A United Kingdom spy agency acknowledged in court on Tuesday that it has carried out numerous hacking campaigns both domestically and abroad.
The hacks range from monitoring a single Internet session, to planting eavesdropping software on a device, to hijacking that device completely, according to the testimony of Ciaran Martin, the director general of cybersecurity at the Government Communications Headquarters (GCHQ).
Martin was testifying in a case brought by digital rights advocate Privacy International and seven Internet service providers following Edward Snowden’s disclosure of secret U.S. and U.K. surveillance programs.
Snowden, a former U.S. intelligence contractor, revealed that both countries were collecting telephone and Internet records in bulk without warrants. He’s also outed several advanced hacking techniques that each country used, including the GCHQ’s “Smurf Suite,” a slate of hacking powers designed to remotely hijack anyone’s phone.
Martin said hacking “has become increasingly important in recent years and will become more important yet in the years ahead,” given the rise of “strong encryption across many Web services.”
“Historically, GCHQ’s ability to identify individuals of intelligence interest has been based largely on bulk interception,” he said. “This capability remains critical to the identification and mitigation of threats, but increasingly it is being threatened.”
Privacy International believes these activities are disproportionate and illegal. And much of it occurs without individual warrants.