Hacking Team, a Milan-based IT group, has been selling surveillance and offensive intrusion packages like the Remote Control System (RCS) to governments and police for years. But earlier this year, their database got hacked, and many were shocked to find that their own governments had purchased spy malware from the company. The silver lining to all of this is that the independent IT and business security news site Threatpost is offering a free RCS search tool called Milano. Thanks to the breach, we can now find out if we are being illegally spied on with RCS technology. The NSA has also been caught again, this time for spying for over 20 years on supposed allies France and Germany. We can expect some real retaliation this time from the EU over this faux pas.
Hacking Team Sells Unscrupulously
When the Hacking Team database was cracked, over 400 gigabytes worth of files were taken and published on the web. The world thus found out that these self-proclaimed good guys were selling malware to some countries with very bad human rights records. Emails showed transactions with nations such as Egypt, Libya, and Sudan, all under the watchful eye of the United Nations, rights groups and concerned computer security experts. Hacking Team has also made deals with known democracies like Australia, records show, which highlights once again the need for better transparency for peoples who mistakenly feel safe under the rule of their governments.
This hack is a serious issue with the potential to trigger a global spy feud. Hacking Team says that the attack was well-planned and could only have been pulled off by a huge body, like a government. David Vincenzetti, founder of Hacking Team, says that the attack happened over several months, which indicates that they are not very vigilant. We can at least expect governments to become more paranoid than ever now that they have seen which of their friends has been secretly spying on them.
The UN along with several activist groups have gone after Hacking Team in the past for making deals with authoritarian regimes that have been sanctioned under UN directives. The security community has also questioned Hacking Team’s motives. They recognize the probable security nightmare that the release of RCS to ruthless governments would cause. But Vincenzetti has always responded by highlighting the positive aspects of the company’s dealings. He has mentioned such actions as withdrawing from deals with Ethiopia after discovering that activists and journalists were being targeted by RCS. He also claimed that RCS was made unavailable to other nations such as Lybia after similar incidents. But of course this would have been their only course of action to save face after such malicious spying went public. For the rest of it, they had plausible deniability and therefore could sell RCS without fear of criticism – until now. Hacking Team cannot be both the company that supplies the malware and decides where it can and cannot be used.
Australia and Canada are two of the first world countries that are in big trouble over their secret spying plans with RCS. Government offices, police and independent organizations there have all been caught through the leaked files negotiating deals to obtain RCS. Australia’s Independent Broad-based Anti-corruption Commission almost got their RCS before the emails went public, and they were going to pay $500,000 for it. The Australian Federal Police are old customers of Hacking Team, as are apparent affiliate marketers Criterion Solutions, but both are mum on the use and sale of RCS. In Canada, both the Canadian Security Intelligence Services and the Royal Canadian Mounted Police began negotiations for the surveillance system, but there is no proof on whether the deals pushed through or not.
For those who are as yet unfamiliar with RCS, this tool is designed to install malware on a computer or smartphone. The malware easily copies email, SMS and other data, and controls the device cameras and microphones. It then sends all this data to a designated command and control server where its operators can download and analyze it. RCS is marketed as being usable even on systems that employ encryption, and impossible to detect. To imagine one’s own government using such a malicious tool without restraint is understandably infuriating. But the good news is that anyone who suspects RCS snooping can use a new free tool from Rook Security. Milano is available on the Threatpost website, and can be used to scan a system for RCS files. Rook Security used the leaked source code of RCS to develop this tool so that victims of illicit spying can at least know if they are being targeted.
NSA Caught Again
We no longer bat an eyelash when the NSA pops up on the news for illicit surveillance activities. But the latest revelation by WikiLeaks about decades of spying on US allies deserves attention. The intelligence community understands and accepts that friendly governments will always sneak a peek into each others’ affairs. But what happens when such behavior goes public? Well, the NSA has been spying on at least 3 French presidents and 125 German officials, including chancellors, since before the birth of the Internet, and both countries are naturally indignant.
Germany was unable to pursue a legal battle over previous revelations of NSA spying, but now they may have more than enough evidence to take action. And they are more likely to do so also because these leaks came out just after the conclusion of talks about political spying and Obama’s touching reference to Germany and the US as inseparable allies. It actually seems like the whole world is just waiting for a chance to bite back. Even Russia, not a traditional ally, came to Germany’s aid in the form of testimony against the NSA by Dmitry Peskov, a Kremlin spokesperson until 2005.
France also wants to take legal steps to rein in the incorrigible NSA. There are talks of writing up a code of conduct for the intelligence community, proving once again that there can no longer be any trust between or unspoken agreement with the US. France is irate over the continuous revelations of NSA spying, but is also embarrassed that it was unable to detect any of it. A code of conduct is always a good idea, but when it comes to matters of government intelligence, who can really oversee spying activities and make sure everyone behaves?
