[liberationtech] Bloomberg: Spies Fail to Escape Spyware...

frank at journalistsecurity.net frank at journalistsecurity.net
Tue Jan 22 15:38:54 PST 2013


Spies Fail to Escape Spyware in $5 Billion Bazaar for Cyber Arms -
Bloomberg
http://www.bloomberg.com/news/2011-12-22/spies-fail-to-escape-spyware-in-5-billion-bazaar-for-cyber-arms.html

The intelligence operative sits in a leather club chair, laptop open,
one floor below the Hilton Kuala Lumpurbs convention rooms, scanning
the airwaves for spies.

In the salons above him, merchants of electronic interception
demonstrate their gear to government agents who have descended on the
Malaysian capital in early December for the Wiretapperbs Ball, as this
surveillance industry trade show is called.

As he tries to detect hacker threats lurking in the wireless networks,
the man who helps manage a Southeast Asian countrybs Internet security
says therebs reason for paranoia. The wares on offer include products
that secretly access your Web cam, turn your cell phone into a
location-tracking device, recognize your voice, mine your e-mail for
anti-government sentiment and listen to supposedly secure Skype calls.

He isnbt alone watching his back at this cyber-arms bazaar, whose real
name is ISS World.

For three days, attendees digging into dim sum fret about losing trade
secrets to hackers, or falling prey to phone interception by rival
spies. They also get a tiny taste of what theybve unleashed on the
outside world, where their products have become weapons in the hands of
regimes that use the gear to track and torture dissidents.

bIbm concerned about my calls or Internet being monitored, because
thatbs what they sell,b says Meling Mudin, 35, a Kuala Lumpur-based
information-technology security consultant who takes defensive measures
as he roams the exhibits. bWhen I make phone calls, I step out of the
hotel, I donbt use my computer and I also donbt use the wireless
services provided.b

bWe Meet Againb

ISS, which convenes every few months in cities from Dubai to Brasilia,
is the hub of the surveillance trade. In recent years, countries such as
Syria, Iran and Tunisia bulked up their monitoring by turning to some of
ISSbs corporate sponsors, such as Italybs Area SpA and Germanybs
Utimaco Safeware AG (USA) and Trovicor GmbH, a Bloomberg News
investigation showed.

Business is booming, with annual revenue of $3 billion to $5 billion
growing as much as 20 percent a year, ISS organizer Jerry Lucas
estimates.

Lucas, 68, an American with a PhD in physics, is perfectly cast for the
part of spyware convention mastermind. With sweeping eyebrows and a bare
pate that make him a look-alike of Democratic strategist James Carville,
he greets an uninvited journalist at his Prague event in June with,
bWebve been expecting you.b

On the second encounter, in Kuala Lumpur this month, he descends an
escalator from the convention floor and intones: bWe meet again.b

Warning Attendees

Lucas, whose conference company TeleStrategies, Inc., is based in
McLean, Virginia, makes the point that his marketplace serves police who
conduct criminal investigations and intelligence services that prevent
terror attacks. Virtually every communications network in the world
includes wiretapping for prosecutors, or location tracking to rescue
people in emergencies. And customers at ISS also include phone company
executives.

Still, Lucas describes Spy vs. Spy intrigue that emerges when he
convenes ISS (short for Intelligence Support Systems). The potential for
hacking has led him to warn attendees to comply with the law of host
countries.

bWe tell them, bDo not bring in radio equipment that is not allowed
by the government,bb says Lucas, who started ISS nine years ago.

Some gear can intercept mobile-phone or Internet transmissions,
impersonating legitimate networks by sitting in the middle of the data
flow.

bThese guys can be your base station,b Lucas says.

bHide Your Laptopb

Attendees routinely guard against hacking, says Nikhil Gyamlani, a
Munich-based developer of monitoring systems who has attended several
ISS events. He says being in close contact with competitors versed in
the dark arts gives them a chance to secretly copy documents saved on
hard drives or sent via e-mail. He advises preventive measures.

bAbsolutely no use of wireless networks, and hide your laptop in a
safe,b says Gyamlani, 34, the founder of a new surveillance company,
GlassCube. bThe fear is very justified.b

Some who havenbt taken such precautions have learned to be more
careful.

At ISS in Prague this year, an employee of an African telecommunications
regulator was cruising Facebook on his Archos (JXR) tablet computer when
he found his every click being projected on a screen at the front of the
room, he recalled afterwards in the lobby. Hebd been using the
hotelbs wireless Internet.

Watching The Detectives

While ISS is closed to journalists, a Bloomberg News reporter dropped in
on two 2011 installments, walking hotel corridors, sitting in bars and
haunting lounges.

In Prague, at a hotel connected to a shopping mall food court, potential
buyers included Thailandbs Department of Special Investigation and the
U.S. Drug Enforcement Administration. In the lobby, contingents from
Greece and Turkey sat on opposite sides of the room.

Many conventioneers carried black canvas tote bags from Utimaco, whose
systems were used in a Syrian surveillance project that was exposed this
year by Bloomberg News and shut down before it could become operational.

Approaches by a journalist at ISS only triggered more paranoia among
some executives. At a fourth-floor conference room rented by Trovicor in
Prague, an employee, Jesper Mathiesen, not only declined to talk, but
declined to trust the reporterbs business card as reliable
identification.

Rock Star

bAnyone can print a business card,b he said, as another employee led
a delegation from Serbia into the room.

In the Prague hotelbs elevators, an employee of Andover, U.K.-based
Gamma International rode up and down, escorting government delegations
to back-to-back, appointment-only demonstrations of Gammabs FinFisher
intrusion system, conducted in darkened rooms.

Once secretly planted on a targetbs computer, FinFisher allows remote
control of the device. The tool became widely known early this year when
a copy of a FinFisher proposal turned up in Egypt after the February
revolution and was posted online.

The notoriety helped make the German hacker-turned- executive behind
FinFisher a rock star of the ISS circuit.

Listed in the conference agendas only by his initials, MJM, he is Martin
J. Muench, 30, the managing director of Gammabs German unit. One of
his talks in Kuala Lumpur is titled, bOffensive IT Intelligence
Information-Gathering Portfolio bAn Operational Overview.b

Saudi Arabia, India

At this gathering of real-life James Bonds, Muench most resembles 007
himself, as played by Sean Connery: just over six feet tall, in a trim
black suit and skinny black tie.

Spotted at ISS this month, Muench declines to comment, while lighting a
cigarette.

For the Malaysia event, which has 871 invited attendees from 56
countries, the Hilton lobby hosts a parade of ISSbs various tribes and
their telltale markings. Buyers from Saudi Arabiabs interior ministry,
Indiabs cabinet secretariat and the 5-month-old state of South Sudan
brandish yellow nametags that peg them as government officials. Vendors
are identified by red tags.

Employees of Munich-based Trovicor are easy to pick out: each is dressed
identically, in a dark suit and a red necktie, which is custom made,
marketing director Birgitt Fischer-Harrow says.

Barring Syria

bIt is a Trovicor corporate identity. The company colors are black,
white and Pantone 202c red,b she says, referring to the precise shade
of burgundy.

Trovicor is a former intelligence unit of Siemens AG and Nokia Siemens
Networks. The chain of companies supplied and maintained eavesdropping
systems for Syria, Bahrain, Tunisia and other countries that have
battled rebellions this year, a Bloomberg News investigation showed.
Fischer-Harrow says the company canbt comment on contracts or clients.

Lucas says hebs barred Syrian or Iranian government representatives
from ISS.

Still, that hasnbt stopped surveillance gear from reaching those
countries, and the controversy has attracted crashers to ISS seeking to
expose how the technology can be abused by repressive regimes.

In an empty hotel restaurant after lunch, Eric King, the human rights
and technology adviser at London-based Privacy International, is poring
over conference presentations hebs obtained and tallying a growing
list of suspicious technological glitches. When he tries to send an
e-mail from his Apple Inc. laptop, he gets a message that his encryption
wonbt work.

Seeking Hackers

His paranoia builds as he also realizes that more secure 3G networks,
used for phones and wireless Internet, are unavailable in the hotel.
King, 22, jetlagged and wearing a wrinkled, blue button-down shirt, has
a hypothesis: Someone has blocked the 3G to force everyone to use
methods that would be easier to intercept.

He consults the ISS program and finds a possible culprit, bLive
Demonstration of Tactical GSM Interrogation and Geo- Location System.b

bWebve got to get us some hackers,b he says, eager to untangle
what may be a nest of surveillance.

A few hours later, King heads to Kuala Lumpurbs art deco Central
Market to meet a Privacy International volunteer. Over a noodle dinner,
she puts him in touch with a hacker who agrees to meet up the next day.

Recruiting Spies

Back at the hotel, the night is young and the paranoia is deep.

Unlike typical trade shows, this one has no social events. No
corporate-sponsored cocktail parties. No hospitality suites. Clients and
suppliers donbt want to be seen with each other in public, and some
countries bar their agents from mingling at the event because itbs a
recruiting ground for spies seeking sources, organizer Lucas says.

In some delegations, bTheybll send four or five people and have one
here just to watch the rest,b he says.

At the Hiltonbs wine bar, Vintage Bank, three men from Milan-based
HackingTeam are talking among themselves, drinking from brandy snifters.

Because HackingTeam sells programs that can spy on a computerbs
contents and activities, maybe they know something about the 3G
blackout. All three say that they, too, have noticed, and also suggest
an interception effort may be afoot.

In the morning, Kingbs hacker arrives at the Hilton lobby, toting a
backpack filled with wireless Internet gear and wearing a black T-shirt.

Intelligence Operative

They set up shop on a coffee table. After an hour of performing many of
the same tests the intelligence operative had done at the start of the
convention, the network activity comes up clean.

The hacker suggests the 3G problem might just be a spotty phone system.
Later, ISS organizer Lucas says any drop in service may have been caused
by heavy usage by convention-goers.

Upstairs, the operative is back in the leather club chair, this time
using an iPad. Asked if this isnbt risky, he says itbs just for
browsing websites, not e-mail or anything involving passwords. And
hebs got no files saved to it.

Does he have e-mail access?

He holds up a BlackBerry, and says hebs running nothing sensitive
through it. Then he does a double-take. The screen saver is a photo of
him and his wife.

The bad guys could do face recognition, he says, looking at the picture.
Kicking himself for the lapse, he walks off, the paranoia having got the
best of him.

b Editors: Marcia Myers, Melissa Pozsgay

To contact the reporter on this story: Vernon Silver in Rome at
vtsilver at bloomberg.net;

To contact the editor responsible for this story: Melissa Pozsgay at
mpozsgay at bloomberg.net

Enlarge image  
Conference organizer Jerry Lucas (back to camera) attends the ISS World
trade show at the Hilton in Kuala Lumpur. Source: Bloomberg

Enlarge image  
A convention floor display being dismantled is shown at the ISS World
trade show at the Hilton in Kuala Lumpur. Source: Bloomberg

Enlarge image  
A conference participant holds name tag during the ISS World trade show
at the Hilton in Kuala Lumpur. Source: Bloomberg

Enlarge image  
A convention floor display being dismantled is shown during the ISS
World trade show at the Hilton in Kuala Lumpur. Source: Bloomberg

Enlarge image  
Eric King, a human rights and technology adviser at London-based Privacy
International, has a meal at Kuala Lumpurbs Central Market to recruit
a hacker to test for surveillance at the ISS World trade show. Source:
Bloomberg


--
Unsubscribe, change to digest, or change password at: https://mailman.stanford.edu/mailman/listinfo/liberationtech
----- End forwarded message -----
-- 
Eugen* Leitl <a href="http://leitl.org">leitl</a> http://leitl.org
______________________________________________________________
ICBM: 48.07100, 11.36820 http://www.ativel.com http://postbiota.org
8B29F6BE: 099D 78BA 2FD3 B014 B08A  7779 75B0 2443 8B29 F6BE





More information about the cypherpunks-legacy mailing list