NIS reacts to snooping charge
It claimed the software was used on North Korean spies and for “research purposes.”
A session of the National Assembly Intelligence Committee convened on Tuesday to look into allegations that the NIS purchased remote control system (RCS) spyware in 2012 from Italian surveillance malware vendor Hacking Team to spy on citizens, allegedly during the 2012 presidential election campaign.
The NIS acknowledged that it purchased the RCS software, which allows security or law enforcement agencies to hack into targets’ computers and mobile devices and monitor them.
However, Lee Byung-ho, director of the NIS, told lawmakers at the meeting that the South Korean people were never the target. He added that the NIS purchased RCS software in January and July 2012, and 10 people were hacking targets for each of these programs, totaling 20.
The NIS said it had purchased the programs to combat North Korea’s cyber warfare and for research purposes. It further claimed that 97 intelligence or investigation agencies from 35 countries have purchased the same Italian hacking program. “It cannot be used against South Korean citizens,” Lee said.
According to a ruling party lawmaker who attended the meeting, the NIS chief said in regards to accusations that it had monitored ordinary people, “Activities that target people like in the past is something that should not happen. If this is true, we are willing to take whatever punishment necessary.”
On July 8, WikiLeaks released over 400 gigabytes of leaked data, including internal e-mails and invoices from Hacking Team.
The leaked data showed that “5163 Army Division,” a code name for the NIS, was a Hacking Team customer. Data also showed exchanges involving the South Korean Army, using the acronym SKA. The leaked data from the Italian company indicated the NIS bought hacking software from the company dating back to 2012.
Opposition lawmakers on Monday accused the NIS of using the program to monitor Koreans through their smartphones and messenger application KakaoTalk during presidential and local elections. They demanded a special probe by the National Assembly. Leaked internal documents from the company showed that in March 2014, representatives from the hacking company met with officials from the 5163 Army Division in Korea.
A March 27, 2014 report sent in an internal e-mail between Hacking Team representatives described company officials traveling to Korea to meet with the SKA and having received an inquiry on “the progress of KakaoTalk.”
E-mail exchanges show that Nanatech, a Korean communications company, apparently served as an intermediary between the NIS and Hacking Team.
Through Nanatech, the 5163 Army Division purchased an RCS program for 390,000 euros ($430,000) in February 2012.
Earlier on Tuesday, New Politics Alliance for Democracy Rep. Song Ho-chang, a member of the parliamentary Science, ICT, Future Planning, Broadcasting and Communications Committee, raised allegations that the Defense Security Command purchased over 20 surveillance devices two months ahead of the presidential elections in 2012.
Song said in a radio interview Tuesday, “The Defense Security Command (DSC) bought surveillance devices in October 2012 ahead of presidential elections to monitor voice mail and data.” He added that the command bought wiretapping equipment from a domestic communications company.
The DSC Commanding General Cho Hyun-chun said at a defense committee meeting on Tuesday that the wire communication surveillance devices are “related to the military’s security and used in relation to crimes.” Civic groups also demanded a probe into the spy agency’s purchase and use of the hacking programs. A group of civic activist groups, including Minbyun Lawyers for a Democratic Society, held a rally on Tuesday in front of the National Assembly in Yeouido, western Seoul, and issued a statement demanding the truth from the NIS.
“The NIS acknowledged the purchase of the Italian hacking program, and said it was for use in information warfare with North Korea and overseas countries. However, because this coincides with the problematic period in which Won Sei-hoon interfered with the elections and domestic politics, we cannot believe the NIS.”
NIS Chief Won Sei-hoon was involved in ordering a cyber smear campaign on the eve of the election, targeting opposition candidate Moon Jae-in. In February, the Seoul High Court convicted Won, who headed the NIS from 2009 to 2013, on charges of violating the election law, sentencing him to a three-year prison term. The national election law prohibits civil servants from interfering in elections.
BY SARAH KIM, KIM HYOUNG-GU [firstname.lastname@example.org]