hankyoreh

at a hearing of the National Assembly’s Intelligence Committee

On July 14, National Intelligence Service (NIS) Director Lee Byung-ho acknowledged to the National Assembly’s Intelligence Committee that the spy agency had purchased hacking software called RCS (Remote Control System), which it is accused of using to place smartphones and computers under illegal surveillance.

Lee claimed, however, that the purchase was not intended to monitor South Korean civilians at home but rather North Korean agents operating overseas, according to lawmakers from the ruling and opposition parties who are on the committee.

But based on emails that the NIS exchanged with Hacking Team, the Italian company from which it purchased RCS, experts think there is a high likelihood that the software was also used for domestic surveillance.

From the time that the NIS began pushing to purchase RCS in 2010, it pressed Hacking Team for the ability to monitor voice conversations on mobile phones. In addition, the agency asked for additional monitoring functionality for each new model that Samsung Electronics released as part of its Galaxy series.

In an internal email from last year, Hacking Team staff wrote that the NIS “also asked about the progress of [developing hacking functionality for] Kakao Talk which they mentioned is very commonly used in their country.”

And with the titles like “alumni list for the college of engineering at Seoul National University” for email attachments that appear to have been made in order to plant hacking viruses on the mobile devices of figures who were supposed to be monitored, it appears very likely that the agency attempted to hack South Koreans as well.

The agency also asked Hacking Team to implant a virus smartphone in a URL that is connected with a blog about the best tteokbokki (hot rice cake) restaurants, which appear unrelated to North Korean operatives.

While the NIS reportedly claimed that South Koreans were not the targets of the program it purchased from the Hacking Team, which is capable of monitoring 20 mobile phones, these circumstances strongly suggest that South Koreans could have been among those who were placed under surveillance.

“The name ‘South Korea Army Division 5163’ that the National Intelligence Service used to purchase the hacking program has been in use for the past 50 years. All of the world’s intelligence organizations know that this unit refers to South Korea’s spy agency,” said a source in a government inspection agency who is knowledgeable about the NIS’s inner workings.

“Purchasing counter-espionage equipment from overseas would have to be kept secret from North Korea. It‘s absurd to think that the NIS would have used this name and its actual address when buying it. It’s very likely that the equipment was intended for domestic use,” the source said.

If the NIS used RCS to place North Korean operatives under surveillance overseas, then the agency’s actions were justified. But if, on the other hand, the agency used it inside South Korea - even to investigate North Korean operatives - it is more likely that this was illegal.

“If you secretly install a virus on someone else’s device, this cannot later be used as evidence in a criminal case. This is illegal even if you receive a wiretap warrant from the court,” said Yang Hong-seok, a lawyer with the public interest law center at People’s Solidarity for Participatory Democracy.

“In an investigation against North Korean operatives, courts can issue warrants allowing surveillance. If the agency tried to deal with this through hacking without involving a judge, one has to conclude that there was some ulterior motivation at work. Using viruses to hack completely neutralizes several restrictions in the Protection of Communications Secrets Act, including the oversight of the court and limitations on the period of surveillance,” said Lee Gwang-cheol, a lawyer.

On Tuesday afternoon, activist groups including the Korean Progressive Network Center, People’s Solidarity for Participatory Democracy, MINBYUN-Lawyers for a Democratic Society, and the Catholic Human Rights Commission held a press conference in front of the National Assembly in Seoul calling for a full investigation of the NIS‘s use of hacking and wiretapping programs in cyber surveillance.

“Under current laws, hacking programs are completely unacceptable. The National Assembly, which has at least some control over the National Intelligence Service, should carry out a thorough investigation into whether this was illegal,” said Lee Ho-jung, permanent director of the Catholic Human Rights Commission and professor at Sogang University Law School.

On July 14, the NIS completely denied allegations that it used the surveillance program purchased from Hacking Team in 2012 to carry out illegal monitoring. Members of the Intelligence Committee on both sides of the aisle reported that the agency said it had only used the program in question for collecting intelligence about North Korea overseas and that it had not used the program in South Korea.

According to lawmakers on the Intelligence Committee, the agency said on Tuesday that it had purchased 10 lines for hacking programs capable of monitoring mobile phones in Jan. 2012 and 10 more in July 2012 from Hacking Team. The agency also reportedly said that 18 of these lines were being used overseas against North Korean operatives and two of them were being used domestically for research purposes

“We never have used surveillance programs against South Koreans and have no reason to do so. If the kind of illegal surveillance that was seen in the past took place again, I will submit to any prosecution,” NIS Director Lee Byung-ho was quoted as saying during the meeting of the Intelligence Committee on Tuesday.

When asked about its inquiry to Hacking Team about the possibility of monitoring Kakao Talk, the agency responded that it made the inquiry because North Korean agents use Kakao Talk, too, a participant on the committee said.

Throughout the meeting on Tuesday, the NIS reportedly argued for the legitimacy of its purchase of the surveillance program.

“The National Intelligence Service said that 97 investigative and intelligence agencies in 35 countries have purchased and are using this program and that, while the surveillance is enabled by spyware, this was not illegal because the agency was using it against North Korean operatives,” a committee member with the opposition party said.

By Heo Seung, Kim Mi-hyang, Bang Jun-ho and Lee Se-young, staff reporters

Please direct questions or comments to [english@hani.co.kr]