Leaked Snowden Docs Show Canada's "False Flag" Operations

An anonymous reader writes Documents leaked by NSA whistleblower Edward Snowden to the Canadian Broadcasting Corporation and The Intercept show the extent to which Communications Security Establishment Canada (CSEC) cooperates with the NSA — and perhaps most interestingly details CSEC's "false flag" operations, whereby cyberattacks are designed and carried out with the intention of attribution to another individual, group or nation state. The revelations come in the midst of Canadian controversy regarding the C-51 anti-terrorism bill.

Excerpted from The Intercept

Linky:

The document suggests CSE has access to a series of sophisticated malware tools developed by the NSA as part of a program known as QUANTUM. As The Intercept has previously reported, the QUANTUM malware can be used for a range of purposes – such as to infect a computer and copy data stored on its hard drive, to block targets from accessing certain websites, or to disrupt their file downloads. Some of the QUANTUM techniques rely on redirecting a targeted person’s internet browser to a malicious version of a popular website, such as Facebook, that then covertly infects their computer with the malware.

According to one top-secret NSA briefing paper, dated from 2013, Canada is considered an important player in global hacking operations. Under the heading “NSA and CSEC cooperate closely in the following areas,” the paper notes that the agencies work together on “active computer network access and exploitation on a variety of foreign intelligence targets, including CT [counter terrorism], Middle East, North Africa, Europe, and Mexico.” (The NSA had not responded to a request for comment at time of publication. The agency has previously told The Intercept that it “works with foreign partners to address a wide array of serious threats, including terrorist plots, the proliferation of weapons of mass destruction, and foreign aggression.”)

Notably, CSE has gone beyond just adopting a range of tools to hack computers.

According to the Snowden documents, it has a range of “deception techniques” in its toolbox. These include “false flag” operations to “create unrest” and using so-called “effects” operations to “alter adversary perception.” A false-flag operation usually means carrying out an attack but making it look like it was performed by another group – in this case, likely another government or hacker. Effects operations can involve sending out propaganda across social media or disrupting communications services. The newly revealed documents also reveal that CSE says it can plant a “honeypot” as part of its deception tactics, possibly a reference to some sort of bait posted online that lures in targets so that they can be hacked or monitored.

Re:Spies are sneaky

It's not a trade-off. This kind of operation makes you less safe while intruding on your freedom. Removing it is a win-win-win situation if you also count the economic part of it.

Re:I'm disappointed in Canada

[gstoddart]

No, a false flag merely attempts to disguise itself as coming from another source ... that's it.

What you specifically use it for isn't part of the definition.

Pretty much any reason you can think of why it is advantageous to make people think it was someone other than you is why you might run a false flag.

You're both assigning arbitrary constraints to a false-flag, and those constraints simply don't exist.