- The Washington Times - Monday, April 25, 2011

Egyptian anti-regime activists found a startling document last month during a raid inside the headquarters of the country’s state security service: A British company offered to sell a program that security experts say could infect dissidents’ computers and gain access to their email and other communications.

The discovery highlights the emerging market of Western companies that sell software to security services from the Middle East to China to spy on the kinds of social media activists who recently toppled regimes in Egypt and Tunisia.

Amid the scattered papers, interrogation devices and random furniture found during the raid, the activists uncovered a proposed contract dated June 29 from the British company Gamma International that promised to provide access to Gmail, Skype, Hotmail and Yahoo conversations and exchanges on computers targeted by the Interior Ministry of ousted President Hosni Mubarak.

The proposal from Gamma International was posted online by Cairo physician Mostafa Hussein, a blogger who was among the activists who seized the ministry’s documents.

“It is important evidence of the intent of the state security and investigation division not to respect our privacy,” Mr. Hussein said.

**FILE** Former Egyptian President Hosni Mubarak (Associated Press)
**FILE** Former Egyptian President Hosni Mubarak (Associated Press) more >

“This proposal was sent to a notorious department known for torture, spying on citizens to help Mubarak’s regime,” Mr. Hussein said, referring to the State Security Investigations Service. “The company Gamma, I consider them to be partners in the crime of trying to invade our privacy and arrest activists.”

The document was then noticed by a top cybersecurity company called F:Secure, which placed on its website the scanned proposal for the software, called FinFisher.

The Gamma document exemplifies a new commercial market involving private companies who sell malicious software or malware that provides “back door” or remote access to computers without being detected by the machine’s user.

Sometimes called worms, this kind of computer software-based attacker had been used mainly by government intelligence agencies and organized crime groups as well as private hackers.

Today, malware increasingly is sold by security firms to governments and law enforcement agencies seeking to track not just criminals but also political dissidents.

“No longer do activists against repressive regimes have to only worry about Web censorship. Today they must worry about something far more insidious and hard to detect, malware that is coming from Western companies in countries that promote freedom and democracy,” said Robert Guerra, project director of Freedom House’s Internet freedom program.

According to Gamma’s promotional literature, the FinFisher software is capable of “remote monitoring and infection solutions” that can provide “full access to stored information with the ability to take control of” the targeted computer, including the ability to “captur[e] encrypted data and communication.”

The worm attack entices the targeted computer user, such as an Egyptian blogger, to unwittingly download the malware through a thumb drive, or another seemingly harmless download such as a video game or piece of digital music.

Then, without the user knowing, the software sets up a hidden remote access point that would let the attacker — in this case, Egypt’s security services — to acquire information including the user’s social media passwords and the files stored on a hard drive.

Peter Lloyd, an attorney for Gamma International, told The Washington Times that the company never sold the FinFisher software to the Egyptian security ministry.

Story Continues →