The FBI is terrified of hackers, so it avoids them at all costs, unless of course the agency needs to buy some nifty cyber surveillance tools.
Intel agents have been buying sophisticated “hacking” surveillance tools from mercenary hacker organisations in order to surveil American citizens, and sometimes their ideas are not always legal, reports Jennifer Valentino-Devries and Danny Yadron of the WSJ.
[Christopher Soghoian, principal technologist at the American Civil Liberties Union], who is presenting on the topic Friday at the DefCon hacking conference in Las Vegas, said information about the practice is slipping out as a small industry has emerged to sell hacking tools to law enforcement. He has found posts and resumes on social networks in which people discuss their work at private companies helping the FBI with surveillance.
The FBI employs a number of hackers who write custom surveillance software, and also buys software from the private sector, former U.S. officials said.
As we’ve covered a few times, mercenary hackers and hacking firms have sprung up around the globe. They sell zero-day exploits — computer hacks that no one has identified publicly yet — to private companies and now even government agencies.
The WSJ even mentions an Italy-based company of the sort. Internet dissident and cyber-minded journalist Barret Brown referred to the partnerships as the “cyber industrial complex.”
In a recent interview, Professor Peter Ludlow, an Internet culture expert and professor of philosophy at Northwestern University, told Business Insider that the companies subsidizing this type of cyber surveillance are fueling the cyber arms race in potentially disastrous ways.
Once a zero-day exploit is “out in the wild,” he explained, it’s like a virus, other hackers can ‘mutate’ — study, copy, or alter it and it could come back on the creator.
“The whole internet has become Beirut, or Afghanistan, the whole thing is a war zone, basically being fuelled by nation states giving money to people who develop these kinds of exploits,” said Ludlow.
Since zero-days are getting so expensive, and potentially invasive and questionable surveillance activities are all the rage lately, the WSJ reports that the FBI “is loath to use these tools when investigating hackers, out of fear the suspect will discover and publicize the technique.”
They point out that a Texas judge recently ruled against FBI software used to”extract files and covertly take photos using a computer’s camera” because he was worried that “innocent people” might become targets for surveillance.
Business Insider Emails & Alerts
Site highlights each day to your inbox.