Watch out: Malaysian Big Brother is snooping on Us

July 13, 2015

Watch out: Malaysian Big Brother is snooping on Us

by John

john-berthelsenIf you live in Singapore, Malaysia, Thailand or Vietnam and you are an activist, the government probably knows a lot more about the inside of your computer than you think, and more than you want it to.

On July 5, unknown hackers broke into the computers a shadowy company based in Italy that has become notorious across the world. With offices in Milan, Washington, DC and Singapore, its name is The Hacking Team, and it is one of a half-dozen such firms identified as “digital era mercenaries” because they sell products to governments to spy surreptitiously on their own citizens.

Najib in anxietyHe can go to sleep because he is using technology to snoop  and spinners to dupe Us

Top Asian clients among the countries using The Hacking Team’s services are Malaysia, the seventh-biggest spender, paying The Hacking Team US$1,861,131 for its assistance in spying on its citizens. Singapore is 10th, just behind the US, which is 9th. Singapore paid The Hacking Team US$1,209,963. Vietnam is 21st, at US$560,735, followed by Thailand at US$466,482.

According to the Massachusetts-based CSO cyber-security firm, the US Department of Defense apparently had a contract with The Hacking Team but no longer does. The FBI had an active maintenance contract until June 30 and the Drug Enforcement Agency has a renewal in progress.

The hackers, whoever they were, downloaded 400 gigabytes of internal documents, source codes and email communications with governments and dumped the haul onto the Internet. The documents tell a chilling story of helping some of the world’s most repressive countries including Sudan, Saudi Arabia, Azerbijan and Kazakhstan. In all, 38 countries are on the list of clients. According to other sources,  The Hacking Team also expressed the intention to go after Human Rights Watch and other such activist organizations. 


And what do they get for their money? Here is a presentation on the company’s website to entice governments to spy. It is well worth listening to:

“You have new challenges today. Sensitive data is transmitted over encrypted channels. Often the info you want is not transmitted at all. Your target may be outside your monitoring domain. Is passive monitoring enough?  You want more. You want to look through your target’s eyes. You have to hack your target.  You have to hit many different platforms. You have to overcome encryption and capture relevant data. Being stealthy and untraceable. Deployed all over your country. That is exactly what we do. Remote Control System Galileo. The hacking suite for governmental interception. Rely on us.”

Big Bro1

“Without advanced technology, authoritarian regimes would not be able to spy on their citizens,” Reporters Without Borders said. “They sell products that are used by authoritarian governments to commit violations of human rights and freedom of information. They are Gamma, Trovicor, Hacking Team, Amesys and Blue Coat.”

Bahrain’s royal family has used Trovicor’s surveillance and interception products to spy on news providers and arrest them, according to Reporters Without Borders. Blue Coat’s deep packet inspection products have made it possible for Syria to spy on dissidents and netizens throughout the country, and to arrest and torture them. Amesys provided products to the Libyan secret police during the late Muammar Gaddafi’s reign. The Hacking Team and Gamma have provided malware to capture the passwords of journalists and bloggers.

“Online surveillance is a growing danger for journalists, citizen-journalists, bloggers and human rights defenders,” Reporters Without Borders secretary-general Christophe Deloire said. “Regimes seeking to control news and information increasingly prefer to act discreetly. Rather than resort to content blocking that generates bad publicity and is early circumvented, they prefer subtle forms of censorship and surveillance that their targets are often unaware of.”

The contract with the Malaysian government apparently was routed through the Prime Minister’s Office, “Malaysian Intelligence,” both listed as “active,” and the Malaysian Anti-Corruption Commission, now listed as “expired” according to documents made public by CSO.  Thailand’s contract, with the country’s department of corrections, was listed as expired. A full list of curated documents made available by CSO can be found here.

The Singapore government’s Infocom Development Agency is the unit that apparently purchased the Galileo software. That agency, according to its website, “formulates and develops short- and medium-term infocomm-related policies, as well as standards, codes of practices and advisory guidelines – all of which are enforceable by IDA – pertaining to issues such as licensing, interconnection, resource and competition management, to name a few. IDA also monitors local and global infocomm market trends, developments and regulatory measures, while remaining technology-neutral, to ensure that the current infocomm policies and regulatory frameworks are effective and relevant.”

According to The Hacking Company’s website, “In today’s connected world, data is moving from private devices to the social cloud. Encryption is everywhere to protect the users’ privacy from prying eyes. In the same way, encryption is hiding criminal intents from you. Don’t you feel you are going blind? Sometimes relevant data are bound inside the device, never transmitted and kept well protected … unless you are right on that device.”

The government’s target, according to the website, “can be anywhere today, while your hands are tied as soon as he moves outside the country. You cannot stop your targets from moving. How can you keep chasing them? What you need is a way to bypass encryption, collect relevant data out of any device, and keep monitoring your targets wherever they are, even outside your monitoring domain. Remote Control System does exactly that.”

The system allows governments to take control of target computers and monitor them regardless of encryption and mobility. “It doesn’t matter if you are after an Android phone or a Windows computer: you can monitor all the devices. Remote Control System is invisible to the user, evades antivirus and firewalls, and doesn’t affect the devices’ performance or battery life. Hack into your targets with the most advanced infection vectors available. Enter his wireless network and tackle tactical operations with ad-hoc equipment designed to operate while on the move.

“Keep an eye on all your targets and manage them remotely, all from a single screen. Be alerted on incoming relevant data and have meaningful events automatically highlighted. Remote Control System: the hacking suite for governmental interception. Right at your fingertips.”

7 thoughts on “Watch out: Malaysian Big Brother is snooping on Us

  1. 1. Reminds me of IBM selling its computer services to the
    South African apartheid regime prior to
    the country’s liberation by Nelson Mandela and the African National Congress.

    IBM computers enabled the racist regime to keep track of its citizens and dissidents. (Of course today’s IT systems are much more sophisticated)

    2. Repressive Third World regimes also purchase other services from
    developed countries’ firms
    e.g. tear gas and other “riot control” police equipment,
    propaganda services (“public relations services”) from its firms such as APCO, services of lobbying firms based in capital cities such as
    Washington DC (to lobby the US government for favourable treatment ifof a particular foreign regime), “internal security” military equipment (used to repress their own citizens), etc

  2. This insidious game is part and parcel of all tyrannical or illegitimate or non majority governments holding office. In their zeal to cling on to the slipping power they spy and intrude into each and every person who appears to be a threat to them. They have caught the tiger by the tail and find it dangerous to let go. Incoming governments or those who seize power from them by the self same methods are bound to retaliate against them and in come cases most hideously. One cannot help but feel sad in some ways for the present persons on power in this country having sleepless nights along with their cronies as to what the future holds for them. Fortunately Malaysians are by nature not a cruel vindictive lot. They would rather let Time heal the evil that had beset them over the last 30 years or so.

  3. “Watch out: Malaysian Big Brother is snooping on Us”

    Just to share this…

    July 13, 2015 – Police’s Twitter now hacked with warning for Najib –

    July 7, 2015 – Malaysian Government accused of buying spying tools –

    “…The Malaysian Government has been tightening and strengthening some of its security laws over the last few years, citing the need to combat terrorism and violent crime.

    It introduced the Prevention of Terrorism Bill (POTA), amended the Sedition Act which it had previously promised to repeal, and amended the Security Offences (Special Measures) Act 2012 (Sosma).

    The Sosma amendments legitimise wire-tapping against suspected ‘hardcore criminals’ and human traffickers, although the law itself was first passed as an anti-terrorism and national security measure.

    When asked if the Government could legitimise spyware use if it came under Sosma, Syahredzan said the law does allow the Government to intercept communications, but for ‘security offences’ –terrorism, treason and so on.

    “More worryingly, the Criminal Procedure Code allows the State to intercept, listen or record any message or communication received through any communication if it is likely to contain any information relating to the commission of a crime,” he said.

    “Worse still is the fact that the State can use this information against the person in court. These provisions have not been challenged in court, but I believe that they are in fact unconstitutional for being in breach of Article 5 [of the Federal Constitution],” he added.

    Not the first time

    According to a research report from The Citizen Lab, Hacking Team’s RCS can capture data that is stored on a target’s computer even if the target never sends the information over the Internet.

    It can copy files from a computer’s hard disk, record Skype calls, e-mails, instant messages, and passwords typed into a web browser. Furthermore, RCS can turn on a device’s webcam and microphone to spy on the target.

    This is not the first time Citizen Lab, from the University of Toronto’s Munk School of Global Affairs, has looked into spyware use. In 2013, it traced command and control (C+C) servers for the FinFisher (aka FinSpy) spyware from UK-based Gamma International to 25 countries, including Malaysia.

    Citizen Lab however noted that the discovery of a FinSpy C+C server in a given country cannot conclusively indicate that the country is using FinSpy on its citizens.

    Much like RCS, FinSpy captures information from an infected computer, such as passwords and Skype calls, and sends the information to a FinSpy C+C server.

    In March 2013, industry regulator the Malaysian Communications and Multimedia Commission (MCMC) initiated an investigation against news portal The Malaysian Insider for running a report that said the Malaysian Government was using FinFisher to spy on its own citizens, based on a blog post in the New York Times.

    Be that as it may, in May 2013, cybersecurity firm F-Secure noted that Gamma company executives were present at the ISS World 2011 surveillance software trade show in Kuala Lumpur.

    The MCMC had not responded to DNA’s request for comments on the Hacking Team issue as at press time.”

    Jul 08, 2015 – Malaysian Govt spyware use unconstitutional, call for action –

    “No matter how noble the objectives of a government, if it blurs decency and kindness, cheapens human life and breeds ill will and suspicion – it is an evil government” – Eric Hoffer, The Passionate State of Mind 1954

    You be the judge.

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google+ photo

You are commenting using your Google+ account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

This site uses Akismet to reduce spam. Learn how your comment data is processed.