A BRITISH SPY UNIT linked to GCHQ attacked hacktivists of the Anonymous and Lulzsec collectives, according to leaked US National Security Agency (NSA) documents.
NBC published documents obtained by NSA whistleblower Edward Snowden showing that the group codenamed the Joint Threat Research Intelligence Group (JTRIG) proactively attempted to shut down and spread misinformation throughout the Anonymous collective.
The leaked document allege that the unit attempted to phish Anonymous members and launched attacks designed to disrupt and infiltrate its networks as part of an operation called Rolling Thunder.
The documents show the spies mounted a sophisticated espionage campaign that enabled intelligence officers to phish a number of Anonymous members to extract key bits of information.
The documents include conversations between intelligence officers and Anonymous members G-Zero, Topiary and pOke in 2011.
One log shows that a GCHQ spy duped the hacker pOke into clicking on a malicious link dressed up to look like a news article about Anonymous. The link used an unspecified method to extract data from the virtual private network (VPN) being used by pOke.
The documents allege pOke was not arrested, but that the information acquired during the phishing attack was used in the arrest of Jake Davis, who was known as Topiary, in July 2011.
Davis' arrest was taken as a key victory for law enforcement. British citizen Davis was believed to have acted as a spokesman for many Anonymous cells and is credited as having written several of its statements.
A GCHQ spokesman declined The INQUIRER's request for comment on NBC's report, but reiterated the agency's previous insistence that all of its operations are carried out within the letter of the law.
"It is a longstanding policy that we do not comment on intelligence matters. Furthermore, all of GCHQ's work is carried out in accordance with a strict legal and policy framework," read the statement.
Experts in the security community have questioned the GCHQ's argument. Corero Network Security COO Andrew Miller said that the secret unit's use of blackhat tactics was at the very least morally questionable.
"We have to remember that cyber-spooks within GCHQ are equally if not more skilled than many black hat hackers, and the tools and techniques they are going to use to fight cybercrime are surely going to be similar to that of the bad guys," he said.
"Legally, we enter a very grey area here, where members of Lulzsec were arrested and incarcerated for carrying out DDoS attacks, but it seems that JTRIG are taking the same approach with impunity."
The campaign against Anonymous is one of many revelations from the leaked Snowden files.
The files initially were leaked to the press in 2013 and detailed several intelligence operations carried out by the UK GCHQ and US NSA. Documents emerged in January alleging that GCHQ and NSA used mobile apps such as Angry Birds to spy on citizens. µ
Sign up for INQbot – a weekly roundup of the best from the INQ