This report outlines an extensive US nexus for a network of servers forming part of the collection infrastructure of Hacking Team’s Remote Control System. The network, which includes data centers across the US, is used to obscure government clients of Hacking Team. It is used by at least 10 countries ranging from Azerbaijan and Uzbekistan to Korea, Poland and Ethiopia. In addition we highlight an intriguing US-only Hacking Team circuit.

Citizen Lab’s Bill Marczak helped Privacy International scan Ethiopian refugee Tadesse Biru Kersmo’s computer, and they found traces that showed FinSpy had been operating in June 2012 over two days while he was in the UK.

Christopher Bronk, a senior fellow at the Canada Centre for Global Security Studies, has authored a report on cybersecurity threats to the US’s energy industry and infrastructure.

Citizen Lab is one of seven nonprofit organizations around the world to receive the 2014 MacArthur Award for Creative and Effective Institutions.

A new Citizen Lab report has found that Canada-based Netsweeper filtering products have been identified on three ISPs in Somalia.

This report maps out covert surveillance networks of “proxy servers” used to launder data that RCS exfiltrates from infected computers, through third countries, to an “endpoint,” which we believe represents the spyware’s government operator.

This post is the second in a series of posts that focus on the global proliferation and use of Hacking Team’s RCS spyware, which is sold exclusively to governments.

Our latest report identified three instances where Ethiopian journalist group ESAT was targeted with spyware in the space of two hours by a single attacker. In each case, the spyware appeared to be RCS (Remote Control System), which is programmed and sold exclusively to governments by Milan-based Hacking Team.

Canadians should demand more from government in reigning in electronic spying and cyber-policing. But we should also, as citizens, subscribers, and users, demand more from our internet and telecommunication service providers.

In this report, we identified three instances where Ethiopian journalist group ESAT was targeted with spyware in the space of two hours by a single attacker. In each case the spyware appeared to be RCS (Remote Control System), programmed and sold exclusively to governments by Milan-based Hacking Team.