Feeds

GCHQ was called in to crack password in Watkins child abuse case

Not just battling terrorists, it hunts down online predators too

Reducing security risks from open source software

It was operatives at British intelligence agency GCHQ who cracked the password on the laptop of "determined paedophile" Ian Watkins, a court heard on Tuesday.

The evidence heard in court related to child abuse images held in cloud storage, whose password the GCHQ unit had to "crack" to gain access to them.

Ian Watkins, 36, from Pontypridd in Wales, pleaded guilty to 13 sexual offences, including two of attempting to rape a baby, at a hearing at Cardiff Crown Court. He denied a charge of rape.

He also pleaded guilty to three counts of sexual assault against children, seven involving possessing images of child abuse and one of possessing an extreme pornographic image involving a sex act on an animal.

Two women accused of facilitating the offences by Watkins, the former lead singer of alternative rock band Lostprophets, also made last-minute guilty pleas at the same hearing, after a jury had already been sworn in for a planned trial. Their pleas mean that a trial will not take place.

"You have been saved from having to watch extremely graphic and distressing material," the BBC reported Mr Justice Royce as telling the court.

The women cannot be named for legal reasons. The first woman, whom the court called "Woman A", admitted the attempted rape of a baby and two charges of sexual assault as well as taking and distributing an indecent photograph of a child. She denied a charge of rape.

The second, "Woman B", pleaded guilty to conspiring to rape a child, three sexual assault charges and four charges of taking, possessing or distributing indecent images.

He will be sentenced on 18 December.

The attempted rapes, which took place in a hotel room in London's Shepherds Bush in April 2012, were captured on video and uploaded to a cloud storage facility. Government security service GCHQ cracked the password to allow access to Watkins' files, according to court reports (Wales Online and The Guardian).

The National Technical Assistance Centre of ‪GCHQ‬ provides assistance to police in such cases, the privacy advocacy and government surveillance monitoring Spy Blog notes.

In a statement by South Wales Police, Detective Chief Inspector Peter Doyle, senior investigating officer, said two young children had already been removed from abuse as part of the ongoing investigation. He said investigators would continue to seek out other potential victims. The UK's specialist child protection police unit (CEOP), interpol and the US Department of Homeland Security have all contributed to the investigation, he added.

The investigation has been extremely complex and challenging with key information and evidence being identified from witnesses worldwide.

A significant amount of electronic data has been retrieved from computers and web based storage which has provided crucial evidence to support the case.

South Wales Police has worked in partnership with Interpol, other police forces, the National Crime Agency’s CEOP, local authorities in England and Wales, the Department of Homeland Security in the USA and the NSPCC.

Today’s outcome does not mark the end of our investigations and we will work tirelessly to identify any other victims or witnesses and seek the justice they deserve.

GCHQ's role in the investigation goes is not specifically noted in the police statement, although investigators from the agency, who were tasked with gaining access to Watkins' laptop, discovered that Watkins had "If***kids" set as his password.

GCHQ's assistance to the Child Exploitation & Online Protection Centre (CEOP) more generally was discussed by Sir Iain Lobban, director of the UK's eavesdropping nerve centre, during a high-profile public hearing before Parliament's Intelligence and Security Committee earlier this month.

During the hearing, Lobban acknowledged a previously unreported working relationship with CEOP and overseas partners in child abuse cases, as attested by an extract from the transcript. In the PDF, he explains that GCHQ's signals intelligence work extends beyond counter-terrorism.

It is not simply about terrorism; it is also about serious crime. I could mention some of the work we do with the Child Exploitation Online Protection Agency; in terms of working with them to uncover the identities and track down some of those who are involved in online sexual exploitation of children within the UK, including from overseas. There is a recent case where we managed to do that, where we used our intelligence capabilities to identify those and with the help of the foreign partner then to bring them to justice and two people are now in jail.

Google and Microsoft recently bowed to political pressure in the UK by agreeing to tweak their search engines to make it harder for perverts to find child abuse images online.

UK Prime Minister David Cameron told a recent meeting of ISPs at Downing Street that GCHQ would be brought in to fight child abuse images on the so-called "dark net". The prime minister also used the meeting as an opportunity talk up the "techniques, ability and brilliance of the people involved in the intelligence community, in GCHQ and the NSA in America".

The revelations about the spook agencies' work against crime – especially GCHQ's role in helping children under threat – comes at a time when the respective agencies sorely need a bit of good PR in the wake of disclosures about mass surveillance, fibre optic cable-tapping and weakened internet encryption supplied by ongoing leaks from the NSA's Edward Snowden. ®

Mobile application security vulnerability report

More from The Register

next story
LibreSSL RNG bug fix: What's all the forking fuss about, ask devs
Blow to bit-spitter 'tis but a flesh wound, claim team
Microsoft: You NEED bad passwords and should re-use them a lot
Dirty QWERTY a perfect P@ssword1 for garbage websites
Manic malware Mayhem spreads through Linux, FreeBSD web servers
And how Google could cripple infection rate in a second
NUDE SNAPS AGENCY: NSA bods love 'showing off your saucy selfies'
Swapping other people's sexts is a fringe benefit, says Snowden
L33t haxxors compete to p0wn popular home routers
EFF-endorsed SOHOpelessly Broken challenge will air routers' dirty zero day laundry
Own a Cisco modem or wireless gateway? It might be owned by someone else, too
Remote code exec in HTTP server hands kit to bad guys
British data cops: We need greater powers and more money
You want data butt kicking, we need bigger boots - ICO
Crooks fling banking Trojan at Japanese smut site fans
Wait - they're doing online banking with an unpatched Windows PC?
prev story

Whitepapers

Top three mobile application threats
Prevent sensitive data leakage over insecure channels or stolen mobile devices.
The Essential Guide to IT Transformation
ServiceNow discusses three IT transformations that can help CIO's automate IT services to transform IT and the enterprise.
Mobile application security vulnerability report
The alarming realities regarding the sheer number of applications vulnerable to attack, and the most common and easily addressable vulnerability errors.
How modern custom applications can spur business growth
Learn how to create, deploy and manage custom applications without consuming or expanding the need for scarce, expensive IT resources.
Consolidation: the foundation for IT and business transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.