The UK, US and Canadian governments are using data gleaned from hackers to spy on people, a report has revealed.
Documents leaked to The Intercept suggest the National Security Agency (NSA) is using data mined by hackers in their own snooping schemes in an initiative called Intolerant.
One leaked document explained the thinking behind the campaign, stating: "INTOLERANT traffic is very organised. Each event is labeled to identify and categorise victims. Cyber attacks commonly apply descriptors to each victim it helps herd victims and track which attacks succeed and which fail."
The documents went on to explain that hackers are stealing the emails of some of its targets and collecting their stolen data, meaning the investigating government agencies can get access to their targets' emails and gain other insights into who's being hacked.
They continued: "People who open attachments from unknown senders (gasp) or respond to 'Nigerian' money laundering emails aren't the only individuals on the internet being hacked.
"Some of our targets are also being targeted by outside forces, by state-sponsored and freelance hackers. Could your target's communications be the target of other countries or groups?"
The documents list a number of groups that have been spied upon using the techniques, including the Indian navy, Tibetan pro-democracy personalities and the Tibetan Government in Exile.
Other documents referred to a scheme named Lovely Horse that monitored security analyst and hacker Twitter accounts to gain insights into how to more effectively monitor targets.
"Analysts are potentially missing out on valuable open source information relating to cyber defence because of an inability to easily keep up to date with specific blogs and Twitter sources," the documents said.
-
Cleo attack victim list grows as Hertz confirms customer data stolenNews Hertz has confirmed it suffered a data breach as a result of the Cleo zero-day vulnerability in late 2024, with the car rental giant warning that customer data was stolen.
-
Lateral moves in tech: Why leaders should support employee mobilityIn-depth Encouraging staff to switch roles can have long-term benefits for skills in the tech sector
-
The UK cybersecurity sector is worth over £13 billion, but experts say there’s huge untapped potential if it can overcome these hurdlesAnalysis A new report released by the DSIT revealed the UK’s cybersecurity sector generated £13.2 billion over the last year
-
"Thinly spread": Questions raised over UK government’s latest cyber funding schemeThe funding will go towards bolstering cyber skills, though some industry experts have questioned the size of the price tag
-
Hackers are lying low in networks to wage critical infrastructure attacks - here’s how they do itNews Hackers are researching key IT workers in their bid to gain access to vital systems
-
Threat of cyber attacks to national security compared to that of chemical weaponsNews The UK government has raised the threat level posed by cyber attacks, deeming it greater on average than an event such as the Salisbury poisoning
-
ASUS, Cisco, Netgear devices exploited in ongoing Chinese hacking campaignNews Critical national infrastructure is the target of sustained attempts from state-sponsored hackers, according to Five Eyes advisories
-
US reveals bespoke tool that took down Russian malware operationNews Snake had been used to steal NATO countries’ data for 20 years
-
2022 Public Sector Identity Index ReportWhitepaper UK Report
-
UK and Japan strike digital partnership to collaborate on IoT security, semiconductorsNews The two countries are also set to align their approaches to digital regulation to make it easier for companies to operate in each nation
