Reading through the great Hacking Team transparency report on Wikileaks, it is clear that the Italian spyware vendor had at least two customers in Thailand. Mainstream media had focused on just one, the sales to army intelligence arm, the national security council, but those emails show that another deal was brokered by telecom conglomerate Samart.
Thai intelligence, as oxymoronic as it may sound, wanted the ability to eavesdrop on instant messaging - Line, Skype and Whatsapp in particular.
In case you missed it, HackingTeam is a vendor of weaponized malware. It was caught with its pants down and a huge 400 GB cache of documents files were leaked. These included years of email archives as well as files of the weaponized spyware itself.
Indeed, for weeks afterwards, security companies and software vendors were constantly patching their software to prevent the HackingTeam exploits from being used further. The company had spyware for just about every platform out there.
While HackingTeam was supposedly operating with law enforcement agencies, the emails did show that they were also peddling their wares to repressive regimes such as Sudan, Bahrain and Saudi Arabia.
But back to Thailand. The national security council deal was interesting inasmuch as it showed the two-faced nature of Thailand’s current military rulers. Junta leader and current Prime Minister general Prayuth Chan-Ocha was head of the army at the time the procurement was signed off, but he told the media simply that it never happened.
Of course it did not.
The other project was a $375,000 project for the Department of Corrections, under the Ministry of Justice. This is interesting as it was brokered by HackingTeam’s usual partner in the region, Singapore-based NICE, and Samart, the same Samart that is a TOT MVNO and keeps winning government contracts all the time.
Coincidentally, the Ministry of Justice itself is located in a building that is owned by Samart.
The client, which communicated through Samart, seemed to be primarily interested in mobile messaging interception as was clear in most of the questions in the email exchange. SMS messages could be intercepted even without the target reading their SMS. Samart asked of Gmail, Whatsapp, Line and Skype and others to which the answer was that HackingTeam’s software could only monitor Whatsapp, Line, Skype and Facebook chat via screenshot monitoring and that would require root access on Android.
The project, valued at $375,000, was towards the end subjected to a 10% discount with the locals explaining “this is how it works in Thailand”. HackingTeam’s response to that last minute demand for an extra discount that the Department of Corrections was in fact the Department of Corruption in Thailand.
One wonders where that 10% last minute discount went to.
The emails show that at a late stage in the negotiations, Samart asked HackingTeam to change the name on the invoice from "Samart Comtech Co., LTD" to " IT Absolute Company Limited" to hide its involvement.
There was no indication to suggest that the department of corrections was a front for any other, more evil, agency, though that could have been the case.
Other agencies HackingTeam has been demonstrating their wares to include the Armed Force Security Center, Police Narcotics, Army signaling, the chamber of commerce (was that the Thai Chamber of Commerce or the University of Thai Chamber of Commerce where our former friend at the National Telecommunications Commission now works after having written the foreign dominance notification?), Internal Security Operations Centre (covert operations in the deep south), Ministry of Defence and Royal Thai Army.
Why would Army Signaling want to buy weaponized spyware? Apparently the signaling department is a front for Army Military Intelligence Command.
And on this point, HackingTeam executives said in their emails that they preferred to avoid signaling as ultimately the purchaser would be military intelligence. So they were not all bad and evil after all.
That was just about it. No smoking gun, no huge conspiracy. Just a malware vendor getting frustrated at the Thai way of doing business and corruption and the fact that the spooks do want to listen in on encrypted messaging apps.