Croatia, Kosovo, Macedonia, Slovenia, Montenegro

Coverage on these countries has been very sparse, although their national press reported the leak of data and Hacking Team’s attempts at selling its solution across the Balkans, not much has so far transpired in English.

As is the case with other countries (UK, France, Ireland etc ), discussions took place on a prolonged basis and it originated from visits to ISS trade show.

The first contact is made in 2011 by a Croatian reseller, Alfatec group.
Asked to list potential customers it would sell to, and why, it answered
Bed guys use crypto protection” (sic )

Hacking Team travelled to Zagreb in April 2011 to demonstrate their RCS interception tool:

RCS was showcased to four Croatian Law Enforcement Agencies (LEAs)

  • Military Security and Intelligence Agency (Croatian: Vojna sigurnosno- obavještajna agencija or VSOA)
  • Central Intelligence Agency (SOA)
  • Ministry of the Interior (MOI)
  • Operational Technology Centre for the Surveillance of Telecommunications (OTC)
    (Croatian: Operativno-tehnički centar za nadzor telekomunikacija)

Alfatech was then provided with a demo kit, and made contact with Hacking Team on a potential new customer, Bosnia and Herzegovina Border police. They get a demo in February 2012, along with the Ministry of Interior.

They all meet again at ISS 2012, and Alfatec brings government officials with them:

“From ALFATEC Group are coming the following persons: Igor Stjepanović and Dario Selimagić.
We will bring the following persons:
- Ministry of Interior: Igor Imprić and Miro Ovanin
- Security Intelligence Agency SOA: Miljenko Pekić assistant director, Zoran Biuk and Dalibor Dosegović”

Further customers are considered meanwhile, such as the Intelligence-Security Agency of Bosnia and Herzegovina (OSA-OBA) and the Kosovo Intelligence Agency (KIA)

Budgets prove to be an issue for most agencies approached so far. An offer is made to Kosovo’s Ministry of the Interior in June 2013.

Another offer is made to Croatia Intelligence Agency (SOA)in October 2013, amounting to €300,000.

An email from December 2013 to Hacking Team, following a visit to Milipol Paris, mentions a certain Dinko Majic from ZSIS.

Given ZSIS role as a government authority to regulate communications and handling of sensitive material, it is unclear what capabilities they were pursuing and for what purpose.

A new law is introduced in Croatia in December 2013, permitting the use of interception, such as RCS. Alfatech talked to the Croatian MOI, “they can now buy this kind of system”. They both travel to Milan for talks on the 18th of December 2013. A POC is planned for January 2014 with very detailed interception needs and methods. We learn that criminals tape teenagers in front of Skype cameras, and that FinFisher conducted the same POC.

A technical recap a few days later lists the tasks they completed successfully:

An offer is extended immediately after, on 20th January 2014. In a reply late February, Alfatech highlights a complete lack of funding for intelligence agencies and a difficult situation in the country. They propose for an RCS to be purchased by OTC and shared between SOA and MOI. They visit Milan in March 2014 for further demonstrations.

They stress the need for VOIP interception, and this is worked on by HT.

Skype and viber are implemented on Android.
Line and whatsapp in q3, on android.
At the moment this is the only operating system supported for voip.

SOA visits Milan again on 3rd April 2014 for a VOIP demo.

Budget constraints in Croatia are still impeding any progress by late April 2014. Alfatech is to visit Azerbaijan and ask HT if they are interested in prospects with the Ministry of Internal Affairs and the Ministry of National Security, to which HT answers to only mention the company to the Ministry of Internal Affairs. (email)
(We now know it had already sold systems to the Ministry of National Security in 2013 )

They all meet again at ISS in Prague in June 2014, attend presentations… But through 2014 nothing tangible is ever developing, and this wil remain true until the leak. Here is one of the last exchanges they had:

Once again, it is very clear all these governments were very active for years and could have been very close to purchasing a solution, as discussions were still ongoing in late June early July when Hacking Team was hacked.

Although emanating from Europe, where the situation for human rights is not as preoccupying as other countries Hacking Team sold its spying tools, one has to wonder why a country such as Kosovo, with a GDP per capita of €3500, would spend hundreds of thousands of Euros on such capabilities, and for what use? It is one of the most isolated and poorest countries in Europe. It recently lost 5% of its population in a mass exodus, the biggest since the start of the conflict in 1999.

Protests, sometimes violent, erupted in Macedonia in May 2015, and allegations were made by opposition leaders that the country’s Prime Minister, Nikola Gruevski, ordered the illegal wiretapping of 20,000 citizens and 100 journalists. The Prime Minister’s cousin, Sašo Mijalkov, is head of the Intelligence Services…

Croatia has better oversight controls but it used to wiretap its citizens too.

In a last development, another Croatian reseller appeared in 2015, SEDAM IT.
A few interesting documents emerge, including “INIS- MOD IRAQ- SALES REPORT”. Here it is:

More on this story:

Revealed: The true extent of Hacking Team contacts across Europe.

Read part 1-UK-France-Ireland
Read part 2-Switzerland
Read part 3-Iraqi Kurdistan via Luxembourg
Read part 4-Cyprus

--

--