On the eve of the G8 summit (taking place in a specially prepared Potemkin village in N. Ireland), the Guardian has published another Edward Snowden leak, this one describing how the UK spying agency GCHQ aggressively spied upon delegates to the G20 summit in 2009. According to the documents, UK spies attacked foreign delegates by "reading their email before they do" intercepting their BlackBerry messages and calls in real-time; capturing logins at special Internet cafes so as to spy on delegations after the event; getting NSA reports on attempts to crack Russian PM Dmitry Medvedev's satellite calls; and continuously logging and analyzing who was calling whom.
The report suggests that British delegation was briefed throughout, and that the operation was "sanctioned in principle at a senior level in the government of the then prime minister, Gordon Brown.
A briefing paper dated 20 January 2009 records advice given by GCHQ officials to their director, Sir Iain Lobban, who was planning to meet the then foreign secretary, David Miliband. The officials summarised Brown's aims for the meeting of G20 heads of state due to begin on 2 April, which was attempting to deal with the economic aftermath of the 2008 banking crisis. The briefing paper added: "The GCHQ intent is to ensure that intelligence relevant to HMG's desired outcomes for its presidency of the G20 reaches customers at the right time and in a form which allows them to make full use of it." Two documents explicitly refer to the intelligence product being passed to "ministers".
According to the material seen by the Guardian, GCHQ generated this product by attacking both the computers and the telephones of delegates.
One document refers to a tactic which was "used a lot in recent UK conference, eg G20". The tactic, which is identified by an internal codeword which the Guardian is not revealing, is defined in an internal glossary as "active collection against an email account that acquires mail messages without removing them from the remote server". A PowerPoint slide explains that this means "reading people's email before/as they do".
The same document also refers to GCHQ, MI6 and others setting up internet cafes which "were able to extract key logging info, providing creds for delegates, meaning we have sustained intelligence options against them even after conference has finished". This appears to be a reference to acquiring delegates' online login details.
Another document summarises a sustained campaign to penetrate South African computers, recording that they gained access to the network of their foreign ministry, "investigated phone lines used by High Commission in London" and "retrieved documents including briefings for South African delegates to G20 and G8 meetings". (South Africa is a member of the G20 group and has observer status at G8 meetings.)
I love that BlackBerrys are singled out as especially easy to intercept, something that is widely rumored. The entire piece is amazing, with specific revelations of spying. I'd love to know what the G8 delegations are making of all this as they head to NI. Perhaps GCHQ could tell us?
GCHQ intercepted foreign politicians' communications at G20 summits [Ewen MacAskill, Nick Davies, Nick Hopkins, Julian Borger and James Ball/The Guardian]