In July, Simone Margaritelli, an Italian security researcher, boarded a Boeing 777 in Rome headed for Dubai, a city now billing itself as a tech startup hub.
He had a big job interview with a new, well-funded cybersecurity company called DarkMatter, whose self-described mission is to “safeguard the most complex organizations,” from government to the private sector, by preventing and fighting malicious cyberattacks and providing secure methods of communication — defensive cybersecurity, rather than offensive, which involves breaking into online systems and devices for espionage or destruction.
A friend of a friend had recommended Margaritelli, who was invited to spend five days in the United Arab Emirates at the company’s expense to learn more about the job. When he arrived in Dubai, the City of Gold, he found a full schedule of outings and a deluxe suite at the Jannah Marina Bay Suites hotel.
Margaritelli used to be a “blackhat” — a hacker looking to break into electronic systems. Now he works for a mobile security firm called Zimperium, where he still hunts for security flaws but does so to help people fix them. I “break stuff to make the world a safer place,” his website reads. He’s most well known for a portable tool he developed called Bettercap, used to perform a man-in-the-middle attack, where a hacker can eavesdrop or sometimes alter private communications between individuals.
When he arrived at the 29th floor of the Marina Plaza for his interview, the company representative described a plan to deploy electronic probes all over major cities in the UAE, which a team of hackers would then break into, guaranteeing access for DarkMatter and its customer — the Emirati government. The mission would be for the “exclusive” benefit of national security, Margaritelli was told. “Imagine that there’s a person of interest at the Dubai Mall, we’ve already set up all our probes all over the city, we press a button and BOOM! All the devices in the mall are infected and traceable,” Margaritelli wrote in a blog post recounting his experience.
Italian security researcher Simone Margaritelli.
Photo: Matteo Flora
Margaritelli declined to pursue the job offer. After his post, titled “How the United Arab Emirates Intelligence Tried to Hire Me to Spy on Its People,” began circulating, DarkMatter issued a single terse Twitter reply. The company said it preferred “talking reality & not fantasy.”
“No one from DarkMatter or its subsidiaries have ever interviewed Mr. Margaritelli,” Kevin Healy, director of communications for DarkMatter, wrote in an email to The Intercept. The man Margaritelli says interviewed him, Healy continued, was only an advisory consultant to DarkMatter — and that relationship has since ended (though several sources say he was employed by the company and had a DarkMatter email address).
“While we respect an author’s right to express a personal opinion, we do not view the content in question as credible, and therefore have no further comment,” Healy wrote.
DarkMatter denied outright Margaritelli’s assertions that it was recruiting hackers to research offensive security techniques. “Neither DarkMatter – nor any subsidiary, subset, research wing, or advisory department—engage in the activities described,” Healy wrote. “We conduct rigorous testing on all our products to ensure they do not include any vulnerabilities.”
Indeed, the idea of a UAE-based company recruiting an army of cyberwarriors from abroad to conduct mass surveillance aimed at the country’s own citizens may sound like something out of a bad Bond movie, but based on several months of interviews and research conducted by The Intercept, it appears DarkMatter has been doing precisely that.
Most of those who spoke with The Intercept asked to remain anonymous, citing nondisclosure agreements, fear of potential political persecution in the UAE, professional reprisals, and loss of current and future employment opportunities. Those quoted anonymously were speaking about events based on their direct experience with DarkMatter.
Margaritelli isn’t the only one who insists that DarkMatter isn’t being truthful about its operations and recruitment. More than five sources with knowledge of different parts of the company told The Intercept that sometime after its public debut last November, DarkMatter or a subsidiary began aggressively seeking skilled hackers, including some from the United States, to help it accomplish a wide range of offensive cybersecurity goals. Its work is aimed at exploiting hardware probes installed across major cities for surveillance, hunting down never-before-seen vulnerabilities in software, and building stealth malware implants to track, locate, and hack basically any person at any time in the UAE, several sources explained. As Margaritelli described it in an email to me, “Basically it’s big brother on steroids.”
Photo: Expotrade
DarkMatter made its public debut when the CEO, Faisal Al Bannai, gave a keynote speech surrounded by government officials, engineers, and businesspeople at the 2nd Annual Arab Future Cities Summit in Dubai. DarkMatter launched its portfolio of cybersecurity products as a “digital defense and intelligence service” for the nation. Al Bannai’s speech and DarkMatter marketing materials were peppered with buzzwords like cyber network defense and secure communications. Following its launch, the company routinely boasted, online and during conferences and radio interviews, about its would-be world-changing defensive cybersecurity missions, including developing its own encryption platforms and potentially secure phones in house, defending national and corporate networks, bug-sweeping and countersurveillance, and more, all under a single umbrella.
Local tech blogs praised the company and celebrated its connection to the UAE government. They described DarkMatter as a savior to UAE businesses and institutions at constant threat of cyber intrusion, citing attacks against several banks in 2015 that temporarily crippled the country’s online banking infrastructure.
Soon, DarkMatter had hired a roster of top-level talent from major tech giants around the world, including Google, Samsung, Qualcomm, McAfee, and even a co-founder of the encrypted messaging service Wickr. The new star-studded squad traveled to conferences like San Francisco’s annual RSA summit, appearing on radio and TV shows along the way. They rolled out a secure voice and chat application, partnered up with Symantec to improve digital threat detection in the Middle East, and opened a research and development center in Canada, as well as offices in China.
But sometime last year, a segment of the company’s mandate grew from providing defense and forensics research to developing a powerful team capable of cyber offense, multiple sources tell The Intercept. According to one source, DarkMatter’s newfound interest in offensive operations coincided with revelations contained in leaked emails that the Italian company Hacking Team had sold surveillance equipment to a large number of repressive regimes. Out of Hacking Team’s ashes, DarkMatter rose.
While cybersecurity companies traditionally aim to ensure that the code in software and hardware is free of flaws — mistakes that malicious hackers can take advantage of — DarkMatter, according to sources familiar with the company’s activities, was trying to find and exploit these flaws in order to install malware. DarkMatter could take over a nearby surveillance camera or cellphone and basically do whatever it wanted with it — conduct surveillance, interfere with or change any electronic messages it emitted, or block the signals entirely.
DarkMatter CEO Faisal Al Bennai.
Photo: DarkMatter
It’s not clear that the company’s defensive employees have any idea; in fact, multiple sources suggested those projects are likely hidden from them. One source explained how company representatives tried to insist that the offensive research they were recruiting for would be conducted outside DarkMatter, with some sort of partner organization or offshoot. But several sources, Margaritelli included, said top leadership was directly involved in interviews and knew the truth.
DarkMatter’s spokesperson said the company is “privately held” and “does not receive any funding from the United Arab Emirates.”
There do, however, appear to be strong links between the company and the government. In press releases, the company identifies itself as “already a strategic partner to the UAE government,” and its offices are located on the 15th floor of the round Aldar Headquarters in Abu Dhabi, two floors away from the country’s intelligence agency, the National Electronic Security Authority. DarkMatter’s senior vice president of technology research used to hold the same position at NESA.
Photo: David Paul Morris/Bloomberg/Getty Images
By the early months of 2016, DarkMatter’s recruitment push was already well underway. The company’s publicly identifiable employees came from across the U.S. national security establishment. According to public LinkedIn profiles, one current DarkMatter employee was a global network exploitation analyst for the U.S. Department of Defense who “strategized activities against particular networks” and supported “foreign intelligence collection.” Another was a counterintelligence “special agent” for the Pentagon, whose LinkedIn boasts an “active” top-secret security clearance with a polygraph screening. Another experienced cryptographer working for DarkMatter was a senior technical adviser to the NSA, where he was intricately involved in designing “U.S. voice and data systems.”
But the company hasn’t been upfront about all the jobs it’s recruiting top talent for, Margaritelli and multiple other sources suggest. DarkMatter’s recruiters reached out to the information security community, promising high-paying, exciting jobs that would be focused on cyberdefense, according to more than a dozen security researchers interviewed by The Intercept, some of whom shared recruitment materials. A number of cybersecurity experts claimed on Twitter to have been contacted by recruiters, including Charlie Miller, an Uber security researcher and former NSA analyst; Chris Valasek, a noted car hacker who has teamed up with Miller; and Fabio Assolini, a security researcher for Kaspersky Labs.
One recruiting email reviewed by The Intercept offered a carefree, tax-free life in Dubai, with housing, meals, health care, children’s education, and transportation all provided free of charge. The email said the job was with a newly formed “public/private partnership” that would be the “Cyber Security provider for all UAE Government.” Another email said DarkMatter’s plan was to hire 250 “geniuses” before the end of 2016. One security researcher said DarkMatter recruiters had contacted him on LinkedIn five or six separate times.
Some potential recruits didn’t respond, but others were excited; the job offered the chance to innovate the cybersecurity of an entire nation. The lucrative payday also attracted them; according to one source, who requested anonymity fearing professional reprisal, some offers were as high as half a million dollars a year — a number similar to other offers shared with The Intercept.
According to a source familiar with the company, an American citizen named Victor Kouznetsov who splits his time between the U.S. and the Middle East was a key recruiter for DarkMatter in the United States.
A man answering a cellphone identified in public records as belonging to Kouznetsov insisted that he must have been contacted in error; he did not work for DarkMatter and his name was not Victor. When asked why his voicemail message gave his name as “Victor,” he hung up. Reached by The Intercept via email, Kouznetsov declined to answer questions. “As you can imagine my NDA with DarkMatter prevents me from disclosing exactly what I do for the company, but I could say that none of it is recruiting researchers in offensive security,” he wrote.
One recruiting email said DarkMatter’s plan was to hire 250 “geniuses” before the end of 2016.
Several researchers whom DarkMatter approached, including Margaritelli, confirmed they were specifically told they would be working on offensive operations. In Margaritelli’s case, he was informed the company wanted to install a set of probes around Dubai, including base transceiver stations — equipment that allows for wireless communication between a device and a network — wireless access points, drones, surveillance cameras, and more.
The probes could be installed by DarkMatter surreptitiously or facilitated by telecoms tacitly agreeing to the surveillance setup, and the company could attach an offensive implant directly onto the probes capable of intercepting and modifying digital traffic on IP, 2G, 3G, and 4G networks. Anyone with a cellphone or using a device to connect to a wireless network connected to one of the probes would be vulnerable to hacking and tracking.
As Margaritelli explained it, the software DarkMatter originally designed to penetrate the probes “does not scale well enough” and therefore couldn’t handle the massive amounts of traffic it would be intercepting — forcing the need for a second team of hackers to do the job. The company wanted him to help solve the problem.
Margaritelli’s account is the most revealing, but several other sources discussed similar projects proposed by DarkMatter, including researching and developing exploits for zero-day vulnerabilities, as well as deploying and developing some of the same stealth malware implants Margaritelli was asked to work on. DarkMatter asked one researcher, who has discovered and reported bugs to Facebook, Google, and other major technology companies, to use his vulnerability research “to allow them to have access on trusted domains.” Basically, he would find a flaw in a website that would allow DarkMatter to manipulate it to help spread malware to targets without being detected. The researcher, who spoke anonymously, said he refused, even after getting an offer for more money, because, in contrast to DarkMatter’s proposal, “what I’m doing is ethical hacking.”
But what two sources and several security researchers The Intercept consulted were most concerned about was DarkMatter’s plan to become a certificate authority. A certificate authority is a trusted third party, typically a company or official agency, that issues digital certificates — basically, electronic “passports” that verify a user’s identity and that software is legitimate.
Web traffic and code from Microsoft, Facebook, Mozilla, and others is trustworthy because the company digitally signs off on it. But DarkMatter, as a certificate authority, could pretend to be someone else and issue its own digital certificate. There are mechanisms in place to prevent this type of attack, called certificate pinning, but many sites don’t use those precautions — and they still might not prevent DarkMatter from signing code, such as for a software update, as someone else. In theory, the company could sign an anti-virus update that looked like it came from Kaspersky Labs, when in reality it is sending malicious code.
DarkMatter, according to one source, would be able to use its authority to sign its own rootkits — software tools that allow undetected and unauthorized access to computer systems — in order to carry out man-in-the-middle attacks. “This is huge,” the source said.
DarkMatter has a business unit dedicated to public key infrastructure “or national root certificates of trust for countries regionally and internationally,” Healy confirmed. “While DarkMatter is not a central [public key infrastructure] authority for the UAE, we currently provide consulting and management services and intend to launch our own commercial Certification services soon.”
While DarkMatter denied any plans to use its capabilities for cyber offense, if the company continues to develop secure messaging platforms, or hardware including its own phones, it would have access to all the internal schematics of those products: bug reports, security standards, and more. DarkMatter’s hackers could secretly take advantage of that information while its defensive staff works to fix the flaw and push an update to consumer devices, a process that can take years.
When asked about the possibility of selling its own phones, Healy wrote that DarkMatter is, in fact, considering developing hardware.
CyberPoint CEO Karl Gumtow gives a presentation at Abu Dhabi’s RSA conference on Nov. 4, 2015.
Photo: CyberPoint
Recruiting wasn’t the only way DarkMatter snapped up top offensive talent. Last winter, the company poached a large number of employees from an American company, a Baltimore startup called CyberPoint International, formally on contract with the Ministry of the Interior of the United Arab Emirates. CyberPoint, founded by CEO Karl Gumtow and his wife, Vicki, in 2009, billed itself as a defensive operation — protecting financial information, intellectual property, business records, and other forms of communications. It won multiple contracts with different parts of the U.S. government, including $6 million from the Pentagon’s Defense Advanced Research Projects Agency, and Gumtow was nominated last year for the Maryland region Entrepreneur of the Year award. News articles also listed CyberPoint as one of the companies that sent employees to the United Arab Emirates to train its intelligence agency, NESA, essentially the equivalent of the United States NSA.
But last summer, CyberPoint made headlines for teaming up with the Italian surveillance peddler Hacking Team, whose internal emails were leaked — revealing an extensive account of sales to repressive regimes. The leaked emails indicated that representatives from CyberPoint had worked with Hacking Team to facilitate the sale of what appeared to be surveillance equipment to the UAE government. Around the end of 2015, there was an internal struggle within CyberPoint over the UAE contract, five sources familiar with the company told The Intercept. Former CyberPoint employees spoke to The Intercept on the condition of anonymity out of fear of reprisal and concern for the safety of associates still living in the Emirates.
After the Hacking Team emails leaked in July, there were loud, angry meetings in CyberPoint offices — people deciding what to do now that their internal operations in the Middle East had been exposed to the world. As a result of those discussions, two things happened: A vast chunk of CyberPoint staff jumped ship to DarkMatter, which was already dangling massive yearly salaries and luxurious benefits. DarkMatter even helped some employees legally shift their state residency to South Dakota to get more lenient tax breaks while living overseas, according to one source. DarkMatter does not “comment on individual employment contracts,” Healy wrote to The Intercept. “In summary we abide by the law in our employment and operational activities in all the jurisdictions in which we operate.”
CyberPoint employees in the UAE who weren’t offered — or didn’t accept — jobs at DarkMatter weren’t promised contract extensions. CyberPoint sent out a notice in December, one former employee said, announcing two months’ notice on the contract. For some who left, it was a surprise, and they still aren’t totally sure what happened. Others suggested DarkMatter was only interested in the more technical staff. One source described the exodus of employees as more of a “hostile takeover” directed by the United Arab Emirates government — ending CyberPoint’s original UAE contract and offering positions within the country instead, to get engineers under its own roof.
DarkMatter confirmed that some CyberPoint employees joined the UAE company but said this was nothing extraordinary. “DarkMatter recruits talent from across the globe and currently has over 400 team members, some of whom joined us from CyberPoint. They now occupy a diverse set of duties and responsibilities across several departments,” Healy said.
According to Gumtow, CyberPoint’s CEO, the company has gone through “quite a few changes” since it pulled out of the UAE for good. He sent responses to questions submitted by The Intercept via LinkedIn messages. There are no longer any CyberPoint employees in the Emirates, and no part of the company was acquired or bought by DarkMatter or anyone else, he wrote. CyberPoint, Gumtow said, never contracted with DarkMatter.
Additionally, Gumtow clarified that CyberPoint isn’t in the business of developing “cyberweapons.” Instead, the company conducts “penetration tests and security assessments,” he wrote. “We use commercial and custom tools that are widely available all around the world.”
However, those same tools used for improving cyberdefense can be turned around to infect unsuspecting targets. Even if the intelligence community uses those tools lawfully to infect targeted systems during national security investigations, others can steal or adapt the code to hack unsuspecting journalists or activists. “The overlap between offense and defense is very large,” Nicholas Weaver, a security researcher at the International Computer Science Institute, wrote in an email to The Intercept. “Especially when it comes to network monitoring: The exact same tools can be used to monitor your network to detect attacks and monitor a network for bulk surveillance.”
CyberPoint International did “good work, maybe noble, in some cases,” one former employee said. But a small percentage of the work was “shady,” suggesting it involved offensive research against different online platforms.
Another source stated that research, development, and coding conducted within CyberPoint ended up being used for a targeted spyware attack on journalists and activists in the Emirates between 2012 and the present. The attack involved spyware sent through Twitter, spear-phishing emails, and a malicious URL shortening service. These types of attacks are familiar to Emirati human rights activist Ahmed Mansoor. He told The Intercept that he hasn’t encountered DarkMatter but was warned about the company recently by a friend, who told him, “They are doing the hacking for UAE security bodies.”
Emirati human rights activist Ahmed Mansoor speaks to journalists in Ajman, United Arab Emirates, on Aug. 25, 2016.
Photo: Jon Gambrell/AP
Security researchers nicknamed the hacking group behind the attack “Stealth Falcon.” The researchers noted that “circumstantial evidence suggests a link between Stealth Falcon and the UAE government,” based on “digital artifacts.”
Stealth Falcon attacked some UAE targets after CyberPoint left the UAE, and some employees who worked on the spyware or had access to it joined DarkMatter, according to the source, who said that not every instance of the malware attack has yet been detected. “There’s a lot that hasn’t been discovered,” the source said.
DarkMatter, Healy said, is not aware of Stealth Falcon or the offensive tools used to access journalists’ information. “As we have explained previously, we do not own or develop any cybersecurity solutions for offensive purposes.”
At one point in time, CyberPoint was essentially capable of penetrating millions of devices regardless of brand, given its awareness of vulnerabilities — undiscovered or unpatched — in software around the world, one source explained. Those included vulnerabilities in Tor Browser, Firefox, Internet Explorer, and Microsoft Office.
The United Arab Emirates appears to be hoping to create its own cyber offense team, another source explained. Those capabilities could include cyber network attack teams and cyber network exploitation teams, for disruptive cyberattacks to disable adversaries’ online resources, as well as for espionage and spying — capabilities being developed in governments worldwide with varying levels of oversight and restriction.
According to Ryan Duff, a security researcher and former cyber operations tactician for U.S. Cyber Command, computer network exploitation and computer network attacks are distinguished based on the purpose of the intrusion: intelligence collection versus destruction. Exploitation “basically means gaining access to a machine for the purpose of collection. So you would have some type of software, malware, or implant installed on the machine” to monitor it, he said. Network attacks, on the other hand, also rely on gaining access but are aimed at destruction, such as “wiping a hard drive, destroying servers,” or using a botnet to launch a denial of service attack. These types of network attacks are linked to military action or covert missions.
Most evidence so far points toward espionage. DarkMatter may have hired members of CyberPoint, with knowledge of code capable of infecting users through Twitter and other online platforms, to help.
“It is my understanding that … there were some types of offensive activities that [CyberPoint International] couldn’t or wouldn’t do for the client and the client did not want to be told no so they sought to restructure in a way that a foreign company could not impede their efforts,” one former employee said.
One thing is clear: The new arrangement led dozens of employees to leave the UAE rather than join DarkMatter. Several who opted out of the relationship cited concerns about the UAE’s human rights record, including arbitrary detention and torture of activists and dissidents. One cited the issue with “free speech” as a particular sore point.
Photo: Kuni Takahashi/Getty Images
A bigger question, perhaps, is whether DarkMatter’s use of American-developed hacking tools is even legal, since it may be covered by U.S. export regulations. According to the Washington Post, the State Department at one point granted CyberPoint permission to advise the UAE on cybersecurity. But two people who spoke with The Intercept questioned whether DarkMatter, which appears to have subsumed CyberPoint’s earlier work in the UAE, would be covered by that license.
The world of cyber exports is a confusing one. Depending on what DarkMatter is actually doing, its sales might be regulated by multiple bodies of law. If the products involve cryptography technology, there may be some arms export restrictions — while hacking tools and zero-days are not typically regulated that way, said Eva Galperin, a global policy analyst for the Electric Frontier Foundation and technology adviser for the Freedom of the Press Foundation. “If you want to sell surveillance malware from the UAE, nothing stops you,” she said during a phone interview.
The United States, however, has attempted to regulate those types of “cyberweapons,” and many U.S. officials wanted to tighten regulations in response to instances like Hacking Team’s sale of surveillance tools to repressive regimes. Critics of those proposed regulations pointed out that such technologies could be used for legitimate purposes, like testing products for cybersecurity or penetration testing.
“If you want to sell surveillance malware from the UAE, nothing stops you.”
It’s unclear, however, where DarkMatter’s work may fall in terms of export law. If the work involving U.S.-origin technology or technical expertise involved cryptography, a license would be required from the U.S. State Department. According to Colby Goodman, director of the Security Assistance Monitor and an expert in International Traffic in Arms Regulations, any American employees working on regulated products would need some sort of export license, even if they moved overseas and started working for a foreign company. “If you were a UAE citizen, and I was telling you about something that was ITAR controlled,” he explained, “that would be exporting it, unless I had a license.”
“It’s a similar concept with classified information,” he continued. Just because you leave the country doesn’t mean you forget the classified information — and if you give it away, that’s a violation.
The State Department declined to comment on whether an export license had been issued to cover DarkMatter or its employees, including those formerly from CyberPoint. The Commerce Department, which regulates some security equipment sales, did not respond to a request for comment.
DarkMatter, for its part, said it has obtained proper licenses, though it did not provide details.
“DarkMatter has provided its customers with technologies worth hundreds of millions of dollars, through its global security and technology vendors,” Healy, the spokesperson, said. “A number of these contracts extend to highly sensitive security systems that DarkMatter has applied for and — following the standard screening process — been granted export control licenses from jurisdictions including the U.S. and various European countries.”
Photo: David Becker/Reuters/ZUMA
At a crowded Las Vegas convention hall in August, representatives from DarkMatter were camped out in several large canopied stations, a short stroll from a vendor making hand-rolled cigars, several open bars, and a booth raffling off a robot dinosaur.
DarkMatter has started showing up in U.S. cybersecurity circles in recent months — including at BlackHat USA, the massive annual security and hacking conference in Vegas, where it handed out swag to attendees, including pens and notebooks adorned with a DarkMatter insignia. A representative at the booth said the company was still busy recruiting.
In his July blog post describing his UAE interview, Margaritelli wrote that he hoped his account would “serve to warn those who, like me, might find themselves dragged into shady affairs, partially or completely unaware, as well as anyone pursuing job offers that entail moving to the UAE. Know that you would be giving up your privacy, and more importantly, your freedom of speech for money.”
“You can’t blame the bag man for the job you gave them.”
Not everyone I spoke with agreed with his view. French security researcher Matt Suiche, whose cybersecurity startup Comae Technologies is also based in the UAE, said that “every country does surveillance” and hiring foreign workers in the UAE was not unusual; the UAE was simply trying to establish its own technology base. “It’s like the UAE Mars mission,” he said.
Some of the former CyberPoint employees in the UAE said they didn’t mind the surveillance work, treating it as an inevitable and natural path for a young modern nation facing legitimate threats. “I was impartial to the work I did,” one former employee told me. For the UAE, the source said, using surveillance to track its own citizens has become normalized. He described himself as a “realist” though admitted he tried to minimize his “exposure to certain things” the company did.
“You can’t blame the bag man for the job you gave them,” he said.
In the lobby of a Vegas hotel during BlackHat, I spoke with Margaritelli about his frustrations with DarkMatter — a Platinum sponsor at the event. He has all the trappings of a hacker from movies, including lip and nose piercings, rectangular glasses, and cigarettes. He avoids cellphones but finds other ways to communicate. He went to school for physics and engineering but never finished his degree. He has a very specific memory for numbers, network domains, addresses, and people. Though he says his English isn’t very good, he can rapidly translate Italian text into colloquial English.
Margaritelli told me he started off wary of DarkMatter. He was familiar with the UAE government’s reputation of locking up and disappearing dissidents and purchasing surveillance equipment from other countries. Plus, his interviewer — a former employee of another controversial surveillance company, Verint — seemed a little too interested in Bettercap, Margaritelli’s well-known hacking tool.
While some researchers may argue that what DarkMatter is doing is simply par for the course in cybersecurity, Margaritelli said that the scale of the endeavor is unprecedented, creating a zombie hoard of infected devices, primed for hacking and surveillance. “In a near future, every single electronic device in the UAE will unwillingly be part of their state botnet,” he said.
Later, in an email, Margaritelli wrote that he works with all sorts of hacking technologies, but he remains shocked by DarkMatter’s ambitions to surveil an entire nation. “What they want to do,” he wrote, “it’s fucking insane.”
What they want to do is fucking insane!
Not even knowing what Margaritelli knows and understands this is not fucking insane….staying a step or two ahead of the competition…it’s where we are going
Excellent work. Thanks!
I full agree with another commenter:
Awesome article and journalism, Jenna, Sam and Sheelagh!
Situations are seldom what they appear to be, there was just a recent article posting here on Endace and their Medusa systems, but nobody mentioned who the owner of Endace is:
Echidna Capital LLC
A Russian shell company.
A few years back I knew a young lady, a nice person but not the swiftest soul, and something of a looker who had been offered a modeling gig (or so she thought) in Abu Dhabbi.
I warned her that they have a homegrown snuff film operation there, using infidel bleached-blondes from America, but sadly she never took me seriously.
I haven’t heard back from her, and neither has anyone else she knew.
It is ridiculously naive to imagine the cyberspace domain is anything less than a shared and sharing intellectual property place where minds create command and control action for media to present as a virtual current energy for remote delivery of future productions. And that be only the tip of the titanic iceberg that IT drivers and only a starting point for smart operations and applications which are HyperRadioProActive.
And it is quite probably a most attractive option for securitisation for any system with DarkMatter ambitions.
Such are certainly the sort of sensitive services that be on offer to the likes of DarkMatter operands/CyberIntelAIgencies/governments and businesses, state and non-state actor enterprises struggling to come to suitable advantageous terms with conditions in leading positions beyond their immediate command and control and present competencies.
And it may very well be the case that such remote delivery services will always need to be valuable trusted third party supplied, given the nature of the intelligence and information required …… for not all would be gifted with the necessary full understanding of requirements for continuous success with AI leading progress.
Well, the worlds you live in now, all show construction and destruction by machine and text instruction, do they not?
I love the assertion that an individual with certain knowledge must get an ITAR or other export license license to work abroad. That will be an intersting thing to enforce, especially if he works from a USAbase a foreign client.
This issue also works ion reverse: I currently know of a Canadian who is currently living in the USA on a temporary visa working online for a Canadian software company and being paid into a Canadian bank account. The INS says now this person is illegally working in the USA.
i posted once about a doctor i met and asked him about legal compliance damned it you do ro dont and he matter of factly replied that there are things you can do that violate the law but that not doing those same things also violate the law.
And yet the dear leaders have a full time job passing thousands of laws written by hundreds of lobbyists every year. Clearly the NSA is going to have to lease storage space. Jaywalking should be worth 2 dozen charges which is probably close to life in prison. Naturally you can instead turn over your house to avoid jail time for that.
Seems like America has been run into the ground now that we are always at war but not really.
Awesome article and journalism, Jenna, Sam and Sheelagh!
To those commenters blaming Obama/HRC: get a grip.
They have/will only continue what’s been happening for years/decades … without any meaningful protest. Unfortunately.
And while blaming everyone else for this mess, you may want to take a look in the mirror as by far the majority of people install all kind of ‘random’ apps on their phone, without checking or revoking rights, without (properly) reading the corresponding Privacy Policies, etc.
While I think it’s loathsome and disgusting what those companies/app makers are doing, *you* allow them to do it.
There’s currently on Dutch TV a series going on about Privacy and tonight they compelled people to install a ‘flashlight app’. After a couple of days they went to visit those people (the gps told them their location) and told/showed/explained what that app was actually doing. The horror/shock/disbelief on their faces was priceless.
Should be required viewer for everyone with a smart phone imo.
Imagine a world where an authoritarian government monitors everything you do, amasses huge amounts of data on almost every interaction you make, and awards you a single score that measures how “trustworthy” you are.
https://www.washingtonpost.com/world/asia_pacific/chinas-plan-to-organize-its-whole-society-around-big-data-a-rating-for-everyone/2016/10/20/1cd0dd9c-9516-11e6-ae9d-0030ac1899cd_story.html?tid=pm_world_pop_b
This is the future of the 99% of the planet. …if they don’t wake up.
Orwell has been vindicated.
“When you point a finger at someone else, you are pointing three fingers back at your own self.”
“It’s better to keep your mouth shut and appear stupid than open it and remove all doubt.”
(truly fine report! required reading.)
You dont build a spy infrastructure like that with them sort of investments without the requisite implementation. If it is not the case that the citizenry affords all the “watch-me-watch-you”, then the wmwy capabilities will have to be built in. Retrofitting homes? See all those new buildings? May i see those plans again, the electrical appurtenances?
This is where Obama and company want to take America.
Total information awareness: four decades in the making.
No consequences for journalists caught colluding with the Hillary campaign.
http://observer.com/2016/10/no-consequences-from-media-peers-for-reporters-caught-colluding-with-hillary/
Hellary Clinton has proven herself to be the devil’s advocate, caterer and recruiter. The CGI is the un-church which offers forgivenss for tithing to morocco, arabia, honduras, iraq, syria, libya, egypt, and wallstreet. And being the outside sales rep from middle earth, her outlet store offers a complete line of fashions; spying, election rigging, genocide, murder, and lying for the rich and powerful, boxed and delivered under her own brand name, PANDORA.
Vote Jill Stein. Pencil it in if you don’t have her on the ballot in your state, Barabbas.
DIGITAL TECHNOLOBY IS NOT NEUTRAL
Yes, it only does what it is “told” but it is not neutral because it CAN NOT be used as a private means of communication because it can not be used privately.
Not only is digital technology incapable of offering privacy, it destroys privacy throughout society.
This fundamental condition has been aggravated in the extreme by the oligarchs (such as the owner of eBay) have added aggressive spy and intrusion into privacy technologies to run on flawed technology and take full advantage of its failures and weaknesses. In addition to the fundamentally flawed technology, the oligarchs (Larry Page, Surgey Brin for example) through their transnational corporations have flooded the internet with pollution just as oligarchs before them raped the physical planet for their own riches so too the new oligarchs have raped and polluted the internet with their Nazi razor wire of phony, sloppy, do it fast, get rich quick and deliberately weak and deeply flawed software.
Maybe some of you tech guys out there have an answer but as far as I can tell, the internet as it is noe constructed is polluted beyond repair.
I illustrate my point with the “internet of things” and the attack recently using adjunct devices, the code for which was rushed out without the first consideration for security – no money is made by having strong security for your toaster. With the internet as mature as it is now there is no excuse what-so-ever for this.
As to the rump feudal states aggressively using the flawed and deliberately crippled internet to spy, why should it surprise anyone? If beheading and torture are the norm then internet spying looks kind.
The internet is nothing more than a tool for transnational corporations in partnership with government (while it lasts) to control and dominate and eventually dismantle civil society. Even this post helps that effort.
We think of these Meddle Eastern territories “Kingdoms” as Medieval and they are, but they are not so far from the US or Europe which are Neoliberal capitalist and little more than feudalism in a fancy dress.
There is no going back to a pristine internet something new will be needed to replace it.
spot on. 100% agree. generations hence will be “raised like chickens” in a virtual cage and fed a diet of pure filtered information as if they themselves were devices.
That thing is under development – and it will cause a new social media revolution… and provide a harbor of safety for the most derelict of users:
http://www.breitbart.com/tech/2016/09/29/second-internet-coming-soon-courtesy-blockchain/
quote”Later, in an email, Margaritelli wrote that he works with all sorts of hacking technologies, but he remains shocked by DarkMatter’s ambitions to surveil an entire nation. “What they want to do,” he wrote, “it’s fucking insane.”unquote
Ha. This is EXACTLY what the NSA wants to do. Unfortunately, Snowden fucked up their little plan. I mean…look at Bluffdale. Moreover, they’re building an even bigger data center at Ft. Meade. I don’t care what anyone says, this will come to pass around the entire fucking planet …eventually. Moreover, the average human being will be “social media scored”. It’s already happened in China.
https://www.washingtonpost.com/world/asia_pacific/chinas-plan-to-organize-its-whole-society-around-big-data-a-rating-for-everyone/2016/10/20/1cd0dd9c-9516-11e6-ae9d-0030ac1899cd_story.html?tid=pm_world_pop_b
In reality..TOTAL fucking tyranny is what this world is facing. Orwell must be gloating. As for DarkMatter. Let’s just hope this article makes some corporations leery of ever doing business there, now that they know EVERY device will be monitored..24/7. But I ain’t holding my breath. I just pray for a Mass Coronal Ejection… soon. Cause that’s the ONLY thing that will stop this insidious surveillance machine.
spot on.
the USG chock full of Dumb&Dumber couldn’t see this coming. And those who could really dont care because living as a human being is not what matters to them. What does matter is that their insect colony works as like insect colony. They all have their insect roles and insect survival plan while the rest of the population is who they prey for.
“they were specifically told they would be working on offensive operations”
As opposed to those at US “security” software companies who are told their skills would be to combat leaks or…ie…the “Snowden Effect”, protecting the USG from all those evil leakers and terrorists.
The author didn’t do the footwork on exporting tech from the U.S. Unless things have radically changed at the Bureau of Industry and Security allow known encryption protocols (ex. encryption used in PKI) are free to export to most places in the world. They were very helpful when I contacted them years ago.
we press a button and BOOM! All the devices in the mall are infected and traceable
Way more money than brains behind that operation.
This article was very well researched.
thank you
Welcome to my laboratory where safety is priority #1.
Tomorrow may know after all.
Turn off your mind, relax and float down stream
It is not dying, it is not dying
Lay down all thoughts, surrender to the void
It is shining, it is shining
Yet you may see the meaning of within
It is being, it is being
Love is all and love is everyone
It is knowing, it is knowing…
… that ignorance and hates may mourn the dead
It is believing, it is believing
But listen to the colour of your dreams
It is not living, it is not living
So play the game “Existence” to the end…
… Of the beginning, of the beginning
Of the beginning, of the beginning
Of the beginning, of the beginning
Of the beginning, of the beginning
What font is that?
The headline? OCR-A.
Optimised for optical character recognition. High tech from way back when. Related to MICR & OCR-B. Have an awesome day :)
Thank you!
:)
The changing font in the picture is beautiful
It’s a long article. I’ll probably make a few comments over the next day or so as the data dump integrates. My first impression is that the usual suspects, aka the CIA, NSA, British and Israeli intelligence etc. are ratting out a competitor to maintain a position of dependency for Dubai and a position of dominance for themselves.
The bit about Dubai or UAE being human rights abusers needs to taken with a grain of salt. I’m sure they do abuse activists and journalists, but compared to the United States or Britain or Israel how bad is it? Black site prisons? Torture? Been there, done that, it’s old hat. The part where US officials claim that some other country is acting illegally, by violating an export license seems particularly silly.
Halliburton is in Dubai. So may be it’s the other way around. Instead of Dubai taking over foreign corporations, maybe a group of foreign corporations have taken over Dubai and are using it like a Mafia Bank. (BCCI comes to mind).
https://en.wikipedia.org/wiki/Bank_of_Credit_and_Commerce_International
C’mon Ms McLaughlin why don’t you just tell us it’s the NSA? Oh, I get it? We are supposed to infer that the “Dark Matter” reference is the “Dark Matter” in the toilet after eating spoiled chicken tacos with listeria tainted cilantro is code for anything NSA. Yes, I did read the damn memo, late, but I read it. It’s a fitting analogy because it’s shitty organization.
Great Piece
This is particularly timely in light of the shutdown of Twitter, Reddit, etc. by hacked “internet of things” devices. There are so many hacked *webcams* and thermostats that they can shut down major internet sites! And what are all those hacked cameras doing the rest of the time??? Why are they made so hackable?
The line in the mass media is that consumers simply don’t care about security. They really couldn’t give a damn if that webcam of theirs is constantly available to hackers and blackmailers and spies. The problem with that explanation is that it is some of the reekiest bullshit ever slathered onto foolscap! No, it’s not that consumers don’t care – it’s that they don’t get a choice, because companies push this stuff at them and nobody seems to dare to market a good product and point out competitors’ flaws. The companies *want* insecure products, and the obvious explanation is that they’re getting paid.
Not only are they getting paid – they seem invulnerable to liability. You’d think that if Twitter gets shut down, somebody from the company would be serving one of those so-fucking-clever internet thermostat manufacturers with a hefty lawsuit, no? So where is it? These “internet of things” companies should be finding their market model about as profitable as the Galaxy 7. Instead, the press isn’t even telling us who they are!
What I want from The Intercept:
1) Name and shame manufacturers of devices that have contributed to the mass DDOS attacks.
2) Instruct readers how to personally find and reliably (physically!) disable internet connections and other points of vulnerability in cars and other expensive possessions.
3) List manufacturers of wi-fi (etc.) free products for things where in the store you already have trouble finding something without the given type of connection (like try to find a home router nowadays that isn’t broadcasting wi-fi!).
Course, if you do this I don’t know if you get DDOSed yourselves … might be a better business model just to give some software ‘security tips’ that don’t really protect people.
Regarding want #1: https://krebsonsecurity.com/2016/10/who-makes-the-iot-things-under-attack/
OT insane when you think of the wealth involved–then the useful tool will be sold to the US to GARANTEE PRESOBAMA and CROOKDCLINTON + WS OPEN BORDERS IMPLEMENTATION.
Well on way with destruction of all SA economies.