According to The Intercept, America's NSA and Britain's GCHQ engaged in the 'reverse engineering' of some of the most popular antivirus products. The controversial practice involves extracting the information relating to the make-up of the software and then re-producing it.
The agencies are accused of tracking the online activities of those using the targeted software programs, as well as reading the emails of various companies and individuals.
It's also thought that because some of the world's most popular antivirus programs were infiltrated, potentially hundreds of millions of people would be exposed to dangerous online viruses.
Among those targeted by the agencies was Russian anti-virus company Kapersky, with the documents alleging that the NSA and GCHQ reverse engineered Kapersky's software to gain an understanding of how various programs worked, while they also searched through emails sent to the company.
NSA reads emails sent to anti-virus companies to learn about malware signatures. Proof of concept was on Kaspersky pic.twitter.com/O4smh9hGgB
— Frederic Jacobs (@FredericJacobs) June 22, 2015
Because antivirus software acts to pick up dangerous viruses and malware, attacking such antivirus programs may have prevented the agencies being detected, and allowed them to search through computer systems.
Questions Over Legality
The numerous revelations of NSA and GCHQ surveillance have triggered a debate about whether the agencies are acting within the boundaries of the law, with the new leaks also shrouded in controversy over their legality.
The Intercept notes that the agencies conducted reverse engineering over some antivirus products "under questionable legal authority" despite applying for a "top secret" warrant to carry out the practice.
#NSA & #GCHQ undermined security software to breach networks, repeatedly targeting @kaspersky http://t.co/EMFjzBMf96 pic.twitter.com/FjZ3QEp5DZ
— Anonymous (@YourAnonNews) June 25, 2015
This comes as GCHQ was last week found guilty of illegally spying on two human rights groups by the UK's court for intelligence agency matters, the Investigatory Powers Tribunal (IPT).
GCHQ was found guilty of violating its own internal procedures and keeping hold of emails for longer than is legally permissible.
Snooping Continues Despite Public Backlash
Despite a public backlash against the actions of GCHQ and their surveillance techniques, and news that US authorities were restricting the privileges given to spies, the British government is pushing for greater surveillance powers for intelligence agencies.
The controversial plans, dubbed the Snoopers' Charter, would allow the police and security services greater access to communications data, including online apps and emails.
While human rights and civil liberty campaigners have attacked the government's approach in pursuing the Snoopers' Charter — also known as the Draft Communication Bill — officials have argued that these extra powers are essential in helping to tackle the threat of extremism, as it would allow authorities to track down suspected terror threats.
