GCHQ accused of disproportionate and illegal hacking

GCHQ

22 Dec GCHQ accused of disproportionate and illegal hacking

In a case brought by Privacy International and seven other internet service providers, GCHQ has recently admitted that it has “persistently” hacked a wide range of devices, accessing microphones, cameras, photography, and private documentation without users’ permission or knowledge.

The admission occurred at a security tribunal where GCHQ had been summoned to answer allegations that it had carried out the hacking under “thematic” warrants that enable them to bypass privacy safeguards.

GCHQ hacking

GCHQ is the government station tasked with monitoring the UK’s cyber connections and infrastructure in order to protect the nation from threats. The organisation depends on degrees of secrecy and monitoring of communication in order to accurately and efficiently carry out its protection duties. By using “thematic” warrants that “do not name individuals or addresses but rely on generalised categories of people or places”, however, it has been able to ignore privacy safeguards. Its public admission of CNE (computer network exploitation, or hacking) represents a serious breach of the right to privacy both within the UK and overseas.

The claim includes accusations of both persistent and non-persistent monitoring techniques, when listening software is left on targeted devices and when monitoring software closes with each internet session respectively. Based on these invasive monitoring techniques, GCHQ has been able to survey, copy, and even make alterations to private data on targeted devices, highlighting the growing importance for proper cyber security in today’s digital climate.

Tricostar solutions

Tricostar’s solutions have been specifically developed to address this need, providing root and branch software solutions to encrypt, automate, and secure your data, ensuring data protection and compliance with legal data protection regulations.

Whether you’re a business, a public sector department or a global organisation, we offer two main software solutions to protect your organisation’s data and communications: Private Dialogue and Secure Islands.

Secure communication

Private Dialogue is confidential email software enabling secure communication between select individuals. Users can only communicate with individuals invited into their circle of trust, reducing the risk of miscommunication and data leaks. Email data is wiped on a regular basis, removing the possibility of email chains being recreated or intercepted.

Furthermore, no involvement is required from your IT department to install, implement or maintain the solution, meaning it can be kept within your circle of trust.

Root and branch data encryption

The scale and ease of GCHQ’s hacking activities demonstrates the vital need for large businesses and organisations to encrypt their data, rendering private information unusable to unauthorised parties.

Our Secure Islands software enables you to encrypt and classify your data from any user, application location or device using a single, unified platform. Comply with data regulations while assuring users full confidentiality. We can help you to look after your sensitive files, ensuring that as your business and data expands you are always protected.

GCHQ repercussions

The IPT (Investigatory Powers Tribunal) is currently hearing the case. Counsel for Privacy International Ben Jaffey has told the tribunal: “The [legal] regime governing CNE … remains disproportionate. … Given the high potential level of intrusiveness, including over large numbers of innocent persons, there are inadequate safeguards and limitations.”

In its defence, lawyers for GCHQ have argued that its activities are “proportionate”, dismissing Privacy International’s claims as an inaccurate description of their CNE activities. Director of cyber security at GCHQ Ciaran Martin has said: “[We] never carry out reckless and irresponsible CNE operations … GCHQ’s processes for CNE include an expert risk assessment panel.” The case continues.

Read the full article by the Guardian here.

To guarantee the security of your data against illegal hacking, regardless of location and device, get in touch with Tricostar today by calling +44 (0)208 292 2660 or contact us here.