UK spy agency GCHQ used information stolen by hackers from the email accounts of its own targets to boost surveillance activities.
“Hackers are stealing the emails of some of our targets. By collecting the hackers' 'take' we get access to the emails and insights into who's being hacked,” the documents said.
“People who open attachments from unknown senders (gasp) or respond to 'Nigerian' money laundering emails aren't the only individuals on the internet being hacked.
“Some of our targets are also being targeted by outside forces, by state-sponsored and freelance hackers. Could your target's communications be the target of other countries or groups?”
The report notes that several groups have been affected in this way, such as the Indian navy, Tibetan pro-democracy personalities and the Tibetan Government in Exile, and that such hacks have proved beneficial to GCHQ.
“Of the traffic observed, nearly half contains category hits because the attackers are targeting email accounts of interest to the intelligence community," the documents added.
Another campaign with the notable name of Lovely Horse revealed that GCHQ tried to exploit the expertise of security professionals and hackers conversing on Twitter.
"Analysts are potentially missing out on valuable open source information relating to cyber defence because of an inability to easily keep up to date with specific blogs and Twitter sources," it said.
"We are working with JTRIG [Joint Threat Research Intelligence Group] to make use of the existing Birdstrike architecture collection [a Twitter monitoring programme] for capturing tweets from Twitter."
The security experts acknowledged their role in GCHQ's efforts with posts on Twitter:
So GCHQ is monitoring my tweets? I guess it's payback for leaving FBI donuts back in the day. LOL— Kevin Mitnick (@kevinmitnick) February 5, 2015
Around 60 accounts were earmarked for monitoring and analysts were able to request others to be followed. Initially the information was gathered on a daily basis but there were plans to turn it into a real-time information source.
GCHQ has already been identified as being involved in numerous data gathering programmes, most notably Tempora which tapped traffic from worldwide telecoms cables.
British Airways blames 'global systems outage' for IT meltdown
Mark Zuckerberg mercilessly trolled by Harvard student newspaper after return to university he dropped out of 12 years ago
'Unauthorised user' blamed by Harvard for insulting Mark Zoinkerberg
Android under attack from 'Judy', Google Play Store malware that has infected up to 36.5 million users
Yet more Android malware discovered on the Google Play Store
Airport believes new system will be more reliable than GPS or Google Maps