No one doubts that Canadian law enforcement agencies have the capability to engage in lawful spying over the Internet,
But a report by Canadian security academics has raised questions about Canada’s links to controversial German software that security academics here say is used in many repressive regimes to spy on residents.
A report issued Wednesday by the Citizen Lab branch of the University of Toronto’s Munk School of Global Affairs said command and control servers for Munich-based Gamma International GmbH.’s FinSpy remote intrusion and surveillance software have been found in 25 countries
Among the locales are two servers at a Toronto Web hosting company called Softcom Inc.
Command and control servers for the software were also found in the United States, Britain, Australia and Germany among other countries, some of which Citizen Lab says are repressive regimes.
FinSpy is part of the FinFisher remote surveillance suite made by Gamma. The company’s Web site says the software is only sold to law enforcement and intelligence agencies.
“It would be speculation,” on why FinSpy is on a Canadian-based server, Ron Deibert, director of Citizen Lab and the Munk Centre’s Canada Centre for Global Security Studies, said in an interview.
“One obvious inference is its being used by some agency of the Canadian security services based on the type of client Gamma typically sells to. But it also could be anybody … Only the Web hosting company knows for sure.”
Gamma, the Citizen Lab report notes, has repeatedly denied links to spyware and servers uncovered by its research.
A spokesman for Softcom could not be reached by press time Thursday.
To read the full Citizen Lab report click here.
FinFisher products are marketed and sold exclusively to law enforcement and intelligence agencies by the UK-based Gamma Group, says the report. For Citizen Lab, “FinFisher has gained notoriety because it has been used in targeted attacks against human rights campaigners and opposition activists in countries with questionable human rights records.”
A FinSpy campaign in Ethiopia uses pictures of Ginbot 7, an Ethiopian opposition group, as bait to infect users, says the report.
It also says there is “strong evidence” of a Vietnamese FinSpy Mobile Campaign with the discovery of an Android FinSpy Mobile sample in the wild with a command and control server in Vietnam that also pulls text messages to a local phone number.