The Crime-fighting App That Caused A Phone-hacking Scandal In Italy
After successfully creating a health care app for doctors to view medical records, Diego Fasano, an Italian entrepreneur, got some well-timed advice from a police officer friend: Go into the surveillance business because law enforcement desperately needs technological help.
In 2014, he founded a company that creates surveillance technology, including powerful spyware for police and intelligence agencies, at a time when easy-to-use encrypted chat apps such as WhatsApp and Signal were making it possible for criminal suspects to protect phone calls and data from government scrutiny.
The concept behind the company's product was simple: With the help of Italy's telecom companies, suspects would be duped into downloading a harmless-seeming app, ostensibly to fix network errors on their phone. The app would also allow Fasano's company, eSurv, to give law enforcement access to a device's microphone, camera, stored files and encrypted messages.
Fasano christened the spyware "Exodus."
"I started to go to all the Italian prosecutors' offices to sell it," explained Fasano, a 46-year-old with short, dark-brown hair and graying stubble. "The software was good. And within three years, it was used across Italy. In Rome, Naples, Milan."
Even the country's foreign intelligence agency, L'Agenzia Informazioni e Sicurezza Esterna, came calling for Exodus's services, Fasano said.
But Fasano's success was short lived, done in by a technical glitch that alerted investigators that something could be amiss. They followed a digital trail between Italy and the U.S. Before unearthing a stunning discovery.
Authorities found that eSurv employees allegedly used the company's spyware to illegally hack the phones of hundreds of innocent Italians-playing back phone conversations of secretly recorded calls aloud in the office, according to legal documents. The company also struck a deal with a company with alleged links to the Mafia, authorities said.
The discovery prompted a criminal inquiry involving four Italian prosecutor's offices. Fasano and another eSurv executive, Salvatore Ansani, were charged with fraud, unauthorized access to a computer system, illicit interception and illicit data processing.
Already, the unfolding story of eSurv has renewed questions about the growing use of spyware. It has also brought attention to the largely unregulated companies that develop the spyware technology, which is capable of hacking into a device that nearly everyone carries in a pocket or purse, often storing their most sensitive information.
The demand for such technology has been driven in part by the rise in popularity of encrypted mobile phone apps and the reality that it is getting harder for law enforcement to glean evidence without the assistance of Silicon Valley giants such as Apple Inc., which is currently at loggerheads with the FBI over access to an iPhone used by an accused terrorist.
In recent years, spyware developers such as Israel's NSO Group and Italy's Hacking Team have been criticized for selling their products to repressive governments, which have used the technology to, among other things, track activists and journalists. (Both companies have said they sell their equipment to law enforcement and intelligence agencies to fight crime and terrorism.)What makes the allegations against eSurv so astounding is that, if true, the company became involved in the spying itself-and did so right in the heart of Europe.
Giovanni Melillo, the chief prosecutor in Naples who is overseeing the case, has worked on some of the country's highest-profile investigations, from the feared Camorra organized crime group to international money laundering and drug trafficking schemes. But he said the allegations against eSurv are unusual, even for a veteran prosecutor like him.
"I think that no prosecutors in Western countries have ever worked on a case like this," Melillo said in a recent interview at his Naples office. This story is based on interviews with Italian authorities and a review of 170 pages of documents outlining the evidence collected, much of it never before reported.
In the city of Benevento, about 40 miles northeast of Naples, technicians working for the prosecutor's office in 2018 were using Exodus to hack the phones of suspects in an investigation. That October, one of the technicians noticed that the network connection to Exodus was frequently dropping out, according to Italian authorities.
The technician did some troubleshooting and found a glaring problem. The Exodus system was supposed to operate from a secure internal server accessible only to the Benevento prosecutor's office. Instead, it was connecting to a server accessible to anyone on the internet, protected only by a username and password, the authorities said.
The implications were enormous: hackers could potentially gain access to the platform and view all of the data that Italian prosecutors were covertly harvesting from suspects' phones in some of Italy's most sensitive law enforcement investigations. (Authorities don't know if the server was in fact ever hacked.)
The prosecutor's office quickly took steps to shut down Exodus, and in October 2018, they ordered the seizure of eSurv's equipment.
The investigation was eventually handed off to the prosecutor's office in nearby Naples, which is responsible for handling major computer crimes in the region. The Naples prosecutor began a more in-depth probe-and found that eSurv had been storing a vast amount of sensitive data, unencrypted, on an Amazon Web Services server in Oregon.
The data included thousands of photos, recordings of conversations, private messages and emails, videos, and other files gathered from hacked phones and computers. In total, there were about 80 terabytes of data on the server-the equivalent of roughly 40,000 hours of HD video.
"A large part of the data is secret data," said Melillo. "It's related to the investigation of Mafia cases, terrorist cases, corruption cases."
Prosecutors filed criminal charges against eSurv for unlawfully collecting and storing private communications, transferring them overseas, and failing to keep secure "sensitive personal data of a judicial nature."
But, according to authorities, a far worse discovery was yet to come.
When Fasano began thinking about creating a police surveillance tool, he recruited a small team to explore the possibilities. They eventually developed a spyware tool that would allow police to hack Android phones by luring suspects into downloading what looked like an ordinary app from the Google Play store.
The police, with cooperation from mobile phone networks, would shut down a targeted person's data service, Fasano said. They would then send them instructions to use Wi-Fi to download an app to restore service. ESurv designed the app to look as though it was associated with telecommunications providers, with names such as "Operator Italia."
The app didn't contain spy software, allowing it to bypass Google's automated virus scans. But once a person downloaded it, the app served as a gateway through which eSurv could place spyware onto a person's phone. The spyware would then covertly take total control: recording audio, taking photos and giving police access to encrypted messages and files, Fasano said.
ESurv developed different versions of Exodus that could target iPhones, as well as laptops and desktop computers using Microsoft Corp.'s Windows and Apple Inc.'s OS X operating systems, Fasano said. Google said it had removed all versions of the Exodus app from its app store. Microsoft said it wasn't aware of any samples of Exodus targeting the Windows platform. Apple didn't respond to a message seeking comment.
ESurv created its spyware in Catanzaro, a city of narrow cobbled streets in southern Italy known for its silk and velvet production and its ties to the 'Ndrangheta, the most powerful Mafia group in Europe. The company employed about 20 people, most of whom were involved in another part of the business-selling video surveillance technology. The work of developing and expanding Exodus was left to a small group of employees who worked in a separate room. They called themselves the Black Team.
The Black Team was led by Ansani, the 43-year-old technical director who was charged with Fasano, according to testimony from former employees given during the police investigation. They used the spyware to target law-abiding Italian citizens, bugging their phones and recording their private conversations, according to prosecutors. The reasons for the spying remain unknown.Ansani, who denied the charges to police, declined to comment, saying in an email, "Investigations are currently being carried out by the Public Prosecutor. Therefore, as you know, I cannot issue any statement."
In one instance, the Black Team hacked the phone of a 49-year-old woman from Crotone, a port city on the coast of Calabria, according to the prosecutor's filings. The team collected the woman's personal text messages to family and friends, and covertly recorded more than 3,800 audio clips using her mobile phone's built-in microphone, chronicling the woman's life and interactions as she went about her daily business, the filings say.
In all, the Black Team spied on more than 230 people who weren't authorized surveillance targets, according to police documents. Some of the surveillance victims were listed in eSurv's internal files as "The Volunteers," suggesting they were unwitting guinea pigs.
Ansani would sometimes sit at his computer and wear headphones, listening to conversations covertly collected from people's phones, the employees said. On other occasions, Ansani would loudly play the recordings through his computer speakers and show other employees images that Exodus had collected, the employees told police. Under its strict agreement with authorities, eSurv didn't have permission to view or listen to this information, the employees said.
After reviewing evidence about the Black Team in May, a judge concluded that Exodus appeared to have been "designed and intended from the outset to operate with functions that are very distant from the canons of legality." The judge approved a warrant to place Ansani and Fasano under house arrest; the investigation is continuing and additional charges could be filed, according to Italian authorities.Ansani told police that he didn't carry out unlawful surveillance and couldn't access data from hacked phones or computers. Police later discovered that he had possessed "superuser" credentials at eSurv that gave him the ability to review recordings, private messages, photographs and other data Exodus vacuumed up from people's devices, according to legal documents and Italian authorities.
Fasano, eSurv's founder, who is fighting the charges against him, said in an interview that he had no knowledge of unlawful surveillance and that he had delegated responsibility for Exodus to Ansani.
Inside the prosecutor's office in Naples, a 14-floor building a short distance from the city's business district, a task force of investigators is combing through the vast amount of data seized from eSurv.
The investigators are still trying to work out whether eSurv's employees were unlawfully monitoring people for a malicious purpose such as blackmail, whether it was just some sort of cruel game, or whether there is another explanation.
The case has shocked prosecutors in Italy, according to Melillo, and forced them to change their protocols. In Naples, the prosecutor's office will no longer work with private surveillance companies unless they first pass tests showing that their systems are secure and conform to stringent standards.
Melillo said he is concerned other companies may be conducting their own illegal surveillance. ESurv's hacking technology, he said, was "just the top of a big iceberg. We don't know yet the part of iceberg that is under the water."
"It's like a gun. Once you have sold it, you don't know how it will be used."
About 35 miles south of Naples, in Salerno, a spin-off investigation is focusing on whether a contractor that eSurv was working with, STM, may have been using Exodus to carry out its own unlawful spying operations. According to a person with knowledge of the Salerno investigation, STM obtained the Exodus spyware from eSurv and allegedly used it to assist Eugenio Facciolla, a prosecutor at the center of a corruption scandal.
The prosecutor's office in Salerno has charged Facciolla with forging documents in an effort to obstruct or mislead a police investigation into an 'Ndrangheta-led illegal logging operation, which involved chopping down thousands of trees in some of Italy's national parks, according to the person and Italian media reports.
Facciolla worked for a different prosecutor's office, in Castrovillari, that paid STM more than €700,000 (about $780,000) for help carrying out surveillance in criminal investigations, said the person. But the Salerno prosecutor is looking at the possibility that Facciolla went rogue-and enlisted STM to help with illegal, off-the-books surveillance operations, said the person.
Nicola Gratteri, one of Italy's leading anti-mafia prosecutors, said he identified connections between STM and people working for the 'Ndrangheta. "From telephone tapping, I discovered that some of my subjects had something to do with this company," said Gratteri.
STM didn't respond to messages seeking comment.
Gratteri said he passed on the information about STM to the prosecutor's office in Salerno, which is investigating the matter but declined to comment for this story. The use of Exodus and other spyware, Gratteri suggested, had gotten out of control. In the hands of corrupt police or prosecutors, he said, it could be used to target people like him.
"I think I am an interesting subject for those not on the side of justice," he said.
Italy's High Council of the Judiciary, which manages the appointment of prosecutors, said in November that it was removing Facciolla from his office in Castrovillari, on the grounds that he had "abused his functions." Facciolla is appealing that decision and said that the accusations against him were "false."
"I have been fighting crime for decades," he told Bloomberg News in a statement.
Fasano acknowledged providing Exodus to other companies, including STM, which signed a partner agreement with eSurv in January 2018 worth about €50,000 (about $61,000). However, Fasano said he didn't know how STM used the technology.
"It's like a gun," said Vincenzo Ioppoli, Fasano's lawyer. "Once you have sold it, you don't know how it will be used."
The investigation is expected to be completed later this year, according to the Naples prosecutors. Fasano and Ansani were kept under house arrest for three months and released. They are awaiting the next stage of their legal proceedings, which will likely conclude with a trial, according to Fasano.
Fasano said that his wife has left him due to troubles caused by his legal case and that he is struggling to make his mortgage payments because eSurv has shut down its operations. (His wife didn't return a message seeking comment.) He said he's had offers for new jobs but only from companies in the surveillance industry. He said he's done with the spyware business and regrets getting into it in the first place.
"I don't want to work in this kind of market anymore," said Fasano, lamenting his fate ahead of a meeting about his case in October. "Privacy, for me, it is a very, very important thing. I made a big mistake."
Mobile Medical Apps Market Overview, Growth Factors, Demand And Trends Forecast To 2023
Mobile Medical Apps Market
Over the past few years, medical mobile apps have made rapid emergence in the healthcare industry. Their role in improving patient experience has intensified more than ever, and have helped proponents of patient care providers to overcome geographical barriers. Concomitantly, medical apps used by mobile users have also proliferated in numbers. The most crucial difference is probably stark in the growing use of diagnostic information and reminders by patients through mobile medical apps.
Report Overview @
https://www.Transparencymarketresearch.Com/mobile-medical-apps-market.Html
A growing body of research on various aspects of patient care has helped in augmenting the business propositions of mobile medical apps. One of the most prominent aspect where healthcare providers, payers, and patients have realized the benefits are in reducing the time spent by latter to access care. The key compelling proposition is the potential of mobile medical apps in the management of chronic diseases.
Adherence to medication and the monitoring of diet behaviours are some of the key areas where the application of mobile medical apps have made the difference. The relentless efforts of healthcare providers and policy makers world over to improve the quality of care through technological advancements has been one of the key underpinnings to the evolution of the mobile medical apps market.
Request Sample @
https://www.Transparencymarketresearch.Com/sample/sample.Php?Flag=S&rep_id=411
Smart phones and other mobile apps are largely used in various areas of healthcare like health education, health management, data management, health information, and relative workflow processes. Variety of mobile phone apps have been developed to monitor the health of patients and provide the relative data to physicians. The modern age technology is driving the market growth as it saves time and proves much beneficial in providing medical care to patients in remote areas.
Healthcare industry has exhibited the need for such innovative technologies. Smart phones are playing a vital role in healthcare industry by making medical services easier and even replacing some of the work that would have previously been done on laptops or desktop computers.
Request Brochure @
https://www.Transparencymarketresearch.Com/sample/sample.Php?Flag=B&rep_id=411
The worldwide market for mobile medical apps is growing significantly in developed economies like US and Europe as a significant number of healthcare professionals are using mobile phone medical applications in everyday business activities. Compared to other mobile phone apps segments, there is sluggish growth in popularity of medical apps; however, it is expected to grow rapidly in the coming few years due to increasing dependence on medical apps for patient health monitoring.
Contact Us
Transparency Market Research90 State Street, Suite 700Albany, NY 12207Tel: +1-518-618-1030USA – Canada Toll Free: 866-552-3453Email: sales@transparencymarketresearch.ComWebsite: https://www.Transparencymarketresearch.Com
About Us
Transparency Market Research (TMR) is a market intelligence company, providing global business information reports and services. Our exclusive blend of quantitative forecasting and trends analysis provides forward-looking insight for thousands of decision makers. TMR’s experienced team of analysts, researchers, and consultants, use proprietary data sources and various tools and techniques to gather, and analyze information. Our business offerings represent the latest and the most reliable information indispensable for businesses to sustain a competitive edge.
Each TMR syndicated research report covers a different sector – such as pharmaceuticals, chemicals, energy, food & beverages, semiconductors, med-devices, consumer goods and technology. These reports provide in-depth analysis and deep segmentation to possible micro levels. With wider scope and stratified research methodology, TMR’s syndicated reports strive to provide clients to serve their overall research requirement.
This release was published on openPR.
Schools Around Australia Begin Mobile Phone Ban For Students Next Month
After being trialed in several schools around Australia, all students in Victoria and Western Australia will have to submit to new rules about using their phones on campus.
Public school students across those two states will have to ensure their phones are nowhere to be seen when they step onto school grounds in the morning.
It's hoped the move will reduce distractions, prevent cyber bullying and anti-social behaviour.
Credit: PA
In Victoria, students will have to have their phones stored in their lockers for the whole day. If parents need to contact their child then they can do so by calling the school, who will get the student on the phone.
Those in Western Australian high schools will just have to make sure that the device isn't seen by a teacher and is on airplane mode. Primary school students will not be allowed mobile phones under any circumstances, unless medical grounds are provided.
That is a similar law being rolled out to students in New South Wales.
Kids in Tasmania won't be allowed to have mobile devices on their person from Term Two. Teens in Year 11 and 12 will be exempt from the rule change as long as they've been granted permission from the school.
Credit: PA
West Australian Premier Mark McGowan said: "We want to create the best possible learning environment for WA kids, and our policy will allow students to focus on their school work, without the distraction of a mobile phone.
"My government is responding to concerns from parents and teachers about the pressures and demands that carrying a mobile phone brings to young people.
"Additionally, while it is recognised that cyber bullying mainly occurs outside school time, banning the use of mobile phones will reduce external issues being brought into a school via technology."
But it's not just phones that are banned; smart watches, earbuds, tablets and headphones unless students are all on the chopping block unless under the instruction of a staff member.
Credit: PA
The only exception when it comes to smartwatches is when a student has a medical condition that requires them to wear one.
Education minister Sue Ellery said: "Schools I have visited where phones are banned, have reported that a tough stance has been a game-changer for students and staff.
"Students are talking to each other face-to-face rather than texting and they're not distracted from their work during class - overall those schools are much happier and connected places.
"I want that for all schools."
Comments
Post a Comment