Probe called for amid NIS surveillance allegations

Korea’s main opposition party has demanded the National Assembly launch a special investigative committee amid controversy over allegations that the National Intelligence Service (NIS) purchased a hacking program from an Italian company to surveil citizens over their smartphones and mobile devices.

The NIS is accused of having acquired a hacking program in 2012 from an Italian company known for its offensive intrusion and surveillance capabilities, apparently to monitor activities over smartphones, the Internet and the messenger application KakaoTalk.

Last Wednesday, WikiLeaks released over 400 gigabytes of leaked data, including internal e-mails and invoices from the Italian surveillance malware vendor Hacking Team.

Leaked internal documents from the company last week showed that in March 2014, an official from South Korea’s 5163 Army Division, a code name for the NIS, spoke with a representative from the hacking company to discuss the progress made on hacking KakaoTalk. The acronym SKA was used as an abbreviation for the South Korean Army in email exchanges.

On March 27, 2014, another trip report between Hacking Team representatives described that these officials traveled to Korea to meet with the “SKA.”

“We discussed the issues the SKA raised in their ticket, mainly on their concerns about the recent exposure, especially when the local news is also highlighting the possibility that the government is using RCS [remote control system] to monitor their own citizens. … They also asked about the progress of KakaoTalk, which they mentioned is very commonly used in their country,” it said.

Hacking Team sells remote control system spyware that allows security or law enforcement agencies to hack into its targets’ computers and mobile devices and monitor them conveniently.

The emails also revealed that the 5163 Army Division’s address in English was as follows: Seocho P.O. Box 200, Seocho-dong, Seocho-gu, Seoul, Korea.

The address is linked to the NIS.

During the June 2014 local elections, the agency was accused in Korean media of ordering the program to attack and surveil Android phones. The NIS, however, did not completely deny the purchase of the devices, and said that “there are cases we purchase foreign hacking programs to grasp the newest trends and bolster defense.”

In response to the controversy, the New Politics Alliance for Democracy (NPAD) on Monday demanded a fact-finding special committee be created within the National Assembly to look into the issue.

At his party’s Supreme Council meeting, NPAD Chairman Moon Jae-in referred to media reports concerning KakaoTalk and smartphone hacks ahead of the elections last year, which he said “raises suspicions that the NIS used [the hacking program] to systematically interfere in the elections.”

Rep. Jun Byung-hyun, a member of the council, also demanded an explanation. “We cannot help but see this as the agency’s total directional cyber inspection. It needs to clarify why it bought the program and explain what it was used for,” he said.

In response, at a National Assembly defense committee meeting on Monday, Minister of National Defense Han Min-koo said that the ministry had “not purchased such a program,” referring to the RCS software.

“I confirmed that none of the divisions within the Defense Ministry has purchased or used such a program,” Han said, “and I can say this with certainty.”

BY SARAH KIM, KIM HYOUNG-GU [kim.sarah@joongang.co.kr]