FacebookTwitterRedditEmail

Hacking the Hacking Team: The Innards of the Surveillance Industry

“Surveillance companies like Hacking Team have shown they are incapable of responsibly regulating themselves, putting profit over ethics time after time.”

– Eric King, Deputy Director Privacy International, Jul 7, 2015

What goes around can come around with inexorable force. An Italian hackers-for-hire company called the Hacking Team, selling software to facilitate surveillance, has been, in turn, hacked. In this self-assuming ecology, such companies will have to expect that what they allow others to do will be used on them in time.

The firm specialises in the sale of malicious software and technologies on a large scale, supplying a range of intelligence agencies and governments. It’s stated aim is clear and mercenary in promise: “We provide effective, easy-to-use offensive technology to the worldwide law enforcement and technology companies.”

On Sunday night, the hackers in question got busy changing the Twitter account of the company from The Hacking Team to The Hacked Team, with its transformed, stated purpose being, “Developing ineffective, easy-to-pwn offensive technology to compromise the operations of the worldwide law enforcement and intelligence communities.”

For twelve hours, the company’s site was steered, a period which saw the release and distribution of company data, including a range of juicy titbits. “Since we have nothing to hide,” went the message, “we’re publishing all our e-mails, files and source code.” The posted link effectively published a 400 gigabyte trove of internal documents, including customer invoices, executive emails and promised source code.

The surveillance industry is teaming with such technology, because clients keen to monitor their citizens and employees will always find the most readily available, and purchasable route. The business incentive is dressed up in champagne-reception styled promise: we provide the best services money can buy. We go to the shows. We go to the workshops and stump valuable software. All to satisfy the peeping tom impulse of state bureaucracy.

The client list is worth exploring, given that the company’s persistent denial about selling to customers with a patchy record. The University of Toronto’s Citizen Lab’s report last year claimed to find traces of the Hacking Team’s apparently untraceable software in 21 countries. Company spokesman Eric Rabe dismissed the suggestions, citing a diligent internal system policing any abuse.

He also proved steadfast on the issue of not revealing client names, claiming that doing so would “jeopardise the confidentiality necessary for necessary law-enforcement and intelligence operations” (Mashable, Feb 24, 2014).

The human rights dimension was certainly not absent from internal company correspondence. The Hacking Team’s Operations Manager, Daniele Milan, expressed concern in an email (Mar 19) to various members of the company, including Rabe, about the impact of “Citizen Lab/HRW reports.” Of specific concern was Ethiopia, whose agency had been “reckless and clumsy” in using their software against the Ethiopian Satellite Television Service and Ethiopian journalists in the United States. “What’s worst is that we can be sure that if we allow them to continue, more [bad publicity] will come.” The customer, seemingly, is not always right.

As was revealed in the information dump, the list includes such states as Azerbaijan, Bahrain, Egypt, Ethiopia, Kazakhstan, Morocco, Nigeria, Oman, Saudi Arabia and Sudan. They also count among them various agencies – the DEA, the US Department of Defence, and the FBI. (Unsurprising to note that one of the firm’s three head offices is based in Annapolis, Maryland, deep in the US intelligence cluster.)

Counted among the invoices is one for $1 million made out to the Information Network Security Agency of Ethiopia, a country not exactly flowering with protections for its journalists. Sudan also features for an invoice at half the price. Both had agencies keen to obtain the spyware tool called the Remote Control System. The RCS is described amongst the Hacking Team’s own materials as “a solution designed to evade encryption by means of an agent directly installed on the device”.

While the event is still raw, the company has been in the sites of investigative journalists and students of the surveillance industry. Cora Currier and Morgan Marquis-Boire published an expose in The Intercept in October last year outlining the uses of RCS software in various manuals. Meant for government technicians and analysts, they cover the activation of cameras, password collection, log typing, and noting Skype calls and emails.

The Hacking Team’s RCS 9 Analyst’s Guide is replete with the functionality of tapping, a step-by-step process on how “targets” are assigned and “operations” conducted.

As Currier and Marquis-Boire explain, these manuals also list means of infecting devices via wifi networks, streaming video, USB sticks, and email attachments. Even the modestly trained technician would be able to operate these without fear of detection.

The surveillance industry has no codes of fidelity or borders of control. It is simply a business over nourished by peeping tom patrons. Caught in this tawdry mix are users of such technologies who simply want that rather frayed liberty of privacy to be protected. Not all who use encryption tools seek to trick the law and its suspicious officials.

FBI Director James Comey may well be concerned about “criminals and terrorists” liking “nothing more” than to have access to encryption defeating devices (Guardian, Oct 17, 2014). His obsession here lies with making sure such companies “build lawful intercept capabilities for law enforcement.” But Comey is being fundamentally naïve. The Hacking Team and those of its ilk have an interest, less in principles of liberty, than bottom lines of profit. In this industry, buyers, not moralists, matter above all else.

More articles by:

Binoy Kampmark was a Commonwealth Scholar at Selwyn College, Cambridge. He lectures at RMIT University, Melbourne. Email: bkampmark@gmail.com

bernie-the-sandernistas-cover-344x550

Weekend Edition
April 26, 2019
Friday - Sunday
Stanley L. Cohen
Death Can be a Slow Traveler: Peltier, Mumia and Rap Brown
Vincent Navarro
Why Left Wing Populism Is Not Enough
Peter Linebaugh
The Earth for Their Possession
Jeffrey St. Clair
Never Satisfied: Willie Dixon Refused to Serve…Anything But the Blues
Paul Street
Joe Biden: An Imperial Corporatist Wrapped in the Bloody Flag of Charlottesville
Martha Rosenberg
Corruption and Mismanagement at USDA’s Food Safety and Inspection Service’s Put Consumers at Risk, Whistleblower Says
John O'Kane
Demonizing the Few to Alienate and Sway the Many
Joshua Frank
How Obama Defanged the EPA Before Trump Gutted the Agency
John Feffer
What’s Driving Bolton’s Attacks on the “Troika of Tyranny”?
Ramzy Baroud
Notre Dame of Gaza: Our Mosques and Churches are Also Burning
Andy Thayer
How Chicago Police Infiltrated, Spied on Anti-NATO Organizers
Katherine Weathers – Hy Thurman
The Etowah Visitation Project: Supporting the Needs of ICE Detainees
Conn Hallinan
Turkey: Revenge of the Kurds
Jennifer Matsui
The Style Section Meets State Craft: Amal Clooney and the Foreign Policy Influencers
David Rosen
Trump and False Consciousness
Ruth Fowler
The College Admissions Scam Isn’t About Education
John Whitlow
Coming of Age at the End of History
Brian Cloughley
Continual Confrontation in the South China Sea
Tom Engelhardt
Suicide Watch on Planet Earth
David Macaray
A Look at the Talent in the Room
Ron Jacobs
Hating the Homeless
Jonathan Power
Measuring National Power
Adolf Alzuphar
Diary: Notes on LA’s Underground
Chandra Muzaffar
Sri Landa and New Zealand: The Real Link
John Whitlow
Coming of Age at the End of History
Cassidy Block
The US Has a Moral and Historical Responsibility to Aid Migrants
Tom Clifford
Change of Thrones in Japan
Julie Wark
Seeing Your Homeland Closeup From Afar
N.D. Jayaprakash
Anti-Satellite Weapons Versus National Security: Part One
Alex Liebman – Rob Wallace
A Lethal Industrial Farm Fungus is Spreading Among Us
Binoy Kampmark
Volodymyr Zelenskiy as Actor President
Martha Burk
The Most Dangerous Time for Women’s Rights in Decades
Christopher Brauchli
Trump Family Affair
Nick Licata
The Green New Deal Died in Congress…It Didn’t Have To
Gary Leupp
Time for Trump to Talk to Putin
Matthew Stevenson
Pacific Odyssey: Ghosts of the Matanikau Valley, Guadalcanal, Solomon Islands
Sam Gordon
Ireland and India – Conflict and Commonality
Ariel Tomlinson
Make College Affordable for People Like Me
Ellen Birkett Lindeen
Shakespeare Talks about Peace
Stacia Tolman
Gloria Bell’s in Hell
Nicky Reid
We Are All Julian Assange!: An Anarchist Soliloquy
Stephen Cooper
Ska King Derrick Morgan Holds Court in L.A.
Dean Baker
Coming Clean on Washing Machine Tariffs
Louis Proyect
Can Humanity and Nature Co-Exist Under Capitalism?
April 25, 2019
Marc Levy
All My Vexes Are in Texas
FacebookTwitterRedditEmail