UK Gov And Met Police Implicated In TrapWire Surveillance Scare

Tom Brewster is TechWeek Europe's Security Correspondent. He has also been named BT Information Security Journalist of the Year in 2012 and 2013.

Number 10 and Scotland Yard named in leaked emails from Wikileaks

Leaked emails from Wikileaks have implicated the UK Government and police in a controversial surveillance network that has caught the attention of activist groups including Anonymous.

The emails, which came from the five million believed to have been stolen by Anonymous from geopolitical analysis company Stratfor, contain claims that Number 10 and Scotland Yard are customers of Abraxas, the alleged creator of the TrapWire surveillance service.

A Downing Street spokeswoman told TechWeekEurope it was not willing to confirm or deny use of TrapWire. However, the Metropolitan Police Service said it had “no knowledge of any contract or discussion re the product”.

TrapWire brings together data from CCTV cameras, license plate readers and open source databases. It is believed to use facial recognition technology and is designed to catch terrorists in their reconnaissance phases, when they are scouting out buildings for a potential attack. Activists are concerned TrapWire is overly intrusive on people’s privacy as it could be used to profile and store data on innocent people.

Government collaboration

On the website, the company claims to have clients that include government, law enforcement and intelligence agency bodies.

One of the leaked emails included communications purportedly between two Stratfor employees, one of whom talks of an agreement with Virginia-based Abraxas. “Their [Abraxas’] clients include Scotland Yard, #10 Downing, the White House,” the email reads.

“We have an agreement in principle with Abraxas (TrapWire) to provide ‘streaming sitreps’ to their clients via their desktop/homepage by the end of July.”

According to a whitepaper online, the TrapWire system gets more effective as the network grows bigger, as it can combine more data sources. Customers get a “visual monitor for the entire system” to determine when a terrorist is plotting.

“The collected data is recorded and stored in a standardised format to facilitate data mining, information comparison and information sharing across the network,” the paper read. “The TrapWire rules engine continuously searches for similarities, linkes and patterns among threat data collected across the network and shares correlated data with all affected facilities.”

Although reports have indicated TrapWire scours social networks for relevant data, none of the documents seen by TechWeekEurope have confirmed it.

Another leaked email indicated Stratfor was planning on pushing TrapWire  at two major technology firms – Google and “Salesforce Hqs in San Fran is interested in TrapWire after I briefed them on their wonderful capabilities,” the email allegedly sent by another Stratfor employee read.

“I’ve been playing constant phone tag w/their [Google’s] security director, who I believe is traveling.”

Meanwhile, hacktivist collective Anonymous has turned its crosshairs on Abraxas, claiming TrapWire had been deployed in London as well as a host of US cities, including New York and LA.

“The more we learn about TrapWire and similar systems, it becomes absolutely clear that we must at all costs shut this system down and render it useless,” a message from Anonymous cell the ‘Peoples Liberation Front’ read.

“A giant AI electronic brain able to monitor us through a combination of access to all the CCTV cameras as well as all the online social media feeds is monstrous and Orwellian in it’s implications and possibilities. The Peoples Liberation Front and Anonymous will now put forth a call to arms, and initiate the doom of this evil and misbegotten program.

“We will find, hack – and destroy the servers where the AI ‘electronic brain’ of this program is housed.”

Currently, the Abraxas Corporation website is inaccessible, but it is unclear whether this is because of a DDoS strike.

Wikileaks released the emails on mirror sites, as its main websites are currently out of action, thanks to what Julian Assange’s organisation believes is a massive distributed denial of service (DDoS) attack. Over Twitter, the group claimed the hit was above 10Gbps, which is fairly sizeable in DDoS terms, although such mega-sized hits are growing in prominence, according to exclusive figures released by TechWeekEurope last month.

Wikileaks suspects the US government is behind the DDoS strikes. “By attacking us all the US does is make our networks stronger, present in more countries and with a higher degree of popular support,” it said over Twitter.

“Or, the US can choose not to attack us, in which case we have more resources to allocate to publications and research. Either way, we win.

How pro-privacy are you? Test yourself with our quiz!