As law enforcement agencies look to increase their digital capabilities with tools such as spyware, a plethora of companies are trying to cash in. One of those, an India-based firm called Aglaya, recently offered an eyebrow-raising, if likely exaggerated, product: what it describes as the cyber equivalent to a nuclear strike.
A previously unpublished Aglaya brochure obtained by Motherboard highlights some of the ridiculous wares less legitimate actors in the multi-billion dollar surveillance industry are trying to peddle, including at high profile fairs attended by government agencies.
“This ability enables an agency to instantly disable or destroy a target. Cyber strike capability is an ‘always online weapon’ that can be fired at any IP connected terminal with power to disable or destroy a target permanently,” a copy of the brochure reads, referring to Aglaya’s self-described “Cyber Strike” product. “This weapon is comparable to a Nuclear Strike that can destroy city wide Cyber infrastructure or render a county wide IP communications ineffective,” the brochure adds.
It’s not totally clear what Aglaya’s cyber strike would even constitute, be that a distributed-denial-of-service (DDoS) attack, where a target is bombarded with so much traffic it ceases to function, or something else. Dr. Ankur Srivastava, founder and president of military and intel sales at Aglaya, did not respond to multiple requests for comment.
This over-the-top rhetoric of nuclear missiles and all things cyber is, funnily enough, not all that distant from the panic-ridden calls of a “cyber Pearl Harbor” that has consistently cropped up in media reports and political statements, despite it not being clear what such an event would even look like.
Before taking all of that too seriously, it’s worth remembering Aglaya’s reputation. Motherboard previously published another Aglaya brochure, which showed the firm was offering dodgy services to pollute internet search results and social networks, including Facebook and Twitter, and “manipulate current events,” alongside more ordinary products such as iPhone and Android spyware. One surveillance industry source previously told Motherboard that Aglaya’s spyware was “crap,” and Forbes found links between Aglaya and the highly controversial consumer spyware market, where ordinary people can purchase malware to spy on their spouse.
Even if Aglaya is not the most sought-after actor in the surveillance industry, the new brochure still shows the sort of capabilities some firms are apparently willing to sell. The document was especially targeted towards law enforcement agencies.
“Manual intended for law enforcement use. Public distribution is strictly prohibited,” the cover reads.
The section on the ‘cyber strike’ adds, “As an offensive capability Cyber Strike targets an enemy infrastructure of vital interest in sensitive times such as War, and renders ‘disabled’ or ‘destroyed.’” Others have uploaded similar brochures online, but this version offering nuclear cyber strikes does not appear to have been publicly distributed before.
Aglaya was present at last year’s Defence and Security Equipment International (DSEI) trade show in London. In the background of one photo, taken by independent journalist Matt Kennard, the ‘cyber strike’ capability is clearly mentioned in Aglaya’s marketing material.
Aglaya’s brochure also mentions a geolocation product based on SS7, a network and related protocol that mobile phones use to route messages and calls. This sort of service is increasingly popular among surveillance companies, with at least a dozen now offering the ability to track phones across the planet. The document also includes an alleged “Skype decryptor” product, which it claims can obtain Skype contacts and chat history when deployed within the target’s internet service provider.
“While focusing solely on Government Solutions, our efforts have been to transfer technology and training to our customers to position ourselves as a long term partner,” the brochure adds.