Reprinted from http://www.corpwatch.org/article.php?id=15864
Bimen Associates of Virginia and Harris Corporation of Florida have
contracts with the U.S. Federal Bureau of Investigation (FBI) to hack
into computers and phones of surveillance targets, according to Chris
Soghoian, principal technologist at American Civil Liberties Union's
Speech, Privacy and Technology Project.
"Bimen and Harris employees actively hack into target computers for the FBI," Soghoian told CorpWatch. James Bimen Associates did not return phone calls asking for comment. Jaime O'Keefe, a spokesman for Harris, and Jennifer Shearer, an FBI spokeswoman, both declined to comment for this story
However, the FBI has not denied these capabilities. The agency "hires people who have hacking skill, and they purchase tools that are capable of doing these things," a former official in the FBI's cyber division told the Wall Street Journal recently. "When you do, it's because you don't have any other choice."
Soghoian verified the information from other sources, after uncovering the information from Freedom of Information Act requests filed by the Electronic Freedom Foundation (EFF) and other publicly available information.
"The government doesn't have the resources to directly monitor every American or let alone every foreigner but they want to read the communications of every foreigner and they want to collect information on every American," explains Soghoian. "What do you do when you don't have the manpower to collect everyone's communications?"
The answer, he says, is spy software. This is not unprecedented among government agencies. For example, the U.S. Food and Drug Administration (FDA) bought commercial products from a company named SpectorSoft in Florida to track five staff whom they suspected of whistleblowing in 2009.
The software allowed them to capture "screen images from the government laptops of " five scientists as they were being used at work or at home " tracked their keystrokes, intercepted their personal e-mails, copied the documents on their personal thumb drives and even followed their messages line by line as they were being drafted," the New York Times reported last year.
Other companies like Gamma International from Germany and Hacking Team from Italy have also been aggressively marketing their products for purchase by local police officers. A number of national governments like Egypt and Mexico have also reportedly bought such systems that allow them to listen to regular phone and Skype conversations and read email.
But what agencies like the FBI are now worried about is that individuals are "going dark" by using freely available encryption software to prevent their email and phone conversations to be captured by law enforcement agencies.
In order to combat this, Soghoian says the FBI wanted custom designed products, so they turned to a little known internal team named the "Remote Operations Unit" inside the Operational Technology Division, which set up a project called "Going Dark."
Eric Chuang, the head of the Remote Operations Unit in Quantico, Virginia, who has a doctorate in clinical psychology from Indiana University of Pennsylvania, and a law degree from Temple University in Philadelphia, was put in charge of this task.
Bimen Associates, which has its headquarters in McLean, Virginia, near the headquarters of the Central Intelligence Agency, provided custom designed software tools developed exclusively for the FBI to crack encrypted conversations, says Soghoian. Agency staff and contractors access computers of suspects remotely to install this software to allow them to watch everything that the target types or says.
In February 2008, Bimen Associates hired Amanda Hemmila, a former U.S. Air Force computer technician, who was working on an online undergraduate degree in computer science with Grantham University in Missouri, to help test their new software.
Hemmila's LinkedIn resume says that she was responsible for "building, testing, deploying, maintaining and tracking software kits and hardware deployed from the Remote Operations Unit Deployment Operations Center" as well as training them in "processing and viewing software and providing End User phone support." She also helped write policies, guidance and training material to keep the software secret.