The report, cited in a story by Ars Technica, was based on a review of 287 documents form 160 companies that sell surveillance software.
The surveillance industry is essentially unregulated, the WikiLeaks report noted. “Intelligence agencies, military forces, and police authorities are able to silently, and on mass, and [sic] secretly intercept calls and take over computers without the help or knowledge of the telecommunication providers. In the last ten years systems for indiscriminate, mass surveillance have become the norm", WikiLeaks wrote in its report.
In one example of malware being designed to aid surveillance is DigiTask’s remote forensic software, according to the Ars Technica report. DigiTask is a German company that supplies software to law enforcement agencies to enable them to circumvent SSL encryption in order to eavesdrop on suspects.
The software captures the content of encrypted communications and sends it back to the agency conducting the surveillance. The company cites zero-day exploits, injection proxies, and social engineering as ways that its remote forensic software can be installed on the computer of a surveillance target, according to company documents published by WikiLeaks.
The WikiLeaks report supports a recent article by the Wall Street Journal, which examined the surveillance industry. The article cites over 200 marketing documents from 36 companies that show companies hawking hacking tools that enable governments to break into people’s computers and smartphones, as well as gather all Internet communications in a country.