Fear This Man And His Hacking Empire

Hacking Team is among the few dozen private contractors feeding the world’s law enforcement & intelligence agencies with spyware. 

The editor and co-founder of Mamfakinch, a pro-democracy website created in Morocco during the Arab Spring, Almiraat was one of his country’s most outspoken dissidents and someone accustomed to cryptic emails: Moroccan activists faced jail time for their views and risked their jobs, or even their lives, for speaking out against their government. 

From Normandy’s capital city, where Almiraat was in medical school, the bespectacled 36-year-old spent his time, in between classes and hospital shifts, mentoring, coaching, and editing more than 40 citizen journalists. The group covered the roiling unrest back in Almiraat’s homeland, where he would soon return after completing his studies. 

Almiraat and his colleagues also trained Mamfakinch’s writers to use encryption software, most notably the Onion Router, so that their online activities remained anonymous and shielded. Tor, as it’s widely known, masks a user’s identity and physical location. “People were relying on us to protect their…reputations, their careers, and probably also their freedoms,” Almiraat says. “All of that could be put in jeopardy if that were made public.” It was precisely this forethought that had earned Mamfakinch the Breaking Borders Award, sponsored by Google and the citizen-media group Global Voices, for its efforts “to defend and promote freedom of speech rights on the Internet.”

But on that July morning, just 11 days after receiving the award, Almiraat read the message from Imane and knew “something wasn’t right.” A website link directed him to a document labeled “Scandal,” which, once downloaded, was blank. His associates received the same note.

Suspicious, Almiraat promptly forwarded the email to an activist he knew, who then sent it to Morgan Marquis-Boire, a dreadlocked, tattooed 32-year-old digital activist who’d grown up hacking in New Zealand under the nickname “Mayhem.” 

A top security researcher at Google, Marquis-Boire had made waves recently as a volunteer detective for Citizen Lab, a technology research and human rights group at the University of Toronto; he and several colleagues had found evidence that suggested Bahrain was using surveillance software, a product intended for government spying on suspected criminals, against supporters of political reform.

After a month-long analysis of the Scandal file, Marquis-Boire contacted Almiraat with disturbing news: Anyone who had opened the document had been infected with highly sophisticated spyware, which had been sent from an Internet protocol address in Morocco’s capital of Rabat. Further research confirmed that the Supreme Council of National Defense, which ran Morocco’s security agencies, was behind the attack. 

Almiraat and his colleagues had essentially handed government spies the keys to their devices, rendering Tor, or any other encryption software, useless. Morocco’s spooks could read the Mamfakinch team’s emails, steal their passwords, log their keystrokes, turn on their webcams and microphones, and spies likely had been doing exactly those things and more since the intrusion in July.

That wasn’t all. Marquis-Boire and other experts found “a trail of bread crumbs from a surveillance company that, you’d think, would have left no bread crumbs, let alone a trail,” he recalls. Tucked in the source code of the Scandal document, a few small lines had been left behind in error. And they were the first fragments that ultimately led to the most powerful and notorious dealer in online Spycraft: the Hacking Team.

The Blackwater of surveillance, the Hacking Team is among the world’s few dozen private contractors feeding a clandestine, multibillion-dollar industry that arms the world’s law enforcement and intelligence agencies with spyware. Comprised of around 40 engineers and salespeople who peddle its goods to more than 40 nations, the Hacking Team epitomizes what Reporters Without Borders, the international anti-censorship group, dubs the “era of digital mercenaries.”

The Italian company’s tools, “the hacking suite for governmental interception,” its website claims, are marketed for fighting criminals and terrorists. But there, on Marquis-Boire’s computer screen, was chilling proof that the Hacking Team’s software was also being used against dissidents. It was just the latest example of what Marquis-Boire saw as a worrying trend: corrupt regimes using surveillance companies’ wares for anti-democratic purposes.

When Citizen Lab published its findings in the October 2012 report “Backdoors are Forever: Hacking Team and the Targeting of Dissent?” the group also documented traces of the company’s spyware in a document sent to Ahmed Mansoor, a pro-democracy activist in the United Arab Emirates. Privacy advocates and human rights organizations were alarmed. “By fueling and legitimizing this global trade, we are creating a Pandora’s box,” Christopher Soghoian, the principal technologist with the American Civil Liberties Union’s Speech, Privacy, and Technology Project, told Bloomberg.

The Hacking Team, however, showed no signs of standing down. “Frankly, the evidence that the Citizen Lab report presents in this case doesn’t suggest anything inappropriately done by us,” company spokesman Eric Rabe told the Canadian Globe and Mail.

As media and activists speculated about which countries the Italian firm served, the founder and CEO of the Hacking Team, David Vincenzetti, from his sleek, white office inside an unsuspecting residential building in Milan, took the bad press in stride. He joked with his colleagues in a private email that he was responsible for the “evilest technology” in the world.

A tall, lean 48-year-old Italian with a taste for expensive steak and designer suits, Vincenzetti has transformed himself over the past decade from an under-ground hacker working out of a windowless basement into a mogul worth millions. He is nothing if not militant about what he defines as justice: Julian Assange, the embattled founder of WikiLeaks, is “a criminal who by all means should be arrested, expatriated to the United States, and judged there”; whistleblower Chelsea Manning is “another lunatic”; Edward Snowden “should go to jail, absolutely.”

“Privacy is very important,” Vincenzetti says on a recent February morning in Milan, pausing to sip his espresso. “But national security is much more important.”

Vincenzetti’s position has come at a high cost. Disturbing incidents have been left in his wake: a spy’s suicide, dissidents’ arrests, and countless human rights abuses. “If I had known how crazy and dangerous he is,” Guido Landi, a former employee, says, “I would never have joined the Hacking Team.”
Foreign Policy: http://atfp.co/1NzYJLV

 

« South Korea Is No.1 Top Source Of DDoS Attacks
US Army's $12bn Mobile Internet Is Vulnerable »

CyberSecurity Jobsite
Perimeter 81

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Certification Europe

Certification Europe

Certification Europe (now Amtivo Ireland) is an accredited certification body which provides ISO management system certification, including ISO 27001.

Asigra

Asigra

Asigra provides an industry leading cloud backup and recovery software platform called Asigra Cloud Backup.

IoT Now

IoT Now

IoT Now explores the evolving opportunities and challenges facing CSPs, and we pass on some lessons learned from those who have taken the first steps in next gen IoT services.

SecureMetric Technology

SecureMetric Technology

SecureMetric is one of SE Asia’s leading players in the field of digital security with a focus on Software Licensing Protection, 2-Factor Authentication, Advanced Identity and Access Management, Publi

TrustInSoft

TrustInSoft

TrustInSoft develops solutions that validate mission-critical software and eliminate attack vectors.

Awen Collective

Awen Collective

Awen Collective develops software-based tools for performing Digital Forensics, Incident Response and Cyber-Crime Investigation.

Cyber Resilient Energy Delivery Consortium (CREDC)

Cyber Resilient Energy Delivery Consortium (CREDC)

CREDC performs multidisciplinary R&D in support of the Energy Sector Control Systems Working Group’s Roadmap of resilient Energy Delivery Systems (EDS).

Cybersecurity Tech Accord

Cybersecurity Tech Accord

The Cybersecurity Tech Accord promotes a safer online world by fostering collaboration among global technology companies.

The ai Corporation

The ai Corporation

The ai Enterprise Fraud Solution is an on-prem or cloud-based self-service, machine learning fraud detection and prevention tool set.

Digital Pathways

Digital Pathways

Digital Pathways is an award-winning data security provider that helps businesses protect their digital assets.

ServerScan

ServerScan

ServerScan specializes in providing server scanning & compliance services to organizations of all types and sizes.

Surefire Cyber

Surefire Cyber

Surefire Cyber delivers swift, strong response to cyber incidents such as ransomware, email compromise, malware, data theft, and other threats with end-to-end response capabilities.

European Cybersecurity Competence Centre (ECCC)

European Cybersecurity Competence Centre (ECCC)

The ECCC aims to increase Europe’s cybersecurity capacities and competitiveness, working together with a Network of National Coordination Centres to build a strong cybersecurity Community.

Yotta Infrastructure Solutions

Yotta Infrastructure Solutions

Yotta Infrastructure, a Hiranandani group company, provide Datacenter Colocation and Tech Services such as Cloud services, Network & Connectivity, IT Security and IT Management services.

Fulcrum IT Partners

Fulcrum IT Partners

Fulcrum IT Partners is the parent company of an expanding portfolio of established IT solution companies around the world with proven expertise in cyber security, cloud, and managed services.

Relatech

Relatech

Relatech is a Digital Enabler Solution Knowledge (D.E.S.K.) Company that offers digital services and solutions dedicated to the digital transformation of businesses.