Feeds

Hacking Team snoopware found on US servers

Citizen Lab tags foreign governments for spying in America

Secure remote control for conventional and virtual desktops

Canada's Citizen Lab has added to its record of uncovering government snooping using Hacking Team's software, has dropped a bombshell: it's accused 12 American data centres of hosting clients deploying the spyware.

In its latest report, Hacking Team's US Nexus, Citizen Lab* says there are 114 servers in America, in at least a dozen data centres, that are part of RCS (Remote Control Software) circuits.

The group says their identification of RCS traffic isn't some routing accident, but demonstrates “the purposeful use of US servers for the surreptitious transmission of wiretapped data to foreign governments.”

The governments it accuses of snooping are, in other words, using RCS to wiretap on individuals – for example, citizens in the US, journalists reporting on their countries' affairs, expats and activists – and send the data offshore. This violates US laws, such as the Computer Fraud and Abuse Act and the Wiretap Act, Citizen Lab writes.

Their name-and-shame list says names Linode, Internetserver, InMotion Hosting, GoDaddy, ColoCrossing, Sharktech, Endurance International, Infolink, NOC4Hosts and HostDime as having government customers who are operating, or have operated, RCS in US data centres.

The governments named include Uzbekistan, Poland, Mexico, Colombia, Morocco, Thailand, the UAE, Korea* Morocco and Azerbaijan (*the report doesn't say North or South Korea; El Reg presumes it means Norks).

“The extensive and deliberate use of dedicated US hosting companies by foreign countries’ wiretapping activities raises a number of pressing legal and policy concerns,” Citizen Labs says. “These include whether RCS client countries violate US law and longstanding international legal principles on sovereignty and nonintervention through use of this spyware. Moreover, RCS client countries, by exposing wiretap data to US and other jurisdictions, may have violated internal laws governing the safeguarding of wiretapped material.”

The authors also say that in some cases, spyware servers were disguised as legitimate Websites – newspapers, financial services firms, and ABC News – presumably to mislead targets. Most Hacking Team servers, Citizen Lab writes, present the Google search page when someone lands on their address.

Other countries apparently hosting RCS servers, and in which this would probably be illegal, include the UK, Germany, The Netherlands and Canada. ®

Bootnote *Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs, University of Toronto, Canada that focuses on researching the relationship between technology, human rights, and global security. ®

Internet Security Threat Report 2014

Whitepapers

Why and how to choose the right cloud vendor
The benefits of cloud-based storage in your processes. Eliminate onsite, disk-based backup and archiving in favor of cloud-based data protection.
Getting started with customer-focused identity management
Learn why identity is a fundamental requirement to digital growth, and how without it there is no way to identify and engage customers in a meaningful way.
High Performance for All
While HPC is not new, it has traditionally been seen as a specialist area – is it now geared up to meet more mainstream requirements?
Getting ahead of the compliance curve
Learn about new services that make it easy to discover and manage certificates across the enterprise and how to get ahead of the compliance curve.
Intelligent flash storage arrays
Tegile Intelligent Storage Arrays with IntelliFlash helps IT boost storage utilization and effciency while delivering unmatched storage savings and performance.