Fear This Man And His Hacking Empire

Uploaded on 2016-05-04 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, INTELLIGENCE--International, FREE TO VIEW

Hacking Team is among the few dozen private contractors feeding the world’s law enforcement & intelligence agencies with spyware. 

The editor and co-founder of Mamfakinch, a pro-democracy website created in Morocco during the Arab Spring, Almiraat was one of his country’s most outspoken dissidents and someone accustomed to cryptic emails: Moroccan activists faced jail time for their views and risked their jobs, or even their lives, for speaking out against their government. 

From Normandy’s capital city, where Almiraat was in medical school, the bespectacled 36-year-old spent his time, in between classes and hospital shifts, mentoring, coaching, and editing more than 40 citizen journalists. The group covered the roiling unrest back in Almiraat’s homeland, where he would soon return after completing his studies. 

Almiraat and his colleagues also trained Mamfakinch’s writers to use encryption software, most notably the Onion Router, so that their online activities remained anonymous and shielded. Tor, as it’s widely known, masks a user’s identity and physical location. “People were relying on us to protect their…reputations, their careers, and probably also their freedoms,” Almiraat says. “All of that could be put in jeopardy if that were made public.” It was precisely this forethought that had earned Mamfakinch the Breaking Borders Award, sponsored by Google and the citizen-media group Global Voices, for its efforts “to defend and promote freedom of speech rights on the Internet.”

But on that July morning, just 11 days after receiving the award, Almiraat read the message from Imane and knew “something wasn’t right.” A website link directed him to a document labeled “Scandal,” which, once downloaded, was blank. His associates received the same note.

Suspicious, Almiraat promptly forwarded the email to an activist he knew, who then sent it to Morgan Marquis-Boire, a dreadlocked, tattooed 32-year-old digital activist who’d grown up hacking in New Zealand under the nickname “Mayhem.” 

A top security researcher at Google, Marquis-Boire had made waves recently as a volunteer detective for Citizen Lab, a technology research and human rights group at the University of Toronto; he and several colleagues had found evidence that suggested Bahrain was using surveillance software, a product intended for government spying on suspected criminals, against supporters of political reform.

After a month-long analysis of the Scandal file, Marquis-Boire contacted Almiraat with disturbing news: Anyone who had opened the document had been infected with highly sophisticated spyware, which had been sent from an Internet protocol address in Morocco’s capital of Rabat. Further research confirmed that the Supreme Council of National Defense, which ran Morocco’s security agencies, was behind the attack. 

Almiraat and his colleagues had essentially handed government spies the keys to their devices, rendering Tor, or any other encryption software, useless. Morocco’s spooks could read the Mamfakinch team’s emails, steal their passwords, log their keystrokes, turn on their webcams and microphones, and spies likely had been doing exactly those things and more since the intrusion in July.

That wasn’t all. Marquis-Boire and other experts found “a trail of bread crumbs from a surveillance company that, you’d think, would have left no bread crumbs, let alone a trail,” he recalls. Tucked in the source code of the Scandal document, a few small lines had been left behind in error. And they were the first fragments that ultimately led to the most powerful and notorious dealer in online Spycraft: the Hacking Team.

The Blackwater of surveillance, the Hacking Team is among the world’s few dozen private contractors feeding a clandestine, multibillion-dollar industry that arms the world’s law enforcement and intelligence agencies with spyware. Comprised of around 40 engineers and salespeople who peddle its goods to more than 40 nations, the Hacking Team epitomizes what Reporters Without Borders, the international anti-censorship group, dubs the “era of digital mercenaries.”

The Italian company’s tools, “the hacking suite for governmental interception,” its website claims, are marketed for fighting criminals and terrorists. But there, on Marquis-Boire’s computer screen, was chilling proof that the Hacking Team’s software was also being used against dissidents. It was just the latest example of what Marquis-Boire saw as a worrying trend: corrupt regimes using surveillance companies’ wares for anti-democratic purposes.

When Citizen Lab published its findings in the October 2012 report “Backdoors are Forever: Hacking Team and the Targeting of Dissent?” the group also documented traces of the company’s spyware in a document sent to Ahmed Mansoor, a pro-democracy activist in the United Arab Emirates. Privacy advocates and human rights organizations were alarmed. “By fueling and legitimizing this global trade, we are creating a Pandora’s box,” Christopher Soghoian, the principal technologist with the American Civil Liberties Union’s Speech, Privacy, and Technology Project, told Bloomberg.

The Hacking Team, however, showed no signs of standing down. “Frankly, the evidence that the Citizen Lab report presents in this case doesn’t suggest anything inappropriately done by us,” company spokesman Eric Rabe told the Canadian Globe and Mail.

As media and activists speculated about which countries the Italian firm served, the founder and CEO of the Hacking Team, David Vincenzetti, from his sleek, white office inside an unsuspecting residential building in Milan, took the bad press in stride. He joked with his colleagues in a private email that he was responsible for the “evilest technology” in the world.

A tall, lean 48-year-old Italian with a taste for expensive steak and designer suits, Vincenzetti has transformed himself over the past decade from an under-ground hacker working out of a windowless basement into a mogul worth millions. He is nothing if not militant about what he defines as justice: Julian Assange, the embattled founder of WikiLeaks, is “a criminal who by all means should be arrested, expatriated to the United States, and judged there”; whistleblower Chelsea Manning is “another lunatic”; Edward Snowden “should go to jail, absolutely.”

“Privacy is very important,” Vincenzetti says on a recent February morning in Milan, pausing to sip his espresso. “But national security is much more important.”

Vincenzetti’s position has come at a high cost. Disturbing incidents have been left in his wake: a spy’s suicide, dissidents’ arrests, and countless human rights abuses. “If I had known how crazy and dangerous he is,” Guido Landi, a former employee, says, “I would never have joined the Hacking Team.”
Foreign Policy: http://atfp.co/1NzYJLV

 

« South Korea Is No.1 Top Source Of DDoS Attacks
US Army's $12bn Mobile Internet Is Vulnerable »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall And Why Does It Matter

See how to use next-generation firewalls (NGFWs) and how they boost your security posture.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

AlgoSec

AlgoSec

The AlgoSec platform enables the world’s most complex organizations to gain visibility, reduce risk and process changes at zero-touch across the hybrid network.

RoboForm

RoboForm

RoboForm's industry-leading encryption technology securely stores your passwords, with one Master Password serving as your encryption key.

Snow Software

Snow Software

Snow Software is changing the way organizations think about their technology investments, empowering IT and business leaders to drive transformation with precision and agility.

Ideagen

Ideagen

Ideagen provides information management, safety, risk and compliance software solutions that allow organisations to achieve operational excellence, regulatory compliance and reduce risk.

SaferVPN

SaferVPN

SaferVPN is a Virtual Private Network services provider offering secure encrypted access to the internet.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Blockchain Firm

Blockchain Firm

Blockchain Firm is a leading Blockchain based software solutions and service provider with our roots of expertise running deep into the technology.

Action1

Action1

Action1 is a Cloud-based lightweight endpoint security platform that discovers all of your endpoints in seconds and allows you to retrieve live security information from the entire network.

Rostelecom Solar

Rostelecom Solar

Rostelecom-Solar is a Cyber Security Company, providing software and managed detection and response (MDR) services to protect critical information from advanced cyber threats.

Quantexa

Quantexa

Quantexa automates millions of operational decisions, at scale, across multiple business units, including Anti-Money Laundering, Know-Your-Customer, Fraud, Credit Risk and Customer Intelligence.

Open Data Security (ODS)

Open Data Security (ODS)

Open Data Security is a market leader in the information security sector, offering services to companies, governments and individuals, helping them shield from hackers and cyber attacks.

Stronghold Cyber Security

Stronghold Cyber Security

Stronghold Cyber Security is a consulting company that specializes in NIST 800, the Cybersecurity Framework and the Cybersecurity Maturity Model Certification.

Ciphertex Data Security

Ciphertex Data Security

Ciphertex is a leading data security company that specializes in portable data encryption and privacy protection storage systems.

AdvIntel

AdvIntel

AdvIntel is a next-generation threat prevention and loss prevention company launched by a team of certified investigators, reverse engineers, and security experts.

National Information and Cybersecurity Council (NICC)

National Information and Cybersecurity Council (NICC)

National Information and Cybersecurity Council is a leading collaborative effort between Government of India and Industry to raise Cybersecurity awareness nationally.

ShieldIO

ShieldIO

ShieldIO Real-Time Homomorphic Encryption™ enables your organization to reach regulatory compliance without compromising data availability.