Published in the Echo, Click here
Top hacking company gets, um, hacked, and its data reveals secret govt programs
Last week I described the very bad act of parliament that becomes law next month – theTelecommunications (Interception and Access) Amendment (Data Retention) Bill 2015 – that will require telcos and ISPs to track and store our phone calls, emails, and web visits.
The aim is so 20-plus government agencies – spies and cops mostly – can look at our metadata and then ask a judge to give them a secret warrant to go deeper into our lives – listening to our phone calls, reading our emails, and watching where we go online, for instance.
All that stuff was already legal or will be on October 13. But there’s another layer of spying which is not so legal.
It involves infecting your computer or mobile device with a trojan or similar malware to allow its controller to listen in and watch you, after they take over the microphone and camera built into your device.
And also to rearrange and/or steal any amount of your data, and to send messages or more malware to everyone in your contacts file.
The technology has been around for years, and mostly we hear about it in warnings from well-behaved internet citizens such as banks or retailers alerting us to tricks used by bad-behaving hackers and crooks.
And an industry has grown up around detecting, deflecting, and deleting the baddies’ malware.
But malware spying is now a booming business, with the malware designed, manufactured, and sold by legitimate corporations around the world. WikiLeaks estimates that the global computer surveillance technology market is worth $5 billion a year.
This includes businesses that sell anti-malware software, so you can find malware made by criminals.
But what about surveillance software emanating from governments who spy on each other (think Angela Merkel’s mobile phone) or on the governments’ own citizens?
Actually, governments are these guys’ best customers, and we know this because of a recent incident involving a corporate purveyor called, simply, Hacking Team.
440 GB of data
They are Milan-basedand sell surveillance worms.
Additionally they offer brochures, training programs, and demonstration sessions, just like any other service company. Turns out police forces and spy agencies had been secretly scrambling to buy their latest programs – except that last June the ‘secretly’ thing got blown away when someone hacked the Hacking Team and uploaded 440 gigabytes of their sensitive data onto the internet. So now we know that the company has sold their gear to dozens of dictatorial governments including Sudan, Egypt, Bahrain, Tunisia, Azerbaijan, and… the Northern Territory Police.
Yes, among the thousands of emails hacked from Hacking Team’s files are missives to and from government agencies in our own fair nation, including the Australian Security and Intelligence Organization (ASIO), the Australian Federal Police (AFP), the NSW and NT police, and Victoria’s anti-corruption commission IBAC.
All no doubt thrilled by the company’s promise that their software is ‘totally invisible to the target’, and will allow them to get emails and text messages, and record phone conversations including internet-based calls like Skype. The emails show that IBAC and the NT Police had demonstration sessions, and the AFP was billed for offensive spyware worth close to half a million dollars.
Since the Hacking Team outing, our various police outfits have either refused to confirm or deny (AFP) or assureus that they looked but never bought the malware. And their spin-masters have emphasised that bugging a meeting of, say, bikie-gang drug-dealers, by infecting a top-dog’s MacBook, makes us all safer.
Which it might, but who’s deciding which devices to infect; who decides who’s a danger to the community and who isn’t? Answer: guys like Tony Abbott and thousands of cops and spies who think people like Echo readers are eco-terrorists and ‘vigilantists’.
So what are the odds that at least one laptop, tablet, phone or camera in the tent where folks are planning the next protest against Metgasco is transmitting every word and a crisp colour video of every one of us, ‘targets’ all.