If you live in Singapore, Malaysia, Thailand or Vietnam and you are an activist or a journalist, the government probably knows a lot more about the inside of your computer than you think, and more than you want it to.
On July 5, unknown hackers broke into the computers a shadowy company based in Italy that has become notorious across the world. With offices in Milan, Washington, DC and Singapore, its name is The Hacking Team, and it is one of a half-dozen such firms identified as “digital era mercenaries” because they sell products to governments to spy surreptitiously on their own citizens.
Top Asian clients among the countries using The Hacking Team’s services are Malaysia, the seventh-biggest spender, paying The Hacking Team US$1,861,131 for its assistance in spying on its citizens. Singapore is 10th, just behind the US, which is 9th. Singapore paid The Hacking Team US$1,209,963. Vietnam is 21st, at US$560,735, followed by Thailand at US$466,482.
According to the Massachusetts-based CSO cyber-security firm, the US Department of Defense apparently had a contract with The Hacking Team but no longer does. The FBI had an active maintenance contract until June 30 and the Drug Enforcement Agency has a renewal in progress.
The hackers, whoever they were, downloaded 400 gigabytes of internal documents, source codes and email communications with governments and dumped the haul onto the Internet. The documents tell a chilling story of helping some of the world’s most repressive countries including Sudan, Saudi Arabia, Azerbijan and Kazakhstan. In all, 38 countries are on the list of clients. According to other sources, The Hacking Team also expressed the intention to go after Human Rights Watch and other such activist organizations.
And what do they get for their money? Here is a presentation on the company’s website to entice governments to spy. It is well worth listening to:
“You have new challenges today. Sensitive data is transmitted over encrypted channels. Often the info you want is not transmitted at all. Your target may be outside your monitoring domain. Is passive monitoring enough? You want more. You want to look through your target’s eyes. You have to hack your target. You have to hit many different platforms. You have to overcome encryption and capture relevant data. Being stealthy and untraceable. Deployed all over your country. That is exactly what we do. Remote Control System Galileo. The hacking suite for governmental interception. Rely on us.”
“Without advanced technology, authoritarian regimes would not be able to spy on their citizens,” Reporters Without Borders said. “They sell products that are used by authoritarian governments to commit violations of human rights and freedom of information. They are Gamma, Trovicor, Hacking Team, Amesys and Blue Coat.”