Germany's security forces will reportedly be able to hack into WhatsApp, Telegram and other encrypted messaging services by the end of the year. A new version of Germany's state spyware, Remote Communication Interception Software (RCIS), which is used by the government for digital surveillance, is reportedly set to be ready for use by the end of 2017.
RCIS 2.0, unlike its predecessor, can not only be used for surveillance of laptops and PCs, but also on mobile phones running iOS, Android and Blackberry OS (operating systems), according to local reports.
According to a classified report by the German interior ministry, obtained by the German newspaper Netzpolitik, RCIS has been under development since early 2016 and can crack the encryption built into WhatsApp, Telegram, Signal and other messaging services by directly hacking the phones and reading messages directly from targets' screens.
According to the classified report, Germany's security services also plan to use spy tech developed by private firms for its expanded surveillance efforts. The secret interior ministry report allegedly reveals that Germany's security forces have already purchased surveillance tech known as FinSpy from Gamma International, to be used as a backup, in case RCIS, which was allegedly developed by the German Federal Criminal Police (BKA) got leaked or compromised.
FinSpy is allegedly capable of remotely recording all calls and messages (both SMS as well as other messaging apps). The surveillance software can also remotely turn on a device's camera, microphone, as well as locate and track a device in real time. Gamma International has reportedly altered FinSpy three times already, in compliance with German law.
"People don't realize that this malware endangers the security of the whole device," German Pirate Party member Frank Herrmann told Deutsche Welle, adding that "the technological intervention is much more severe than just listening in on a phone call."
The efforts to expand state hacking and surveillance powers appear to be a current, escalating trend in Europe. In June, Germany reportedly passed a law granting the police powers to hack into devices of people suspected of criminal and/or terrorism related activities.
In the wake of the Westminister attack in March, UK home secretary Amber Rudd deemed end-to-end encryption in messaging apps as "absolutely unacceptable," pushing for an expansion of the government's surveillance powers. However, despite UK politicians' stance against encryption, security experts have overwhelmingly backed it. Former GCHQ boss Robert Hannigan has previously spoken out against creating encryption backdoors.
"Encryption is overwhelmingly a good thing," Hannigan said in an interview with BBC. "It keeps us all safe and secure. Throughout the Cold War and up until 15 years ago it was something only governments could do at scale."
"I don't advocate building in backdoors," Hannigan said. "It's not a good idea to weaken security for everybody in order to tackle a minority. Trying to weaken the system, trying to build in backdoors won't work and is technically difficult," Hannigan added.
"We're seeing efforts to legislate for hacking powers in the UK, in Austria, in Italy, and Germany," Erin Omanovic from Privacy International told Deutsche Well. "There's more of a cultural sensitivity in Germany than other countries, but what we're seeing in this legislation is that Germany is one of the most advanced countries for surveillance."
"Some of these capabilities have already been practised across Europe," Omanovic added. "The UK, for example, has been engaged in hacking but just hasn't legalised it. There's a complete lack of safeguards and oversight over the use of this type of technology."