Morgan Marquis-Boire


Morgan Marquis-Boire is a New Zealand-born hacker, journalist, and security researcher. In late 2017 he was accused of at least ten sexual assaults.
He was the Director of Security at First Look Media and a contributing writer at The Intercept. His research on security, surveillance and censorship has been on the front pages of The New York Times and The Washington Post, and covered in news media including the BBC News, Bloomberg, The Wall Street Journal, and Der Spiegel.
His work tracking the digital component of the ongoing Syrian Civil War is in the book Black Code: Inside the Battle for Cyberspace.
Marquis-Boire previously served as an advisor to the Freedom of the Press Foundation. He was a Special Advisor to the Electronic Frontier Foundation and advisor to the United Nations Interregional Crime and Justice Research Institute.
Marquis-Boire resigned in September 2017 from his position on the technical advisory group at Citizen Lab, a multi-disciplinary advanced research laboratory at the University of Toronto. Citizen Lab later disclosed that, after his resignation, it received an allegation of a 2014 sexual assault involving Marquis-Boire.
He has been profiled by Wired, CNN, Süddeutsche Zeitung, and Tages Anzeiger. He was one of Wired Italy 's Top 50 people of 2014. In March 2015 he was named a Young Global Leader.

Early life

Marquis-Boire was born in New Zealand. He began hacking as a teenager under the name headhntr. He holds a bachelor's degree in political science from the University of Auckland.

Internet censorship research

Marquis-Boire conducted research into Blue Coat Systems, a Palo Alto company which provides Internet blocking and monitoring solutions. Reports include Some Devices Wander by Mistake: Planet Blue Coat Redux, and Planet Blue Coat: Mapping Global Censorship and Surveillance Tools. This research has been covered in news media including the front page of the Washington Post, the New York Times, the Globe and Mail, and the Jakarta Post.
Following the publication of these reports, Blue Coat Systems announced that it would no longer provide “support, updates, or other services” to software in Syria. In April 2013, the US government's Bureau of Industry and Security imposed a fine of USD 2.8 million on the Emirati company responsible for purchasing filtering products from Blue Coat and exporting them to Syria without a license.

Internet surveillance research

Marquis-Boire has conducted research on the global proliferation of targeted surveillance software and toolkits, including FinFisher and Hacking Team.
FinFisher is a suite of remote intrusion and surveillance software developed by Munich-based Gamma International GmbH, marketed and sold exclusively to law enforcement and intelligence agencies by the UK-based Gamma Group. In 2012, Morgan Marquis-Boire and Bill Marczak provided the first public identification of FinFisher's software. Marquis-Boire and collaborators have done investigations into FinFisher including: revealing its use against Bahraini activists, analyzing variants of the FinFisher suite that target mobile phone operating systems, uncovering targeted spying campaigns against political dissidents in Malaysia and Ethiopia, and documenting FinFisher command and control servers in 36 countries. This research has informed responses from civil society organizations in Pakistan, Mexico, and the United Kingdom. In Mexico, local activists and politicians collaborated to demand an investigation into the state’s acquisition of surveillance technologies. In the UK, it led to a crackdown on the sale of the software over worries of misuse by repressive regimes.
Hacking Team is a Milan, Italy-based company that provides intrusion and surveillance software called Remote Control System to law enforcement and intelligence agencies. Marquis-Boire and collaborators have mapped out RCS network endpoints in 21 countries, and have provided evidence of RCS being used to target a human rights activist in the United Arab Emirates, a Moroccan media organization, and an independent news agency run by members of the Ethiopian diaspora. Following the publication of these reports, the EFF and Privacy International took legal action related to allegations that the Ethiopian government had compromised the computers of Ethiopian expatriates in the US and the UK.
At the 23rd USENIX Security Symposium, Marquis-Boire and other researchers released the paper When Governments Hack Opponents: A Look at Actors and Technology, examining the government targeting of activists, opposition members, and NGOs observed in Bahrain, Syria, and the United Arab Emirates.

Digital campaigns in the Syrian Civil War

From 2012 to 2017, Marquis-Boire reported on digital campaigns targeting Syrian activists with the EFF and Citizen Lab. Many of these findings were translated into Arabic and disseminated along with recommendations for detecting and removing malware.
This work has been on the cover of BusinessWeek, and covered in The New York Times, Al Jazeera, and Wired.
On December 31, 2013, Marquis-Boire gave an interview covering this work on the NPR radio show All Things Considered.

Other work

In 2012, he gave a presentation on the use of targeted malware attacks during the Arab Spring at the Black Hat Briefings in Las Vegas which covered the use of malware campaigns for the purposes of digital surveillance and espionage in Libya, Syria, Bahrain, Morocco, and Iran.
He released a paper with Eva Galperin of the EFF on the targeting of the Vietnamese diaspora with malware attacks. This detailed an ongoing state-sponsored hacking campaign targeting prominent bloggers, academics, and journalists.
Marquis-Boire has given interviews in the wake of the global surveillance disclosures with Die Zeit, International Business Times, and Dazed. He was named in Al Jazeera's "Media Trends to Watch in 2015".
Shane Huntley and Marquis-Boire co-authored a paper on government targeting of journalists and media organizations presented at Black Hat Singapore 2014. This paper reported that 21 of the world's top 25 media organizations had been targeted by state-sponsored hacking.
In April, 2015, Marquis-Boire spoke at the Western Regional Conference of the Society of Professional Journalists in San Francisco, California and presented a paper entitled "Data Security for Beginners".
At Black Hat USA 2015, held in Las Vegas in August, Marquis-Boire presented a paper entitled "Big Game Hunting: The Peculiarities of Nation-State Malware Research".
Marquis-Boire presented a paper entitled "Security for Humans: Privacy and Coercion Resistant Design" at the Strange Loop Conference in St. Louis, Missouri, in September 2015.
In May 2016, he was in the "State of Surveillance" episode of the HBO series Vice, along with Edward Snowden and Ron Wyden.

Resignation and sexual assault allegations

In September 2017, Marquis-Boire resigned from his position as a senior researcher at Citizen Lab. In October, the organization cut all ties with him after it had been informed that he had been accused of sexually assaulting an individual at the 2014 Cyber Dialogue event. The EFF also released a statement saying that Marquis-Boire was no longer associated with them. In November, The Verge published a report of specific claims of assault and rape, and a second article contained more claims, including alleged quotes and chat extracts where Marquis-Boire admits to having "drunkenly sexually assaulted or raped women — the exact number of which I am currently determining." The number of women quoted in the articled as having been sexually assaulted or raped is at least ten.