-->
Silence
And Mysteries: Did Hacking Team Play Any Role in The Khashoggi Murder?
Repubblica has investigated alleged Hacking Team involvement in
the horrific assassination of Jamal Khashoggi. But from the Hacking Team
company to the Italian government, we came up against silence and mysteries.
Snowden to Repubblica: "It should scare people that a company like Hacking
Team can exist, especially in a developed country like Italy"
Repubblica.it,
STEFANIA MAURIZI, 08 aprile 2019
It was one of the most brutal crimes ever committed against a
journalist. The assassination and dismemberment of Jamal Khashoggi seems like
the plot of a horror movie. A horror movie in which Italy plays a role as well,
because two of the main characters in the assassination had contacts with one
of the most controversial Italian companies of the last decade: Hacking Team,
infamous for selling its cyberespionage tools. The two main characters are Saud
al-Qahtani, who allegedly planned and oversaw the operation that resulted in
the assassination of Khashoggi, and Maher Mutreb, who allegedly coordinated and
executed this operation in the field. Mutreb attended Hacking Team's training
courses, as already revealed by the Italian company's internal emails published
by WikiLeaks - after Hacking Team was hacked by unknown actors. But now,
speaking for the first time, a source who held several training sessions on the
Hacking Team's surveillance software both in Milan and in Saudi Arabia and who
has asked to remain anonymous tells la Repubblica how he recognised Maher Mutreb.
"We were in a military compound where mobile phones were not allowed and we hadn't been provided with the identities of the people we were supposed to train", the source says, referring to a training course for the Saudi military intelligence he held in Riyadh between 2010 and 2011. "I recognised Maher Mutreb from his permanent scowl," he adds, referring to the grumpy expression quite evident in the pictures widely published by the media after Khashoggi's assassination. In that specific training session held in Riyadh, "Mutreb was not one of people who received training and in fact he didn't ask any technical questions like others did", the source says. However, in one of the Hacking Team's emails dated January 2011, Maher Mutreb is one of the Saudis enlisted to travel to Milan for an advanced training course: the six names in the list coincide with the ones our source remembers.
"We were in a military compound where mobile phones were not allowed and we hadn't been provided with the identities of the people we were supposed to train", the source says, referring to a training course for the Saudi military intelligence he held in Riyadh between 2010 and 2011. "I recognised Maher Mutreb from his permanent scowl," he adds, referring to the grumpy expression quite evident in the pictures widely published by the media after Khashoggi's assassination. In that specific training session held in Riyadh, "Mutreb was not one of people who received training and in fact he didn't ask any technical questions like others did", the source says. However, in one of the Hacking Team's emails dated January 2011, Maher Mutreb is one of the Saudis enlisted to travel to Milan for an advanced training course: the six names in the list coincide with the ones our source remembers.
As for Saud al-Qahtani, Hacking Team's internal emails reveal that at
the end of June 2015 he contacted Hacking Team's then boss, David Vincenzetti,
seeking "a long and strategic partnership". Saud al-Qahtani
definitely wasn't talking about just acquiring the Hacking Team's surveillance
software, because as the emails reveal the Saudis had already acquired the software
and had been training to use it since at least 2010. So what kind of
partnership was Saud al-Qahtani looking for?
Mutreb is currently under trial in Saudi Arabia for the killing of Khashoggi together with 10 other suspects. The trial is completely shrouded in secrecy. However, Saud al-Qahtani does not appear to be under trial, which suggests that Saudi Arabia is only willing to prosecute low-level officials.
Mutreb is currently under trial in Saudi Arabia for the killing of Khashoggi together with 10 other suspects. The trial is completely shrouded in secrecy. However, Saud al-Qahtani does not appear to be under trial, which suggests that Saudi Arabia is only willing to prosecute low-level officials.
Smashing dissidents
How did the Saudis use the Hacking Team's surveillance technology?
This is a crucial question, considering the important role of this kind of
technology not only in the Khashoggi case - in which the surveillance
technologies of the Israeli company NSO Group are under scrutiny - but also in
the systematic crushing of dissent for which Saudi Arabia has become infamous
in recent decades.
The New York Times has pieced together how, since Mohammed bin Salman was elevated to crown prince in 2017, Saud al-Qahtani and Maher Mutreb would have been running a "Rapid Intervention Group" to ruthlessly crush dissidents, even those who have left Saudi Arabia, my means of very brutal techniques: surveillance, kidnapping, torture. Apparently even Saudi women activists campaigning for Saudi women's right to drive have been targeted by this team and brutally tortured.
From fascism to Nazism, from China to Qaddafi's Libya, in the past dissidents could escape from regimes which oppressed them by leaving their country and seeking refuge abroad. Some of the fathers of the Italian democracy, like Sandro Pertini, escaped Mussolini's dictatorship by seeking protection in countries like France. These days, unfortunately, surveillance technologies targeting phones and computers allow regimes to track down and spy dissidents everywhere, at any time and with very limited resources. What role did the Hacking Team's technology play in squashing Saudi dissent?
The source who held several of Hacking Team's training courses for the Saudis and who recognised Maher Mutreb tells la Repubblica that the Saudi intelligence men he trained between 2010 and 2011 didn't seem to ask hard questions. "They were working for the military intelligence, so they didn't talk. Some of them were some more enlightened than others, but their argument was: we are focused on internal terrorism, if our laws say that certain individuals are terrorists, we have to investigate them and put them under surveillance".
The New York Times has pieced together how, since Mohammed bin Salman was elevated to crown prince in 2017, Saud al-Qahtani and Maher Mutreb would have been running a "Rapid Intervention Group" to ruthlessly crush dissidents, even those who have left Saudi Arabia, my means of very brutal techniques: surveillance, kidnapping, torture. Apparently even Saudi women activists campaigning for Saudi women's right to drive have been targeted by this team and brutally tortured.
From fascism to Nazism, from China to Qaddafi's Libya, in the past dissidents could escape from regimes which oppressed them by leaving their country and seeking refuge abroad. Some of the fathers of the Italian democracy, like Sandro Pertini, escaped Mussolini's dictatorship by seeking protection in countries like France. These days, unfortunately, surveillance technologies targeting phones and computers allow regimes to track down and spy dissidents everywhere, at any time and with very limited resources. What role did the Hacking Team's technology play in squashing Saudi dissent?
The source who held several of Hacking Team's training courses for the Saudis and who recognised Maher Mutreb tells la Repubblica that the Saudi intelligence men he trained between 2010 and 2011 didn't seem to ask hard questions. "They were working for the military intelligence, so they didn't talk. Some of them were some more enlightened than others, but their argument was: we are focused on internal terrorism, if our laws say that certain individuals are terrorists, we have to investigate them and put them under surveillance".
The Saudi Investor
It's hard to say whether Maher Mutreb and Saud al-Qahtani had
contacts with Hacking Team after 2011 and 2015, respectively. Repubblica has
tried to get answers from the Italian company, which has just been acquired by
"In The Cyber Group" based in Lugano Switzerland and Milan. Its
founder and CEO, Paolo Lezzi, was the former CEO of Maglan Europe, an Israeli
company operating in the cyberespionage field with excellent contacts with the
Italian intelligence. These relationships may help ease the sale of
Israeli surveillance technology to Saudi Arabia, now that Israeli-Saudi Arabia
dealings have come under scrutiny due to the alleged role of the
Israeli cyberespionage firm NSO Group in the murder.
The former boss of Hacking Team, David Vincenzetti, hasn't replied to our questions on Mutreb and al-Qahtani, while Paolo Lezzi answered: "We established contact with Vincenzetti only a couple of weeks ago, and since we considered the risk of a brain drain of Italian skills [in the field of cyberespionage ] real, we opted for this choice [acquiring Hacking Team]. We have no knowledge of what might have happened in the last 8 years".
In The Cyber Group hasn't acquired 100 percent of the Hacking Team shares, only those in the hands of Vincenzetti, who owned 80 percent of the company. As for the rest, they remain in the hands of a company called Tablem Limited, based in Cyprus, as already revealed by Motherboard. The financial records submitted to the Italian Chamber of Commerce (minutes of the shareholders meeting, May 8th 2017) show that the director of Tablem is a man named Abdullah Algahtani, who back in 2017 appointed a Saudi lawyer, Khalid Al-Thebity, to attend a meeting at the company's headquarters in Milan. Al-Thebity claims to be a professional who has been representing the Saudi government on several international legal matters since 1996. Repubblica asked al-Thebity to clarify the precise relationship, if any, between Saud al-Qahtani and Abdullah Algahtani. The lawyer hasn't replied.
The Saudis invested in Hacking Team back in 2016, a few months after the devastating hacking attack which caused all the company's internal emails and source code to be leaked on the internet, fully available to anyone. Media reported that after the attack Hacking Team was in deep financial trouble, prompting the company to let the Saudis in.
But in 2015 the Hacking Team's revenues amounted to 5 million and 448.624 euros, compared to 6 million 640.409 euros in 2016 and 8 million 266.531 euros in 2017. It's true that in 2015 the company had to invest 1 million 195,000 euros in technology, but not only did revenues not collapse, but the financial records show the company could rely on 3 million 700.900 euros in its bank accounts, a notable sum for a limited liability company. A company with financial records like these is not in deep financial trouble, so it's unlikely the Saudis were allowed in due to serious financial problems. Why were the Saudis interested in Hacking Team? Who did they want to hack with the company's hacking tools? And what kind of "long and strategic partnership" was Saud al-Qahtani referring to?
The former boss of Hacking Team, David Vincenzetti, hasn't replied to our questions on Mutreb and al-Qahtani, while Paolo Lezzi answered: "We established contact with Vincenzetti only a couple of weeks ago, and since we considered the risk of a brain drain of Italian skills [in the field of cyberespionage ] real, we opted for this choice [acquiring Hacking Team]. We have no knowledge of what might have happened in the last 8 years".
In The Cyber Group hasn't acquired 100 percent of the Hacking Team shares, only those in the hands of Vincenzetti, who owned 80 percent of the company. As for the rest, they remain in the hands of a company called Tablem Limited, based in Cyprus, as already revealed by Motherboard. The financial records submitted to the Italian Chamber of Commerce (minutes of the shareholders meeting, May 8th 2017) show that the director of Tablem is a man named Abdullah Algahtani, who back in 2017 appointed a Saudi lawyer, Khalid Al-Thebity, to attend a meeting at the company's headquarters in Milan. Al-Thebity claims to be a professional who has been representing the Saudi government on several international legal matters since 1996. Repubblica asked al-Thebity to clarify the precise relationship, if any, between Saud al-Qahtani and Abdullah Algahtani. The lawyer hasn't replied.
The Saudis invested in Hacking Team back in 2016, a few months after the devastating hacking attack which caused all the company's internal emails and source code to be leaked on the internet, fully available to anyone. Media reported that after the attack Hacking Team was in deep financial trouble, prompting the company to let the Saudis in.
But in 2015 the Hacking Team's revenues amounted to 5 million and 448.624 euros, compared to 6 million 640.409 euros in 2016 and 8 million 266.531 euros in 2017. It's true that in 2015 the company had to invest 1 million 195,000 euros in technology, but not only did revenues not collapse, but the financial records show the company could rely on 3 million 700.900 euros in its bank accounts, a notable sum for a limited liability company. A company with financial records like these is not in deep financial trouble, so it's unlikely the Saudis were allowed in due to serious financial problems. Why were the Saudis interested in Hacking Team? Who did they want to hack with the company's hacking tools? And what kind of "long and strategic partnership" was Saud al-Qahtani referring to?
The Italian government is silent
Repubblica tried to get some
answers from the Italian government's undersecretary in charge of dual-use
exports, Andrea Cioffi, a member of the Five Stars Movement. We asked Mr.
Cioffi whether, after the brutal Khashoggi murder, the Italian
Ministry for Economic Development, which is in charge of
approving export licences, ever conducted a review oh the Hacking
Team's Saudi investor to establish any direct or indirect relationship
between Saud al-Qahtani and Abdullah Algahtani, considering that
Saud al-Qahtani ended up in the Interpol's red notice list. We also tried
to ask if the Ministry would publish the authorized exports' list for
Saudi Arabia. Unfortunately the undersecretary hasn't replied to our questions.
Even Italian intelligence, which we contacted through their institutional communication channels, hasn't replied to our question as to whether the Italian agencies for foreign and internal intelligence, Aise and Aisi respectively, are still using the Hacking Team's software. Instead the Italian law enforcement agency in charge of financial crime, the Guardia di Finanza, and the anti-terrorism unit of the Carabinieri, ROS, replied that they are no longer using it.
After years of scandals and exposés by the press and by privacy and human rights activists, who have denounced the complete lack of transparency and accountability of companies like Hacking Team and their dealings with infamous regimes, the businesses and clients of these companies still remain shrouded in a deep secrecy which prevents any effective democratic control.
Repubblica asked Edward Snowden for comment on the risk of this surveillance industry."The hacking industry is by far the most dangerous part of the modern arms trade", he tells us, explaining that "If you sell someone a missile, you know that even in the worst case, it can be used just one time: once it hits the target, it's destroyed. The digital weapons produced by the hacking industry, called exploits, are different, in that once they've been sold, they can be trivially copied and replicated by the customer an unlimited number of times, because it's just code -- and it can be done without the awareness of the vendor. Try to imagine how insane it would be for any country to let random people sell biological weapons. These kind of digital weapons suffer from the same problem [proliferation risks], only worse, and the customers are often authoritarian regimes that you couldn't even give a crayon without them abusing it. It should scare people that a company like Hacking Team can exist, especially in a developed country like Italy". Snowden concludes that "The bottom line is that the international exploit trade is quite simply a threat to public safety, and often those who refuse to admit it either don't understand it or are aiming to profit from it. The Khashoggi case shows how easily these things end up in the hands of people who are not afraid to use them against the public, and it's a tragedy that so many governments are happy to turn a blind eye".
Even Italian intelligence, which we contacted through their institutional communication channels, hasn't replied to our question as to whether the Italian agencies for foreign and internal intelligence, Aise and Aisi respectively, are still using the Hacking Team's software. Instead the Italian law enforcement agency in charge of financial crime, the Guardia di Finanza, and the anti-terrorism unit of the Carabinieri, ROS, replied that they are no longer using it.
After years of scandals and exposés by the press and by privacy and human rights activists, who have denounced the complete lack of transparency and accountability of companies like Hacking Team and their dealings with infamous regimes, the businesses and clients of these companies still remain shrouded in a deep secrecy which prevents any effective democratic control.
Repubblica asked Edward Snowden for comment on the risk of this surveillance industry."The hacking industry is by far the most dangerous part of the modern arms trade", he tells us, explaining that "If you sell someone a missile, you know that even in the worst case, it can be used just one time: once it hits the target, it's destroyed. The digital weapons produced by the hacking industry, called exploits, are different, in that once they've been sold, they can be trivially copied and replicated by the customer an unlimited number of times, because it's just code -- and it can be done without the awareness of the vendor. Try to imagine how insane it would be for any country to let random people sell biological weapons. These kind of digital weapons suffer from the same problem [proliferation risks], only worse, and the customers are often authoritarian regimes that you couldn't even give a crayon without them abusing it. It should scare people that a company like Hacking Team can exist, especially in a developed country like Italy". Snowden concludes that "The bottom line is that the international exploit trade is quite simply a threat to public safety, and often those who refuse to admit it either don't understand it or are aiming to profit from it. The Khashoggi case shows how easily these things end up in the hands of people who are not afraid to use them against the public, and it's a tragedy that so many governments are happy to turn a blind eye".
Nessun commento:
Posta un commento