In an interview with Cheddar, Coinbase’s Christine Sandler explained the rationale for buying Neutrino— a blockchain intelligence firm whose founders used to build hacking tools to sell to the police.
We are aware of the backgrounds of some of the folks that were involved in Neutrino and we are looking into that. I think the compelling reason for making the acquisition was that Neutrino really had some industry-leading, best-in-class technology. And moreover, it was really important for us to migrate away from our current providers — our current providers were actually selling client data to outside sources. It was really compelling for us to kind of get control over that and have proprietary technology that we could leverage to keep the data safe, and to protect our clients.
Wow. I’m really struggling to view Coinbase’s actions in anything but the harshest light.
1. Deal with blockchain tracing firm
2. Discover that firm selling client data
3. Don’t disclose this to anyone
4. Buy a firm that is made up of human rights violators
5. Profit?!? https://t.co/9om7HRxape
— Riccardo Spagni (@fluffypony) March 3, 2019
NEUTRINO, HACKING TEAM, AND SURVEILLANCE
Neutrino bills itself as a go-to analytics platform for helping law enforcement agencies and financial institutions keep track of transactions on the blockchain. Previously, Neutrino CEO Giancarlo Russo, CTO Alberto Ornaghi, and CRO Marco Valleri used to ply their wares as cyber gurus for a firm known called Hacking Team.
On its website, the Hacking Team says:
We believe that fighting crime should be easy; we provide effective, easy-to-use offensive technology to the worldwide law enforcement and intelligence communities.
On the “Solutions” page of the Hacking Team’s website, the company sheds light on the nature of the tools that are being sold to governments around the world:
Criminals and terrorists rely on mobile phones, tablets, lap tops and computers equipped with universal end-to-end encryption to hide their activity. Their secret communications and encrypted files can be critical to investigating, preventing and prosecuting crime. Hacking Team provides law enforcement an effective, easy-to-use solution.
When I said it would be great to have more infosec people involved in the “crypto” space, I didn’t mean the largest US exchange should acquire an analysis tools company run by a former Hacking Team member, but here we are
— Amber ☘️ (@AmberBaldet) February 24, 2019
reportedly includes Mexico, Oman, Kazakhstan, Uzbekistan, Bahrain, Ethiopia, Nigeria, Sudan, and others. In some instances, the Hacking Team’s tools have apparently been deployed to spy on journalists and dissidents instead of criminals.
On it’s “About Us” page, Hacking Team notes that its technology “is used daily to fight crime in six continents.”
HACKING TEAM’S SAUDI PARTNERSHIP REVEALED
Supporting good-faith efforts to prosecute crime sounds reasonable enough. Different countries adhere to unique criminal codes, though. Speaking out against the government is legal in many countries, but not in others. For instance, Saudi Arabia has imprisoned women’s rights activists, journalists, and government critics. And in late 2017, Riyadh passed an “antiterrorism” law that tied certain “nonviolent political and religious speech” with prison time, according to a report by Freedom House.
Saud al-Qahtani, head of the Center for Studies and Media Affairs in the Saudi capital, has reportedly been one of Hacking Team’s clients.
“Qahtani and his cyber colleagues worked at first with an Italian company called Hacking Team,” the Washington Post’s David Ignatius reported in December, citing “many knowledgeable sources who requested anonymity to discuss sensitive intelligence matters.”
Qhatani worked with Hacking Team as he built “a network of surveillance and social-media manipulation to advance MBS’s agenda and suppress his enemies,” the WashPost report notes.
HACKING TEAM IN THE U.S.
In 2012, the U.S. Drug Enforcement Administration (DEA) spent $2.4 million on Hacking Team’s Remote Control System, which lets government agents remotely access communications data on a device.