Rogue UK and US spies 'help safeguard Tor network'

Extremists and paedophiles protected by 'white hat' hackers in GCHQ and NSA, says unconfirmed BBC report.

Andrew Lewman
Andrew Lewman

A new report that rogue GCHQ and NSA agents are helping keep the Tor network safe from their own agencies has sent shock waves through the security community.

The claim would mean individuals in the intelligence services are helping to secure a network that is notorious for shielding paedophiles and extremists, as well as activists.

The Tor (The Onion Router) browser enables people to use the internet anonymously by routing their communications through a free global network of thousands of relays.

And Andrew Lewman, who is responsible for all Tor's operations, has told the BBC that it receives tips from security agency sources on "probably a monthly" basis about bugs and design issues that potentially could compromise the service.

By helping Tor fix these flaws, these ‘sources' are deliberately undermining their colleagues' efforts to hack into the ‘dark web' and catch criminals.

Lewman told the BBC: "There are plenty of people in both organisations who can anonymously leak data to us to say, ‘maybe you should look here, maybe you should look at this to fix this' - and they have."

The corporation stresses Lewman's allegations are based on a “hunch” as he had not confirmed those concerned were from the two agencies.

But Lewman argued: "You have to think about the type of people who would be able to do this and have the expertise and time to read Tor source code from scratch for hours, for weeks, for months, and find and elucidate these super subtle bugs. And the fact that we take a completely anonymous bug report allows them to report to us safely."

The BBC's report follows a 5 August story from global news agency CNN that there is a second pro-privacy ‘mole' in the NSA who has leaked documents since Edward Snowden fled.

Respected cyber security blogger Bruce Schneier followed this on 7 August by saying documents published in the German media suggest a third ‘leaker'.

But it is not clear whether the alleged ‘moles' in the Tor case are pro-privacy or are protecting their own nefarious use of Tor.

Lewman told the BBC: “it came out that GCHQ heavily relies on Tor working to be able to do a lot of their operations. So, you can imagine one part of GCHQ is trying to break Tor, the other part is trying to make sure it's not broken because they're relying on it to do their work.

"It's typical within governments, or even within large agencies, that you have two halves of the same coin going after different parts of Tor. Some protect it, some to try to attack it."

His claims have been greeted with a mix of shock and disbelief within the UK cyber security community.

Alan Woodward, who has carried out consultancy work for GCHQ and is a visiting professor with Surrey University's Department of Computing, doubted the claims but said the report has likely have sparked off a manhunt within the agencies for the alleged moles.

“I'm surprised at the allegation,” he told SCMagazineUK.com. “But if there was any basis for it, then those organisations are going to be extremely upset and take it very seriously. I wouldn't be at all surprised if they are being hunted because what they're doing, it really does damage the capabilities of these organisations.”

Woodward said that Tor safeguards extremists – a highly sensitive issue after the death of American journalist James Foley.

“We've got evidence on the news daily about the battle we're in with these people, so by telling people how we're managing to track them down and how we're able to monitor them, you really are doing damage to national security and to the abilities of the law enforcement agencies.”

He added: “We've seen a lot of stories recently about law enforcement success against paedophiles using Tor. If you're telling people how to avoid detection, that's obviously going to be taken very seriously by any intelligence or law enforcement agency.”

Another cyber security expert Adrian Culley, a former detective in the Scotland Yard Computer Crime Unit, simply dismissed Lewman's claims.

“I just don't believe that anybody who values their career on that side of the barbed wire would be doing that for him,” Culley told SC.

“If they are, they will be found and arrested and dealt with because what they're doing is a criminal offence. But I think it's him being at best highly optimistic – I think he's been caught up in the whole romantic side of the Edward Snowden saga rather than the actuality.

“There may be people telling him there are flaws in The Onion Router. It doesn't mean they're from the NSA and GCHQ.”

Lewman said that the Tor browser, which is based on Firefox and is available for Windows, Mac and Linux PCs, has been downloaded 150 million times in the past year, and currently supports about 2.5 million users a day.

Both GCHQ and the NSA declined to comment to the BBC.