“Hacking Team” internal emails reveal that Israeli Police, Defense Ministry and Elta Systems showed interest in the company’s aggressive surveillance technology | Police showed interest in surveillance on Whatsapp messages, Viber and Facebook| MOD was interested in exporting data ability| Leaked emails also reveal “Nice Systems” was a client of the Hacking Team | Exclusive
Initial examination of 400GB of leaked emails and documents of the Italian spyware manufacturer “Hacking Team” reveals that representative from Israeli police, Defense ministry and Elta Systems (subsidiary of Israel Aerospace Industries, ISI) recently held meetings with a senior account manager of the company. Questions raised in those meetings suggest the official Israeli agencies showed interest in the spying program Hacking Team sells.
According to The Intercept, Hacking Team’s powerful surveillance technology, the Remote Control System, can infect a target’s computer or phone from afar and steal files, read emails, take photos and record conversations. This program has been sold to government agencies in Ethiopia, Bahrain, Egypt, Kazakhstan, Morocco, Russia, Saudi Arabia, South Sudan, Azerbaijan and Turkey. The hacked data reveals that Israeli agencies also showed interest in that system.
According to the leaked data, Massimiliano Luppi, key account manager of Hacking Team, visited Israel last month, between 22/06-25/06. During his stay in Tel Aviv Luppi and a colleague met the head of Israeli Technology section at the Police Cyber unit, Yaniv Azani. Luppi, according to the leaked data, also met representatives from the Israeli Ministry of Defense and Elta Systems.
One of Hacking Team’s leaked documents entitled “Israel Questions”. In an internal email Luppi writes to his colleague: “Could you please help me in answering the technical questions coming from 3 prospects Philippe and I met during our last trip to Tel Aviv? To avoid sending 3 different emails, I collected everything in the doc file attached.”
Here are the list of questions, concerns and issues raised by the Israeli police, ministry of defense and Elta in those meetings, according to Luppi’s document. They reveal that Israeli police showed interest in surveillance on Whatsapp messages, Viber and Facebook and MOD was interested in exporting data ability.
Israeli Police: - Which ?voice over IP? is supported (e.g: whatsapp, viber etc?) - Can the agent activate the GPS (hidden txt messages)? Daniele already provided Philippe with a preliminary answer. I'm not sure I got the right questions? maybe you can understand better what?s behind. - Management of exploits by themselves We already informed them that everything requires our involvement because of the Exploit Delivery Service when creating a doc. Could you please help us integrating the answer when talking about web link etc...? - Timeframe to get an exploit once requested Do we have a rough estimation? - Data from the infection date only As far as I remember this should not be a problem, correct? We are not talking about files on the device but also about other data such as old facebook chats and so on, is this feature performed automatically when the module is activated? - Google drive, Dropbox support? - Network configuration? I will provide them with the technical requirements. - Anonymizers chains management What if something goes wrong/exposure of one vps? Which security steps are in place? MOD: - Which type of encryption is used (both on the device and when data are sent)? - How every agent is unique/different signature? - Can the solution run specific plugins/applications/execute commands and how - Can data be exported We already answered this one (connector) ELTA: - What with very complex WPA2 passwords? (e.g: only numbers and letters) - Can the TNI act as simple passive probe/man in the middle?
* Why did the Israeli police, MOD and Elta showed interest in Hacking Team’s surveillance program? I asked all three and will update as soon as they will answer.
* During his visit to Israel Luppi also met several representatives from Nice Systems, a public U.S.-Israel company and a client of Hacking Team. More on those meetings to follow.
Update, July 8th, 08:30:
Israeli police spokesperson replied saying “In order to create a more effective cyber enforcement, Israeli police – via its cyber unit – works constantly on developing new technologies and cooperating with local and foreign organizations. We have no intention to elaborate about our methods and means”.
IAI spokesperson said “IAI have does not conduct its business in the media”.
Update, July 9th, 11:40:
More communication between Israeli agencies and Hacking Team exposed now here and by @yuvadm.
It turns out that in March 2012 a person named “Jacob” from the Israeli PM office showed interest in the company products, writing: ״To whom it may concern I’m interested in learning more about your products. I’d like to get more information and a POC whom I can contact. with regards Jakob N ,Israel PMO”.
The company internal communication regarding this email described it as mysterious, but stated it deserve their standard answer.
Other emails exposed today reveals the exchange between Superintendent Meir Hayun from Israeli police to Luppi:
Dear Massimiliano Luppi, > My commander (Commander, Gadiel Siso, Head of the Sigint > division, Israeli Police) asked me to write you this email. > I am Superintendent Meir Hayun, Head of Data Communication and > Cyber at the Sigint division of the Israeli Police. > Commander, Gadiel Siso had attended the last ISS conference, > and participated at your demonstration of RCS. > We have discussed the issue and we wish to learn more about > the product. > We think that a meeting with your experts will enable us to > examine the product. > I have understood that when you met commander Gadiel you > suggested that you may visit us in Israel. > Please let us know how you think we can promote the co- > operation between us. > Should you think it`s better that we come over, please give us > time table, possible dates and the Agenda. > Should you think it`s possible for you to send the experts > here, let us know what it`s requires from us, time table and > the Agenda. > > Best regards, > Superintendent, Meir Hayun > Head of Data Communication and Cyber > Sigint division, > Israeli Police.
More to follow.