{"id":60950,"date":"2015-07-13T12:00:38","date_gmt":"2015-07-13T11:00:38","guid":{"rendered":"https:\/\/www.transcend.org\/tms\/?p=60950"},"modified":"2015-07-13T10:14:36","modified_gmt":"2015-07-13T09:14:36","slug":"hacking-team-emails-expose-proposed-death-squad-deal-secret-u-k-sales-push-and-much-more","status":"publish","type":"post","link":"https:\/\/www.transcend.org\/tms\/2015\/07\/hacking-team-emails-expose-proposed-death-squad-deal-secret-u-k-sales-push-and-much-more\/","title":{"rendered":"Hacking Team Emails Expose Proposed Death Squad Deal, Secret U.K. Sales Push and Much More"},"content":{"rendered":"

Late Sunday [5 Jul 2015], hackers dumped online a massive trove of emails and other documents obtained from the systems of Italian surveillance firm Hacking Team. The company\u2019s controversial technology<\/a> is sold to governments around the world, enabling them to infect smartphones and computers with malware to covertly record conversations and steal data.<\/p>\n

\"Munir<\/a>

Munir Uz Zaman\/AFP\/Getty Images<\/p><\/div>\n

For years, Hacking Team has been the subject of scrutiny from journalists and activists due to its suspected sales to despotic regimes. But the company has successfully managed to hide most of its dealings behind a wall of secrecy \u2013 until now.<\/p>\n

For the last few days, I have been reading through the hacked files, which give remarkable insight into Hacking Team, its blas\u00e9 attitude toward human rights concerns, and the extent of its spyware sales to government agencies on every continent. Adding to the work<\/a> of my colleagues<\/a> to analyze<\/a> the 400 gigabyte trove of hacked data, here\u2019s a selection of the notable details I have found so far:<\/p>\n

Demo for Bangladesh \u201cdeath squad\u201d<\/strong><\/p>\n

In May, a Hacking Team representative traveled to Dhaka<\/a> in Bangladesh to demonstrate the company\u2019s spy technology at the headquarters of a brutal paramilitary security agency that is known for torture and extrajudicial killings. The Rapid Action Battalion (pictured above) \u2013 described by Human Rights Watch as a \u201cdeath squad<\/a>\u201d that has perpetrated systematic abuses over more than a decade \u2013 wanted to see \u201ca practical demonstration\u201d of Hacking Team\u2019s surveillance equipment \u201cin the ground settings of Bangladesh,\u201d according to the company\u2019s emails. Last month, a reseller for Hacking Team in Bangladesh reported that he had submitted the bid papers<\/a> for the deal and was \u201cpushing RAB to select our offer through our personal relationship.\u201d<\/p>\n

DEA mass surveillance in Colombia<\/strong><\/p>\n

Hacking Team supplies its technology to the DEA, which one email shows<\/a> is apparently using the spyware to launch surveillance operations from the U.S. embassy in Bogota, Colombia. More notably, the email suggests that, in addition to the Hacking Team technology, the DEA is also using other spying equipment at the embassy in Colombia to perform dragnet Internet surveillance. Last month, a Hacking Team field engineer had a meeting with DEA agents in Cartagena and noted that he was told the agency had \u201cbought another interception tool (something that will receive all the traffic for Colombian\u2019s [sic] ISPs).\u201d<\/p>\n

Impressing dictator\u2019s spies<\/strong><\/p>\n

In October 2014, in Doha, Qatar, Hacking Team demonstrated<\/a> its technology for two officers from Belarus intelligence agency the Operations and Analysis Center, or OAC. The Belarus government is an authoritarian regime that been accused by Human Rights Watch of suppressing \u201cvirtually all forms of dissent,\u201d cracking down on journalists, activists, opposition politicians, and anyone else deemed to have deviated too far from the orthodoxy of despotic president Alexander Lukashenko, known as \u201cEurope\u2019s last dictator.\u201d Nevertheless, these issues don\u2019t seem to have put off Hacking Team\u2019s attempts to make a sale. \u201cThe prospect confirms to be impressed by our solution,\u201d noted<\/a> a Hacking Team employee after the meeting with the two officers. \u201cThey will evaluate to proceed with the Sales Department to arrange a dedicated meeting.\u201d It is unclear from the emails whether the sale went ahead or if efforts to finalize it are still ongoing.<\/p>\n

Sales through Israeli company<\/strong><\/p>\n

One of Hacking Team\u2019s key corporate partners is Nice Systems, an Israel-based company with close links to Israeli military and intelligence agencies. (CEO Barak Eilam, for instance, was formerly an officer with an \u201celite intelligence unit\u201d in the Israeli Defense Forces, according to his biography<\/a>. Eilam\u2019s LinkedIn profile<\/a> links him to Unit 8200, Israel\u2019s signals intelligence corps.) The leaked Hacking Team documents show<\/a> that Nice has been working on closing a large number of deals for the company across the world, winning contracts in Azerbaijan and Thailand and pushing for sales in Brazil, Colombia, Guatemala, Honduras, Israel, Kuwait, Finland, Georgia, Greece, India, Turkmenistan, Uzbekistan, Kirghistan, and elsewhere.<\/p>\n

Hacking Team had not responded to a request for comment on this story at time of publication. On Tuesday, a spokesman for the company told<\/a> the International Business Times<\/em>: \u201cWe don\u2019t have anything to hide about what we are doing and we don\u2019t think that there is any evidence in this 400GB of data that we have violated any laws and I would even go so far as to argue that there is no evidence that we have behaved in anything but a completely ethical way.\u201d<\/p>\n

Top clients<\/strong><\/p>\n

According to the hacked files<\/a>, Hacking Team\u2019s top sales in recent years have come from governments and law enforcement agencies in these countries, in descending order of sales: Mexico, Italy, Morocco, Saudi Arabia, Chile, Hungary, Malaysia, UAE, the United States, Singapore, Kazakhstan, Sudan, Uzbekistan, Panama, Ethiopia, Egypt, Luxembourg, Czech Republic, South Korea, Mongolia, Vietnam, Spain, Ecuador, Oman, Switzerland, Thailand, Russia, Nigeria, Turkey, Cyprus, Honduras, Azerbaijan, Colombia, Poland, and Bahrain.<\/p>\n

\"htrevenues1<\/a><\/p>\n

Attempts to break U.K. market<\/strong><\/p>\n

Police agencies in the United Kingdom have trialled Hacking Team\u2019s technology, and have been attempting to purchase it for years, but have been hindered by apparent concerns<\/a> about the legality of the technology.<\/p>\n

In May 2011, through a U.K.-based corporate partner, Hacking Team arranged a secretive meeting<\/a> with several interested British agencies. The company was told by the partner that attendees would possibly include London\u2019s Metropolitan Police, the government\u2019s Home Office, domestic intelligence agency MI5, customs officials, the Serious Organised Crime Agency, and others.<\/p>\n

After this meeting, in September 2013, the London police force told<\/a> Hacking Team that it was \u201cnow ready to progress\u201d with a trial of the spying tool. In December the same year it then invited Hacking Team to formally submit a bid for a spy technology contract. A confidential document<\/a> outlined that the force wanted to obtain \u201c\u2018Software\u2019 that can be covertly introduced to a third parties device and will allow us to \u2018Look, Listen and Follow\u2019 the third party. The Authority will receive, record and playback the \u2018Product\u2019 retrieved from the third party on a \u2018System\u2019 that shall be scalable, using proven technology that has in-built security measures appropriate to this task.\u201d<\/p>\n

But the deal with the London cops, worth \u00a3385,000<\/a> ($591,000) to Hacking Team, was abruptly halted<\/a> in in May 2014 following \u201cinternal reviews on how we wished to move this area of technology forward,\u201d according to an email from the police, although the force left the door open for a future deal, adding: \u201cOf course in the months\/years to come this could change and if that is the case then we would welcome your organization\u2019s participation.\u201d<\/p>\n

Since then, Hacking Team has continued to try to crack the U.K. market. It tried \u2013 and apparently failed \u2013 to set up a deal<\/a> with Staffordshire Police after an officer contacted the company seeking technology to \u201caccess WiFi points to check users\u201d and infect devices to covertly collect data.<\/p>\n

Hacking Team discussed whether it could sell its technology disguised under a different name, \u201chiding\u201d its full functionality.<\/p>\n

And in January this year it began negotiating a contract with the British National Crime Agency. The meeting was a success, with an officer for the agency telling Hacking Team<\/a> that a demonstration of the covert surveillance technology \u201cwas extremely well received and proved to be a real eye opener for what can be achieved.\u201d<\/p>\n

In April, the same officer told<\/a> Hacking Team he wanted a quote for basic spyware that would log keystrokes, noting that he could \u201cthen grow the system accordingly as we would then have the base platform.\u201d Hacking Team was interested in this proposal and discussed<\/a> internally whether it could sell its technology disguised under a different name, \u201chiding\u201d its full functionality. The deal appears to have since stalled, with the British agency telling Hacking Team in late May it was \u201cunable to arrange\u201d a meeting.<\/p>\n

Plotting denials<\/strong><\/p>\n

Hacking Team\u2019s emails reveal its deceitful attempts to positively spin news reports that have exposed the company\u2019s technology being used against journalists and activists in repressive countries. In October 2012, for example, Bloomberg<\/a> and Citizen Lab<\/a> revealed the company\u2019s technology had apparently been used to target a pro-democracy activist in the United Arab Emirates, who was tracked down and beaten by suspected agents of the state. But instead of accepting responsibility and taking firm action against its customer, Hacking Team chose to issue a series of denials.<\/p>\n

A technical analysis of the malware used against the activist showed it contained the acronym \u201cRCS,\u201d a reference to Hacking Team\u2019s flagship spyware called Remote Control System. Hacking Team\u2019s public relations guru Eric Rabe scrambled to find<\/a> a way to muddy the waters, suggesting to his colleagues that they could identify another software with RCS in its name and pin the blame on that. He proposed the company could announce that \u201cThe initials RCS are, of course, the initials of a Hacking Team product, Remote Control System, but are also commonly used in software code for the term (WHAT?) Frankly they could mean anything.\u201d<\/p>\n

In other emails in the trove, Hacking Team employees appear to confirm that their spy tool did target the UAE activist. While discussing a Slate<\/em> piece<\/a> I wrote on the incident in October 2012, Hacking Team developer Marco Valleri says in the UAE case malware was \u201cdownloaded\u201d to infect the activist\u2019s device from \u201cour old demo server.\u201d Moreover, as my colleague Lee Fang has reported<\/a>, the hacked data shows Hacking Team\u2019s technology has been sold to the UAE since at least 2011. The pro-democracy activist was targeted by it in July 2012.<\/p>\n

Enemies list<\/strong><\/p>\n

A presentation<\/a> prepared by Hacking Team for a surveillance conference in South Africa later this month shows the company complaining about the \u201cchilling effect\u201d that it claims regulation of surveillance technology is having on the ability to fight crime.<\/p>\n

The presentation singles out the organizations Hacking Team views as its main adversaries, noting that it is a \u201ctarget<\/a>\u201d of groups such as Human Rights Watch and Privacy International and warning that \u201cdemocracy advocates\u201d are putting pressure on governments.<\/p>\n

Separately, the company\u2019s emails show CEO David Vincenzetti\u2019s reaction to criticism from activist groups, who he says are \u201cidiots<\/a>\u201d good at \u201cmanipulating things and demonizing companies and people.\u201d<\/p>\n

In one email<\/a> sent last month, Vincenzetti seems to have unwittingly foreseen the future, jokingly warning staff about the ramifications of the company\u2019s sensitive information leaking online.<\/p>\n

\u201cImagine this: a leak on WikiLeaks showing YOU explaining the evilest technology on earth! :-)\u201d he wrote. \u201cYou will be demonized by our dearest friends the activists, and normal people will point their fingers at you.\u201d<\/p>\n

______________________________<\/p>\n

Email the author: ryan.gallagher@theintercept.com<\/a><\/em><\/p>\n

Go to Original \u2013 firstlook.org<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Late Sunday [5 Jul 2015], hackers dumped online a massive trove of emails and other documents obtained from the systems of Italian surveillance firm Hacking Team. The company\u2019s controversial technology is sold to governments around the world, enabling them to infect smartphones and computers with malware to covertly record conversations and steal data.<\/p>\n","protected":false},"author":4,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[60],"tags":[],"class_list":["post-60950","post","type-post","status-publish","format-standard","hentry","category-whistleblowing-surveillance"],"_links":{"self":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/60950","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/users\/4"}],"replies":[{"embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/comments?post=60950"}],"version-history":[{"count":0,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/posts\/60950\/revisions"}],"wp:attachment":[{"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/media?parent=60950"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/categories?post=60950"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.transcend.org\/tms\/wp-json\/wp\/v2\/tags?post=60950"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}