updated 05:06 pm EDT, Mon July 14, 2014
Repository of JTRIG tools shows some that can modify or mimic existing information
Information posted by The Intercept revealed this week that the British Intelligence agency Government Communications Headquarters (GCHQ) has the tools to modify communications, on top of monitoring them and collecting data. A database in the form of a Wiki entry of internal tools was posted to the site, listing the function and development status of each. Data from social media sites like Facebook, video sites like YouTube and various forms of web traffic and phone calls can all be modified or spoofed.
All of the tools in the listing were developed by the Joint Threat Research Intelligence Group (JTRIG) with help from outside developers in some instances. The document, which is titled "JTRIG Tools and Techniques," contains a listing of over 130 different codenamed tools. Many of the names stem from popular culture, including references to Marvel Comics characters and Star Wars.
According to The Intercept, the tools "constitute some of the most startling methods of propaganda and Internet deception contained within the Snowden archive." Even though the list includes a long list of tools for different purposes, JTRIG says that the database isn't complete. The majority of tools are "developed on demand" and then developed further for "weaponised capability."
"Don't treat this like a catalogue," reads the document. "If you don't see it here, it doesn't mean we can't build it. If you involve JTRIG operational teams at the start of your operation, you have more of a chance that we will build something for you."
JTRIG adds that the projects have a listed status, but it also includes experimental tools. The agency division adds that most of the items listed are tested and fully operational, but may face some limitations because of vulnerabilities they exploit, or are under legal restrictions.
Many of the tools are things that would be familiar territory for hackers, including hijacking tools and items for denial of service attacks. However, some are questionable in what they attempt to accomplish. "Clean Sweep" masquerades as Facebook wall posts at the individual level as well as for entire countries. "Bomb Bay" increases the hits and rankings of a website, while "Gateway" artificially increases website traffic. "Gestator" amplifies a message in video from popular sites like YouTube. A way to manipulate online poll results exists with "Underpass." There are also a number of tools that spoof messaging, phone calls and email in the listing.
The tools paint a grim picture of not only the data that the agency can collect, but also the amount of information that can be altered to fit its needs. While some of the tools appear mostly harmless, like a URL shortener called "Deadpool" or a DailyMotion reporting tool for extremist material called "Silverblade," the sheer number of them made for specific types of data activities is concerning.
The posting on the GCHQ tools comes as the United Kingdom Parliament looks at an emergency bill over increasing the surveillance power of the government and increased data collection.