Morgan Marquis-Boire

From Wikipedia, the free encyclopedia
Jump to: navigation, search

Morgan Marquis-Boire is a New Zealand-born hacker, journalist, security researcher and one of the founders of the KiwiCON hacker conference.[1]

He is the Director of Security at First Look Media and a contributing writer at The Intercept.[2] Marquis-Boire's research on security, surveillance and censorship has been featured on the front pages of The New York Times[3] and The Washington Post,[4][5] and covered extensively in news media around the world, including the BBC News,[6] Bloomberg,[7] The Wall Street Journal,[8] and Der Spiegel.[9]

His work tracking the digital component of the ongoing Syrian Civil War is featured in the book Black Code: Inside the Battle for Cyberspace.[10]

Marquis-Boire is senior researcher at the Citizen Lab, a multi-disciplinary advanced research laboratory at the University of Toronto. He serves as an advisor to the Freedom of the Press Foundation. He is a Special Advisor to the Electronic Frontier Foundation and advisor to the United Nations Interregional Crime and Justice Research Institute.

He has been profiled by Wired,[11] CNN,[12] Süddeutsche Zeitung,[13] and Tages Anzeiger.[14] He was featured as one of Wired Italy 's Top 50 people of 2014.[15] In March 2015 he was named a Young Global Leader.[16]

Internet Censorship Research[edit]

Marquis-Boire conducted research into Blue Coat Systems, a Palo Alto company which provides Internet blocking and monitoring solutions. Major reports include Some Devices Wander by Mistake: Planet Blue Coat Redux (2013),[17] and Planet Blue Coat: Mapping Global Censorship and Surveillance Tools (2013).[18] This research has been covered in news media around the world, including the front page of the Washington Post,[4] the New York Times,[19] the Globe and Mail,[20] and the Jakarta Post.[21]

Following the publication of these reports, Blue Coat Systems officially announced that it would no longer provide “support, updates. or other services” to software in Syria. In April 2013, the US government's Bureau of Industry and Security reacted to the Blue Coat evidence and imposed a fine of USD 2.8 million on the Emirati company responsible for purchasing filtering products from Blue Coat and exporting them to Syria without a license.[22]

Internet Surveillance Research[edit]

Marquis-Boire has conducted research on the global proliferation of targeted surveillance software and toolkits, including FinFisher and Hacking Team.

FinFisher is a suite of remote intrusion and surveillance software developed by Munich-based Gamma International GmbH, marketed and sold exclusively to law enforcement and intelligence agencies by the UK-based Gamma Group. In 2012, Morgan Marquis-Boire and Bill Marczak provided the first public identification of FinFisher's software. Marquis-Boire and collaborators have done extensive investigations into FinFisher including: revealing its use against Bahraini activists,[23] analyzing variants of the FinFisher suite that target mobile phone operating systems,[24] uncovering targeted spying campaigns against political dissidents in Malaysia and Ethiopia,[25] and documenting FinFisher command and control servers in 36 countries.[26] This research has informed and inspired responses from civil society organizations in Pakistan,[27] Mexico,[28] and the United Kingdom.[29] In Mexico, for example, local activists and politicians collaborated to demand an investigation into the state’s acquisition of surveillance technologies.[30] In the UK, it led to a crackdown on the sale of the software over worries of misuse by repressive regimes.[31]

Hacking Team is a Milan, Italy-based company that provides intrusion and surveillance software called Remote Control System (RCS) to law enforcement and intelligence agencies. Marquis-Boire and collaborators have mapped out RCS network endpoints in 21 countries,[32] and have revealed evidence of RCS being used to target a human rights activist in the United Arab Emirates,[33] a Moroccan media organization,[34] and an independent news agency run by members of the Ethiopian diaspora.[35] Following the publication of these reports, the Electronic Frontier Foundation[36] and Privacy International[37] took legal action related to allegations that the Ethiopian government had compromised the computers of Ethiopian expatriates in the US and the UK.

At the 23rd USENIX Security Symposium, Marquis-Boire and other researchers released the paper, When Governments Hack Opponents: A Look at Actors and Technology[38] examining the government targeting of activists, opposition members, and NGOs observed in Bahrain, Syria, and the United Arab Emirates.

Digital Campaigns in the Syrian Civil War[edit]

Since early 2012, Marquis-Boire has reported on digital campaigns targeting Syrian activists with the Electronic Frontier Foundation (EFF)[39][40][41] and Citizen Lab.[42] Many of these findings were translated into Arabic and disseminated along with recommendations for detecting and removing malware.[43]

This work has been featured on the cover of BusinessWeek,[44] and covered in The New York Times,[45] Al Jazeera,[46] and Wired,[47] among other international media outlets.

On December 31, 2013, Marquis-Boire gave an interview covering this work on the NPR radio show, "All Things Considered".[48]

Other work[edit]

In 2012, he gave a presentation on the use of targeted malware attacks during the Arab Spring at the Black Hat Briefings in Las Vegas which covered the use of malware campaigns for the purposes of digital surveillance and espionage in Libya, Syria, Iran, Bahrain, Morocco, and Iran.[49]

He released a paper with Eva Galperin of the Electronic Frontier Foundation on the targeting of the Vietnamese diaspora with malware attacks.[50] This detailed an ongoing state-sponsored hacking campaign targeting prominent bloggers, academics, and journalists.[51]

Marquis-Boire has given interviews in the wake of the Global surveillance disclosures with Die Zeit,[52] International Business Times,[53] and Dazed.[54] He was featured in Al Jazeera's Media Trends to watch in 2015.[55]

Shane Huntley and Marquis-Boire co-authored a paper on government targeting of journalists and media organizations presented at Black Hat Singapore 2014.[56] This paper revealed that 21 of the world's top 25 media organizations had been targeted by state-sponsored hacking.[57]

In April, 2015, Marquis-Boire spoke at the Western Regional Conference of the Society of Professional Journalists in San Francisco, California and presented a paper entitled: "Data Security for Beginners".[58]

At Black Hat USA 2015, held in Las Vegas in August, Marquis-Boire presented a paper entitled: "Big Game Hunting: The Peculiarities of Nation-State Malware Research".[59]

Marquis-Boire presented a paper entitled: "Security for Humans: Privacy and Coercion Resistant Design" at the Strange Loop Conference in St. Louis, Missouri, in September 2015.[60]

In May 2016, he appeared in the "State of Surveillance" episode of the HBO series, VICE together with Edward Snowden and Ron Wyden.[61]

References[edit]

  1. ^ "Author Archives: Morgan Marquis-Boire". Citizenlab. Retrieved 12 November 2015. 
  2. ^ "Morgan Marquis-Boire Staff Profile". The Intercept. 
  3. ^ Nicole Perlroth (August 30, 2012). "Software Meant to Fight Crime is Used to Spy on Dissidents". The New York Times. 
  4. ^ a b Ellen Nakashima (July 8, 2013). "Report: Web monitoring devices made by U.S. firm Blue Coat detected in Iran, Sudan". The Washington Post. 
  5. ^ Barton Gellman (August 15, 2014). "U.S. firm helped the spyware industry build a potent digital weapon for sale overseas". The Washington Post. 
  6. ^ Nima Akbarpour (May 30, 2012). "Trojan targets Iranian and Syrian dissidents via proxy tool". BBC. 
  7. ^ Vernon Silver (March 13, 2013). "Gamma FinSpy Surveillance Servers in 25 Countries". Bloomberg Businessweek. 
  8. ^ Danny Yadron (Mar 21, 2014). "What Turkish Users Are Doing to Evade the Twitter Ban". 
  9. ^ Jessica Binsch (May 12, 2014). "Computersicherheit: Google-Experte warnt Medien vor staatlichen Hackerangriffen". Der Spiegel. 
  10. ^ Deibert, Ron (May 21, 2013). Black Code: Inside the Battle for Cyberspace. Signal. p. 159. ISBN 0771025335. 
  11. ^ Andy Greenberg (Jul 8, 2014). "The Ex-Google Hacker Taking on the World’s Spy Agencies". 
  12. ^ Laurie Segall (Dec 8, 2015). "This hacker knows if the government is spying on you". 
  13. ^ Hakan Tanriverdi (Dec 11, 2015). "Dieser Hacker kommt Spionen auf die Schliche". 
  14. ^ Tugba Ayaz (Dec 14, 2015). "Hacker mit Popstar-Charme". 
  15. ^ "Le 50 persone Wired del 2014". 
  16. ^ "Young Global Leaders: Class of 2015". 
  17. ^ Marquis-Boire, Morgan; Anderson, Collin; Dalek, Jakub; McKune, Sarah; Scott-Railton, John (July 9, 2013). "Some Devices Wander By Mistake: Planet Blue Coat Redux". 
  18. ^ Marquis-Boire, Morgan; Dalek, Jakub; McKune, Sarah (January 15, 2013). "Planet Blue Coat: Mapping Global Censorship and Surveillance Tools". 
  19. ^ John Markoff (January 16, 2013). "Rights Group Reports on Abuses of Surveillance and Censorship Technology". The New York Times. 
  20. ^ Omar El Akkad (June 21, 2013). "Canadian technology tied to online censorship in Pakistan". The Globe and Mail. 
  21. ^ Irene Poetranto (December 14, 2013). "Time for greater transparency". The Jakarta Post. 
  22. ^ Steve Stecklow (April 25, 2013). "Dubai firm fined $2.8 million for shipping Blue Coat monitoring gear to Syria". Reuters. 
  23. ^ Marquis-Boire, Morgan; Marczak, Bill (July 25, 2012). "From Bahrain With Love: FinFisher's Spykit Exposed?". 
  24. ^ Marquis-Boire, Morgan; Marczak, Bill; Guarnieri, Claudio (August 29, 2012). "The Smartphone Who Loved Me? FinFisher Goes Mobile". 
  25. ^ Marquis-Boire, Morgan; Marczak, Bill; Guarnieri, Claudio; Scott-Railton, John (April 30, 2013). "For Their Eyes Only: The Commercialization of Digital Spying". 
  26. ^ Marquis-Boire, Morgan; Marczak, Bill; Guarnieri, Claudio; Scott-Railton, John (March 13, 2013). "You Only Click Twice: FinFisher's Global Proliferation". 
  27. ^ "Bytes for All Petitions Pakistani Court on Presence of Surveillance Software". May 16, 2013. 
  28. ^ "Cyber Stewards Network and Local Activists Investigate FinFisher in Mexico". November 8, 2013. 
  29. ^ "OECD complaint filed by human rights groups against British surveillance company moves forward". June 24, 2013. 
  30. ^ Renata Avila (November 8, 2013). "Cyber Steward Network and Local Activists Investigate Surveillance in Mexico". 
  31. ^ Jamie Doward (September 8, 2012). "Crackdown on sale of UK spyware over fears of misuse by repressive regimes". 
  32. ^ Marczak, Bill; Guarnieri, Claudio; Marquis-Boire, Morgan; Scott-Railton, John (February 17, 2014). "Mapping Hacking Team's "Untraceable" Spyware". 
  33. ^ Morgan Marquis-Boire (October 10, 2012). "Backdoors Are Forever? Hacking Team and the Targeting of Dissent". ; Vernon Silver (October 10, 2012). "Spyware Leaves Trail to Beaten Activist through Microsoft Flaw". 
  34. ^ Morgan Marquis-Boire (October 10, 2012). "Backdoors Are Forever? Hacking Team and the Targeting of Dissent". ; Nicole Perlroth (October 10, 2012). "Ahead of Spyware Conference More Evidence of Abuse". 
  35. ^ Marczak, Bill; Guarnieri, Claudio; Marquis-Boire, Morgan; Scott-Railton, John (February 12, 2014). "Hacking Team and the Targeting of Ethiopian Journalists". 
  36. ^ "American Sues Ethiopian Government for Spyware Infection". Electronic Frontier Foundation. February 18, 2014. 
  37. ^ "Privacy International seeking investigation into computer spying on refugee in UK". Privacy International. February 17, 2014. 
  38. ^ "When Governments Hack Opponents: A Look at Actors and Technology". USENIX. August 20, 2014. 
  39. ^ Galperin, Eva; Marquis-Boire, Morgan (June 19, 2012). "New Trojan Spread Over Skype as Cat and Mouse Game Between Syrian Activists and Pro-Syrian-Government Hackers Continues". Electronic Frontier Foundation. 
  40. ^ Galperin, Eva; Marquis-Boire, Morgan (March 15, 2012). "Fake YouTube Site Targets Syrian Activists With Malware". Electronic Frontier Foundation. 
  41. ^ Galperin, Eva; Marquis-Boire, Morgan (March 5, 2012). "How to Find and Protect Yourself Against the Pro-Syrian-Government Malware on Your Computer". Electronic Frontier Foundation. 
  42. ^ Marquis-Boire, Morgan; Hardy, Seth (June 19, 2012). "Syrian Activists Targeted with Blackshades Spy Software". Retrieved March 24, 2014. ; Scott-Railton, John; Marquis-Boire, Morgan (June 21, 2013). "A Call to Harm: New Malware Attacks Target the Syrian Opposition". Retrieved March 24, 2014. ; Marquis-Boire, Morgan; Galperin, Eva; Scott-Railton, John (December 23, 2013). "Quantum of Surveillance: Familiar Actors and Possible False Flags in Syrian Malware Campaigns". Retrieved March 24, 2014. 
  43. ^ Morgan Marquis-Boire (July 3, 2013). "حملات الأذية: برمجيات خبيثة تهاجم المعارضة السورية". Cyber Arabs. 
  44. ^ Stephan Farris (November 15, 2012). "The Hackers of Damascus". Bloomberg Businessweek. 
  45. ^ Perlroth, Nicole (17 May 2013). "Hunting for Syrian Hackers’ Chain of Command". New York Times. Retrieved 22 July 2013. 
  46. ^ "New report exposes digital front of Syria's civil war". Al-Jazeera. December 25, 2013. 
  47. ^ Poulsen, Kevin (December 23, 2013). "In Syria’s Civil War, Facebook Has Become a Battlefield". 
  48. ^ Siegel, Robert; Marquis-Boire, Morgan (December 31, 2013). "In Syria, Conflict In Cyberspace Complements Ground War". 
  49. ^ Jennifer Valentino-DeVries (July 25, 2012). "How Pro-Regime Forces Use Spyware to Target Arab Spring Rebels". Wall Street Journal. 
  50. ^ Marquis-Boire, Morgan; Galperin, Eva (January 19, 2014). "Vietnamese Malware Gets Very Personal". Electronic Frontier Foundation. 
  51. ^ Chris Brummit (January 20, 2014). "Vietnam's 'cyber troops' take fight to US, France". Associated Press. 
  52. ^ Patrick Beuth (January 15, 2014). "Every government surveillance apparatus can easily be abused". Die Zeit. 
  53. ^ David Gilbert (January 11, 2014). "Big Brother is Watching: Policing of the Future is Here Today Says Morgan Marquis-Boire". International Business Times. 
  54. ^ Thomas Gorton (January 16, 2015). "Why David Cameron's plan to ban Whatsapp is ludicrous". Dazed Magazine. 
  55. ^ "Media trends to watch in 2015". January 3, 2015. 
  56. ^ "Tomorrow's News is Today's Intel: Journalists as Targets and Compromise Vectors". Black Hat Briefings. March 28, 2014. 
  57. ^ Jeremy Wagstaff (Mar 28, 2014). "Journalists, media under attack from hackers: Google researchers". Reuters. 
  58. ^ "Morgan Marquis-Boire". Society of Professional Journalists. Retrieved 11 November 2015. 
  59. ^ "Black Hat USA Marquis-Boire". UMB Tech. Retrieved 11 November 2015. 
  60. ^ "Security for Humans". Strange Loop. Retrieved 11 November 2015. 
  61. ^ VICE (2016-06-08), 'State of Surveillance' with Edward Snowden and Shane Smith (FULL EPISODE), retrieved 2016-11-23 

External links[edit]