What's new

Hacking Team hacked: The Pakistan connection, and India's expansion plan

@Jango Anyone who has nothing to hide need not worry about government surveillance, it is impossible to keep tab on thousands of people and elec surveillance is reserved for the select few who are particularly fishy, the GoP is not interested in what kinky wear you want your girlfriend to have on next time you 'take a business trip', unless it involves a suicide jacket ;)
 
.
@Jango Anyone who has nothing to hide need not worry about government surveillance, it is impossible to keep tab on thousands of people and elec surveillance is reserved for the select few who are particularly fishy, the GoP is not interested in what kinky wear you want your girlfriend to have on next time you 'take a business trip', unless it involves a suicide jacket ;)

Thats a relief ! :whistle:

Mazaak kar rahaa hunnn.....mazaaak kar rahaa hunnnn - Mein shareeef aadmiii hooon ! :angel:
 
.
Consider this: your mobile phone is sending a steady stream of private information and location coordinates to an unknown entity that has included your name on a list of targets to be monitored.

Your computer allows those with a set of very sophisticated, very expensive spyware tools to access your digital life, from saved photos and chat messages to watching and listening to you using your device’s camera and microphone. This massive breach of privacy is virtually undetectable and untraceable.

Now imagine such tools in the hands of the state’s security apparatus.

In a recent report, Privacy International (PI), an organization focused on privacy intrusions, asserted that the government had obtained such surveillance tools from multiple sources, including Ericsson, Alcatel, Huawei, SS8 and Utimaco. There is increasing concern that local Law Enforcement Agencies (LEAs) and intelligence agencies have the ability to intrude into a range of devices to capture data, encrypted or otherwise.

One software that enables such high-level spying is Remote Control System (RCS) — a ‘cyber security’ solution developed by Hacking Team (HT), an Italian IT company notorious for its spy tools that have been sold to countries as far and wide as Sudan, Bahrain, Saudi Arabia, India, Mexico and Russia.

Promotional video Hacking Team released to market RCS
RCS primarily works through the installation of malware, a malicious programme that is remotely transmitted to a device and then used to transfer private data through an internet connection.

Aside from allowing access to photos, emails, chat conversations, social media accounts and passwords, the software can tap phone and Skype calls, take photographs using the infected device’s camera and switch on a device’s microphone – all without the user’s knowledge, and without affecting a device’s battery life.

HT boastfully claims to equip law enforcement agencies solely to “fight crime hidden in the new encrypted digital world”. It repeatedly asserts its RCS hacking software is lawful, and “critical to the work of preventing and investigating crime and terrorism…we serve over 50 clients in more than 30 countries; we have been the first movers and leaders since 2004.”

It was perhaps this notoriety and success that led to HT itself being hacked in July by an anonymous hacker who released 400GB of the company’s data online, of which one million emails have been compiled into a public archive by Wikileaks.

In an attempt at damage control, HT published a message from CEO & Founder David Vincenzetti who admitted there was a security breach, adding that, “the attack on our company was a reckless and vicious crime.”

Enter Pakistan
With HT acknowledging the data leak, the controversial surveillance company’s detailed liaison with global customers has been laid bare - and among the emails are over 1,000 exchanges with a set of actors who claim to be Pakistani contractors representing various state institutions.

Against the backdrop of Privacy International’s report detailing Pakistan’s desire to build a mass surveillance system, these emails reinforce the idea that some elements within Pakistan have purchased, or are in the process of acquiring intrusive hacking tools such as RCS using the names of top LEAs and intelligence agencies.

The email exchanges run from 2011, where HT staff discuss doing business with Pakistan, in which it sees an “exceptional customer”, up to May 2015 where a contractor claims he has received demands from local agencies for surveillance equipment that can be integrated into unmanned air vehicles (drones) and land vehicles.

With many email chains ending abruptly or switching over to phone calls and private meetings online or abroad, the status of RCS being actively used inside Pakistan is currently unknown.

In the examination of emails that follows, the years long exchanges between Pakistan's contractors and HT reveals how the business of surveillance operates, and the dangers it poses.

Hacking Team hacked: The Pakistan connection, and India's expansion plan - Pakistan - DAWN.COM

-------------------------------------------------------------------------------------

This is a looong article, including the Wikileaks emails...do check it out.

I don't know if anyone noticed, but since the past few weeks, there has been a lot of talk going on about ISI hacking and doing cyber espionage and whatnot...this is gonna get interesting...:pop:

@Icarus, any comments youo'd like to add?
As usual our economy and budget sucks, otherwise still we need to slowly form a separate agency based on NSA and monitor every thing. We can call it NATIONAL CYBER AGENCY ( NCA ). It can be separate or under ISI or may be an organisation like NECTA but it is badly needed. It should be used for both monitoring inside Pakistan and launching cyber attacks of all sorts on enemy.
 
.
The title is vague. What does it mean by India's expansion plan??? If not anything this title would have grabbed some extra eyeballs to read a lengthy article usually skipped by commoners.

From what I understand both Pakistan and India are planning to use RCS on their respective domestic crowds, which means privacy can now be safely thrown out of the window. Whatsapp,skype, Viber etc would be tracked, and intelligence agencies would have access to everything on our mobiles. Some apps which are given access to cameras in iOS and Android can remotely operate it. In short, be it India or Pakistan both the countries are following NSA's way, they would intrude into citizen's privacy using tax payer's money.
Do we need RCS???
Hell, yes.
This is the best to bust sleeper cells.

This caught my attention....


upload_2015-7-28_16-0-48.png



@Star Wars @SarthakGanguly - read when free. Its a really long article.
 
Last edited:
. .
I think nowadays all intel agencies must have special IT devisions with spesific tasks. Sure ISI has somesting like this and they are also developing their own unique products.
 
.
This is terrifying! I understand, some mass surveillance capability is a must in this age.

BUT the ability to pull up pictures of your family from your mobile, read all your texts and emails, has to be supervised in the strongest way possible.

In our region, it will be very difficult to stop abuse of the system. How long will it be before even the local cops get access to this? In a nightmare scenario, anyone with government / civil service connections will be able to see your confidential records.

Remember, with this much information, it won't be hard for anyone with an agenda to build a case against anyone else. Think about it, how many of your texts, emails can be twisted to make you sound bad?
 
. .
That is what the article is saying...surveillance means in effect spying.

Now I know that our country works in a totally different way, but internal spying in the UK by GCHQ or in the US by the NSA is not seen in good light by the public there, and the HR groups and other such organizations would definitely take this issue over here as well.

Especially since this does not have any legal cover in our country. Remember the news piece that ISI was looking to install surveillance equipment on the internet cable landing sites?

My personal opinion on this is that it is something necessary, but then something which needs to be kept in check by some body so that the agencies do not go overboard. In the current scenario in Pakistan it is imperative to keep a check on terror elements who are increasing their use of such VoIP services and other such equipment, such as the Safoora bus attack killers and even TTP, whose cyber equipment has been repeatedly busted in bustling cities.

But then you have to restrict their uses only to people who are actively involved in terrorism only and not on other people to blackmail them or just casual spying, like getting my emails and my passwords and other such information.

So my suggestion would be to make a committee involving military and civilian officials and maybe of some organizations and maybe judiciary which oversees the targets of such surveillance. At least that's better than nothing.



Have you seen the series Mr Robot?

In one episode the guy uses a real software to hack into a phone. It's around 10 dollars I think, and you just have to install it into the target phone and voila!


So you are also fan of Mr.Robot. Loved the intro scene where he busted Indian guy balls :p

When Nawaz sharif granted 500 million rs to IB last year, it was meant for building such capabilities.

@Jango Anyone who has nothing to hide need not worry about government surveillance, it is impossible to keep tab on thousands of people and elec surveillance is reserved for the select few who are particularly fishy, the GoP is not interested in what kinky wear you want your girlfriend to have on next time you 'take a business trip', unless it involves a suicide jacket ;)

And this is how establishment keep in line certain politicians and selected few members of judiciary and burecracy. Remember during 2007, when SC banned ISI and MI personnel entry into it's complex and there was a strong rumor about alleged sex tape of the daughter of one SC judge
 
.
Ethical or not. The fact is the software is available and is up for sale. Many other countries and agencies are using it so any other agency/country including Pakistan can buy and use it. Just beware of what information you circulate.
 
.
This report is well compiled and an interesting read.

I was hoping that our country might have had some home grown talent in this field, but it appears we do need outside help in tackling these modern systems.

Although it can never be proved that such surveillance tools would only be used for security purposes, or even if such assurances are made I doubt anyone would be fully confident about it, what is more worrying is that the same company is offering cross-border surveillance tools to India.

I'm not sure how these systems work, but I wouldn't be surprised if the surveillance information available to the software operator is also logged somewhere in the software provider's system.

This log would be quite valuable for rival nations.

Here's to hoping that a company (which makes tools to spy on people) has the high moral ground to pass on such a profit-raking opportunity.
 
.
Back
Top Bottom