SEA has stolen invoices that shows Microsoft charges FBI for user data

A collection of emails hacked by the group Syrian Electronic Army shows that Microsoft charges the FBI’s Digital Intercept Technology Unit for user data.

No more than a week ago hackers of the group Syrian Electronic Army (SEA) published online documents leaked from US CENTCOM repository, now the pro President Bashar al-Assad sad hacking team successfully penetrated the FBI’s super-secret Digital Intercept Technology Unit (DITU) and it has stolen different invoices from Microsoft.

The Daily Dot revealed the disconcerting news, Microsoft seems to be paid by the US Governments for the customer information provided to the FBI.

“Microsoft often charges the FBI’s most secretive division hundreds of thousands of dollars a month to legally view customer information, according to documents allegedly hacked by the Syrian Electronic Army.”

The SEA team has targeted Microsoft many times in this year, its blog and social media were hacked and in a recent spear phishing attack, unknown attackers breached the email accounts of Microsoft staff accessing to documents on law enforcement inquiries.One of the messages spread by SEA after the Microsoft hack stated:

“Don’t use Microsoft emails (hotmail,outlook), They are monitoring your accounts and selling the data to the governments.”

After the disclosure of the PRISM surveillance program, Microsoft company as always denied to have supported Government monitoring activities, but groups of hackers like Anonymous and Syrian Electronic Army (SEA) always accused the company. Despite IT giants denied any support to the US authorities, a few days ago the agency general counsel Rajesh De confirmed that big tech companies including Yahoo and Google provided ‘full assistance’ in the legally mandated collection of data.

SEA accessed for sensitive information from FBI Digital Intercept Technology Unit (DITU), discovering a series of documents that confirm the business relationship with Microsoft. The invoices stolen and analyzed by the DailyDot reveals that Microsoft charged the DITU $145,100 in December 2012, a cost of $100 per each data request. Curiously the price for data request is increasing in time passing from $200 in August 2013 up to $281,000 in November 2013, probably due Snowden case.

“In December 2012, for instance, Microsoft emailed DITU a PDF invoice for $145,100, broken down to $100 per request for information, the documents appear to show. In August 2013, Microsoft allegedly emailed a similar invoice, this time for $352,200, at a rate of $200 per request. The latest invoice provided, from November 2013, is for $281,000.”

The DITU was also mentioned in of of the slides leaked by Snowden as visible in the below image.

It is alarming the frequency of the government calls on Microsoft and other tech companies for information related to their customers, as demonstrated by the invoices the sale of information is a profitable business and it is likely that other companies support Government activities.

“Only the earliest of the Microsoft invoices provided by the SEA, dated May 10, 2012, breaks down requests by type of legal request, and it shows them to all explicitly come legally, though nothing in the documents indicates the later invoices refer to illegal surveillance. User information by a subpoena costs $50, a court order $75, and a search warrant $100. The requests come from FBI offices all around the U.S.”

Principal activists and cyber experts believe that the government should be transparent about how much it pays for monitoring requests, according ACLU Principal Technologist Christopher Soghoian, the documents “reiterated his stance that charging a small fee is a positive, in part because it creates more of a record of government tracking”.

In time I’m writing, there are no news on the authenticity of the documents, Microsoft and DITU refused to comment.

Pierluigi Paganini

(Security Affairs – Sysrian Electronic Army, Microsoft)

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.