FacebookTwitterGoogle+RedditEmail

Hacking the Hacking Team: The Innards of the Surveillance Industry

“Surveillance companies like Hacking Team have shown they are incapable of responsibly regulating themselves, putting profit over ethics time after time.”

– Eric King, Deputy Director Privacy International, Jul 7, 2015

What goes around can come around with inexorable force. An Italian hackers-for-hire company called the Hacking Team, selling software to facilitate surveillance, has been, in turn, hacked. In this self-assuming ecology, such companies will have to expect that what they allow others to do will be used on them in time.

The firm specialises in the sale of malicious software and technologies on a large scale, supplying a range of intelligence agencies and governments. It’s stated aim is clear and mercenary in promise: “We provide effective, easy-to-use offensive technology to the worldwide law enforcement and technology companies.”

On Sunday night, the hackers in question got busy changing the Twitter account of the company from The Hacking Team to The Hacked Team, with its transformed, stated purpose being, “Developing ineffective, easy-to-pwn offensive technology to compromise the operations of the worldwide law enforcement and intelligence communities.”

For twelve hours, the company’s site was steered, a period which saw the release and distribution of company data, including a range of juicy titbits. “Since we have nothing to hide,” went the message, “we’re publishing all our e-mails, files and source code.” The posted link effectively published a 400 gigabyte trove of internal documents, including customer invoices, executive emails and promised source code.

The surveillance industry is teaming with such technology, because clients keen to monitor their citizens and employees will always find the most readily available, and purchasable route. The business incentive is dressed up in champagne-reception styled promise: we provide the best services money can buy. We go to the shows. We go to the workshops and stump valuable software. All to satisfy the peeping tom impulse of state bureaucracy.

The client list is worth exploring, given that the company’s persistent denial about selling to customers with a patchy record. The University of Toronto’s Citizen Lab’s report last year claimed to find traces of the Hacking Team’s apparently untraceable software in 21 countries. Company spokesman Eric Rabe dismissed the suggestions, citing a diligent internal system policing any abuse.

He also proved steadfast on the issue of not revealing client names, claiming that doing so would “jeopardise the confidentiality necessary for necessary law-enforcement and intelligence operations” (Mashable, Feb 24, 2014).

The human rights dimension was certainly not absent from internal company correspondence. The Hacking Team’s Operations Manager, Daniele Milan, expressed concern in an email (Mar 19) to various members of the company, including Rabe, about the impact of “Citizen Lab/HRW reports.” Of specific concern was Ethiopia, whose agency had been “reckless and clumsy” in using their software against the Ethiopian Satellite Television Service and Ethiopian journalists in the United States. “What’s worst is that we can be sure that if we allow them to continue, more [bad publicity] will come.” The customer, seemingly, is not always right.

As was revealed in the information dump, the list includes such states as Azerbaijan, Bahrain, Egypt, Ethiopia, Kazakhstan, Morocco, Nigeria, Oman, Saudi Arabia and Sudan. They also count among them various agencies – the DEA, the US Department of Defence, and the FBI. (Unsurprising to note that one of the firm’s three head offices is based in Annapolis, Maryland, deep in the US intelligence cluster.)

Counted among the invoices is one for $1 million made out to the Information Network Security Agency of Ethiopia, a country not exactly flowering with protections for its journalists. Sudan also features for an invoice at half the price. Both had agencies keen to obtain the spyware tool called the Remote Control System. The RCS is described amongst the Hacking Team’s own materials as “a solution designed to evade encryption by means of an agent directly installed on the device”.

While the event is still raw, the company has been in the sites of investigative journalists and students of the surveillance industry. Cora Currier and Morgan Marquis-Boire published an expose in The Intercept in October last year outlining the uses of RCS software in various manuals. Meant for government technicians and analysts, they cover the activation of cameras, password collection, log typing, and noting Skype calls and emails.

The Hacking Team’s RCS 9 Analyst’s Guide is replete with the functionality of tapping, a step-by-step process on how “targets” are assigned and “operations” conducted.

As Currier and Marquis-Boire explain, these manuals also list means of infecting devices via wifi networks, streaming video, USB sticks, and email attachments. Even the modestly trained technician would be able to operate these without fear of detection.

The surveillance industry has no codes of fidelity or borders of control. It is simply a business over nourished by peeping tom patrons. Caught in this tawdry mix are users of such technologies who simply want that rather frayed liberty of privacy to be protected. Not all who use encryption tools seek to trick the law and its suspicious officials.

FBI Director James Comey may well be concerned about “criminals and terrorists” liking “nothing more” than to have access to encryption defeating devices (Guardian, Oct 17, 2014). His obsession here lies with making sure such companies “build lawful intercept capabilities for law enforcement.” But Comey is being fundamentally naïve. The Hacking Team and those of its ilk have an interest, less in principles of liberty, than bottom lines of profit. In this industry, buyers, not moralists, matter above all else.

More articles by:

Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at RMIT University, Melbourne. Email: bkampmark@gmail.com

September 25, 2018
Kenneth Surin
Fact-Finding Labour’s “Anti-Semitism” Crisis
Charles Pierson
Destroying Yemen as Humanely as Possible
James Rothenberg
Why Not Socialism?
Patrick Cockburn
How Putin Came Out on Top in Syria
John Grant
“Awesome Uncontrollable Male Passion” Meets Its Match
Guy Horton
Burma: Complicity With Evil?
Steve Stallone
Jujitsu Comms
William Blum
Bombing Libya: the Origins of Europe’s Immigration Crisis
John Feffer
There’s a New Crash Coming
Martha Pskowski
“The Emergency Isn’t Over”: the Homeless Commemorate a Year Since the Mexico City Earthquake
Fred Baumgarten
Ten Ways of Looking at Civility
Dean Baker
The Great Financial Crisis: Bernanke and the Bubble
Binoy Kampmark
Parasitic and Irrelevant: The University Vice Chancellor
September 24, 2018
Jonathan Cook
Hiding in Plain Sight: Why We Cannot See the System Destroying Us
Gary Leupp
All the Good News (Ignored by the Trump-Obsessed Media)
Robert Fisk
I Don’t See How a Palestinian State Can Ever Happen
Barry Brown
Pot as Political Speech
Lara Merling
Puerto Rico’s Colonial Legacy and Its Continuing Economic Troubles
Patrick Cockburn
Iraq’s Prime Ministers Come and Go, But the Stalemate Remains
William Blum
The New Iraq WMD: Russian Interference in US Elections
Julian Vigo
The UK’s Snoopers’ Charter Has Been Dealt a Serious Blow
Joseph Matten
Why Did Global Economic Performance Deteriorate in the 1970s?
Zhivko Illeieff
The Millennial Label: Distinguishing Facts from Fiction
Thomas Hon Wing Polin – Gerry Brown
Xinjiang : The New Great Game
Binoy Kampmark
Casting Kavanaugh: The Trump Supreme Court Drama
Max Wilbert
Blue Angels: the Naked Face of Empire
Weekend Edition
September 21, 2018
Friday - Sunday
Alexandra Isfahani-Hammond
Hurricane Florence and 9.7 Million Pigs
Andrew Levine
Israel’s Anti-Semitism Smear Campaign
Paul Street
Laquan McDonald is Being Tried for His Own Racist Murder
Brad Evans
What Does It Mean to Celebrate International Peace Day?
Nick Pemberton
With or Without Kavanaugh, The United States Is Anti-Choice
Jim Kavanagh
“Taxpayer Money” Threatens Medicare-for-All (And Every Other Social Program)
Jonathan Cook
Palestine: The Testbed for Trump’s Plan to Tear up the Rules-Based International Order
Jeffrey St. Clair
Roaming Charges: the Chickenhawks Have Finally Come Back Home to Roost!
David Rosen
As the Capitalist World Turns: From Empire to Imperialism to Globalization?
Jonah Raskin
Green Capitalism Rears Its Head at Global Climate Action Summit
James Munson
On Climate, the Centrists are the Deplorables
Robert Hunziker
Is Paris 2015 Already Underwater?
Arshad Khan
Will There Ever be Justice for Rohingya Muslims?
Jill Richardson
Why Women Don’t Report Sexual Assault
Dave Clennon
A Victory for Historical Accuracy and the Peace Movement: Not One Emmy for Ken Burns and “The Vietnam War”
W. T. Whitney
US Harasses Cuba Amid Mysterious Circumstances
Nathan Kalman-Lamb
Things That Make Sports Fans Uncomfortable
George Capaccio
Iran: “Snapping Back” Sanctions and the Threat of War
Kenneth Surin
Brexit is Coming, But Which Will It Be?
FacebookTwitterGoogle+RedditEmail