Hacking Team sold spy tools to oppressive Sudanese government

Sudan Darfur children

Photo by European Commission DG ECHO/Flickr (CC BY-SA 2.0)

The controversial software firm counted a homicidal regime among its clients.

A trove of hacked documents has tied one of the world’s leading suppliers of government-surveillance software to a Sudanese intelligence organization known for its oppressive tactics.

On Sunday night, a hacker posted a massive cache of purportedly hacked internal documents from the Milan, Italy-based Hacking Team, a software company that helps governments hack into computers, defeat email encryption, and eavesdrop on online communications. The roughly 400 gigabytes of files leaked online includes client invoices, private company emails, and product source code. Among the clients unearthed by researchers online were authoritarian regimes with abysmal human rights records.

One such client is Sudan’s intelligence service, the National Intelligence and Security Service (NISS), an organization international human-rights groups like Amnesty International hold responsible for the systematic torture of students, reporters, activists, and other civilians. 

The NISS is notorious for its use of arbitrary arrests, secret detention facilities, and torture as a means to extract confessions from so-called criminals. NISS members operate with immunity from prosecution for crimes committed on the job.

While Hacking Team has publicly denied selling its wares to the Sudanese government, multiple documents fished from the trove of leaked files indicate otherwise.

A Hacking Team invoice dated September 2012 identifies Sudan as one of firm’s clients. The document reveals that the company made an offer to sell surveillance software to the NISS on June 1, 2012, and a contract was signed before the end of the month. According to the document, Hacking Team provided the NISS with its Remote Control System (RCS) at a cost of €480,000. The software package, which is billed as “the hacking suite for governmental interception,” would have allowed Sudanese spies to monitor the transfer of encrypted files and emails, eavesdrop on Skype calls, and secretly activate microphones and cameras connected to the Internet.

While over three dozen of the world’s governments have been identified in the leaked documents as Hacking Team clients—including the U.S. government—Sudan is perhaps one of the most troubling due to the level of violence inflicted upon the civilian population by its government. Security forces routinely attack protesters demonstrating against the ruling National Congress Party (NPC). Accused of being sympathetic towards opposition rebels, civilians living in the western region of Darfur are killed by the hundreds. Thousands more are reportedly forced to flee as their homes are looted and burned. 

Sudanese army forces are accused of raping 221 women and girls in the North Darfur of Tabit over a two-day period in October 2014, according to Human Rights Watch (HRW), which interviewed 15 survivors for a report published earlier this year. The NISS operates the Rapid Support Forces, a paramilitary outfit that has been linked to widespread sexual violence.  

(Sorry, this embed was not found.)

The NISS is further charged with imposing mass censorship throughout Sudan. Human-rights defenders and journalists are reportedly frequently harassed and arrested, if not outright killed. Surveillance technology, such as Hacking Team’s RCS software, would likely prove useful towards the goal silencing voices of dissent. Over the past week, NISS agents have reportedly confiscated the print-run editions of Sudanese newspapers or banned them from publishing entirely.

“The spoken and written word have been equally controlled, journalists harassed, summoned or arrested by the NISS,” according to Agents of Fear, a July 2010 report published by Amnesty International. “The written press has been heavily censored and books have also been banned and their authors summoned if they cover subjects deemed sensitive by the NISS.”

Hacking Team told the United Nation’s Italian representative in January 2015 that it had no current business relations with Sudan, according to another leaked document. A spreadsheet also contained in the file dump listed Sudan as “not officially supported,” while other countries including Saudi Arabia, Turkey, and Nigeria were listed as either “active” or “expired.”  

The use of Hacking Team’s wiretapping software by the Sudanese government was first reported in February 2014 by Citizen Lab, an Internet research group based at the Munk School of Global Affairs at the University of Toronto. Nearly a year before publication of Citizen Lab’s report, a spokesperson for Hacking Team told CNET: “On the issue of repressive regimes, Hacking Team goes to great lengths to assure that our software is not sold to governments that are blacklisted by the E.U., the U.S.A., NATO, and similar international organizations or any ‘repressive’ regime.”

Hacking Team could not be reached for comment in time for publication. 

Photo by European Commission DG ECHO/Flickr (CC BY SA 2.0)

Dell Cameron

Dell Cameron

Dell Cameron was a reporter at the Daily Dot who covered security and politics. In 2015, he revealed the existence of an American hacker on the U.S. government's terrorist watchlist. He is a co-author of the Sabu Files, an award-nominated investigation into the FBI's use of cyber-informants. He became a staff writer at Gizmodo in 2017.