Italian cyber security firm helping 'repressive governments' spy on their citizens

Italian cyber security firm Hacking Team, which sells intrusion and surveillance tools to governments and law enforcement agencies, effectively helping them to “spy” on certain targets, has itself become the victim of a hacking attack.

Anonymous hackers attacked the company over the weekend, releasing what is alleged to be more than 400 gigabytes of the company’s internal documents, email correspondence, employee passwords and the underlying source code of its products. The leaked files seem to show that Hacking Team has been working with numerous repressive governments – something it has previously explicitly denied doing.

In 2013, in response to a Reporters Without Borders report which named Hacking Team as one of the “corporate enemies of the internet”, the company issued a statement which read: “Hacking Team goes to great lengths to assure that our software is not sold to governments that are blacklisted by the EU, the USA, NATO and similar international organisations or any ‘repressive’ regime.”

The company had previously stated that “an external committee of legal experts reviews each proposed sale to assure compliance with our policies… We monitor news media and other public communications such as blogs and Internet comment for reports of abuses and investigate when appropriate.”

However, the leaked documents suggest that Hacking Team’s clients include the governments and security services of Azerbaijan, Egypt, Kazakhstan, Uzbekistan, the USA, Russia, Bahrain, Saudi Arabia, Sudan and the UAE; countries with poor records of safeguarding the human rights of their citizens.

The perpetrators of the apparent hack used the company’s own official Twitter feed (renamed to “Hacked Team”) to communicate. They continued to post to the feed for hours after the incident, highlighting specific documents they claimed to have had access to as a result of the hack, such as emails and invoices.

With regards to Egypt, a purported spreadsheet of all of Hacking Team’s clients and financial details suggests that to date Egypt has bought nearly €750,000 worth of products from the company.

The GNSE Group, an Egyptian company, acted as a third-party purchasing digital services from Hacking Team on behalf of Egypt’s Ministry of Defence. Governments are typically wary of a ministry’s name appearing on any bank records but the hacked client list released on Sunday shows that in addition to the GNSE Group, the Hacking Team also lists the Defence Ministry as its original contractor in Egypt. There is also an apparent end user license agreement between Hacking Team and the Egyptian MoD for one of Hacking Team’s products that seems to have been officially signed by a representative from the MoD in June 2015.

The posted documents also include a recent invoice for 130,000 Euros to Egypt for Hacking Team’s Remote Control System. According to the Hacking Team’s administration manual, accessed on a mirror site by Middle East Monitor, the Remote Control System (RCS) is an “investigation support tool” and “can create, configure, and install a software agent that is in turn able to scan, remaining undetected, all activities and operations executed out on a target computer or mobile phone and to gather all data and information generated by the system.”

It will allow the user to intercept, monitor and gather a large amount of information on all the activities carried out on a PC or a mobile phone of a chosen target. This includes intercepting Skype and mobile phone calls, access to the target’s Instant Messaging, passwords, sent and received e-mails; and GPS position. RCS is also capable of switching on a target’s web camera and microphone.

Just last week, Amnesty International released a report on the mass arrest of youth activists by the Egyptian authorities, which it called a “blatant attempt to crush the spirit of the country’s bravest and brightest young minds, and nip in the bud any future threat to their rule.” Since Egyptian President Abdel Fattah Al-Sisi took power nearly a year ago, an estimated 41,000 people have been arrested, charged or indicted with a criminal offence, or sentenced after unfair trials, according to the last available estimates by Egyptian human rights activists.

In January, the European Parliament adopted a resolution calling for an EU-wide ban on the export of intrusion and surveillance technologies to Egypt “which could be used to spy on and repress citizens [… or] that could be used in the suppression of peaceful protest or against the EU’s strategic and security interests.”

There is also an invoice for €480,000 sent to the Sudanese national intelligence service for a contract signed in June 2012. Hacking Team was asked whether it had business relations with Sudan by the United Nations. An apparent leaked email dated 10 March 2015 shows that the company told the UN’s Italian representative that it had no current business relations with the country, prompting the follow-up question “as to whether there have been any previous business arrangements” with Sudan, the answer to which is not recorded.

Human Rights Watch reported that the Sudanese authorities have used excessive violence against protesters, often resulting in their deaths. More than 170 people were killed as a result of government violence in the country in 2013. A UN arms embargo on Sudan, which is incorporated into EU and UK law, bans the export of “arms and related material” to the country. The embargo also prohibits technical assistance, brokering services and other military-related services.

In a supposed list of the renewal dates of Hacking Team’s customers, Sudan, alongside Russia, is listed as “not-officially supported”. Other countries are referred to as “active” or “expired”.

There also appears to be contract with Israeli company NICE for €55,000 Euros , the second settlement for the Remote Control System mentioned above. According to an apparent copy of Hacking Team’s 2015 client overview list, the total revenues coming from Saudi Arabia appear to reach nearly 3 million.

The leaked documents show the dark dealings Hacking Team has with a variety of repressive and draconian governments. The files, which include product user manuals for hacking software which can intercept anything from skype calls to GPS positions, highlight, once again, the terrifying lengths governments in both “democratic” and “authoritarian” countries will go to spy on their citizens.

The views expressed in this article belong to the author and do not necessarily reflect the editorial policy of Middle East Monitor.