Govware

As Govware [ɡʌvwɛə] (English portmanteau word out. Governmental, "authorities" and software ) refers to computer programs that were developed by a State or working for the state private companies to perform unwanted by the user and possibly harmful functions. Among other things, Govware is used for so-called online searches . It is therefore malware or malicious programs that provide the relevant functionality for authorities.

German federal authorities had already obtained information on the subject from US sister authorities in 2007.

Govware became known to the general public in October 2011 when the Chaos Computer Club published a pollutant program that, according to the club, came from the computers of German federal authorities. This led to the so-called state Trojan affair , which then made waves in the media and led to a current hour in the Bundestag .

Well-known govware

Well-known govware programs are among others:

Carnivore and Magic Lantern , which are developed and used by the CIA .
FinFisher , a govware toolkit made by Gamma Group et al. a. was licensed to Egypt and targeted dissidents and bloggers critical of the government .
Stuxnet was explicitly targeting the Iranian nuclear program and was smuggled in via iPod when a nuclear technician wanted to charge it via USB on a computer used for control . Its origin is believed to be in the IDF Unit 8200 .
0zapftis , a Trojan licensed by DigiTask for the Bavarian State Office of Criminal Investigation , which acted as a keylogger and a. Skype chats. It was able to reload functionality and files from the Internet.

Tunisia tried to put down the Jasmine Revolution and with it the Arab Spring by phishing access data to Facebook and Twitter . As a countermeasure, u. a. developed a Greasemonkey script.

Regin , a spy software that has existed since 2003 and has been partially known since at least 2009. Both GCHQ and NSA are presumed to be the originators.

RCIS (Remote Communication Interception Software), a software for source TKÜ that has been in use since at least 2017 and developed by the BKA .

Journalist Barrett Brown collected clues and data about govware on Project PM . The Wiki Project PM (November, 2014), despite the Incommunicato -haft Brown still online.

Problem and feasibility

The Govware concept is based on the principle that the target person or the target computer do not have the same level of technical knowledge or technical protection as the authorities or their staff. This may also be the case if roughly insecure systems such as Microsoft Windows (possibly even outdated versions) are used. There is consensus among IT security experts that this concept of imbalance is difficult to apply to supra-regional, organized crime or even terrorist groups .

Many operating systems, such as B. Linux is difficult to attack or infect with malware . Live CDs in general and distributions such as Tails save e.g. B. no persistent changes, and so practically only vulnerable to manipulated data carriers. Even very outdated or inefficient systems (e.g. Amiga ) offer a certain protection, since Govware works poorly or not at all on them.

In principle, only a computer can be attacked if it can be reached directly or indirectly (see Stuxnet) from the Internet . However, if a network that is not connected to the Internet, or even just a single computer without Internet access, is used, (physical) access would have to be made to this. From this point at the latest, classical seizure would theoretically be easier to carry out.

criticism

In addition to the data protection problem and the general problems that authorities could also make themselves liable to prosecution, there is the problem in comparison to classic computer forensics that the target computer is manipulated, which fundamentally reduces the evidential value of the data obtained in this way in court . The software also has to be constantly updated against virus protection and other measures, which is difficult, time-consuming and therefore very expensive.

References

↑ Article of the online computer magazine Golem about the publication of the state trojan
↑ Heise Online about the current hour in the Bundestag on the state Trojan affair
↑ NSA and GCHQ are said to have used Regin - Digital - Süddeutsche.de
↑ Patrick Beuth: The state Trojan remains in the dark . In: Spiegel Online , January 29, 2018.
^ Project PM

[1] Article of the online computer magazine Golem about the publication of the state trojan

[2] Heise Online about the current hour in the Bundestag on the state Trojan affair

[3] NSA and GCHQ are said to have used Regin - Digital - Süddeutsche.de

[4] Patrick Beuth: The state Trojan remains in the dark . In: Spiegel Online , January 29, 2018.

[5] Project PM