In a speech at NATO's Brussels headquarters June 19, GCHQ chief Jeremy Fleming said his agency had worked with "European colleagues to share understanding of how to protect democratic elections", as well as playing a "critical role in the disruption of terrorist operations" in at least four European countries in 2017 alone.
"Almost everything we achieve in GCHQ is dependent on our partners, and of course it includes the increasingly strong partnerships we have with all of our European allies. Those relationships, and our ability to work together, save lives. That will continue after Brexit, for the benefit of the UK and for Europe," he said.
The UK's role in the 'Five Eyes' global spy alliance, in which member countries — the US, UK, Australia, Canada, New Zealand — share intelligence gained via both legal and illegal methods, has long been said by analysts to potentially afford Britain significant leverage in Brexit negotiations. Fleming's intervention marks the first time it has been publicly invoked as a bargaining chip — although given his agency's record of spying on European governments and businesses, other Member States may not be receptive to his statements.
For instance, top secret documents released by US National Security Agency whistleblower Edward Snowden show GCHQ surveilled several German companies, infiltrated their networks and spied on employees.
The files reveal GCHQ and the NSA were particularly interested in developing wider knowledge of Internet traffic flowing through Germany. Of particular interest to GCHQ was Stellar, a company based in the town of Hurth near Cologne, which operates a satellite ground station and offers internet providers, telecommunications companies and even governments with 'teleport' services.
The operation was largely directed at Internet exchange points used by the ground station to feed communications of large customers into the broadband Internet. In addition to spying on the Internet traffic passing through these nodes, the GCHQ workers state they are also seeking to identify important customers of the German teleport providers, their technology suppliers as well as future technical trends in their business sector.
Also targeted were CETel and IABG. The latter is an aerospace and space technology firm, which creates solutions for "security issues, for prevention and reactions against dangers like terrorism and attacks against critical infrastructure." It counts the German Defense Ministry and the Bundeswehr as important clients. "
The same document trove also exposed how GCHQ and the NSA spied on 122 country leaders, including the heads of major European countries, such as Chancellor Angela Merkel.
GCHQ also targeted Belgacom, a partly state-owned Belgian telecoms company, with a cyberattack intended to "enable better exploitation" of the company and improve understanding of the provider's infrastructure.
The attack was directed at several Belgacom employees and involved the planting of a highly developed attack technology referred to as a "Quantum Insert" which planted malware on computers so GCHQ staff could manipulate them. Some of the employees targeted had "good access" to major parts of Belgacom's infrastructure, much to the delight of the spying network.
The company was forced to replace thousands of its computers at a cost of several million euros, and Elio di Rupo, the country's then-prime minister, called the hack a "violation." One of the country's top federal prosecutors also opened a criminal investigation into the intrusion.
Guilt to Share
However, the documents also demonstrated German, French, Spanish and Swedish intelligence services all developed methods of mass surveillance of internet and phone traffic in close partnership with GCHQ.
The effective eavesdropping alliance allowed intelligence agencies from one country to cultivate ties with corporations in others, to facilitate the monitoring of web traffic across the continent. GCHQ also played a leading role in advising European counterparts how to circumvent national laws meant to restrict the power of intelligence agencies. Such activity was allegedly carried out without the knowledge of national governments in some instances.
In a country-by-country survey of its European partners, GCHQ staff expressed admiration for the technical capabilities of German intelligence in 2008, saying he Federal Intelligence Service had "huge technological potential and good access to the heart of the internet — they are already seeing some bearers running at 40Gbps and 100Gbps".
Conversely, Italy was judged as a poor partner, with employees evidently becoming frustrated at the bickering between Italian agencies and the strict legal limits on their activities.
"GCHQ has had some CT [counter-terrorism] and internet-focused discussions with both the foreign intelligence agency (AISE) and the security service (AISI), but has found the Italian intelligence community to be fractured and unable/unwilling to cooperate with one another. The Italians had seemed keen, but legal obstacles may have been hindering their ability to commit," the document stated.