Crofton Black, an investigative journalist at Lighthouse Reports, discusses the extensive spyware investigation focusing on the new mercenary tool, Predator. Joined by Bill Marczak and John Scott-Railton from Citizen Lab, they delve into how Predator infects mobile phones to collect sensitive data and its alarming sale to global intelligence agencies. The conversation highlights ethical implications, the urgent need for regulatory oversight, and the chilling reality of technology being weaponized against civil liberties.
The proliferation of mercenary spyware poses ethical concerns about personal privacy and autocratic regimes.
The use of spyware like Predator in Greece highlights the need for stronger regulations and oversight.
The surveillance technology industry, including companies like NSO Group, raises questions about responsibility and the dangers of invasive spyware.
Deep dives
The Rise of Sam Cummings: The Biggest Private Military Weapons Dealer
Sam Cummings, a former US Army recruit, became the biggest private military weapons dealer in the world. Starting as a young arms buff, he used his contacts to buy surplus weapons and gradually sell them over time. He expanded his business by selling weapons to governments around the world, including to Fidel Castro in violation of an embargo. Cummings built a reputation for having a large supply of weapons and had no qualms about selling to anyone with money. He operated from Interarms House in Manchester, England, where hundreds of thousands of guns were stored. Despite the controversies, he prioritized his family's security and avoided business disruptions.
Tal Dillian: The Entrepreneur in the Mercenary Spyware Business
Tal Dillian, an Israeli entrepreneur with military experience, established companies involved in surveillance technology such as Circles and Intelekxa. Initially involved in phone geolocation, his company Circles used SS7 attacks for surveillance purposes. Circles was eventually purchased by NSO Group, a well-known provider of spyware to governments. Dillian then formed Intelekxa, combining technologies from Cytrox and NEXA. Intelekxa's spy van, equipped with advanced surveillance capabilities, was showcased in a Forbes interview. Dillian faced scrutiny for selling spyware to Sudan, a country with a history of human rights abuses. The Greek government confirmed the sale, raising questions about the responsibility of states in proliferating digital weapons.
The Ethics and Implications of Mercenary Spyware
The proliferation of mercenary spyware, developed and sold by companies like Cytrox and NSO Group, poses numerous ethical concerns. These companies offer surveillance tools that can invade personal privacy and be used by autocratic regimes to suppress dissent and maintain power. The lack of oversight and accountability raises questions about the responsible use of such technology. The ability to target individuals without regard for national borders presents significant dangers to democracy and freedom. The need for transparency, regulation, and restrictions on the use of mercenary spyware becomes evident to prevent its misuse and safeguard human rights.
Predator Spyware Uncovered in Greece
The discovery of Predator spyware in Greece sparked a wave of investigations and media attention. It all started when a journalist, Thanosys Kukakis, read a report mentioning a person he had previously investigated. Suspicious, he contacted Citizen Lab and discovered that his phone had been hacked with Predator spyware. News spread and more instances of Predator were found, including on the phones of a journalist and an opposition leader. The Greek government denied any involvement, leading to speculation that the intelligence agency may be responsible. The incident highlighted the need for stronger regulations around spyware and the potential dangers of uncontrolled surveillance.
The Growing Concerns over Spyware Proliferation
The case of Predator spyware in Greece raised questions about the lack of legal protections and oversight surrounding spyware use. The surveillance technology industry, featured in conferences like ISS World, showcases powerful tools such as Pegasus and Predator. The responsibility of these companies and governments in the deployment and misuse of spyware remains unclear. The leaked document revealing the price of a Predator package indicated the sophistication of these tools, offering one-click infections for a high price. The dangers of such invasive spyware highlight the importance of establishing laws and regulations to protect individual privacy and prevent abuse of power.
A new type of mercenary spyware came on the radar called Predator. It’ll infect a mobile phone, and then suck up all the data from it. Contacts, text messages, location, and more. This malware is being sold to intelligence agencies around the world.
In this episode we hear from Crofton Black at Lighthouse Reports who spent 6 months with a team of journalists researching this story which was published here: https://www.lighthousereports.com/investigation/flight-of-the-predator/.
We also hear from Bill Marczak and John Scott-Railton from Citizen Lab.
If you want to hear about other mercenary spyware, check out episodes 99 and 100, about NSO group and Pegasus. To hear another episode about Greece check out episode 64 called Athens Shadow Games.
Sponsors
Support for this show comes from Axonius. The Axonius solution correlates asset data from your existing IT and security solutions to provide an always up-to-date inventory of all devices, users, cloud instances, and SaaS apps, so you can easily identify coverage gaps and automate response actions. Axonius gives IT and security teams the confidence to control complexity by mitigating threats, navigating risk, decreasing incidents, and informing business-level strategy — all while eliminating manual, repetitive tasks. Visit axonius.com/darknet to learn more and try it free.
Support for this show comes from Varonis. Do you wonder what your company’s ransomware blast radius is? Varonis does a free cyber resilience assessment that tells you how many important files a compromised user could steal, whether anything would beep if they did, and a whole lot more. They actually do all the work – show you where your data is too open, if anyone is using it, and what you can lock down before attackers get inside. They also can detect behavior that looks like ransomware and stop it automatically. To learn more visit www.varonis.com/darknet.
Support for this show comes from Akamai Connected Cloud (formerly Linode). Akamai Connected Cloud supplies you with virtual servers. Visit linode.com/darknet and get a special offer.
Remember Everything You Learn from Podcasts
Save insights instantly, chat with episodes, and build lasting knowledge - all powered by AI.
