Spyware Peddlers

May 5, 2017 Crime , OPINION/NEWS , Technology

Reuters photo

 

By

Ricardo Swire

Globally an estimated 528 surveillance companies compete in a finite legal market. Economics, geopolitics and a fragmented legal system qualify spyware’s open distribution as inevitable.

Spyware is malicious computer software that performs explicit cyberspace behaviors, mostly without obtaining permission. The subversive programs change your web browser’s home page/ search page, or add unnecessary sections to your browser. One former British Intelligence Officer referred to the market’s most powerful surveillance spyware as “the nuclear weapons of the twenty first century.”

Proof shows select Chinese and European spyware companies are prepared to circumvent international laws, designed as restrictions on sales to banned countries. These businesses mask questionable transactions, using either sister or shell companies. The co-founder of Chinese firm Semptian Technologies Company Ltd located in Shenzhen told an undercover investigator; “We wipe everything.” Semptian’s co-founder was prepared to sell US$3 million worth of spy gear to the sleuth, without knowing the potential purchaser’s identity.

Italy based surveillance firm IPS offers creative methods to disguise the true nature of suspect spyware sales. IPS’ Sales Director told the undercover investigator; “We can even use a fake or dummy email account.” IPS Monitoring Centers are active in more than fifteen countries on four continents. The Italian turnkey solutions business relies on servers that belong to American internet companies. Among IPS’ labyrinthine 555 machines positioned worldwide, 80 belong to Linode LLC in Galloway, New Jersey, USA.

Spyware companies manufacture “dual-use” technology such as a Wi-Fi router, additionally programmed to eavesdrop on phone calls or internet traffic. When distributed to purchasers the device is only labeled a Wi-Fi router, its second feature kept secret. Offered spyware categories vary. IMSI Catchers are electronic devices used to reconnoiter mobile phone conversations, without either conversing party’s knowledge. The briefcase shaped unit disguises as a mobile phone tower. Targeted mobile phones send all data, usually transmitted to a legitimate carrier’s tower, through the IMSI Catcher, its operator able to secretly listen to phone calls, read and write text messages, as well as track the subject’s location.

Such a device is officially limited to law enforcement and national intelligence agency use. The Vice-President of AREA SpA, a Milan headquartered surveillance business, told the undercover investigator securing IMSI Catcher export licenses for South Sudan, under European Union sanctions, would be a complex process. The “work around” is launder the sale via a third party. Surveillance equipment can be legitimately exported to Tanzania that officially donates the IMSI Catcher to South Sudan as “a gift.” At the time of inquiry AREA SpA’s held a €35 million Milan bank account. In 2011 the Italian company sold Syria almost US$14 million worth of spyware products.

Turkish firm Bilgi Teknoloji Tasarim Ltd Sti (BTT) obtains export licenses for restricted customers by stating the product is “telecom testing equipment.” BTT has annual revenues averaging US$6 million. During Libya’s February 2011 revolution French surveillance firm AMESYS played a vital support role to the government’s internal security mechanism. The Colonel in charge of Libya’s Intelligence Service (LIS) used AMESYS’ “Eagle Monitoring Center” to intercept nationwide communications that included private emails. The Interception System functions in three segments; the Probe, a Data Center for Classification and Storage along with Monitoring Center.

The IP Intercept System is popularly traded spyware that collects internet traffic of large groups. The technology records which individual computer or mobile phone visits which website and “sees” the user’s activity on the page. An IP Intercept System, acting as an information filter, can tap a country’s internet architecture. A 2015 intelligence report identified “FinFisher System” as the heartbeat of a clandestine Ugandan Government operation. Engineered by German surveillance company Gamma International, FinFisher is an invasive system that reads encrypted files, emails and listens to voice over IP calls. Uganda’s electronic spy craft was performed to secretly surveil local journalists and opposition activists.

 

 

 

 

 

 

 

 

Ricardo Swire - Tuck Magazine

Ricardo Swire

Ricardo Swire is the Principal Consultant at R-L-H Security Consultants & Business Support Services and writes on a number of important issues.

0 Comments

No Comments Yet!

You can be first to comment this post!

Leave a Reply