Army Denies Buying Web Security Cracking Devices

The director of Army Cyber Center, Maj. Gen. Rittee Intravudh in an undated file photo. Photo : Matichon

BANGKOK — Hacktivists posted online Tuesday documents they say contradict army denials it has purchased decryption devices that would allow access to encrypted computer traffic.

As cyber battles sparked by the passage of the new Computer Crime Act continue, online activist group Citizens Against Single Gateway on Monday posted screenshots purportedly obtained from an army procurement database. Listed among purchases were items used to crack the standard security protocols people use to access web servers securely.

“I can assure that there is no such equipment in the army’s procurement plan,”  the director of Army Cyber Center, Maj. Gen. Rittee Intravudh, said in response Monday. “This issue can be looked into. Because no organization under the army has any reason to use such a device.”

SSL or Secure Sockets Layer is the standard protocol widely used to encrypt data between a user’s browser and web server to ensure privacy. In 2013 it came to light that the U.S. NSA had developed a means to defeat SSL.

Rittee said the information was distorted by the opposition in order to attack the army. He said he had no idea where the images came from.

Online activists have been bringing government, police and military sites down in protest of the new Computer Crime Act since it was approved unanimously on Dec.16. They also posted some pictures they claimed prove they are able to penetrate government systems.

On Monday Deputy Prime Minister Prawit Wongsuwan said nine people were detained for hacking government websites, but only a 19-year-old man was handed over to police. No details were given about the other eight detainees.

Responding to the Rittee’s dismissive response, the group posted on Tuesday another document showing the Ministry of Information and Communication Technology formed a committee in 2014 to monitor online media. It was also tasked to test decryption systems to find the best one for use.

In 2015 the Thai army and police were found to be customers of a surveillance malware and intrusion system designed by a vendor called Hacking Team in order to get into private mobile phone and computer systems, according to the document obtained by WikiLeaks.

The military regime says it has no intention of trampling rights and needs better tools to fight cyber crimes, most significantly, cases of royal defamation. It was also used these powers to prosecute its persistent critics.