Montreal Gazette

Hacking the hackers

Authoritie­s using cybercrimi­nals’ tactics against them

- RAPHAEL SATTER

LONDON — Law enforcemen­t agencies across the globe are taking a page out of the cybercrimi­nal handbook, using targets’ own phones and computers to spy on them with methods traditiona­lly associated with the world’s most malicious hackers, two computer security groups said Tuesday.

Drawing on a cache of leaked documents and months of forensic work, two reports about the private Italian firm Hacking Team expose a global network of malicious software implants operated by police and spy agencies in dozens of countries. They also suggest that the lines between high-tech police work and malicious hacking are blurring.

“In the past, the distinctio­n was pretty easy: If it’s mal- ware, there’s someone bad behind it,” said Costin Raiu, a senior security researcher at Russian anti-virus firm Kaspersky. “The notion of good guys and bad guys is becoming diluted.”

The reports by Kaspersky and the Toronto-based Citizen Lab help complete the picture of state-sanctioned surveillan­ce sketched by Edward Snowden’s sensationa­l revelation­s about the National Security Agency and its internatio­nal allies.

While many of Snowden’s revelation­s dealt with the mass monitoring of communicat­ion as it flows across the globe, Hacking Team brags about more aggressive forms of monitoring that let authoritie­s turn people’s phones and laptops into eavesdropp­ing tools.

Hacking Team, based in Milan, did not return several messages seeking comment.

On its website, the company takes pains to present itself as one of the good guys. In a moody promotiona­l video with a gravelly voice-over, it boasts of being able to steal text messages, eavesdrop on Skype calls and take control of hundreds of thousands of targeted devices at a time.

Hacking Team’s customer policy says it sells only to government­s, which it screens for human rights concerns. A company-establishe­d panel of technical experts and legal advisers checks out every potential client, Hacking Team says, and while it realizes that its software can be abused, “we take a number of precaution­s to limit the potential for that abuse.”

?? PHOTOS: RAPHAEL SATTER/ THE ASSOCIATED PRESS ?? Morgan Marquis-Boire, a senior security researcher and technical adviser with Citizen Lab, speaks during a “cyber self-defence course” in London, England, on Tuesday.
PHOTOS: RAPHAEL SATTER/ THE ASSOCIATED PRESS Morgan Marquis-Boire, a senior security researcher and technical adviser with Citizen Lab, speaks during a “cyber self-defence course” in London, England, on Tuesday.
?? ?? Sergey Golovanov, of Russian anti-virus firm Kaspersky, expresses his views in London on Tuesday.
Sergey Golovanov, of Russian anti-virus firm Kaspersky, expresses his views in London on Tuesday.

Newspapers in English

Newspapers from Canada