LONDON — A newspaper report that British eavesdropping agency GCHQ repeatedly hacked into foreign diplomats’ phones and emails has prompted an angry response from traditional rival Russia and provoked demands for an investigation from Turkey and South Africa.
Although spying on diplomats is as old as diplomacy itself, the Guardian’s report laid out in explicit detail steps taken by GCHQ to monitor foreign officials’ conversations in real time, saying that British spies had hacked emails, stolen passwords and gone so far as to set up a bugged Internet cafe in an effort to get an edge in high-stakes negotiations.
The Guardian cited more than half a dozen internal government documents provided by former NSA contractor Edward Snowden as the basis for its reporting on GCHQ’s intelligence operations, which it says involved, among other things, hacking into the South African foreign ministry’s computer network, targeting the Turkish delegation at the 2009 Group of 20 summit in London and using the vast spying base at northern England’s Menwith Hill to monitor the satellite communications of Russian leader Dmitry Medvedev.
Russians responded angrily.
“It’s a scandal! The U.S. and British special services tapped (then President Dmitry) Medvedev’s phone at the 2009 G-20 summit. The U.S. denies it, but we can’t trust them,” Alexei Pushkov, the Kremlin-connected chief of foreign affairs committee in the lower house of Russian parliament, wrote on his Twitter feed Monday.
Turkey’s Ministry of Foreign Affairs called the report alarming, saying in a statement that if the story was true “this will evidently constitute a scandal.”
“Such (an) act by an allied country would clearly be deemed unacceptable,” the statement went on. “British authorities are expected to present an official and satisfactory explanation on this issue.”
South African diplomats said in a statement that they were concerned by the report, demanding that London “investigate this matter fully.”
Experts say that while the expressions of shock may be spurious – it’s widely known that all nearly all countries spy on one another – Britain’s standing could nevertheless suffer real damage.
The report was awkwardly timed, coming as Britain opened the G-8 summit, a meeting of the world’s leading economies that include Russia, in Northern Ireland on Monday. The allegation that the United Kingdom previously used its position as host to spy on its allies and other attendees could make for awkward conversation as the delegates tackle the issues of Syria, taxes and free trade.
“The diplomatic fallout from this could be considerable,” according to British academic Richard J. Aldrich, whose book “GCHQ” charts the agency’s history.
Speaking at the G-8 summit, Prime Minister David Cameron declined to address the issue.
“We never comment on security or intelligence issues and I am not about to start now,” he said. “I don’t make comments on security or intelligence issues. That would be breaking something that no government has previously done.”
GCHQ also declined to comment on the report.
It wasn’t completely clear how Snowden would have had access to the British intelligence documents, although in one article the Guardian mentions that source material was drawn from a top-secret internal network shared by GCHQ and the NSA. Aldrich said he wouldn’t be surprised if the GCHQ material came from a shared network accessed by Snowden, explaining that the NSA and GCHQ collaborated so closely that in some areas the two agencies effectively operated as one.
One document cited by the Guardian – but not posted to its website – appeared to boast of GCHQ’s tapping into smartphones. The Guardian quoted the document as saying that “capabilities against BlackBerry provided advance copies of G-20 briefings to ministers.” It went on to say that “Diplomatic targets from all nations have an MO (a habit) of using smartphones,” adding that spies “exploited this use at the G-20 meetings last year.”
Another document cited – but also not posted – concerned GCHQ’s use of a customized Internet cafe which was “able to extract key logging info, providing creds (credentials) for delegates, meaning we have sustained intelligence options against them even after conference has finished.” No further details were given, but the reference to key logging suggested that computers at the cafe would have been pre-installed with malicious software designed to spy on key strokes, steal passwords and eavesdrop on emails.
Aldrich said that revelation stuck out as particularly ingenious.
“It’s a bit ‘Mission Impossible,”’ he said.