Joint Threat Research Intelligence Group
Joint Threat Research Intelligence Group | |
---|---|
A slide from a JTRIG presentation leaked by Edward Snowden | |
Parent organization | GCHQ |
Type | intelligence agency |
Interests | cyberespionage, fake news |
Subunit of GCHQ that uses deception, dirty tricks, fake news to discredit people on the internet to "deny, disrupt, degrade and deceive". |
The Joint Threat Research Intelligence Group (JTRIG) is a unit of the Government Communications Headquarters (GCHQ), the UK intelligence agency.[1]
Discovery
The group became public knowledge after the Edward Snowden Affair as it is mentioned in documents he publicised.[2]
Mission
The scope of the JTRIG's mission includes using "dirty tricks" to "destroy, deny, degrade [and] disrupt" enemies by "discrediting" them, planting misinformation and shutting down their communications.[2][3] Known as "Effects" operations, the work of JTRIG had become a "major part" of GCHQ's operations by 2010.[4]
Activities
A document published by Glen Greenwald details a long list of software packages, some operational, some planned, for mass surveillance and other cyberespionage purposes.[5]
Documents leaked by Edward Snowden reveal that JTRIG use computer viruses to make people's computers unusable, including encrypting of deleting files or emails.[6][7]
A 2011 report on JTRIG activities lists some of the “cyber-techniques” used[8]:
JTRIG's campaigns fall into two broad categories: cyber attacks and propaganda. Propaganda efforts (referred to as Online Covert Action, "Online Coverage Action") use massive messaging and storytelling on social platforms Twitter, Flickr, Facebook and YouTube. The JTRIG also used "false flag" operations against certain targets. Likewise, he edited photos on social media, and sent emails and texts containing “shady information” to co-workers and neighbors of targeted people.
All of JTRIG’s operations are conducted using cyber technology. Staff described a range of methods/techniques that have been used to-date for conducting effects operations. These included:
- Uploading YouTube videos containing “persuasive” communications (to discredit, promote distrust, dissuade, deter, delay or disrupt)
- Setting up Facebook groups, forums, blogs and Twitter accounts that encourage and monitor discussion on a topic (to discredit, promote distrust, dissuade, deter, delay or disrupt)
- Establishing online aliases/personalities who support the communications or messages in YouTube videos, Facebook groups, forums, blogs etc
- Establishing online aliases/personalities who support other aliases
- Sending spoof e-mails and text messages from a fake person or mimicking a real person (to discredit, promote distrust, dissuade, deceive, deter, delay or disrupt)
- Providing spoof online resources such as magazines and books that provide inaccurate information (to disrupt, delay, deceive, discredit, promote distrust, dissuade, deter or denigrate/degrade)
- Providing online access to uncensored material (to disrupt)
- Sending instant messages to specific individuals giving them instructions for accessing uncensored websites
- Setting up spoof trade sites (or sellers) that may take a customer’s money and/or send customers degraded or spoof products (to deny, disrupt, degrade/denigrate, delay, deceive, discredit, dissuade or deter)
- Interrupting (i.e., filtering, deleting, creating or modifying) communications between real customers and traders (to deny, disrupt, delay, deceive, dissuade or deter)
- Taking over control of online websites (to deny, disrupt, discredit or delay)
- Denial of telephone and computer service (to deny, delay or disrupt)
- Hosting targets’ online communications/websites for collecting SIGINT (to disrupt, delay, deter or deny)
- Contacting host websites asking them to remove material (to deny, disrupt, delay, dissuade or deter) 2.6 Some of JTRIG’s staff have conducted online HUMINT operations. Such operations typically involve establishing an online alias/personality who has a Facebook page, and membership of relevant web forums, etc.
Related Quotation
Page | Quote | Author | Date |
---|---|---|---|
GCHQ | “Among the core self-identified purposes of JTRIG are two tactics: (1) to inject all sorts of false material onto the internet in order to destroy the reputation of its targets; and | Glenn Greenwald | 24 February 2014 |
References
- ↑ http://www.bbc.co.uk/news/technology-26049448
- ↑ a b http://www.nbcnews.com/news/investigations/snowden-docs-british-spies-used-sex-dirty-tricks-n23091
- ↑ https://firstlook.org/theintercept/2014/02/24/jtrig-manipulation/
- ↑ https://www.theregister.co.uk/2014/02/07/snowden_documents_show_british_digital_spies_using_viruses_and_honey_traps/
- ↑ https://firstlook.org/theintercept/document/2014/07/14/jtrig-tools-techniques/
- ↑ https://www.theregister.co.uk/2014/02/07/snowden_documents_show_british_digital_spies_using_viruses_and_honey_traps/
- ↑ http://msnbcmedia.msn.com/i/msnbc/sections/news/snowden_cyber_offensive1_nbc_document.pdf
- ↑ https://theintercept.com/document/2015/06/22/behavioural-science-support-jtrig/