Feeds

UK firm denies supplying spyware to Mubarak's secret police

RATs nest found in Egyptian spook HQ

Build a business case: developing custom apps

A UK tech firm has denied supplying spyware technology to the former Egyptian government of Hosni Mubarak.

Documents uncovered when the country's security service headquarters were ransacked during the Arab Spring uprising suggest that Egypt had purchased a package called FinFisher to spy on dissidents.

FinFisher, developed by UK firm Gamma International, is supplied exclusively to law enforcement and intelligence agencies as a surveillance tool. Trojans of this type – known as Remote Access Tools or RATs – are typically used to plant bugs on suspects' PCs to monitor emails and instant-messaging conversations, or intercept Skype calls, as the pitch for FinFisher explains:

The remote monitoring and infection solutions are used to access target systems, giving full access to stored information with the ability to take control of the target systems' functions to the point of capturing encrypted data and communications. In combination with enhanced remote infection methods, the government agency will have the capability to remotely infect target systems.

The recovered documents (pictured here) suggest the tool was licensed for a five-month trial at the back end of last year at a cost of €287,000.

During a BBC's File on 4 programme, broadcast on Tuesday, Gamma International UK denied supplying the software to the Egyptian authorities. It added that it complied with UK export restrictions.

The sales documents in question appear genuine, though it's hard to be absolutely sure especially since Gamma International has yet to respond to our request to discuss the matter. The supply of snooping technology to friendly but repressive regimes is a grey area.

William Hague, the Foreign Secretary, told the BBC he would like to see a ban on the export of goods used for repression, adding that he would "critically" examine export controls.

The File on 4 programme, entitled "Cyber Spies", can be downloaded or streamed here. ®

Endpoint data privacy in the cloud is easier than you think

More from The Register

next story
14 antivirus apps found to have security problems
Vendors just don't care, says researcher, after finding basic boo-boos in security software
'Things' on the Internet-of-things have 25 vulnerabilities apiece
Leaking sprinklers, overheated thermostats and picked locks all online
iWallet: No BONKING PLEASE, we're Apple
BLE-ding iPhones, not NFC bonkers, will drive trend - marketeers
Multipath TCP speeds up the internet so much that security breaks
Black Hat research says proposed protocol will bork network probes, flummox firewalls
Only '3% of web servers in top corps' fully fixed after Heartbleed snafu
Just slapping a patched OpenSSL on a machine ain't going to cut it, we're told
Microsoft's Euro cloud darkens: US FEDS can dig into foreign servers
They're not emails, they're business records, says court
Plug and PREY: Hackers reprogram USB drives to silently infect PCs
BadUSB instructs gadget chips to inject key-presses, redirect net traffic and more
How long is too long to wait for a security fix?
Synology finally patches OpenSSL bugs in Trevor's NAS
prev story

Whitepapers

7 Elements of Radically Simple OS Migration
Avoid the typical headaches of OS migration during your next project by learning about 7 elements of radically simple OS migration.
Implementing global e-invoicing with guaranteed legal certainty
Explaining the role local tax compliance plays in successful supply chain management and e-business and how leading global brands are addressing this.
Consolidation: The Foundation for IT Business Transformation
In this whitepaper learn how effective consolidation of IT and business resources can enable multiple, meaningful business benefits.
Solving today's distributed Big Data backup challenges
Enable IT efficiency and allow a firm to access and reuse corporate information for competitive advantage, ultimately changing business outcomes.
A new approach to endpoint data protection
What is the best way to ensure comprehensive visibility, management, and control of information on both company-owned and employee-owned devices?