EspañolOn Sunday, July 5, hackers infiltrated the Italian information-technology company Hacking Team (HT), which sells offensive intrusion and surveillance software to government clients all over the world. The data breach revealed 400 gigabytes worth of company documents, emails, and invoices — many of them billed to Latin-American governments, including Ecuador.
According to the leaked records, the National Intelligence Secretariat of Ecuador (SENAIN) has been on Hacking Team’s client list since 2013. The documents show President Rafael Correa’s government paid more than half a million dollars for the company’s Remote Control System surveillance software, which cost another US$75,000 annually for maintenance.
The software’s features, which can be adapted according to client needs, include services like the covert collection of emails, texts, and phone calls, keystroke logging, and hijacking cellphone GPS systems, among other functions.
The SENAIN’s contract with Hacking Team was set to end October 2016, and listed 10 individuals as surveillance targets.
One of the first Ecuadorian media outlets to report the breach was Gkillcity, in which Andrew Delgado explains the company’s activities and its involvement with the SENAIN.
“In coming weeks, perhaps, it will be possible to show the extent of the work performed by the SENAIN with Remote Control System. If the Intelligence Secretariat had truly outsourced operations to Hacking Team — rather than using their own trained personnel to own perform the attacks — the names of those targeted by the agency will probably become known,” Delgado wrote.
Buen día, gente solía leernos.
Los enemigos de Internet son poderosos pero no tanto como ellos creen.
— GkillCity.com (@GkillCitycom) July 9, 2015
“Good morning, readers. The enemies of the internet are powerful, but not as much as they think. We’ll be back.”
After the article was published, web administrators reported that the site had been attacked and taken offline, and that their Twitter account had been deleted.
According to their report, leaked email messages demonstrate Hacking Team entrusted employees Alex Velasco and Eduardo Pardo with overseeing negotiations with the Ecuadorian government for a new surveillance project called “Galileo.” Their middleman was Karel Coors, honorary Dutch consul in Quito.
Coors brought them together in late June to develop a monitoring system for social networks, this time on behalf of the Ministry of the Interior. Negotiations progressed, and the company, the Attorney General’s Office, and the National Police signed a confidentiality agreement.
A questionnaire shared by Plan V details the Ecuadorian government’s requirements for the Galileo Project software, including its request for simultaneous control over 500 devices or social-network users on Windows, Mac OS, Linux, Android, and iOS platforms. The questionnaire also lists the name of the public entity in charge of this project as the “Electronic Technology Research Subsystem.”
As for apps, it mentions Facebook, Twitter, Skype, WhatsApp, Line, and Telegram. All of this with the aim of establishing a National Monitoring Center. A meeting had been scheduled for Thursday, July 9, between government officials and Hacking Team to discuss progress on the project.
Meanwhile, the Milhojas Foundation published an article revealing the existence of clandestine SENAIN offices in the Ecuadorian capital
— Fundación Mil Hojas (@fmilhojas) July 8, 2015
“Hacking Team invoice for SENAIN via Robotec (Theola). Total: €610,000.”
“The Intelligence Secretariat facilities look nothing like those of the NSA, but here in Ecuador, they are second to none,” the report notes. “Located in Lumbisí on a small hill on Eloy Alfaro Avenue, surrounded by trees and the Auqui Chico brook, the facilities house information and espionage equipment for the government. It is from this location that the ministry, headed by former Lt. Colonel Rommy Vallejo Vallejo, watches over alleged ‘conspirators.'”
According to the article, this unmarked 34,000 square-meter “fort” operates 24 hours a day, housing equipment with state-of-the-art technology used to carefully analyze the huge amounts of data it receives on a daily basis. The article explains that the property was seized from businessman William Isaiah Dassum in 2008, then acquired in 2010 by the National Ministry of Science and Technology (SENACYT). It is unknown, however, how it ended up in the hands of the SENAIN.
As with Plan V and Gkillcity, the Milhojas website was attacked five minutes after their article was publicized on social-media networks. Each website suffered a DDoS attack, and remained offline for an average of 24 hours. Local Ecuadorian authorities have yet to comment on the case.
Meanwhile, Focus Ecuador published an article on July 8 regarding an email from Velasco to fellow Hacking Team employee Daniel Martínez. The email listed seven phone numbers belonging to Ecuadorian opposition leaders, including Congressman Andrés Páez, Lourdes Tibán, and Luis Fernando Torres, all presumably under surveillance by the Rafael Correa administration.
Hacking Team’s Poor Reputation
Hacking Team, based in Milan, was founded in 2003 by Alberto Ornaghi and Marco Valleri. Its current CEO is David Vincenzetti. In 2013, Reporters Without Borders formally branded the company an “enemy of the internet” for marketing their software to authoritarian regimes that violate human rights.
Hacking Team’s biggest client in the Americas was the government of Mexico, following by Chile, the United States, Panama, and Ecuador. Last March, Citizen Lab sent an open letter to Vincenzetti explaining his concern over the potential for abuse of his company’s technology to threaten the security of journalists and human-rights activists across the globe.