Timeline of INSA hack (via University of Toronto report)
Italian security firm, Hacking Team, is under fire for allegedly having supplied the tyrannical Ethiopian government stealthy spyware that resulted in an attack on US journalists. Hacking Team denied the claims and the Ethiopian government has not commented, although it issued at least five attacks last year alone.
Ethiopia doesn’t have a great track record for upholding freedom of speech. Second to only Eritrea for imprisoning journalists, the government is now extending its reach beyond its borders to attack journalists that report on the Ethiopian government overseas. According to a recent report by Citizen Lab, Ethiopian exiled journalists living in Alexandria, Virginia and working for the Ethiopian Satellite Television Service (ESAT) were hacked by Ethiopia’s Information Network Security Agency (INSA) – the Ethiopian information security bureau, at least five times between December 2013 and December 2014.
The first traceable hack was issued in December of 2013 using Hacking Team’s Remote Control System (RCS) spyware. This product is supposed to bypass encryptions by being directly installed on devices and collecting information from those devices over time. The transmission of data and the breach itself are supposed to be untraceable. Unfortunately, for Hacking Team and the INSA, however, the team of expat journalists at ESAT found evidence that the duo was responsible for five email attacks that year.
It is believed that the INSA was able to install the RCS spyware on the computer of ESAT Managing Director Neamin Zeleke through an email with a malicious document attachment. While the journalists at ESAT are likely on edge knowing they are being watched, the hack has serious security threats for Ethiopian activists who have been leaking information. While there have been no reports to date of related government brutality, the INSA can find the journalists’ internal sources and they may be forced to pay for the unwanted publicity.
Hacking Team, however, is under fire as well for allegedly having supplied both its RCS product and an update to the INSA, knowing that its intent was malicious. Hacking Team’s Customer Policy explicitly states it does not sell its security products to customers who may exhibit violations of human rights. Since the first two hacks made the front page of the Washington Post, however, it is unlikely that Hacking Team did not know their customer was violating human rights – an offense that directly conflicts with the company’s Customer Policy. Worse yet, after the first two hacks made headlines in February, Hacking Team allegedly issued a server update to the INSA in April, after which the government agency issued three more hacks. Hacking Team denies having supplied its spyware to the agency.
While it does not seem Hacking Team has any intention of stopping its sales to the Ethiopian government, and the INSA certainly does not seem to be halting its hacks any time soon, the ESAT may have to enhance its own security to fend off the sharks. Unfortunately, the Ethiopian government isn’t the only government illegally hacking into networks overseas. Recently, the National Security Agency and the UK government allegedly executed the largest SIM card hack in history, according to former NSA consultant Edward J. Snowden.
C
See more news at: