UK spy agency GCHQ used information stolen by hackers from the email accounts of its own targets to boost surveillance activities.
“Hackers are stealing the emails of some of our targets. By collecting the hackers' 'take' we get access to the emails and insights into who's being hacked,” the documents said.
“People who open attachments from unknown senders (gasp) or respond to 'Nigerian' money laundering emails aren't the only individuals on the internet being hacked.
“Some of our targets are also being targeted by outside forces, by state-sponsored and freelance hackers. Could your target's communications be the target of other countries or groups?”
The report notes that several groups have been affected in this way, such as the Indian navy, Tibetan pro-democracy personalities and the Tibetan Government in Exile, and that such hacks have proved beneficial to GCHQ.
“Of the traffic observed, nearly half contains category hits because the attackers are targeting email accounts of interest to the intelligence community," the documents added.
Another campaign with the notable name of Lovely Horse revealed that GCHQ tried to exploit the expertise of security professionals and hackers conversing on Twitter.
"Analysts are potentially missing out on valuable open source information relating to cyber defence because of an inability to easily keep up to date with specific blogs and Twitter sources," it said.
"We are working with JTRIG [Joint Threat Research Intelligence Group] to make use of the existing Birdstrike architecture collection [a Twitter monitoring programme] for capturing tweets from Twitter."
The security experts acknowledged their role in GCHQ's efforts with posts on Twitter:
So GCHQ is monitoring my tweets? I guess it's payback for leaving FBI donuts back in the day. LOL— Kevin Mitnick (@kevinmitnick) February 5, 2015
Around 60 accounts were earmarked for monitoring and analysts were able to request others to be followed. Initially the information was gathered on a daily basis but there were plans to turn it into a real-time information source.
GCHQ has already been identified as being involved in numerous data gathering programmes, most notably Tempora which tapped traffic from worldwide telecoms cables.
BT wants to make the public switched telephone network history within eight years
Personal data being purloined by third parties via Facebook Login API
MacOS and iOS are better off apart, says CEO Tim Cook
Or they'll no longer be entitled to updates and bug patches