Feeds

Inside the shadow world of commercialised spook spyware

'We'll penetrate commsats, undersea cables, Skype ...'

Top three mobile application threats

Exclusive Western and Chinese high-tech companies are competing aggressively to sell, install and manage intrusive and dangerous internet surveillance and communications control equipment for the world’s most brutal regimes, a six-month investigation has found.

During 2011, investigators from Privacy International, a London-based NGO, infiltrated a circuit of closed international surveillance equipment marketing conferences, obtaining private briefings and technical product specifications from contract-hungry sales executives. The group will publish its data and document haul on the net today, in conjunction with other campaigners.

The scale and audacity of the proposals in many of the companies’ documents and hand-out DVDs is breathtaking. They describe and offer for unrestricted sale technologies which were in existence a decade ago, but which were held in utmost secrecy by major intelligence agencies such as the US National Security Agency (NSA) and Britain’s GCHQ.

Over 150 international companies now trading in this sector have been identified during the research. The majority of them did not exist or were not offering electronic surveillance products, even in the early noughties.

Companies exhibiting at the shows now openly offer to target and break specific international commercial communications satellites, including Thuraya (covering the Middle East), Iridium satellite phones, and Marlink’s VSAT. Commercial satellite intercept was previously the almost exclusive turf of GCHQ and NSA’s Echelon satellite interception network.

Other companies offer routinely to install malware on phones and PCs, to break SSL encryption on web connections and A5 crypto on mobile phones, or to break into high-capacity optical fibre networks.

Glimmerglass Networks Inc from Silicon Valley presented in Washington last month on “optical cyber solutions”. These include splicing into optical fibres at “submarine cable landing stations”, “international gateways” and POP or peering points. The techniques used for these operations were developed secretly by the NSA in the 1990s, and have hitherto been a closely guarded secret.

Pushing their “Intelligent Optical System” surveillance system last month, Glimmerglass claimed that its customer intelligence agencies “gain rapid access, not just to signals, but to individual wavelengths on those signals. An LEA [Law Enforcement Agency] operator can quickly and easily select any signal from hundreds, send that signal to a de-multiplexer for access to one of the many wavelengths inside, and then distribute the desired wavelengths as needed. The IOS can make perfect photonic copies of optical signals for simultaneous distribution to grooming equipment and probes for comprehensive analysis”.

Their show included “probes and sniffers” that started with “photonic copies” and ended up with huge personal network displays, including personal connectivity analysis from web logs, webmail and Facebook.

To monitor all of everyone’s communications traffic, the company has claimed, “you need to do much of it optically ... You can pick some off cell phones. But the top of the [intelligence gathering] funnel is coming through optically ... you need to manage that.”

Glimmerglass was formed in 2000. In the same year, long before 9/11 and on the opposite bank of San Francisco Bay, AT&T engineers working for NSA were installing optical fibre taps inside a major San Francisco city internet exchange, tapping into US west coast peering points and switches for the global internet.

In European and US shows over the last six months, Hacking Team of Milan and Gamma International, a controversial British company, have offered customers including police and intelligence agencies explicit hacking attacks including “stealth spyware for infecting and monitoring computers and smartphones” and lectures on “applied hacking techniques used by government agencies”.

Next week at the latest ISSWorld show in Kuala Lumpur, Hacking Team will be pushing its “Remote Control System 7 – the ultimate cyber-intelligence solution for covertly monitoring computers and smartphones”. They have also provided “in-depth, live demonstration(s) of infection vectors and attack techniques”.

RCS7 is claimed to be “invisible to most protection systems”, “resistant to system restoration technologies” and “proven” to be able to intercept mail and web traffic including Skype and PGP.

In Britain in January, at a government invitation-only Farnborough show, Security and Policing 2012, organised by the Home Office’s Centre for Applied Science and Technology (CAST), Gamma Group are billed as presenting their “unique” “FinFisher IT Intrusion products”, which they claim “contain the most comprehensive online research and infection functionality found in any other solution [sic]".

FinFisher also claim that their “superior training at Gamma’s IT Intrusion Training Institute" differentiates Gamma International as the leading company in the field of cyber surveillance and counter surveillance. In fact, the company appears to be operating from a tiny trading estate warehouse in Andover (Google Earth document).

andover_screenshot

A little warehouse in Hampshire... Investigators have pinpointed the location of FinFisher's HQ (Google Earth document).

Since the PI investigation was planned a year ago, equipment, plans and manufacturers’ braggadocio about the power of their kit has have been recovered by Arab insurgents who have toppled governments in Cairo, Tripoli and elsewhere. More revelations are expected as the Arab Spring progresses.

After the collapse of the Mubarak regime in Egypt in April, insurgents broke into the State Security Investigations (SSI) branch. Among the batons and torture equipment recovered was a €250,000 proposal from Finfisher to install its “Finspy” hacker kit.

Combat fraud and increase customer satisfaction

More from The Register

next story
Ubuntu 14.04 LTS: Great changes, but sssh don't mention the...
Why HELLO Amazon! You weren't here last time
Next Windows obsolescence panic is 450 days from … NOW!
The clock is ticking louder for Windows Server 2003 R2 users
This time it's 'Personal': new Office 365 sub covers just two devices
Redmond also brings Office into Google's back yard
Half of Twitter's 'active users' are SILENT STALKERS
Nearly 50% have NEVER tweeted a word
Microsoft TIER SMEAR changes app prices whether devs ask or not
Some go up, some go down, Redmond goes silent
Batten down the hatches, Ubuntu 14.04 LTS due in TWO DAYS
Admins dab straining server brows in advance of Trusty Tahr's long-term support landing
Red Hat to ship RHEL 7 release candidate with a taste of container tech
Grab 'near-final' version of next Enterprise Linux next week
Windows 8.1, which you probably haven't upgraded to yet, ALREADY OBSOLETE
Pre-Update versions of new Windows version will no longer support patches
Inside the Hekaton: SQL Server 2014's database engine deconstructed
Nadella's database sqares the circle of cheap memory vs speed
prev story

Whitepapers

Securing web applications made simple and scalable
In this whitepaper learn how automated security testing can provide a simple and scalable way to protect your web applications.
Combat fraud and increase customer satisfaction
Based on their experience using HP ArcSight Enterprise Security Manager for IT security operations, Finansbank moved to HP ArcSight ESM for fraud management.
The benefits of software based PBX
Why you should break free from your proprietary PBX and how to leverage your existing server hardware.
SANS - Survey on application security programs
In this whitepaper learn about the state of application security programs and practices of 488 surveyed respondents, and discover how mature and effective these programs are.
3 Big data security analytics techniques
Applying these Big Data security analytics techniques can help you make your business safer by detecting attacks early, before significant damage is done.