing.

Featured Content

Product Launch Showcase

Latest Jobs

Don’t have an account? Sign up here

Don't have an account? Sign up now

Forgot password?