Agency spies snooped on online gaming worlds, including World of Warcraft, Second Life and Xbox Live

Filed Under: Featured, Privacy

World of Warcraft image taken from wallpaper image, courtesy of pozadia.orgOnline games are, or at the very least have been in the past, thick with spies, the latest disclosure from whistleblower Edward Snowden shows.

The US and British spying agencies - the National Security Agency (NSA) and GCHQ - have deployed undercover agents working behind avatars in online games such as those on Xbox Live, World of Warcraft, and Second Life, according to the newly released files.

In fact, there have been so many FBI, CIA, and Pentagon spooks kicking around as elves, Orcs and supermodels, a "deconfliction" group is needed to avoid them all colliding into each other, according to the newly released, top-secret documents.

The Guardian obtained the latest files to come out in NSA-gate. Written in 2008, they're titled "Exploiting Terrorist Use of Games & Virtual Environments."

The Guardian published the documents on Monday in partnership with the New York Times and ProPublica.

In the files, the NSA said that terrorists were already operating with the help of internet-enabled communications such as email, Voice over IP (VoIP), chat, proxies, and web forums, so it was "highly likely" they'd use the same type of communication channels in games and virtual environments (GVEs).

The NSA analyst or analysts who authored the files noted that GVEs at the time were offering private chat, group chat, chat to an alias, and broadcast chat, via both text and voice.

Xbox Live also allowed a bunch of those technologies to converge, allowing gaming over the Xbox 360 console and/or messaging over a PC with normal MSN chat.

Second Life, meanwhile, offered anonymous SMS texting and anonymous phone calling, the NSA noted, while some games allowed third-party interfaces that permitted limited functions within a browser - a good way to get by without high bandwidth, as is the case in internet cafés, for example.

All those places to connect, interact or share would be prime operating ground for terrorist web forums, the NSA pointed out.

What's more, the games offer realistic training in weapon use, military operations and tactics, photorealistic land navigation and terrain familiarization, and leadership skills: a perfect place to learn how to carry out terrorist violence without risking any operatives.

From the files:

Some of the 9-11 pilots had never flown a real plane, they had only trained using Microsoft's Flight Simulator. When the mission is expensive, risky, or dangerous, it is often a wiser idea to exercise virtually, rather than really blow an operative up assembling a bomb or exposing a sleeper agent to law enforcement scrutiny.

The intelligence agencies have prepared to track targets training in these online gaming forums for terrorist actions by building mass-collection capabilities against the Xbox Live console network, which has more than 48 million players.

The spying organizations have also deployed agents in the virtual realms, whether they be hidden amongst hordes of Orcs in World of Warcraft or posing as human avatars in Second Life.

They targeted Al Qaida terrorists, Chinese hackers, an Iranian nuclear scientist, Hizballah, and Hamas members, the documents show.

According to the New York Times, by the end of 2008 GCHQ had set up its "first operational deployment into Second Life" and had helped the police in London to crack down on a crime ring that had moved into virtual worlds to sell stolen credit card information.

The operation, code-named Operation Galician, was aided by an informer using a digital avatar "who helpfully volunteered information on the target group's latest activities", the newspaper quoted the files as saying.

Online gaming was so thick with spies at the time of the files' release, agents were all "very interested in forming a deconfliction and tipping group" to avoid bumping into each other, the documents say.

GVEs are, in fact, "an opportunity!" the NSA enthused, presenting the capability of computer network exploitation, social network analysis, tracking of identity via photos and other IDs, geo-location of targets, and sweeping up communications.

From the files:

It has been well documented that terrorist [sic] are OPSEC and tech saavy [sic] and are only getting more so over time. These applications and their servers however, are trusted by their users and makes an [sic] connection to another computer on the Internet, which can then be exploited. Through target buddylists and interaction found in the gaming and on gaming web sites, social networks can be diagramed [sic] and previously unknown SIGINT leads and connections and terrorists cells discovered.

But while online gaming sounds perfect for use by terrorist networks, and while it might very well present a ripe opportunity for intelligence agents to track them or trip them up, actually finding terrorists is, apparently, another matter entirely.

At any rate, beyond the London crime ring, if the NSA or GCHQ have ever stopped a terrorist attack or found terrorists operating in online gaming, the documents don't describe it.

The New York Times reports that according to one document, while GCHQ was testing its ability to spy on Second Life in real time, its officers collected three days’ worth of Second Life chat, instant message and financial transaction data, totaling 176,677 lines of data, including the content of the communications.

The documents don't describe, however, the broader scope of communications collected. Neither did the NSA bring up issues about gamers' privacy in the documents, describe how the agencies access the data, nor make clear how it was avoiding the illegal monitoring of innocent US persons whose identity and nationality may have been hidden behind an avatar.

A spokesman for Blizzard Entertainment, the company behind World of Warcraft, told then Guardian that whatever surveillance that might have taken place would have happened behind the company's back:

We are unaware of any surveillance taking place. If it was, it would have been done without our knowledge or permission.

Microsoft declined to comment, as did Philip Rosedale, the founder of Second Life and former CEO of Linden Lab, the game's operator, while company executives didn't respond to the news outlets' requests for comment.

As far as whether gaming surveillance is ongoing, the US government, at least, isn't saying.

There have been discussion threads in gaming forums that show that since the Snowden revelations began, gamers have worried whether they were being monitored.

Now, we know.

Image from World of Warcraft wallpaper courtesy of

, , , , , , ,

You might like

17 Responses to Agency spies snooped on online gaming worlds, including World of Warcraft, Second Life and Xbox Live

  1. alatariel1092 · 626 days ago

    Well, I hope the NSA enjoys listening to hours of 10-yr-olds shouting insults at each other on COD.

    • Anonymous · 626 days ago

      Right. But then again, how do you know those 10-year-old temper tantrum throwers aren't actually secret agents?

    • Anonymous · 626 days ago

      Yes, especially if they remember that their salaries are paid with the tax payers money!

  2. Antonio Manuel · 626 days ago

    "Some of the 9-11 pilots had never flown a real plane, they had only trained using Microsoft's Flight Simulator..." ...yeah right...

    • alatariel1092 · 624 days ago

      The only thing MS Flight Simulator ever trained me to do was swear copiously b/c it never worked right.

  3. I note that like some, perhaps all, of the other revelations from Snowden this dates back to 2008 (XKeyscore springs to mind). It's something I've not seen mentioned much but 5 years is a *long* time in software and technology - 5 years ago Windows Vista was the latest and greatest from Redmond.

    I can't help wondering what's been happening since.

  4. Andrew · 626 days ago

    This is most definitely old news and technology has advanced a great deal. I put nothing passed the NSA or GCHQ and definitely nothing passed the terrorists. With the advancements made, it has become a real cat and mouse game and by the look of it a game no one can really win.

  5. Anonymous · 626 days ago

    WOW! How can I get a job at the NSA and GET PAID to play World of Warcraft? Who do I have to F--k to get in on THAT DEAL??

  6. Jonathan Stevens · 626 days ago

    So, exactly what is the NSA going to get out of a WOW match? Just curious.

  7. Srsly Guys · 625 days ago

    Did anyone actually read the paper? It says nothing to indicate this is happening, it just sounds like someone's brainstorm.

    • You are correct that the paper linked from this story is a briefing or a brainstorm. However it's only part of the story - The Guardian, New York Times and Pro Publica (the custodians of the Snowden data) are quite clear that this paper was subsequently acted upon.

      It seems that the intelligence agencies involved started gathering data from online worlds in response to their sudden rise in the mid to late part of the last decade. The only thing they don't know is if it's still happening.

      You can find a transcript of a discussion between journalists from the 3 organisations discussing the matter here:

      • Srsly Guys · 625 days ago

        "The Guardian, New York Times and Pro Publica are quite clear that this paper was subsequently acted upon." So what you're saying is, you read the original documents which don't back any of these assertions, and chalk it up to "the journalists know what's going on".

        What you CAN count on, is that each of those outlets is interested in trading FUD for readership.

        • No, that isn't what I'm saying.

          The words in the transcript are no more and no less trustworthy than the 'original' document because they both have the same provenance.

          Since you indicated that you believed the document it's reasonable to point you in the direction of the people who supplied it and say "they also said this."

          The articles, the transcript and the 'original' document have, unavoidably, a single source. In that situation we have to make a judgement about what we think is likely to be true and be transparent about sources so that readers can determine the level of authority they're prepared to invest in the story.

          Whatever your level of scepticism it makes no sense to label one thing from the sole source as truth and another as FUD when the truthfulness of the thing you said is true is vouched for only by the words of the person you just said was spreading FUD.

          • Srsly Guys · 624 days ago

            I can't unravel your runon sentences, but what I think you're saying is "the original article came from the same source as the document, therefore they have the same level of correctness". Which is not a valid assumption.

            That falls into the same category as reading the "nuclear launch code was 00000000" articles and then claiming that "Soviet spies launched an American rocket using the code 00000000".

            • No, it doesn't. The provenance for the claims made by the article and in related materials are the same. The provenance for the two claims you made in your example are different.

  8. Anonymous · 625 days ago

    This is the best fecking excuse ever to be allowed to play online games while at work!!!

    Note to editor: if fecking is not appropriate, please change to

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

About the author

I've been writing about technology, careers, science and health since 1995. I rose to the lofty heights of Executive Editor for eWEEK, popped out with the 2008 crash, joined the freelancer economy, and am still writing for my beloved peeps at places like Sophos's Naked Security, CIO Mag, ComputerWorld, PC Mag, IT Expert Voice, Software Quality Connection, Time, and the US and British editions of HP's Input/Output. I respond to cash and spicy sites, so don't be shy.