CSA looking into Singapore cybersecurity firm blacklisted by US for trafficking hacking tools
COSEINC describes itself on its website as a “privately funded company dedicated to providing highly specialised information security services to our clients”. It was founded in 2004 and is based at the Citilink Warehouse Complex on 102F Pasir Panjang Road.
According to its website, the company’s services include research, consulting and education, in areas such as computer security, malware analysis and penetration testing. Accounting and Corporate Regulatory Authority records show that it is a live company.
COSEINC’s chief executive officer is Mr Thomas Lim, according to his LinkedIn page. His most recent post, about a month ago, said he could help anyone looking to hire “trained and certified” cybersecurity professionals.
Reuters reported on Nov 4 that Mr Lim is known for organising a security conference, named SyScan, which was sold to Chinese technology firm Qihoo 360, a sanctioned entity.
An email published by WikiLeaks in 2015 suggested that Mr Lim had also previously offered to sell hacking tools to Italian spyware vendor HackingTeam, the report said.
COSEINC did not respond to CNA’s request for comments. The telephone number listed on the company’s website could not be reached.
THREE OTHER COMPANIES BLACKLISTED
COSEINC was one of four companies added to the trade blacklist by the US last week, with the other three being Russia’s Positive Technologies as well as Israel’s Candiru and NSO Group.
NSO Group and Candiru were added to the list based on evidence that they “developed and supplied spyware to foreign governments that used these tools to maliciously target government officials, journalists, business people, activists, academics and embassy workers”, said the US Department of Commerce on Nov 3.
NSO Group is the developer of Pegasus, a type of malware that infects iPhones and Android devices to enable operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones.
Investigations have shown that some governments have used Pegasus to target rights activists, journalists and politicians around the world, with possible targets in Singapore. NSO Group has denied these reports.