How Government Spies on You?

Governments around the world are spying on their people. This act is well-known in the Middle East by oppressive regimes but now it is obvious that all governments are doing it. People believe that their government is using Internet surveillance technology but they don’t understand how they use it, what they get, and which tools are they using.

If you live in a country ruled by a dictator, you should understand that surveillance is a daily routine for law enforcements without any warrant!

I stated in one of my latest articles about “Lawful Interception” that western companies offer special surveillance and hacking tools to oppressive regimes in Middle East. Instead of using these tools to protect their cyber and physical security, they use it to hack their people!

But do you know how your government is spying on you? What tools are they using?

The Wall Street Journal published the so called “Surveillance Catalogue” which contains leaked brochures from secret conference for surveillance and security in Washington DC. I mentioned this conference before which is “ISS World” for sure!
Checking sponsors link on their website will give you a clue of what’s inside.

In order to understand what these western countries are offering to our oppressive regimes, you need to carefully browse and study the leaked brochures on WSJ website.

There are many interesting findings in the leaked brochures which I will highlight as follows:

GAMMA Group

This company seems like the best choice for Middle East governments when it comes to hacking, surveillance, and interception. It is the only company which offers Arabic brochures!

It is the same company which supplied Mubarak’s regime with hacking and intrusion tools known as FinFisher and FinSpy. The company offers full hacking and intrusion package with training for law enforcement and intelligence. 

From what Middle East countries did during Arab uprising, we can easily tell that these tools by GAMMA were extensively used. Let’s see the scenarios found on their brochures and link them to what governments did…

Tunisian government used special web code to hack into users’ accounts on facebook, hotmail, yahoo and other networks. That was done using crafted JavaScript code on fake login pages. According to FINFLY WEB tool brochures, that this tactic can easily be implemented since the government has a centralized ISP in which this tool can be used!

Government can infect websites with malicious code and they can target specific user or even the entire network by implementing the infection code through the ISP. Any user will use the ISP to connect to “Facebook” for example will be infected with the malicious monitoring code!!! 

Government can also use the full package to integrate ISP infection, web infection, and hacking through malicious software update.

Mubarak’s regime used FINSPY to target specific users using their “User names” provided by their ISP. All ISPs in Egypt and most Middle East countries provided their users with dynamic IPs with “User names and password” for easy identification. While the IP is changing each time user restarted the router, it can still be identified using the “User name”!

The FINSPY solution that is used by Egyptian government can infect and remote control any target, anywhere around the world as claimed by GAMMA group. This tool can also bypass 40 regularly tested antiviruses and can silently open your webcam and microphone!

The FINSPY MOBILE can be used the same way to hack into mobile phones and extract evidences, data, and even record voice and video!

According to the FINSPY MOBILE brochure, it was successfully used with BlackBerry mobiles…
This scenario reminds us of what Etisalat has done with users in UAE!

This hacking technique depends on infecting the mobile software with malicious code using MMS, SMS, UMTS or Wi-Fi. They trick the user to open the MMS or other configuration files as it looks like “system update” or “critical software update”. Once open, the backdoor is installed and everything on your phone could be accessed and monitored.

In Most Arab countries Skype are used by internet users to conduct cheap or free voice communications with applied encryption to avoid government surveillance. But GAMMA Company claimed that their FINFISHER tool can intercept and monitor Skype conversations. The leaked documents reveal that this capability doesn’t depend on cracking the encryption. The whole process depends on infecting the target computer with malicious code or Trojan created by FINFISHER tool which could be able to intercept the conversation on “Sender’s PC” before it is being encrypted or on “Receiver’s PC” after it is being decrypted as shown in the following diagram provided by WSJ.

Manufacturers of such tools always claim that they are aware of export laws and also make sure that their software will not be abused by authoritarian regimes. But what is really happening is that these companies are extensively selling to Middle East regimes that use these technologies to repress their people and invade their privacy without any warrant!
They said it is a moral dilemma and we can’t control how our software is being abused by law enforcements. It is like a knife!

Deciphering Speech

One company offered a very interesting solution that can decipher speech in any language and analyze voices when intercepted. The software can determine which words are being said, what topics and in some cases who is talking!

Other companies are offering language analyses even in Arabic. But it looks challenging when it comes to Arabic as one word might have several meanings and might change according to the sequence of the speech as well.

Hacking and Vulnerabilities

Other companies offer hacking platforms for law enforcements that might look like “Metasploit” but with extensive functionalities. Most tools depend on exploiting unpatched software vulnerabilities or even trick the user to install fake update to infect the target PC. “HackingTeam” is one of those companies that offer full hacking and monitoring platform for law enforcement and intelligence. According to the leaked document, this platform can be deployed on any platform from Windows to BlackBerry. The created malware can bypass antivirus, firewall, and antispyware! 

 

There are many other companies that offer large number of tools that can be used by your government to intercept communication, trace your location, hack into your system, and even analyze your speech. One obvious example is Netoptics the company behind Chinese mobile phone tracking and surveillance systems. They offer solutions for major mobile operator to conduct real-time monitoring of cell phone internet contents. This act is not legal in USA for example without court warrant but it is legal in china!

So it is really a big dilemma when you talk about the law and the usage of such tools.

 

From what we found in these leaked documents and brochures, we can understand that it is a new big market for private western companies to sell their “double edged weapons”. Companies said that they can’t control how their software can be used after they sell it. They understand that their software can be used to kill someone!!!

Since the US and other western governments have interests in the Middle East and with authoritarian regimes, they will not do anything. They understand that these tools can threaten human life not only invasion of privacy!

But we are talking about billions of dollars industry that can’t be controlled ethically..!

Countries with instability, repression, and lack of user awareness such as in Middle East are competing to own these surveillance tools.

On the other side, national security agencies in western governments are not using these tools, they are using custom built and more complicated ones. They can even hack other government security measures and exploit those private tools to collect information from national security agencies in Middle East governments!

Most law enforcements in Middle East lack proper education and training to efficiently operate and use these private tools. They can use it to spy on anyone even their families; there are no codes of ethics, cyber laws, electronic investigation rules or even policies.

Our countries’ national security is not only vulnerable to cyber attacks but also to Geo-political strategies and these private solutions will not prevent anything.

Authoritarian regimes that are using surveillance technology to trace innocent people instead of criminals are easily overthrown by technology itself