Be careful how hard you troll in multiplayer games because the NSA, CIA, and FBI may be listening. According to a briefing paper from the National Security Agency published by The Guardian today, the NSA and its counterpart agency in the United Kingdom made efforts to monitor in-game communications in World of Warcraft, Xbox Live, Second Life, and other games and virtual environments. The FBI, CIA, and other intelligence agencies also have eyes and ears wandering virtual worlds.

The January 2007 document, provided to The Guardian by former NSA contractor Edward Snowden, reveals that the British communications-monitoring agency GCHQ had developed "exploit packages" for Xbox Live and World of Warcraft. NSA analysts proposed selectively targeting exploits for those and other "games and virtual environments" (GVE) based on intelligence that Al Qaeda members and other individuals of interest were using them—potentially to communicate with each other and conduct training.

"Al Qaida terrorist target selectors and GVE executables have been found associated with Xbox Live, Second Life, World of Warcraft, and other GVEs in PINWALE network traffic, TAO databases, and in forensic data," the report stated. "Other targets include Chinese hackers, an Iranian nuclear scientist, Hizballah, and Hamas members." And the games and virtual worlds not only provided a potential way to monitor communications between these individuals but could also provide their geographic location, information on their social networks (through buddy lists), and a potential way to drop malware onto their computers to collect even more data. "It has been well documented that terrorists are OPSEC and tech savvy and are only getting more so over time," the report noted. "These applications and their servers however, are trusted by their users and make a connection to another computer on the Internet, which can then be exploited."

The GCHQ "has a vigorous effort to exploit GVEs," the research report stated, and by January 2007, it had already built test versions of "exploitation modules" for Xbox Live and World of Warcraft. The GCHQ had expected to integrate the monitoring of Xbox Live and WoW into its reporting by April of 2008. The report recommended that the NSA use its intelligence data to focus on the agency's own exploit development efforts, and it highlighted the need to keep developing new exploits as targets shifted to new games "as GVEs are found on target computers."

NSA analysts also saw these exploits as an opportunity to take point in coordinating the already booming virtual surveillance efforts of other agencies due to its network monitoring capabilities. "The FBI, CIA, and the Defense [Human Intelligence] Service all have HUMINT operations in Second Life and other GVEs and are very interested in forming a deconfliction and tipping group that would be able to collaborate on operations," the analyst report stated. Operations within the NSA "should establish a process to deconflict IC-wide ops in GVEs and to develop strategy for collaboration. Members from at least CIA, FBI, DIA, NSA, and GCHQ should participate to make the coordination significant."