In a Wikileaks media release on 15 September, a Singapore company is named as one of several which have allegedly purchased “weaponised German surveillance malware” for use.
The products are apparently provided by FinFisher, which Wikileaks described as a “company that produces and sells computer intrusion systems, software exploits and remote monitoring systems that are capable of intercepting communications and data from OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Mobile devices.”
Wikileaks, which is led by Julian Assange, says the malware is “used by intelligence agencies around the world to spy on journalists, political dissidents and others.”
Mr Assange, WikiLeaks Editor in Chief, said:
“FinFisher continues to operate brazenly from Germany selling weaponised surveillance malware to some of the most abusive regimes in the world. The Merkel government pretends to be concerned about privacy, but its actions speak otherwise. Why does the Merkel government continue to protect FinFisher? This full data release will help the technical community build tools to protect people from FinFisher including by tracking down its command and control centers.”
FinFisher is also a subsidiary of the Gamma group which, it says, “provides advanced technical surveillance and monitoring solutions and international consultancy to National and State Intelligence Departments and Law Enforcement Agencies.”
According to Reporters Without Borders (RWB), “Gamma has offices and subsidiaries in the United Kingdom, including the Channel Islands, and Germany, but also in Southeast Asia and the Middle East.”
RWB says “Gamma International sells interception equipment to government and law enforcement agencies exclusively.”
“Its FinFisher Suite (which includes Trojans to infect PCs, mobile phones, other consumer electronics and servers, as well as technical consulting) is regarded as one of the most advanced in today’s market,” RWB says.
It gave examples of how governments use FinFisher spyware products to monitor activities.
“A computer or smartphone is remotely infected by a Trojan, which is then controlled by government agencies through command and control servers. A computer can be infected via false update notifications of software, malicious emails or through physical access to a machine. Finfisher also offers technology to infect an entire Internet cafe in order to survey all possible users. When installed, it is almost impossible to safely remove the Trojan. Also, there are no safe ways to circumvent Finfisher on an infected machine.”
According to other online sources:
“FinFisher malware is installed in various ways, including fake software updates, emails with fake attachments, and security flaws in popular software. Sometimes the surveillance suite is installed after the target accepts installation of a fake update to commonly used software. Code which will install the malware has also been detected in emails. The software, which is designed to evade detection by antivirus software, has versions which work on mobile phones of all major brands.”
The Singapore company which is said to have purchased the products is apparently PCS Security Pte Ltd, which was incorporated in 1998, and headed by five Singaporeans.
On its website, PCS says it prides itself “in delivering value-added systems with our domain expertise and experience in Homeland Security and Infocomm Security.”
“We have the expertise and capability to deliver cutting-edge technology solutions for our Customers in the Government, trade and the commercial sector,” it said.
Some of the software licences which PCS Security Pte Ltd has apparently purchased include FinSpy, FinIntrusion, and FinUSB Suite.
According to official records, PCS Security Pte Ltd itself is fully owned by another outfit – the Phoenix Co-operative Society.
However, not much is known about the co-operative except that it has an office at the Trade Hub in Boon Lay Way, and owns all the shares of PCS Security Pte Ltd.
In 2010, Phoenix Co-operative Society was one of two co-operatives which were given an exemption under the Co-operative Societies Act. The other was the Singapore Police Co-operative Society Limited.
It is unclear what exactly the exemption for PCS Security Pte Ltd was for.
According to Wikileaks, PCS Security Pte Ltd apparently spent some 3,166,560 euros (around 5.1 million Singapore dollars) in 2012 on the licences for the malware products.
Based on the licenses which were purchased by PCS Security Pte Ltd, up to 500 target computers can be monitored using the spying system, recording the online activities of the user as well as logging all usernames and passwords. Installation of the spying system can be easy as just plugging a USB stick into the computer with little or no technical knowledge.
Perhaps a more sinister product purchased is the FinIntrusion which allows agents using the software to record all accounts logged in to public wi-fi access networks such as in hotel lobbies, libraries, etc.
In recent months, the Singapore government has been reinforcing its cyber security capabilities.
In August, the Singapore government announced the setting up of a Cyber Watch Centre which it said will give the government “wider detection capabilities”.
“This upgrade will allow us to better monitor government websites and inspect if there are malicious activities, which could affect access to online public services,” Communications and Information Minister, Yaacob Ibrahim, said then.
At the same time, the government also said it was creating “a Monitoring and Operations Control Centre to help the Government guard against, and respond swiftly, to security threats.” (CNA)
Dr Yaacob was reported as saying that the centre “will provide the government with a full suite of capabilities to guard against security threats and respond to them in a timely manner.”
It is unclear if the products purchased by PCS Security Pte Ltd are legal, or are for use for its work with the Singapore government; and what exactly is it that the Phoenix Co-operative Society does.
The Online Citizen has written to the police for clarification on the legality of the reported purchases by PCS Security Pte Ltd.