NSA Extended Tentacles to Ensure Games Like World of Warcraft, Second Life Weren’t Beyond Its Reach
The National Security Agency targeted Internet communications features in games or virtual environments like Second Life, World of Warcraft (WoW) and XboxLive, according to documents obtained from former NSA contractor and whistleblower Edward Snowden.
Documents from 2008, reported and published in partnership by The New York Times, The Guardian and ProPublica, show that online game spaces were considered a “potentially lucrative venue” for the collection of data for counter-terrorism. The CIA, FBI and Defense Human Intelligence (HUMINT) Service target online games with operations as well and to even potentially develop informants.
The NSA and GCHQ, the British spying agency, conducted an “online gaming research effort focusing on WoW.” An NSA mission development center in Menwith Hill in Yorkshire and the GCHQ used “SNORT, an open source packet-sniffing software,” to “filter out WoW packets” of data. The NSA developed scripts to “process the traffic and produce Warcraft metadata,” which was sent back to GCHQ for analysis, target development and network knowledge enrichment.”
“By fusing information from different systems, databases and resources, GCHQ has correlated target entities to WoW logon events and continues to uncover potential SIGINT value by identifying accounts, characters and guilds related to Islamic Extremist Groups, Nuclear Proliferation and Arms Dealing,” one document indicated.
A separate document said “al Qaeda terrorist target selectors” had been found when targeting network traffic of XboxLive, Second Life, WoW and other online games. That suggests keywords of interest matched data in various NSA databases. “Chinese hackers, an Iranian nuclear scientist, Hezbollah and Hamas members,” were all apparently detected using online games placed under surveillance.
Both NSA and GCHQ recognized they could utilize “WoW messages” that contained “country and time zone information, local IP addresses and realm server addresses.”
The agencies found, “In terms of active target development, there are clear parallels: traditional SIGINT [signals intelligence] development may follow emails, chat and buddy lists, whereas WoW target development may follow character IDs and logons, gaming communication channels and guilds.”
Agencies are apparently enthusiastic: “GVEs [games and virtual environments] are an opportunity!”
“We can use games for: CNE exploits, social network analysis, HUMINT targeting, ID tracking (photos, doc IDs), shaping activities, geo-location of target and collection of comms,” the agencies believed.
The NSA believed it could target buddy lists and interactions in gaming and on gaming web sites or social networks that could then be diagrammed to develop further “leads” or “connections,” which would lead to the discovery of terrorist cells.”
Yet, in the process, one of the key things the NSA and GCHQ knew it would be doing is exploiting the trust that users have for the servers and applications behind these spaces. They planned to use online games to find “online presence indicators, geolocation and ID tracking for use in “apprehension operations,” which could mean the capture or arrest of targets.
There apparently was awareness in 2008 that far too many agents were trying to exploit the space for intelligence.
“The FBI, CIA and the Defense Humint Service all have HUMINT operations in Second Life and other GVEs and are very interested in forming a deconfliction and tipping group that would be able to collaborate on operations,” according to the NSA.
What “deconfliction” means is letting another user know they are an agent if they are being targeted and exploited by another agent. So, while the NSA believed that “terrorists” would use the “feature-rich Internet communications media for operational purposes such as email, VoIP, chat, proxies and web forums,” by 2010, online games were already being populated to significant extent by agents or analysts working for US intelligence.
In 2008, as the documents indicate, the NSA could not recognize traffic. “It is impossible to even say what percentage of the environment is GVE, let alone determine how targets are using the communications features of GVEs.”
The NSA and GCHQ planned to develop tools so linguists and analysts could view or experience voice, text or video traffic together and “archive” the data associated with reporting, which would be “essential for Yahoo, Skype, webcam VTCs or Biometrics.”
Resources being put into developing ways to target online gamers who may allegedly be involved in terrorist activities may not even be worth the effort.
From the Times’ report:
Games ‘are built and operated by companies looking to make money, so the players’ identity and activity is tracked,’ said Peter W. Singer of the Brookings Institution, an author of ‘Cybersecurity and Cyberwar: What Everyone Needs to Know.’ ‘For terror groups looking to keep their communications secret, there are far more effective and easier ways to do so than putting on a troll avatar.’
If there are very, very few terrorists, who are using online games, then that should increase concerns about NSA and GCHQ intercepting communications exponentially.
Targeting of users in World of Warcraft is being done without permission, according to Blizzard Entertainment, the company behind WoW. Less clear is whether the NSA or GCHQ obtained some permission to put XboxLive or Second Life traffic under surveillance. Both Microsoft and Linden Lab, the company behind Second Life, would not provide comment to the Times.
Infiltration of online gaming worlds means thousands upon thousands of users could have had their personal data collected and stored without a warrant.
It is but another example of the NSA’s hoarding complex—its need to collect it all. And, again, there is no indication whatsoever that this has provided anything of value to the NSA in its effort to prevent or thwart terrorism. The NSA simply believed terrorists might be able to use the communications and, like an octopus, extended its tentacles to make sure online games were no longer beyond the US intelligence community’s reach.