The spyware used by Arab dictators has now shown up in Myanmar

A powerful German spyware company had its hacking tools spotted in Myanmar.
The news: One of the oldest private hacking companies around found itself in the spotlight again this week. Gamma Group, a German company that sells spyware to the highest bidder, was discovered within the last year to be spying on dozens of mobile devices in different parts of the world by the Russian cybersecurity company Kaspersky. Last month, Kaspersky found Gamma Group’s FinSpy malware in Myanmar. The hacking tool known as FinSpy, if successful, steals everything from text messages to emails, photos, and GPS data. It also targets secure and encrypted messengers like Signal, WhatsApp, and Telegram. Those apps, often used for their exceptional security against hackers at a distance, offer little protection against malware that’s successfully executed on a target’s phone.
The background: Today, there is a global multibillion-dollar hacking industry. Gamma Group came to prominence when it was discovered selling spyware to Middle East dictatorships during the Arab Spring.
The target: It’s not clear yet who was the aggressor and who was the target, but these tools are increasingly used by authoritarian governments to suppress dissidents and political opponents. Myanmar has endured a series of uniquely 21st-century catastrophes, most notably an ethnic genocide fueled by social media. Silicon Valley, Facebook in particular, was slow and ineffective in its response even as people died as a result of misinformation and hate speech on the platform. Last month, the government shut down the internet during a time of heavy fighting and humanitarian crises.
The future: Gamma Group is one company among many that governments around the world are paying for high-tech hacking capabilities. Although countries like the US and China can afford to develop world-leading exploits and vulnerabilities, dozens more countries—from democracies to dictatorships—are turning to the booming private sector for their hacking abilities. The results can be seen in Saudi Arabia, which reportedly has hacked journalists; the United Arab Emirates, which hacked dissidents; and Mexico, which hacked lawyers and even politicians, among others. Gamma Group’s resurfacing in Myanmar is the latest sign of the industry’s global reach.
Deep Dive
Computing

Russia is risking the creation of a “splinternet”—and it could be irreversible
If Russia disconnects from—or is booted from— the internet’s governing bodies, the internet may never be the same again for any of us.

Quantum computing has a hype problem
Quantum computing startups are all the rage, but it’s unclear if they’ll be able to produce anything of use in the near future.

These hackers showed just how easy it is to target critical infrastructure
Two Dutch researchers have won a major hacking championship by hitting the software that runs the world’s power grids, gas pipelines, and more. It was their easiest challenge yet.

Inside the plan to fix America’s never-ending cybersecurity failures
The specter of Russian hackers and an overreliance on voluntary cooperation from the private sector means officials are finally prepared to get tough.
Stay connected

Get the latest updates from
MIT Technology Review
Discover special offers, top stories, upcoming events, and more.