Monday, February 20, 2012

Cyber Espionage

[Note from Shaun: the following is a guest post from Abdo Binmadhi. James and I both met Abdo in Oxford through the Oxford University Water Polo Club. Abdo is the most mysterious person I know. I can't tell you why he is so mysterious because he made me promise not to. The topic of this post, cyber espionage, is somewhat disconnected from the primary focus of the blog. However, given how often we all use the communication tools Abdo mentions in this post, I think it is interesting to read about (and to discuss) the ways in which they are being used by those whose intentions go beyond just communication. I must admit that I was also a little worried that posting this article might bring the Eye of Sauron down on the blog. However every piece of information Abdo has written about here is freely available elsewhere on the internet. Some of it is available only because of wikileaks, but much of it is even openly available on websites owned and operated by the companies Abdo discusses below.]


The information and telecommunication (ICT) industry has changed the way we connect and interact with each other. In this highly competitive market companies are aggressively seeking to develop new strategies to increase their revenues.

Not everyone is aware of the degree with which these communication tools are being used for privacy control, let alone what the consequences will be. Over the last decade it has stopped being a taboo (especially after 9/11) for data filtration to be used by the Government in security regulations and by corporations to help with aggressive marketing campaigns.

This segment of the IT market, defined as cyber espionage, has proved to be lucrative. Companies of this niche market are developing software that can access information flowing across the globe. Irrespective of whether the companies are start-ups or are well established in this market, their core business is making it possible for the Government, or private firms, to retrieve and analyse various types of sensitive information from individual citizens.

The information retrieved ranges from less sensitive elements such as document IDs to much more sensitive information such as clinical files.

The following are some examples of companies inhabiting this market niche:

Hacking Team: The product Cyber Spy is the most modern and powerful Trojan horse offered in the market. It has been built by Hacking Team, an IT company from Milan, which lends this software for an annual fee of €200,000. This ‘cybernetic commando’ is a 007 that can be slipped into your laptop, or your smartphone. It then turns them both into spying devices. It can record all of the device’s movements and extract personal data from emails, call logs, text messages, passwords and website browsing history. It can also activate the device’s microphone in order to record conversations and transfer the recording without its user noticing. It can even manage and control both the device’s photo camera and its video camera.

Ultimaco: The German company Ultimaco has developed a product which can track mobile calls, landline calls and skype calls in order to store them (as well as other internet traffic) in databases which can record up to 100,000 entries per second. Data which has been stored can later be analysed in order to isolate and retrieve specific information. This type of activity can only be authorized by secret services.

Glimmerglass: Espionage technology is not only able to track telephone calls and emails it can also track information travelling across optical networks. This is offered by the American company Glimmerglass, which is developing systems for the United States Secret Services and has partnered with the Italian company Resi (a subsidiary of Aprilia).

Agnitio: The Spanish company Agnitio has developed software that is able to send text messages that appear to come from any personal mobile number. Even more surprising, it can clone telephone calls. Furthermore, this software is capable of rephrasing a sent text message before it has actually been received at the other end. This is developed so that authorities can set traps to locate a person that is being searched for. It is also possible to deviate a phone call towards a different person without the caller noticing.

Expert System: The Italian company Expert System, headquartered in Modena, has recently opened offices in Washington D.C., London and Chicago. It delivers its technology to the Pentagon and the United States Secret Services. The company has developed a product for the cyber espionage market called Cogito. Cogito can search, isolate and analyse words exchanged over the web, either by email or messaging. It can also translate each word and search for correlations between them.

Because it has proven to be so profitable, new technologies have provoked software developers to seek to get a share of the espionage market. As a result, communication tracking has been relocated inside the web.

The web provides access to a wealth of information. And now, with the new generation of smartphones, it also brings the prospect of tracking GPS locations and using this to spot trends in behaviour. To get a rough idea of the amount of data available, every minute: 168 million emails are sent, 370 thousand Skype calls are made, 98 thousand tweets are tweeted, 700 thousand Google searches are made, 1500 new blog posts (1501 with this one) are posted, and 600 new videos are uploaded on YouTube. It is a storm of information which speaks about what we do, our routine, our friends, flights we book, presents we buy and emotions we share. All of our daily needs are digitalised; hence, they can also be stolen. Before 9/11 there were few people working in this sector, with very limited capabilities. Today, business revenues from this market are in the range of billions of USD. This proves that it is worthwhile to develop pieces of software for this market, which supports the desires of private corporations and governments.

About the author

Abdo Binmadhi graduated in Political Science at Bologna University and has a Masters degree in Geopolitics, Territory and Security from King's College London. He has specialised as an analyst of civil security markets.


  1. Initially I was quite reluctant to post this. Firstly, I was unsure whether everything Abdo had written was true, or just speculation. Secondly I also wasn't sure whether I wanted the blog to become known as some sort of whistleblower blog, rattling our sabers at world governments, etc. I don't necessarily have anything against such blogs, but I like to think that here we have a somewhat particular and important focus and I wouldn't want our readers being distracted from that message.

    However, what struck me when I started checking whether these fears were justified by demanding links from Abdo to prove his assertions was just how open all of this is. That governments can legally install a Trojan horse on your smartphone and record your conversations with it, is not, apparently, a secret. In fact, the Hacking Team website linked to in the post goes out of its way to brag about this capability. A similar reality is there for Agnitio, its website, and the call/text message interception it advertises.

    That is quite striking to me. An intriguing (and frightening) question is who else are the companies selling their products too?

  2. This is well researched and important.

    Thanks for good writing and information.


  3. Thank you Jim for quoting our article in your Blog (, and thank you Shaun for the credits. I must admit that we spent weeks working on this topic, adding the fact that Shaun was Located in New Zealand and I was located in Italy during the reviewing and editing part. We had to manage our 12 hour time zone difference in order to have the work done before its deadline. Having mentioned this, I want to thank again the Blog Admins (Shaun, Michelle and James) for giving me the opportunity to post this article and specially Shaun for the help and support given through the complex editing process.