Cyberpoint International, a computer security startup based in Baltimore, has been celebrated by Maryland politicians as a positive force in the community, invited to join U.S. trade missions in Poland and Romania, and even won a special export license from the State Department to advise the United Arab Emirates. As the Washington Post reported, the license was granted to develop defensive cybersecurity capabilities.
So why is Cyberpoint listed as a “partner” to Hacking Team, the Italian company under fire for selling spyware used by repressive regimes across the world?
On Sunday, anonymous hackers published nearly 400 gigabytes of internal documents obtained from Hacking Team computers, revealing emails, product information and business development slides.
The document dump includes lists of client information, including an Excel file that appears to show that Cyberpoint was the partner used to sell Hacking Team spyware to the United Arab Emirates. The firm began selling to the UAE in 2011 and has earned at least $634,500 in revenue from the relationship. The UAE paid an annual maintenance fee through January of this year.
Cyberpoint’s point of contact with Hacking Team is “email@example.com,” according to the client document.
Hacking Team’s marquee product, Remote Control System, can be deployed using exploits to a target’s computer or cell phone, with the ability to track an individual’s movements, log their keystrokes, and even activate their computer camera.
The UAE government appears to have used Hacking Team’s products to spy on pro-democracy activists. At least one activist who was tracked using Hacking Team software was later beaten by a group of thugs.
The client list also includes several other partner firms used to resell Hacking Team spyware. Kazakhstan, Azerbaijan, Singapore, Oman, Saudi Arabia, Uzbekistan, Bahrain, Ethiopia, Nigeria, Sudan, Honduras and the United States government are among other clients of the firm.
Cyberpoint has represented itself as a strictly defensive firm. Cyberpoint serves a “broad array of commercial, U.S. Federal Government and international customers” to “defend their critical systems and infrastructure from advanced exploitation techniques and the kinds of sophisticated threats where commodity solutions are inadequate,” the firm wrote in a letter to the Department of Justice last year.
The company has also been a player in politics. Then-Governor Martin O’Malley, a Democrat, held a press event in Cyberpoint’s office in 2010 to encourage Maryland firms to apply for a business tax credit. In 2014, Cyberpoint contributed to a coalition lobbying effort to help pass the Cybersecurity Information Sharing Act, controversial legislation designed to increase information sharing between corporations, the National Security Agency and other government agencies. The firm has won contracts with the Department of Homeland Security, the Department of Defense and the U.S. Navy.
But Cyberpoint appears to have a particular interest in the UAE. “Exciting career challenges await you in the United Arab Emirates’ Abu Dhabi, a modern, vibrant city on the Arabian Gulf,” beckons an entire section of the Cyberpoint website touting its business interests in the Persian Gulf nation.
Paladin Capital Group, a private equity firm that has invested repeatedly in startup NSA contractors, partnered with the UAE sovereign wealth fund Mubadala ICT to invest in Cyberpoint. According to reports, Cyberpoint trains analysts with the Electronic Security Authority, the Emirati intelligence agency. Richard Clarke, the former national security adviser to President George W. Bush, reportedly helped secure the Abu Dhabi contract.
I reached out to Cyberpoint and will update this post if they return my request for comment.
(This post is from our blog: Unofficial Sources.)
Photo: Emirati and other officials visit the International Defence Exhibition and Conference, IDEX, in Abu Dhabi, United Arab Emirates, Sunday, Feb. 22, 2015. (Kamran Jebreili/AP)
Update: Clarified that Hacking Team documents were released on Sunday, not necessarily hacked on Sunday. July 7 1:10 pm ET.