New Snowden leaks reveal that GCHQ was given permission by David Miliband to hack leading popular software programs
In 2008, during his time as Foreign Secretary, David Miliband agreed to give British spy agency GCHQ permission to avoid software copyright law in order to learn new ways to hack computers without being noticed. This information was disclosed today after NSA whistleblower Edward Snowden publicly released the 23 new leaked documents.
According to The Intercept, GCHQ carried out ‘reverse engineering’, a technique that is forbidden by law which lets hackers to discover weak points in encryption software, computer programs and anti-virus deployed by some of the world’s largest organizations.
GCHQ’s attempts in 2008 are uncovered in the leaked documents, when Miliband spearheaded the Foreign Office, to get warrants that let it to violate software copyrights and breach licensing agreements.
Further, GCHQ prevented its authorization protocol for ‘some continuous period of time’, according to ‘top-secret documents’ obtained by The Intercept.
In the end, when it finally managed to get a warrant for reverse engineering, it did so through a section of British intelligence law that ‘does not explicitly authorise’ such activity, as exhibited in a 2008 warrant renewal application to David Miliband.
“The agency’s slippery legal maneuvers to enable computer hacking call into question U.K. government assurances about mass surveillance,” said Andrew Fishman and Glenn Greenwald, authors of today’s report from The Intercept. “To assuage public concern over such activity, the government frequently says spies are subject to rigorous oversight, including an obligation to obtain warrants.”
“As it turns out, such authorisations have, at times, been vague and routine, as demonstrated by top-secret memos prepared by GCHQ in connection with the reverse engineering warrant.”
A number of leading software products that GCHQ hoped to aim with its reverse engineering were identified in the warrant renewal application, that included the anti-virus programs from security company, Kaspersky Lab.
It stated that Kaspersky’s products ‘continued to pose a challenge’ to its computer network exploitation (CNE). Hence, reverse engineering was ‘essential’ for it to make full use of and derive benefit of the software without being noticed.
Cisco, Networking Giant also got a mention, with GCHQ claiming that its hacking of routers through reverse engineering had given it entry to almost any internet user in Pakistan.
Kapersky Labs expressing its reaction on the leaks told The Intercept, “It is extremely worrying that government organizations would be targeting us instead of focusing resources against legitimate adversaries, and working to subvert security software that is designed to keep up safe.”