We haven't been able to take payment
You must update your payment details via My Account or by clicking update payment details to keep your subscription.
Update payment details
Act now to keep your subscription
We've tried to contact you several times as we haven't been able to take payment. You must update your payment details via My Account or by clicking update payment details to keep your subscription.
Update payment details
Your subscription is due to terminate
We've tried to contact you several times as we haven't been able to take payment. You must update your payment details via My Account, otherwise your subscription will terminate.
Update payment details

Accessibility Links

Skip to content
The Times & The Sunday Times
The Times & The Sunday Times
  • Subscribe
Subscribe

GCHQ tells how to catch a terrorist

Deborah Haynes
The Times
The step-by-step guide as it appears on the GCHQ website
The step-by-step guide as it appears on the GCHQ website
Deborah Haynes
The Times

In a rare piece of publicity, GCHQ yesterday released a “how to” guide for spies hunting terror suspects.

The six-step course on spycraft appeared to be an attempt by the agency to demonstrate the importance of intercepting private communications ahead of what is expected to be a heated debate after the election on new legislation to enable MI5, MI6 and GCHQ to access and interrogate bulk data.

Under the heading “initial lead”, GCHQ set out a case study whereby an MI6 source sees a facilitator who is a member of Islamic State pass a package of handwritten information to a stranger along with the message that it contains “information for the brothers in the United Kingdom that will cause carnage across London”.

The stranger had a mobile phone and a tablet.

Such a tip-off would be enough to trigger the next step: “early detective work”, GCHQ says.

Advertisement

Permission would be given to probe all data associated with the facilitator to try to identify the stranger.

Next comes the analysis – using fragments of extracted information to find a lead.

If that draws a blank, GCHQ staff could target the tablet, using data-mining techniques to identify activity on the internet that might relate to the stranger’s device.

Step five is entitled “digging deeper”, when analysts have narrowed down the leads to justify a request to search actual content within the data held.

“Looking at the user of the tablet we have identified, we see indications of online extremist behaviours,” the guide, posted on GCHQ’s website, says.

Advertisement

“Running the details of the internet service account against GCHQ’s database of known targets we find it has come up in connection with a previous investigation and the user has been identified. We now have a name that could belong to our stranger.”

The final step is called “results”, which explains how signals intelligence can be a “powerful tool to answer seemingly impossible questions”.

The GCHQ guide says: “We can hone in on the most likely targets and only when we have sufficient justification that a lead is suspicious do we have the ability and resource to dig deeper and look at content to progress our investigations.”