Skip to main content

Techno Viking, deploy: when internet memes meet British spy tools

Techno Viking, deploy: when internet memes meet British spy tools


License to troll

Share this story

Intelligence operatives trawl the internet looking for information that might help incriminate or neutralize potential terrorists. Intelligence operatives like to give their programs names like MYSTIC and SQUEAKY DOLPHIN. None of that makes it any less strange when Glenn Greenwald reveals that British spy agency GCHQ is using programs like "TECHNO VIKING" to game online polls and mine data from LinkedIn. Today, Greenwald posted a leaked list of tools created by the agency's Joint Threat Research Intelligence Group (JTRIG), granting some small insight into the simultaneously mundane, ominous, and ridiculous world of online surveillance.

The GCHQ, which works in tandem with the NSA, is said to tap fiber optic cables to gather intelligence and to reap the benefits of US surveillance systems like XKeyscore, through which "millions" of people are secretly tracked. But many of its tools are meant to gather and analyze publicly available information, launch phishing attacks, or shift the tone of online debate. The GCHQ particularly tends to do so in ways that make it sound like a covert 4chan board — it's previously been known to explain psychology with lolcats. Among the many names on the leaked internal wiki page:

  • TECHNO VIKING: "A subsystem of JAZZ FUSION [information access software]"
  • FOREST WARRIOR: "Desktop replacement for CERBERUS [information access software]"
  • AIRWOLF: "YouTube profile, comment and video collection"
  • PHOTON TORPEDO: "A technique to actively grab the IP address of an MSN messenger user"
  • ANGRY PIRATE: "A tool that will permanently disable a target's account on their computer"
  • ARSON SAM: "A tool to test the effects of certain types of PDU [Protocol Data Unit] SMS messages on phone/network"
  • CONCRETE DONKEY: "the capability to scatter an audio message to a large number of telephones, or repeatedly bomb a target number with the same message"
  • DEADPOOL: "URL shortening service"

Not all these tools are operational, and they cover a range of purposes, from pulling bulk social network data to launching denial of service attacks to "automated posting of Twitter updates" (BIRDSONG, later replaced by SYLVESTER). Some sound obviously threatening or invasive: SPRING BISHOP is supposed to "find private photographs of targets on Facebook," potentially as a way to discredit them. Some were already known. And some are hard to reconcile with the glamorous image of spycraft. MOUTH pulls files from very public digital preservation site UNDERPASS was created to "change outcome of online polls," a process more closely associated with voting 4chan's founder the world's most influential person and sending rappers to Alaska.

It's all a far cry from tapping the phones of world leaders, destroying the hard drives of a major newspaper, or anything else that's come to light since Edward Snowden started posting information about the UK government.

But as Greenwald points out, references to things like denial of service attacks show that intelligence agencies are using the same tools that can get private citizens arrested. The fact that they sound like teenagers making up spy names is both an odd tribute to internet culture and a reminder that teenage forum trolls are already frighteningly effective. The more our lives are online, the more mundane tools can serve up the sort of information that lets surveillance organizations track what we're doing. All they need is a fruit bowl, a bumblebee dance, and the X-Men.