Sky News’ Defence Correspondent Alistair Bunkall meets GCHQ workers to see the surveillance methods used to catch terrorists.
The room is windowless, and surrounded by a bank of computer and television screens. A file of maps and intelligence is on a table in the middle.
I’m encouraged to scribble notes on the table as I go along.
I’m inside GCHQ, the UK’s cyber intelligence agency – more relevant than ever today, with the advance of technology and growing threats.
I’m being put through a surveillance operation by a GCHQ analyst, Louise. This has never been shown in public before.
The amount of data is overwhelming – phone logs, text messages, emails, internet history.
Within that, there is more – who called whom, from where, when, for how long?
The evidence is in front of me, somewhere, but the sheer amount of information is dizzying. Most of the data is irrelevant, not useful or even helpful.
The trick is to work out which bit is worth pursuing and avoid the red herrings. Spot the patterns, or identify the unusual or unexplained event.
“Usually you would try to identify individual targets. You’d have one person looking at some call data, and someone else looking at internet traffic,” explains Louise.
Phone records would typically cover a two week period so intelligence officers are not being too intrusive and looking at more data than they need to.
A warrant to listen to calls or read messages must be signed by a Cabinet minister and a judge.
“We have to weigh up how much we expect to get that is more sensitive in nature,” Louise says.
“Also whether there is any intelligence value. Once we actually have access to that content, if we find we’ve accessed something we shouldn’t have done then we have to report that.”
By listening to calls, reading emails and using partner agencies like MI5 to follow targets on foot, analysts can get to know every little detail about targets’ lives.
I ask another intelligence officer, Sunny, if they ever get too close.
“That can happen that can happen,” Sunny replies.
“It really does depend on the targets but also our level of access. What is it that we actually following somebody for?
“What level of detail do we need? We won’t try to find out everything about everyone, every single aspect about something, if we’ve already got what we need.
“But it can happen. You get to know your targets pretty well.”
When an attack happens, as it did five times last year, GCHQ works with MI5 and MI6 to find out who was behind it.
“I think there’s a really well understood purpose,” explains Sunny.
“Everybody knows what they’re in the office to do. Everyone shares the same common goal. I think the biggest feeling in the office is one of wanting to go after the targets and find out who’s involved.
“Is there another threat that we need to know about? And are we pursuing somebody that we need to pick up or question? It’s basically one of purpose really.”
The threat facing the UK has changed – in the early 2000s it came from al Qaeda in Afghanistan, Pakistan and Yemen – recently it has been Islamic State in Syria and Iraq.
A third officer I speak to, Ben, specialises in the Middle East and North Africa. Terrorist attacks against the UK in recent years have had links to that region.
“When an attack does happen, that really brings it home that this is the importance of the job, and this is why we do it,” Ben says.
“The first thing is understanding exactly what the situation is – so what has happened and what do we know, so actually getting that ground truth.
“So actually fact-finding is the first thing we will always do. From there it is understanding exactly how that has happened and where have we potentially missed something in particular, or have we missed something in particular?
“Were we expected to know a particular case had happened in a certain way? From there it’s very much a case of piecing back that track and trying to put that breadcrumb trail back together to work out exactly what happened and who in the individual countries in question were involved in that.
“Does that then give clues about others involved who we could then pick up to potentially stop other things happening at other times?”
“You can eradicate one threat, there will be another threat around the corner.”