Boeing and Hacking Team Spoke about Spyware Spreading Drones

WikiLeaks have put up leaked emails taken from the recent hack of network surveillance and spyware vendor Hacking Team and Insitu, a Boeing subsidiary. The emails reveal the development a prototype hardware drone intended to infect computers and mobile devices within its range via Wi-Fi, according to a report on Engadget and other sources.

The correspondence

In April this year, a mechanical engineer from Insitu sent an email to Hacking Team’s account manager Emad Shehata, saying:

“We see potential in integrating your Wi-Fi hacking capability into an airborne system and would be interested in starting a conversation with one of your engineers to go over, in more depth, the payload capabilities including the detailed size, weight, and power specs of your Galileo System.”

Subsequently, an internal email within Hacking Team revealed that Insitu was particularly interested in picking targets and infecting them with a drone via Wi-Fi. Soon enough, Insitu was asked to “sign and stamp the NDA (non-disclosure agreement),” before any further information was communicated.

Venneri, the mechanical engineering graduate and intern at Insitu then replied to the NDA request with Boeing’s PIA (Proprietary Information Agreement), stating: “Signing our PIA (attached) will dramatically shorten the authorization process at our end,” Venneri wrote. “Let me know if you are willing to sign our document to engage in conversations with us.”

It was at this point in time when Giancarlo Russo, the Chief Operating Officer at Hacking Team joined the email chain, adding: “I saw your document and it will require additional legal verification from our side regarding the applicability of ITAR and other U.S. Law,” he said. “In my opinion, for a preliminary discussion our non-disclosure agreement should be sufficient to protect both companies and as you will see it is including mutual provision for both parties and it will make things easier and faster for us.”

This response didn’t sit well with Boeing’s lawyers who insisted on the PIA in an additional response and the correspondence ends there.

Flying, hacking, malware spreading drones

Insitu initially became interested in using its surveillance drones for advanced malware-laden surveillance after attending IDEX 2015, the International Defense Exhibition.

Insitu’s ScanEagle, a surveillance drone that’s currently being used by militaries around the world was specifically mentioned as the malware-carrier and the Boeing subsidiary also has drones specifically marketed for law enforcement authorities.

The technology developed by Hacking Team – The TNI or the Tactical Network Injector is explained as a “portable, often laptop-based, physical device, which an operator would use to plug into a network the target is using — such as an open Wi-Fi network in a hotel or coffee shop. When the targeted person uses the Internet for some ordinary activity, like watching a video or downloading an app, the device intercepts that traffic (so long as it is unencrypted) and injects the malicious code that secretly installs Hacking Team’s spyware.”

The conversation didn’t get far, but it did reveal insight into drones which could soon have the means to infect ordinary laptops and mobile devices by simply flying over them.