ThinThread spy system secretly tested on New Zealand population

The author Tim Shorrock revealed that the US spy system ThinThread was tested on the unsuspecting population of New Zealand from 2000 to 2001

ThinThread is the name of a project that the National Security Agency conducted during the 1990s, the program was focused on sophisticated techniques for wiretapping and intelligence analysis. The program was discontinued after the September 11, 2001 attacks when Director of NSA Gen. Michael V. Hayden promoted a new system known as Trailblazer Project. For the project were awarded to a consortium led by Science Applications International Corporation around $280 million to develop Trailblazer in 2002.

User’s privacy once again menaced by a complex and secret system able to capture any activity from the victim’s machine, unfortunately, stories like this have become the order of the day. The main users of these malicious codes are precisely the governments that draw opponents, but also suspected subversives, through the IT tools, often trampling on the rights of Internet users.

This time we discuss about a singular case, a US surveillance tool able to analyzed communications without a warrant was sent to New Zealand for testing on the public.

The revelation has been done by an espionage expert, the tool dubbed ThinThread in able to perform massive automatic interception of principal communications over the phone and Internet, including the ability to peep user’s email.

ThinThread has an engine for the analysis of information gathered and is able to automatically build a detailed profile of targets drawing a complete overview of their contacts and their habits.

The revelation is shocking, ThinThread was sent by the US National Security Agency to New Zealand for testing from 2000 to 2001 and it was available for government organizations including the Government Communications Security Bureau (GCSB) according  Tim Shorrock, author of various essays on intelligence issues. Mr Shorrock declared that the “ThinThread prototype” was deployed by NSA in his listening posts at Fort Meade.

The Government Communications Security Bureau is an intelligence agency of the New Zealand government and is known also for the collaboration with US intelligence.

According official source the mission of the agency is “to contribute to the national security of New Zealand by: providing foreign signals intelligence to support and inform Government decision making; providing an all-hours foreign intelligence watch and warning service to Government; ensuring the integrity, availability and confidentiality of official information through information systems security services to Government; and assisting in the protection of the national critical infrastructure from information-borne threats.”

The GCSB agency has been suspected several times for illegal public massive surveillance, the case of ThinThread was the last episode debated in order of time..

Official GCSB refuses to comment on claims communications were intercepted by the ThinThread test, he  reiterated that the intelligence agency “won’t confirm or deny” the claim because it was an “operational” matter.

The silence fell on the matter, the authorities are narrow in the strictest of confidence, also a New Zeland Government spokeswoman for Prime Minister John Key refused to comment the events.

The story of ThinThread was described by Shorrock last month in a magazine in an article featured whistleblower William Binney,  a former high-ranking NSA official who designed ThinThread.

Mr Shorrock revealed that ThinThread operated in three distinct phases:

• First phase: ThinThread intercepts all call conversation, email and internet traffic on a network and automatically focus analysis on specific targets using specific patterns of information.
• Second phase: ThinThread automatically anonymize the collected data so the identities stayed hidden “until there was sufficient evidence to obtain a warrant”.
• Third phase: ThinThread uses the raw data “to create graphs showing relationships and patterns that could tell analysts which targets they should look at and which calls should be heard.

What is really concerning is the diffusion of the agent, many other agencies and government requested its use as wrote in the article:

“In addition, several allied foreign intelligence agencies were given the program to conduct lawful surveillance in their own corners of the world. Those recipients included Canada, Germany, Britain, Australia and New Zealand.”

As written in the post published on The New Zeland Herald both governments of the US and New Zealand used a workaround to adopt the system declaring that ThinThread has the “ability to mask the identities of those whose information was being intercepted”

“The “lawful” aspect was due to the software’s ability to mask the identities of those whose information was being intercepted – a technical work around of the legal barrier which prohibits New Zealand and the US from spying on its own citizens.”

The Greens and Labor both have repeatedly  requested to GCSB to explain to the public whether it was spied on by ThinThread.

The fact that a large scale spying tool was deployed to spy on a foreign population is concerning and give us an idea of the value assigned by governments to citizen’s privacy, similar “experiments” are not acceptable.

Unfortunately, the list of massive systems monitoring is really long and situations like this are not an isolated case!

Pierluigi Paganini

(Security Affairs – Surveillance, ThinThread)