The unstoppable rise of the global surveillance profiteers

Posted by

The unstoppable rise of the global surveillance profiteers
By Aaron Sankin
Dec 7 2014
<http://kernelmag.dailydot.com/issue-sections/headline-story/11057/cyberwar-surveillance-state-economy/>

Imagine if your government put a price tag on your privacy, acquiring shadowy surveillance technology that exploited your personal vulnerabilities.

Earlier this year, journalists at the Ethiopian Satellite Television Service (ESAT) were sent something sketchy. The Amsterdam-based TV channel holds itself up as an alternative to the country’s tightly controlled state-run media and regularly runs programming critical of Ethiopia’s ruling regime. As such, the station’s broadcasts in the country are regularly jammed by government censors, and a recent documentary aired on state-run TV urged Ethiopians not to participate in ESAT’s programming.

The first suspicious message arrived one afternoon via Skype to an ESAT employee in Belgium who was managing a company account. The message supposedly came from from Yalfalkenu Meches, a former contributor who had been out of contact for some time, and it included an attached file titled “An Article for ESAT” that raised a litany of red flags. It contained a veiled .exe file—the kind that triggers programs to start running on Windows machines and is the primary carrier of viruses—whose name included a long string of spaces designed to hide its true identity.

Suspecting that something was amiss, the employee refused to open the file, but Meches tried again—this time sending over a Microsoft Word document. Less than two hours later, Meches reached out to another ESAT employee, this one based in the company’s northern Virginia office, with a similar offer of an interesting article. Once again, Meches, or whoever had assumed his online identity, was rebuffed.

ESAT forwarded the emails to Citizen Lab, a multidisciplinary group at the University of Toronto’s Munk School of Global Affairs working on Internet freedom issues like censorship and surveillance, with a focus on the actions of repressive governments. Activists from around the world send files to Citizen Lab that they suspect contain viruses, and the group’s programmers will download them, rummage through the source code, and determine if there’s foul play involved.

Citizen Lab found that one of the ESAT messages exploited a bug in Microsoft Word that would make the infected system covertly download a virus from a remote server as soon as it was opened. The virus was one of the tendrils of something called Remote Control System, which was developed by a Milan, Italy-based company called Hacking Team.

[snip]