Spying on the world by injecting sophisticated backdoors in software, systems, and mobile phones, leads to violation of the Privacy and Security of every individual. Yes, we are talking about Surveillance, but this time not about NSA.
Instead, Countries including some with poor human-rights records and a much less technically advanced nation are the likely culprits, as they apparently used commercial spyware in making surveillance capabilities that once were the exclusive expertise of the known spy agencies, such as National Security Agency (NSA) and GCHQ.
Citizen lab, a nonprofit research lab has found traces of a remote hacking tool in 21 countries, developed by Hacking Team, including Ethiopia, Sudan, Azerbaijan and Saudi Arabia, which the team had already denied back in 2013.
Cracking the Code: Learn How Cyber Attackers Exploit Human Psychology
Ever wondered why social engineering is so effective? Dive deep into the psychology of cyber attackers in our upcoming webinar.Join Now
Hacking Team, also known as HT S.r.l, is an Italian company, which is known for its powerful surveillance software, Remote Code System (RCS) that it sells to Governments and law enforcement agencies.
Senior Counsel of Hacking Team, Eric Rabe stated that the company does not provide its products to 'repressive regimes.'
"On the issue of repressive regimes, Hacking Team goes to great lengths to assure that our software is not sold to governments that are blacklisted by the EU, the US, NATO, and similar international organizations or any "repressive regime."
Remote Control System (RCS) is a malware, can be defined as 'instrument of crime', infects computers and Smartphones in order to enable covert surveillance. The company claims that its Trojan once installed in the victims' computer, can intercept encrypted communication, including emails and Skype voice calls. Furthermore, RCS can turn on a device's webcam and microphone to spy on the user without their knowledge.
The Team prominently advertises that their RCS spyware is "untraceable" to a specific government operator and can be installed remotely. They say that it can scale up to monitor "hundreds of thousands of targets" and is capable of being deployed to Apple, Android, Symbian, and Blackberry mobile devices.
"Hacking Team has made a number of statements that seem intended to reassure the public, as well as potential regulators, that they conduct effective due diligence and self-regulation regarding their clients, and the human rights impact of their products," the Citizen Lab researchers report on Monday. "They also market their RCS product as untraceable. Our research suggests that both of these claims ring hollow."
The researchers at Citizen Lab have found traces of Remote Control System (RCS) by mapping the spyware's network of proxy servers, which the Hacking Team claims that RCS is "untraceable."
"Our research reveals that the RCS collection infrastructure uses a proxy-chaining technique, roughly analogous to that used by general-purpose anonymity solutions like Tor, in that multiple hops are used to anonymize the destination of information," reads the report. "Despite this technique, we are still able to map out many of these chains and their endpoints using a specialized analysis." Citizen Lab researchers explained.
On the basis of tracing endpoints of Hacking Team proxy chains, the researchers suspected that the agencies of 21 Governments are current or former Clients of RCS, and the country names are Azerbaijan, Colombia, Egypt, Ethiopia, Hungary, Kazakhstan, Korea, Malaysia, Mexico, Morocco, Nigeria, Oman, Panama, Poland, Saudi Arabia, Sudan, Thailand, Turkey, UAE, Uzbekistan, including Italy which is the homeland of the Hacking Team.
The Governments are targeting for political advantage, including the US-based news Organization, rather than using it for legitimate law enforcement operations.
According to researchers at Citizen Lab, The No.1 suspect is Ethiopian Government, that used the hacking tool created by Hacking Team to carry out the spying operation against the Ethiopian journalists in the United States and Europe.
Hacking Team to Citizen Lab:
"We have established an outside panel of technical experts and legal advisors, unique in our industry that reviews potential sales. This panel reports directly to the board of directors regarding proposed sales."
However The FBI, which investigates Computer crimes, declined to comment on the Citizen Lab report, but an activist at the Electronic Frontier Foundation (EFF) and an expert in surveillance technology, Eva Galperin said that:
"If the Ethiopian government is not a Hacking Team customer, then I would sure like to know how their tools wound up being used to spy on Ethiopian journalists."