A list of normally secretive companies and products used by over 150 Governments from around the world to spy and hack into people’s computers has come to light thanks to the Wall Street Journal Surveillance Catalog project, these confidential brochures explain what products are used by Governments for mass surveillance, some of the prospectuses have been partially blacked out as specific technical information is only available to authorised law enforcement personnel.
The surveillance tools are sold to law enforcement agencies and some corporations, its legality depend on the laws of the country where they are being applied, the tools have often been found in the hands of repressive regimes like China or Iran, since censoring of the web and mass spying is allowed in those countries, it is perfectly legal.
Note: In addition to these private contractors products, well resourced countries also develop their own custom hacking tools in-house.
Software for Internet surveillance
Mobile phone tracking: Septier Location Tracking provides mobile phone tracking, lawful interception and intelligence gathering analyzing and retaining location data from mobile phone networks, it uses triangulation to find out where a mobile phone is, a technique that looks at the signal strength in between a phone and a mobile phone tower to determine its location, the system can handle all modern mobile networks like 3G, GSM, Wi-Fi, WiMax, etc.
Linguistic Analysis: A company called Expert System Semantic Intelligence has semantic software called Cogito that is capable of searching linguistic data using strict parameters, categorize data and extract entities like people and organizations, after data has been sifted through events are flagged, further parsed for early warning indications, ranked and then extracted and categorized.
Social network analysis: Intellego studies the relationships in social networks, representing emails, websites and targets as nodes then interlink them with other nodes showing a graphic of all the links. The diagram shows a clear picture of the network communication. This kind of analysis does not necessarily involve public data in Facebook, it can involve private data analysis, it allows the investigators to easily spot target’s relationships.
Installing trojan horses: FinFly ISP can disguise a trojan horse in the form of popular software like updates for the Firefox browser, Adobe Flash or Java, once the user agrees to update this as he often does, a trojan horse that sends private data to a surveillance agency and is not detected by any antivirus is downloaded to his computer. This British company (Gamma Group) claims that it can work with an ISP to distribute a trojan horse to users. Its latest product, FinFly Web, can infect targets with a trojan on-the-fly by just visiting a website.
Deep packet inspection: OnPath technologies claims to provide “lawful interception” of Internet communications taking all the traffic from the Internet backbone (ie. ISP) and funnelling it through hardware devices that inspect data packets, determine what’s inside them and decides if it is necessary to forward the data to a law enforcement agency for inspection.
Hide computer IP: A company called ION (Internet Operations Network) solutions claims to provide random rotating IP addresses that look ordinary and are untraceable. Even law enforcement agencies need to hide their computer IPs, if someone is posing as a bad guy online he does not want his IP to reveal that his computer is located inside the FBI Headquarters, hiding a law enforcement agency computer IP is also useful to avoid warning a target that he is under investigation by visiting their potentially illegal website for research (servers log visitors IPs).
Trojan horse on a USB: When physical access to a computer is possible, a solution called FinFly USB can install remote monitoring software (aka trojan) on a target machine by just inserting a USB thumbdrive, it does not require any IT trained agent to do this. They claim that it has been used by surveillance teams to install “remote monitoring” on target computers that where switched off (booting the computer from the USB thumbdrive).
Interception of encrypted traffic: Using a man in the middle attack approach a company called Packet Forensics can intercept encrypted SSL & TLS connections and decrypt its content, with this technique they can listen in to Voice over IP encrypted calls and read email messages sent through SSL tunnels. The company textually claims on its brochure “users are lured into a false sense of security” which allows staff to obtain the best evidence. Packet Forensics devices can easily be placed at an ISP or private network without causing any noticeable interruption in the service.
Visit WSJ Surveillance Catalogue ( scroll down)