Wikileaks releases The Spy Files

Once again, Julian Assange and his team reveal how essential they are to modern news gathering:

Mass interception of entire populations is not only a reality, it is a secret new industry spanning 25 countries

It sounds like something out of Hollywood, but as of today, mass interception systems, built by Western intelligence contractors, including for ’political opponents’ are a reality. Today WikiLeaks began releasing a database of hundreds of documents from as many as 160 intelligence contractors in the mass surveillance industry. Working with Bugged Planet and Privacy International, as well as media organizations form six countries – ARD in Germany, The Bureau of Investigative Journalism in the UK, The Hindu in India, L’Espresso in Italy, OWNI in France and the Washington Post in the U.S. Wikileaks is shining a light on this secret industry that has boomed since September 11, 2001 and is worth billions of dollars per year. WikiLeaks has released 287 documents today, but the Spy Files project is ongoing and further information will be released this week and into next year.

International surveillance companies are based in the more technologically sophisticated countries, and they sell their technology on to every country of the world. This industry is, in practice, unregulated. Intelligence agencies, military forces and police authorities are able to silently, and on mass, and secretly intercept calls and take over computers without the help or knowledge of the telecommunication providers. Users’ physical location can be tracked if they are carrying a mobile phone, even if it is only on stand by.

But the WikiLeaks Spy Files are more than just about ’good Western countries’ exporting to ’bad developing world countries’. Western companies are also selling a vast range of mass surveillance equipment to Western intelligence agencies. In traditional spy stories, intelligence agencies like MI5 bug the phone of one or two people of interest. In the last ten years systems for indiscriminate, mass surveillance have become the norm. Intelligence companies such as VASTech secretly sell equipment to permanently record the phone calls of entire nations. Others record the location of every mobile phone in a city, down to 50 meters. Systems to infect every Facebook user, or smart-phone owner of an entire population group are on the intelligence market.

London’s Bureau of Investigative Journalism has extensive coverage of the information dump:

A Bureau analysis of the ”˜Spy Files’ reveals, for the first time, the breadth of the surveillance industry and its incredible capabilities. The documents have been collected from over 130 companies based in 25 countries from Brazil to Switzerland, and reveal an array of technologies so sophisticated, it often seems to have come out of a Hollywood film.

But the ”˜Spy Files’ and their contents are real. … They add weight to the campaigners who claim these proliferating technology companies constitute a new, unregulated arms industry.

Ross Anderson, professor of security engineering at Cambridge… University, said: ”˜These documents reveal an industry selling tools… not just for targeted lawful interception”¦… but for mass surveillance. These tools allow governments to… harvest the emails, chat and text messages of entire populations,… store them, search them and analyse them.… Just as Google lets you… search the web, these tools let a secret policeman track everyone who… said a rude thing about a dictator. So it’s not surprising they’ve… turned up in places like Egypt, Syria and Iran.’

The industry claims it only sells ”˜lawful interception’ gear to official authorities: the police, the military and intelligence agencies.

But the sales brochures boast of vast powers of covert observation, with off-the-shelf gear that activists worry could easily be abused by repressive security forces and corrupt officials.

Crossbench peer Lord Alton, who has raised many issues relating to this industry, said: ”˜Technology of this kind can be every bit as lethal as the bullets that might be directly sold by a munitions company or armaments quartermaster.’

”˜Why sample, when you can monitor all network traffic inexpensively?’ trumpets a brochure from Endace, a company based in New Zealand.

”˜Total monitoring of all operators to plug any intelligence leakage is critical for government agencies,’ says Indian company… ClearTrail.

China Top Communications, based in Beijing, claims to be able to crack passwords of more than 30 email service providers, including Gmail, ”˜in real time by a PASSIVE WAY [sic]”˜. In the deliberately obscure language of the surveillance industry, ”˜passive’ interception is that which takes place without the target knowing they are being watched.

Some of this technology is being abused by repressive governments to help crack down on dissent.

In October, the Bureau revealed that web filtering equipment from Blue Coat Systems, based in California, is used to censor internet traffic in Syria, despite a US export ban to that country. The company later explained the equipment had been diverted from an importer based in the United Arab Emirates.

Take this as an example:

A British company has been implicated in the sale of state-of-the-art spying technology to Syria, a joint investigation by the Bureau and Newsnight can reveal.

The technology, which enabled the Syrian government to manage a system that could allow the interception and archiving of email and telephone communications, was sold to the regime by Italian company Area.

However, the Bureau has learned that vital surveillance and telecom-tapping equipment that formed part of the package sold by Area, to the Syrian government was made by Utimaco, which is part of… Sophos, a British company based in… Oxfordshire.

It is alleged that President Bashar al-Assad’s regime either did or intended to use this British software to target activists who have been uploading footage of civil uprisings to the internet.

Following the discovery of the technology in Syria, media pressure on Area has reportedly led the company to pull out of its deal with the country… earlier this week,… taking with it Utimaco’s equipment.

Or this example:

The operating manual for a spying system built for Colonel Gaddafi may have contained the email addresses of a British lawyer and the new Libyan ambassador to the UK, suggesting that the oppressive regime’s ability to electronically spy on opponents may have extended to Britain.

Amesys, a French company, sold its ”˜Eagle’ online surveillance system to the Libyan government in 2007.

The technology is marketed for monitoring terrorists and serious criminals, but it appears the Gaddafi regime may have used it to keep tabs on political opponents, including those overseas. There is no evidence that anyone was harmed as a result of the Amesys system. But a Libya-based individual who is identified in a draft of the manual was summoned in 2009 to explain his emails by Gaddafi’s feared spying chief, Moussa Koussa. It is not known, however, whether this was directly connected or not.

The… Libyan surveillance centres were discovered in August by the Wall Street Journal, but this is the first time it has been suggested the technology may have been used outside Libya.

I examined these issues in my 2008 book The Blogging Revolutionjust released in an updated edition in India – and uncovered a network of Western “security” firms assisting repressive states censor the internet.

This world has only grown massively in the last years.