The US government has been able to secretly spy on its citizens through their computer’s webcams for several years, it has been revealed.
Their usage of remote administration tools (RATs) comes to light as the world’s most powerful technology firms call on Barack Obama to curb government spying on internet users.
A new report on FBI surveillance techniques has revealed some interesting details on the hacks the Bureau is using to keep tabs on suspected criminals. Published in the Washington Post, the story covers the search for a man known as ‘Mo’ who is alleged to have made several bomb threats to authorities.
In the article, Marcus Thomas, who used to work at the FBI’s Operational Technology Division, admits that FBI software can covertly enable a laptop’s webcam without triggering a warning light. This kind of secret surveillance is only used in terrorism cases or the “most serious” criminal investigations said Thomas.
According to the report, the Federal Bureau of Investigation often attempts to install malware by targeting the email addresses of those who are under investigation. Essentially, law enforcement agencies are using the same phishing techniques as spammers pushing medication supplies or looking to get into your social media accounts.
“We have transitioned into a world where law enforcement is hacking into people’s computers, and we have never had public debate,” Christopher Soghoian, principal technologist for the American Civil Liberties Union, told the Post. “Judges are having to make up these powers as they go along.”
Among the other software utilized by the FBI is a diagnostics program that can produce a detailed breakdown of a user’s computer configuration and installed applications. Another tool can be transmitted over the Web as soon as someone signs into a particular email address that has been identified for investigation. Emails, documents and photos can all be downloaded covertly. In each case, the FBI must apply to a federal magistrate for permission to monitor a particular individual.
Earlier this year, tech site Arstechnica revealed that one of the ‘slave forums’ had 23 million total posts, where ‘ratters’ boasted about their ‘slaves’ posting pictures, mainly of women, unaware that they were being watched.
The FBI team use the same technique as ratters, by infecting the computer with a malicious software – ‘malware – through phishing.
“You can’t just go on a fishing expedition,” said law professor Laura K. Donohue in the Post’s article. “There needs to be a nexus between the crime being alleged and the material to be seized. What they are doing [in the case of ‘Mo’], though, is collecting everything.”
By sending an email with a link, which could be to a website, an image or a video, the user is tricked into downloading a small piece of software onto their machine.
Once installed, the malware allows the FBI to take control of the computer and the webcam at any time, working similarly to the system large corporations use to update software and fix IT problems.
‘We have transitioned into a world where law enforcement is hacking into people’s computers, and we have never had public debate,’ Christopher Soghoian, principal technologist for the American Civil Liberties Union told the Post.
‘Judges are having to make up these powers as they go along.’
CEO’s of Apple, Facebook, Google, AOL, LinkedIn, Microsoft, Twitter and Yahoo united to call on the US government to cease online spying on its citizens.
The open letter to the President and Congress reads: ‘We understand that governments have a duty to protect their citizens. But this summer’s revelations highlighted the urgent need to reform government surveillance practices worldwide.
‘The balance in many countries has tipped too far in favor of the state and away from the rights of the individual – rights that are enshrined in our Constitution. This undermines the freedoms we all cherish. It’s time for change.
The rare show of unity by usually fierce competitors is seen as a reflection of the damage in public confidence inflicted by leaks from Edward Snowden, the former NSA contractor-turned-whistleblower.
Earlier this year he revealed how U.S. and British spy agencies were able to harvest huge amounts of data – including emails and search history – on millions of people by tapping into internet servers.