Morgan Marquis-Boire

Last updated
Morgan Marquis-Boire
2013-12-29 30C3 - Morgan Marquis-Boire 3118.JPG
Born1979
New Zealand
Other namesheadhntr, Morgan Mayhem
Occupation(s)Hacker, security researcher
Years active1998–2017

Morgan Marquis-Boire is a New Zealand-born hacker, journalist, and security researcher. [1] Marquis-Boire previously served as an advisor to the Freedom of the Press Foundation. He was a Special Advisor to the Electronic Frontier Foundation (EFF) and advisor to the United Nations Interregional Crime and Justice Research Institute. He was the Director of Security at First Look Media and a contributing writer at The Intercept . [2] He has been profiled by Wired , [3] CNN , [4] Süddeutsche Zeitung , [5] and Tages Anzeiger . [6] He was one of Wired Italy 's Top 50 people of 2014. [7] In March 2015 he was named a Young Global Leader. [8]

Contents

In September 2017, Marquis-Boire resigned from his position on the technical advisory group Citizen Lab and the center cut ties with him after it received an allegation of a 2014 sexual assault involving Marquis-Boire. [9] [10] In November 2017, The Verge released a report corroborating ten separate allegations of sexual assault against Marquis-Boire. [10]

Early life

Marquis-Boire was born in New Zealand. He began hacking as a teenager under the name headhntr. He holds a bachelor's degree in political science from the University of Auckland.

Internet censorship research

Marquis-Boire conducted research into Blue Coat Systems, a Palo Alto company which provides Internet blocking and monitoring solutions. Reports include Some Devices Wander by Mistake: Planet Blue Coat Redux (2013), [11] and Planet Blue Coat: Mapping Global Censorship and Surveillance Tools (2013). [12] This research has been covered in news media including the front page of the Washington Post, [13] the New York Times, [14] the Globe and Mail, [15] and the Jakarta Post. [16]

Following the publication of these reports, Blue Coat Systems announced that it would no longer provide "support, updates, or other services" to software in Syria. In April 2013, the US government's Bureau of Industry and Security imposed a fine of US$2.8 million on the Emirati company responsible for purchasing filtering products from Blue Coat and exporting them to Syria without a license. [17]

Internet surveillance research

Marquis-Boire has conducted research on the global proliferation of targeted surveillance software and toolkits, including FinFisher and Hacking Team.

FinFisher is a suite of remote intrusion and surveillance software developed by Munich-based Gamma International GmbH, marketed and sold exclusively to law enforcement and intelligence agencies by the UK-based Gamma Group. In 2012, Morgan Marquis-Boire and Bill Marczak provided the first public identification of FinFisher's software. Marquis-Boire and collaborators have done investigations into FinFisher including: revealing its use against Bahraini activists, [18] analyzing variants of the FinFisher suite that target mobile phone operating systems, [19] uncovering targeted spying campaigns against political dissidents in Malaysia and Ethiopia, [20] and documenting FinFisher command and control servers in 36 countries. [21] This research has informed responses from civil society organizations in Pakistan, [22] Mexico, [23] and the United Kingdom. [24] In Mexico, local activists and politicians collaborated to demand an investigation into the state's acquisition of surveillance technologies. [25] In the UK, it led to a crackdown on the sale of the software over worries of misuse by repressive regimes. [26]

Hacking Team is a Milan, Italy-based company that provides intrusion and surveillance software called Remote Control System (RCS) to law enforcement and intelligence agencies. Marquis-Boire and collaborators have mapped out RCS network endpoints in 21 countries, [27] and have provided evidence of RCS being used to target a human rights activist in the United Arab Emirates, [28] a Moroccan media organization, [29] and an independent news agency run by members of the Ethiopian diaspora. [30] Following the publication of these reports, the EFF [31] and Privacy International [32] took legal action related to allegations that the Ethiopian government had compromised the computers of Ethiopian expatriates in the US and the UK.

At the 23rd USENIX Security Symposium, Marquis-Boire and other researchers released the paper When Governments Hack Opponents: A Look at Actors and Technology, [33] examining the government targeting of activists, opposition members, and NGOs observed in Bahrain, Syria, and the United Arab Emirates.

Digital campaigns in the Syrian Civil War

From 2012 to 2017, Marquis-Boire reported on digital campaigns targeting Syrian activists with the EFF [34] [35] [36] and Citizen Lab. [37] Many of these findings were translated into Arabic and disseminated along with recommendations for detecting and removing malware. [38]

This work has been on the cover of BusinessWeek , [39] and covered in The New York Times, [40] Al Jazeera, [41] and Wired. [42]

On December 31, 2013, Marquis-Boire gave an interview covering this work on the NPR radio show All Things Considered . [43]

Other work

In 2012, he gave a presentation on the use of targeted malware attacks during the Arab Spring at the Black Hat Briefings in Las Vegas which covered the use of malware campaigns for the purposes of digital surveillance and espionage in Libya, Syria, Bahrain, Morocco, and Iran. [44] His work tracking the digital component of the ongoing Syrian Civil War is in the book Black Code: Inside the Battle for Cyberspace. [45]

He released a paper with Eva Galperin of the EFF on the targeting of the Vietnamese diaspora with malware attacks. [46] This detailed an ongoing state-sponsored hacking campaign targeting prominent bloggers, academics, and journalists. [47]

Marquis-Boire has given interviews in the wake of the global surveillance disclosures with Die Zeit , [48] International Business Times , [49] and Dazed . [50] He was named in Al Jazeera's "Media Trends to Watch in 2015". [51]

Shane Huntley and Marquis-Boire co-authored a paper on government targeting of journalists and media organizations presented at Black Hat Singapore 2014. [52] This paper reported that 21 of the world's top 25 media organizations had been targeted by state-sponsored hacking. [53]

In April, 2015, Marquis-Boire spoke at the Western Regional Conference of the Society of Professional Journalists in San Francisco, California and presented a paper entitled "Data Security for Beginners". [54]

At Black Hat USA 2015, held in Las Vegas in August, Marquis-Boire presented a paper entitled "Big Game Hunting: The Peculiarities of Nation-State Malware Research". [55]

Marquis-Boire presented a paper entitled "Security for Humans: Privacy and Coercion Resistant Design" at the Strange Loop Conference in St. Louis, Missouri, in September 2015. [56]

In May 2016, he was in the "State of Surveillance" episode of the HBO series Vice, along with Edward Snowden and Ron Wyden. [57]

Resignation and sexual assault allegations

In September 2017, Marquis-Boire resigned from his position as a senior researcher at Citizen Lab. In October, the organization cut all ties with him after it had been informed that he had been accused of sexually assaulting an individual at the 2014 Cyber Dialogue event. The EFF also released a statement saying that Marquis-Boire was no longer associated with them. [58] In November, The Verge published a report of specific claims of assault and rape, [10] and a second article contained more claims, [59] [60] including alleged quotes and chat extracts where Marquis-Boire admits to having "drunkenly sexually assaulted or raped women — the exact number of which I am currently determining." [10] The number of women quoted in the articled as having been sexually assaulted or raped is at least ten. [61] [62]

Related Research Articles

<span class="mw-page-title-main">Citizen Lab</span> Digital research center at the University of Toronto

The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. It was founded by Ronald Deibert in 2001. The laboratory studies information controls that impact the openness and security of the Internet and that pose threats to human rights. The organization uses a "mixed methods" approach which combines computer-generated interrogation, data mining, and analysis with intensive field research, qualitative social science, and legal and policy analysis methods. The organization has played a major role in providing technical support to journalists investigating the use of NSO Group's Pegasus spyware on journalists, politicians and human rights advocates.

The Computer and Internet Protocol Address Verifier (CIPAV) is a data gathering tool that the Federal Bureau of Investigation (FBI) uses to track and gather location data on suspects under electronic surveillance. The software operates on the target computer much like other forms of spyware, whereas it is unknown to the operator that the software has been installed and is monitoring and reporting on their activities.

Cyber spying, cyber espionage, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and spyware. Cyber espionage can be used to target various actors- individuals, competitors, rivals, groups, governments, and others- in order to obtain personal, economic, political or military advantages. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers.

Internet censorship in Syria is extensive; with numerous websites and online platforms being banned for political reasons. Internet usage is authorized only through state-run servers and people accessing through other means are arrested. Filtering and blocking was found to be pervasive in the political and Internet tools areas, and selective in the social and conflict/security areas by the OpenNet Initiative in August 2009.

<span class="mw-page-title-main">FinFisher</span> Surveillance software

FinFisher, also known as FinSpy, is surveillance software marketed by Lench IT Solutions plc, which markets the spyware through law enforcement channels.

Cyberweapons are commonly defined as malware agents employed for military, paramilitary, or intelligence objectives as part of a cyberattack. This includes computer viruses, trojans, spyware, and worms that can introduce malicious code into existing software, causing a computer to perform actions or processes unintended by its operator.

<span class="mw-page-title-main">Carna botnet</span> Botnet used to census the entire IPv4 internet

The Carna botnet was a botnet of 420,000 devices created by an anonymous hacker to measure the extent of the Internet in what the creator called the “Internet Census of 2012”.

HackingTeam was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. Its "Remote Control Systems" enable governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on target computers. The company has been criticized for providing these capabilities to governments with poor human rights records, though HackingTeam states that they have the ability to disable their software if it is used unethically. The Italian government has restricted their licence to do business with countries outside Europe.

Blackshades is a malicious trojan horse used by hackers to control infected computers remotely. The malware targets computers using operating systems based on Microsoft Windows. According to US officials, over 500,000 computer systems have been infected worldwide with the software.

Detekt is a discontinued free tool by Amnesty International, Digitale Gesellschaft, EFF, and Privacy International to scan for surveillance software on Microsoft Windows.

Regin is a sophisticated malware and hacking toolkit used by United States' National Security Agency (NSA) and its British counterpart, the Government Communications Headquarters (GCHQ). It was first publicly revealed by Kaspersky Lab, Symantec, and The Intercept in November 2014. The malware targets specific users of Microsoft Windows-based computers and has been linked to the US intelligence-gathering agency NSA and its British counterpart, the GCHQ. The Intercept provided samples of Regin for download, including malware discovered at a Belgian telecommunications provider, Belgacom. Kaspersky Lab says it first became aware of Regin in spring 2012, but some of the earliest samples date from 2003. Among computers infected worldwide by Regin, 28 percent were in Russia, 24 percent in Saudi Arabia, 9 percent each in Mexico and Ireland, and 5 percent in each of India, Afghanistan, Iran, Belgium, Austria, and Pakistan.

Gamma Group is an Anglo-German technology company that sells surveillance software to governments and police forces around the world. The company has been strongly criticised by human rights organisations for selling its FinFisher software to undemocratic regimes such as Egypt and Bahrain.

<span class="mw-page-title-main">NSO Group</span> Israeli cyber-espionage and malware firm

NSO Group Technologies is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. It employed almost 500 people as of 2017.

Pegasus is a spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists.

<span class="mw-page-title-main">Eva Galperin</span> American cybersecurity, privacy and anti-stalkerware activist

Eva Galperin is the Director of Cybersecurity at the Electronic Frontier Foundation (EFF) and technical advisor for the Freedom of the Press Foundation. She is noted for her extensive work in protecting global privacy and free speech and for her research on malware and nation-state spyware.

Stalkerware is monitoring software or spyware that is used for cyberstalking. The term was coined when people started to widely use commercial spyware to spy on their spouses or intimate partners. Stalkerware has been criticized because of its use by abusers, stalkers, and employers.

On October 30, 2019, WhatsApp's parent company Facebook, Inc. confirmed that Pegasus, a sophisticated snooping software developed by Israel's NSO Group, was used to target Indian journalists, activists, lawyers and senior government officials. The journalists and activists are believed to have been targets of surveillance for a two-week period until May, when the Indian national election was held.

The Pegasus Project is an international investigative journalism initiative that revealed governments' espionage on journalists, opposition politicians, activists, business people and others using the private Pegasus spyware developed by the Israeli technology and cyber-arms company NSO Group. Pegasus is ostensibly marketed for surveillance of "serious crimes and terrorism". In 2020, a target list of 50,000 phone numbers leaked to Forbidden Stories, and an analysis revealed the list contained the numbers of leading opposition politicians, human rights activists, journalists, lawyers and other political dissidents.

Candiru is a Tel Aviv-based technology company offering surveillance and cyberespionage technology to governmental clients.

FORCEDENTRY, also capitalized as ForcedEntry, is a security exploit allegedly developed by NSO Group to deploy their Pegasus spyware. It enables the "zero-click" exploit that is prevalent in iOS 13 and below, but also compromises recent safeguards set by Apple's "BlastDoor" in iOS 14 and later. In September 2021, Apple released new versions of its operating systems for multiple device families containing a fix for the vulnerability.

References

  1. "Author Archives: Morgan Marquis-Boire". Citizenlab. Retrieved 12 November 2015.
  2. "Morgan Marquis-Boire Staff Profile". The Intercept.
  3. Greenberg, Andy (July 8, 2014). "The Ex-Google Hacker Taking on the World's Spy Agencies". Wired.
  4. Segall, Laurie (Dec 8, 2015). "This hacker knows if the government is spying on you".
  5. Tanriverdi, Hakan (Dec 11, 2015). "Dieser Hacker kommt Spionen auf die Schliche".
  6. Ayaz, Tugba (Dec 14, 2015). "Hacker mit Popstar-Charme". Tages-Anzeiger.
  7. "Le 50 persone Wired del 2014". 29 December 2014.
  8. "Young Global Leaders: Class of 2015".
  9. Deibert, Ronald (October 13, 2017). "AN OPEN LETTER ON SEXUAL ASSAULT". Citizen Lab.
  10. 1 2 3 4 Jeong, Sarah (November 19, 2017). "In chatlogs, celebrated hacker and activist confesses countless sexual assaults". The Verge . Retrieved November 20, 2017.
  11. Marquis-Boire, Morgan; Anderson, Collin; Dalek, Jakub; McKune, Sarah; Scott-Railton, John (July 9, 2013). "Some Devices Wander By Mistake: Planet Blue Coat Redux".
  12. Marquis-Boire, Morgan; Dalek, Jakub; McKune, Sarah (January 15, 2013). "Planet Blue Coat: Mapping Global Censorship and Surveillance Tools".
  13. Nakashima, Ellen (July 8, 2013). "Report: Web monitoring devices made by U.S. firm Blue Coat detected in Iran, Sudan". The Washington Post.
  14. Markoff, John (January 16, 2013). "Rights Group Reports on Abuses of Surveillance and Censorship Technology". The New York Times.
  15. Omar El Akkad (June 21, 2013). "Canadian technology tied to online censorship in Pakistan". The Globe and Mail.
  16. Poetranto, Irene (December 14, 2013). "Time for greater transparency". The Jakarta Post.
  17. Stecklow, Steve (April 25, 2013). "Dubai firm fined $2.8 million for shipping Blue Coat monitoring gear to Syria". Reuters.
  18. Marquis-Boire, Morgan; Marczak, Bill (July 25, 2012). "From Bahrain With Love: FinFisher's Spykit Exposed?".
  19. Marquis-Boire, Morgan; Marczak, Bill; Guarnieri, Claudio (August 29, 2012). "The Smartphone Who Loved Me? FinFisher Goes Mobile".
  20. Marquis-Boire, Morgan; Marczak, Bill; Guarnieri, Claudio; Scott-Railton, John (April 30, 2013). "For Their Eyes Only: The Commercialization of Digital Spying".
  21. Marquis-Boire, Morgan; Marczak, Bill; Guarnieri, Claudio; Scott-Railton, John (March 13, 2013). "You Only Click Twice: FinFisher's Global Proliferation". Archived from the original on August 9, 2014. Retrieved May 22, 2014.
  22. "Bytes for All Petitions Pakistani Court on Presence of Surveillance Software". May 16, 2013. Archived from the original on March 25, 2014. Retrieved May 22, 2014.
  23. "Cyber Stewards Network and Local Activists Investigate FinFisher in Mexico". November 8, 2013.
  24. "OECD complaint filed by human rights groups against British surveillance company moves forward". June 24, 2013. Archived from the original on June 26, 2014. Retrieved May 22, 2014.
  25. Avila, Renata (November 8, 2013). "Cyber Steward Network and Local Activists Investigate Surveillance in Mexico". Archived from the original on March 25, 2014. Retrieved May 22, 2014.
  26. Doward, Jamie (September 8, 2012). "Crackdown on sale of UK spyware over fears of misuse by repressive regimes". TheGuardian.com .
  27. Marczak, Bill; Guarnieri, Claudio; Marquis-Boire, Morgan; Scott-Railton, John (February 17, 2014). "Mapping Hacking Team's "Untraceable" Spyware".
  28. Marquis-Boire, Morgan (October 10, 2012). "Backdoors Are Forever? Hacking Team and the Targeting of Dissent".; Silver, Vernon (October 10, 2012). "Spyware Leaves Trail to Beaten Activist through Microsoft Flaw". Bloomberg News .
  29. Marquis-Boire, Morgan (October 10, 2012). "Backdoors Are Forever? Hacking Team and the Targeting of Dissent".; Perlroth, Nicole (October 10, 2012). "Ahead of Spyware Conference More Evidence of Abuse".
  30. Marczak, Bill; Guarnieri, Claudio; Marquis-Boire, Morgan; Scott-Railton, John (February 12, 2014). "Hacking Team and the Targeting of Ethiopian Journalists".
  31. "American Sues Ethiopian Government for Spyware Infection". Electronic Frontier Foundation. February 18, 2014.
  32. "Privacy International seeking investigation into computer spying on refugee in UK". Privacy International. February 17, 2014. Archived from the original on March 25, 2014. Retrieved May 22, 2014.
  33. "When Governments Hack Opponents: A Look at Actors and Technology". USENIX. August 20, 2014.
  34. Galperin, Eva; Marquis-Boire, Morgan (June 19, 2012). "New Trojan Spread Over Skype as Cat and Mouse Game Between Syrian Activists and Pro-Syrian-Government Hackers Continues". Electronic Frontier Foundation.
  35. Galperin, Eva; Marquis-Boire, Morgan (March 15, 2012). "Fake YouTube Site Targets Syrian Activists With Malware". Electronic Frontier Foundation.
  36. Galperin, Eva; Marquis-Boire, Morgan (March 5, 2012). "How to Find and Protect Yourself Against the Pro-Syrian-Government Malware on Your Computer". Electronic Frontier Foundation.
  37. Marquis-Boire, Morgan; Hardy, Seth (June 19, 2012). "Syrian Activists Targeted with Blackshades Spy Software" . Retrieved March 24, 2014.; Scott-Railton, John; Marquis-Boire, Morgan (June 21, 2013). "A Call to Harm: New Malware Attacks Target the Syrian Opposition" . Retrieved March 24, 2014.; Marquis-Boire, Morgan; Galperin, Eva; Scott-Railton, John (December 23, 2013). "Quantum of Surveillance: Familiar Actors and Possible False Flags in Syrian Malware Campaigns" . Retrieved March 24, 2014.
  38. Marquis-Boire, Morgan (July 3, 2013). "حملات الأذية: برمجيات خبيثة تهاجم المعارضة السورية". Cyber Arabs.
  39. Farris, Stephan (November 15, 2012). "The Hackers of Damascus". Bloomberg Businessweek. Archived from the original on November 15, 2012.
  40. Perlroth, Nicole (17 May 2013). "Hunting for Syrian Hackers' Chain of Command". New York Times. Retrieved 22 July 2013.
  41. "New report exposes digital front of Syria's civil war". Al-Jazeera. December 25, 2013.
  42. Poulsen, Kevin (December 23, 2013). "In Syria's Civil War, Facebook Has Become a Battlefield". Wired.
  43. Siegel, Robert; Marquis-Boire, Morgan (December 31, 2013). "In Syria, Conflict In Cyberspace Complements Ground War". NPR.
  44. Valentino-DeVries, Jennifer (July 25, 2012). "How Pro-Regime Forces Use Spyware to Target Arab Spring Rebels". Wall Street Journal.
  45. Deibert, Ron (May 21, 2013). Black Code: Inside the Battle for Cyberspace. Signal. p. 159. ISBN   978-0771025334.
  46. Marquis-Boire, Morgan; Galperin, Eva (January 19, 2014). "Vietnamese Malware Gets Very Personal". Electronic Frontier Foundation.
  47. Brummit, Chris (January 20, 2014). "Vietnam's 'cyber troops' take fight to US, France". Associated Press.
  48. Beuth, Patrick (January 15, 2014). "Every government surveillance apparatus can easily be abused". Die Zeit.
  49. Gilbert, David (January 11, 2014). "Big Brother is Watching: Policing of the Future is Here Today Says Morgan Marquis-Boire". International Business Times.
  50. Gorton, Thomas (January 16, 2015). "Why David Cameron's plan to ban Whatsapp is ludicrous". Dazed Magazine.
  51. "Media trends to watch in 2015". January 3, 2015.
  52. "Tomorrow's News is Today's Intel: Journalists as Targets and Compromise Vectors". Black Hat Briefings. March 28, 2014.
  53. Wagstaff, Jeremy (Mar 28, 2014). "Journalists, media under attack from hackers: Google researchers". Reuters.
  54. "Morgan Marquis-Boire". Society of Professional Journalists. Retrieved 11 November 2015.
  55. "Black Hat USA Marquis-Boire". UMB Tech. Retrieved 11 November 2015.
  56. "Security for Humans". Strange Loop. Retrieved 11 November 2015.
  57. VICE (2016-06-08), 'State of Surveillance' with Edward Snowden and Shane Smith (FULL EPISODE) , retrieved 2016-11-23
  58. Jeong, Sarah (October 13, 2017). "Sexual assault allegations levied against high profile security researcher and activist". The Verge .
  59. Ann-King, Chloe (November 29, 2017). "'We never thought we'd be believed': Inside the decade-long fight to expose Morgan Marquis-Boire". The Verge . Retrieved November 29, 2017.
  60. Jeong, Sarah (February 28, 2018). "'When Whisper networks let us down': How communities struggle — and sometimes fail — to stop sexual assault". The Verge . Retrieved February 28, 2018.
  61. "The hacker who inspired Apple responds to sex assault claims". 21 November 2017.
  62. McClure, Tess (January 22, 2018). "Morgan Marquis-Boire: How a Sexual Predator Thrived in New Zealand". Vice . Retrieved May 28, 2018.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.