Newly leaked emails published by WikiLeaks show that Australian law enforcement and intelligence agencies held secret talks with Italy-based surveillance company Hacking Team, notorious for selling its services to authoritarian governments.
The emails, leaked Sunday and posted as a searchable database by WikiLeaks on Thursday, show that representatives from the Australian Security Intelligence Organization, the Australian Federal Police, the Northern Territory and New South Wales police departments, and Victoria-headquartered anti-corruption watchdog Independent Broad-based Anti-corruption Commission (IBAC) were in secret negotiations with Hacking Team's representatives.
The Milan company has been condemned by security experts and nonprofit organizations for its role in supplying software and services to authoritarian, repressive regimes like Sudan, Egypt, Ethiopia and several U.S. agencies. International rights group Reporters Without Borders lists the company as an "Enemy of The Internet."
Hacking Team's flagship program, Remote Control System (RCS), installs malicious software on a target's phone or computer that can be used to remotely monitor audio or video data. The company's promotional material says the product is "totally invisible to the target" and can "defeat encryption," according to ABC.
One of the leaked emails showed that IBAC was mulling AU$500,000 ($373,000) contract for surveillance software as little as two weeks ago. IBAC was reportedly given a demonstration of the RCS in May.
"I work for an integrity agency in Victoria, Australia and I'm currently focused on increasing our capabilities for fight crime within our jurisdiction," IBAC team leader Nathan Bulow said in a 2011 email, according to the Australian. "I have been conducting research on a number of hardware and software options which can assist in enhancing our flexibility. Our preference is to deal with representatives in Australia who can facilitate electronic and face to face discussions as required. Do you have any representative based in Australia?"
Hacking Team came under scrutiny on Sunday after a massive online leak of 400GB data containing internal memos, source code and email communications. The source code for several of their exploits and surveillance programs was also posted to code-hosting site GitHub.
The day after the code was posted as a torrent, Hacking Team member Christian Pozzi refuted the leaks, claiming that most of the information was false and malicious. "Don't believe everything you see. Most of what the attackers are claiming is simply not true. ... The attackers are spreading a lot of lies about our company that is simply not true. The torrent contains a virus," he said, according to CSO Online.
Technology website Motherboard also reported that Hacking Team has emailed all its customers and requested that they stop using RCS, sold under the name Galileo.