Security

What Surveillance Software Tools Do Governments Use?

By Sydney Butler / July 24, 2019

If you needed to use technology as a way to monitor millions of people, what would you use? What sorts of surveillance software tools would you get? It's not as if they sell them at "SpyKits R US" or something. It turns out that if you're a government, you can create or commission some pretty impressive software tools. Programs that will let you infiltrate systems and devices many of us are convinced will keep our information safe.

We're going to take some time to look at a few choice examples of these programs. Most likely there are many more that we've never heard of and never will. Even so, for the few rare software packages that are public knowledge, the details are disturbing enough.

Magic Lantern

This tool is pretty old now and is really only of historical interest. It is however fascinating to see how digital mass surveillance tools have changed along with advances in technology.

Magic Lantern is a keystroke logging malware package. The sort of thing a low-level hacker might use these days to steal your credit card details or passwords. The world first heard of this tool in 2001. It was developed by none other than the FBI!

What makes Magic Lantern interesting is the conditions under which is triggers. Whenever the target uses PGP encryption to secure an email message, the logger intercepts the password. The FBI can then easily intercept and decrypt the email. Without the sender being any the wiser that their "secure" email was almost immediately read by the feds.

ICREACH

So let's start off this entry with the disclaimer that ICREACH might just be a rumor. One has to deal with lots of unverified information in the surveillance world and this is alleged to exist at best. The people who claim ICREACH is a real thing also say it's top-secret. So make of that what you will.

That being said, outlets like PBS reported on the existence of ICREACH, who were in turn reporting on information coming from Edward Snowden. The famed intelligence whistleblower.

ICREACH is reportedly like a Google for the NSA and other agencies that have access to it. With it you can search through up to 850 billions communication records. That's how many records it was designed to handle, although no one besides the people who (allegedly) built the system knows how much data is actually in there.

MYSTIC

MYSTIC doesn't exist anymore as far as we know, but since its inception in 2009, the program was used to collect metadata and phone call content from a number of countries. It was also revealed thanks to the Edward Snowden leaks in 2014. Apparently MYSTIC was such a powerful system that it recorded almost every phone call in a country in a rolling 30-day window. Which means the state could extract and listen to any phone call made in the last month. Mystic is historic in the sense that it's the first program we know of that could record the communications of an entire nation.

StuxNet

StuxNet is pretty famous, so chances are you've already at least heard the name. It's a computer worm, rather than a virus. Computer worms work differently than viruses. While a virus usually wants to destroy or modify files on one computer, a worm tries to spread across computer networks and replicates itself towards that end.

StuxNet is quite possibly the most destructive worm ever created. The public still has no idea who created StuxNet, but it's strongly believed that the software had to be created by government power.

StuxNet was designed specifically to SCADA systems. SCADA is used to manage large industrial projects, and so if you take over you can wreak some real-world havoc. As far as we know, some of Iran's nuclear program facilities were set back years due to StuxNet sending commands that destroyed equipment.

While StuxNet is the most famous of this class of worm, it hasn't been the last. Several other programs have been found that either ape StuxNet in terms of design and function or are actually related by code.

Regin

Regin is a figure in Norse mythology who becomes the foster parent to the legendary hero Sigurd. He is the one that teaches Siegfried languages and skills. So it makes sense that the US government would name a sophisticated hacking toolkit after him. Regin can be used to quickly compromise a target machine with a custom set of spy tools. It's an incredibly stealthy piece of software. It creates its own virtual file system and uses encryption to hide itself.

WARRIOR PRIDE

WARRIOR PRIDE has one of the cooler code names of the tools we've looked at here, but there's not much "cool" about what it actually is. The WARRIOR PRIDE software is actually a pair of tools. They're spyware kits that respectively cover the iOS and Android sides of the mobile world. If you still own a Windows Phone you're probably safe, but then again you have a Windows Phone. Sorry about that.

Hilariously, all the sub-components of Warrior Pride have names derived from the Smurfs cartoon. For example, DREAMY SMURF lets them turn on a phone the user has turned off. NOSEY SMURF let them listen in by turning on the phone's mic. TRACKER SMURF, well, tracks your location. You get the idea. With these kits, the state can pull just about any content from your phone. Makes you think twice about carrying around a smartphone, right? Surveillance software tools will have that effect on you.

The Infiltration Wizards and their Magic Surveillance Software Tools

For the most part, computers are our friends and the internet is a wonderful place. If you have enough money and power however, you can twist these tools into instruments of deep information gathering. Tipping the balance away from freedom, often in the name of safety and security.

We're sure that there are many such tools out there we have never heard of. We probably never will. Still, it's good to know something about the ones that have leaked into public knowledge. It tells us something about the capabilities of those who are meant to take care of our society. Whether those capabilities are comforting or terrifying is something we'll leave up to you.

Are there any notable government surveillance software tools we missed? Let us know in the comments. Lastly, we’d like to ask you to share this article online. And don’t forget that you can follow TechNadu on Facebook and Twitter. Thanks!



For a better user experience we recommend using a more modern browser. We support the latest version of the following browsers: For a better user experience we recommend using the latest version of the following browsers: