GCHQ in the UK

You may know that the UK's GCHQ intelligence agency pokes its nose into people's internet service accounts, but it's now clear that the spy outfit is mapping the internet connections of whole nations, too. Heise has obtained documents showing that a GCHQ system, Hacienda, can scan every internet address in a given country to see both the connection types in use (such as web servers) as well as any associated apps. The scanning platform is looking for relevant targets and any exploitable security holes; if a target is running software with known vulnerabilities, it's relatively easy for agents to break in and either swipe data or set up malicious websites that trick suspects into compromising their PCs. Poring over this much data would normally be time-consuming, but there's a companion system (Olympia) that makes it easy to find useful information within minutes.

The technology itself isn't shocking; anyone can do this, if they don't mind incurring the wrath of internet providers and law enforcement. However, the global scale of Hacienda is bound to raise eyebrows. Agents had scanned 27 whole countries as of 2009, along with parts of five others -- it's clear that the goal is to have complete national network maps on demand, whether or not they're really needed for investigations. GCHQ can also hand its findings over to the NSA and other intelligence groups. There are ways to thwart this probing, such as the early version of an internet stealth protocol (TCP Stealth), but it could be a while before you're completely off the radar.

[Image credit: UK Ministry of Defense, Flickr]