, 25 tweets, 13 min read Read on Twitter
Next up at #HewlettVerify is @RonDeibert from @citizenlab to do a presentation before a talk with @NPRDina. Tweets to follow.
@RonDeibert @citizenlab @NPRDina @RonDeibert says @citizenlab is a counterintelligence organization for civil society.

They track the proliferation and abuse of commercial spyware.
@RonDeibert @citizenlab @NPRDina Begins with the story of Ahmed Mansoor, a human rights defender in the UAE, who received some weird sms messages trying to get him to click.
@RonDeibert @citizenlab @NPRDina Domains linked to an israeli intelligence group that worked for governments to investigate criminals and terrorists.

Checking the device, could see the exploit chain. Apple closed exploit, which affected over 1B devices.
@RonDeibert @citizenlab @NPRDina Mansoor targeted by his own government using spyware from three separate vendors.

Later UAE arrested him, sentenced to 10 years in prison for "insulting the regime."
@RonDeibert @citizenlab @NPRDina Then Mexican journalist targeted from similar exploit kit from Israelis.

Resarchers looked into it and found more targets from this NSO Group.

This group began targeting anti-obesity advocates with sms messages suggesting a family emergency.
Turns out 25 in Mexico were targeted by this NSO group's spyware, including media, law, public health, government, etc.
Also tracked one particular spyware company because they left logs on a server without password protection, and could see who they had pitched to.
Also, telling story of targeting of Omar Abdulaziz who was friends with Jamal Khashoggi, and in sms contact with him shortly before he disappeared.
Also finding cybersecurity market booming, but unregulated and prone to abuse, especially on commercially available offensive tools.
One challenge is that civil society groups are not paying clients for the threat industry, so they are often left unprotected.
Effort to designate intrusion software as an export controlled software (instead of focusing on the companies) could have complicated @citizenlab's work.
@citizenlab @citizenlab also started writing to investor groups to let them know that NSO group was committing these abuses, so it created reputational risk.
@citizenlab Also, lawsuits against NSO group.

nytimes.com/2018/12/02/wor…
@citizenlab Then an Israeli Group attempted to infiltrate @citizenlab.
In conversation with @NPRDina, @RonDeibert says @citizenlab found three associates of Khashoggi targeted by NSO group.
@NPRDina @RonDeibert @citizenlab @NPRDina asks @RonDeibert whether he fears indictment.

They're not hacking, have good lawyers, and have a research ethics protocol.
@NPRDina @RonDeibert @citizenlab How do you distinguish between @citizenlab and @wikileaks?

We're university based, treat everyone we interact with as a research subject. Don't claim to be journalists. Doesn't like how they don't redact.
@NPRDina @RonDeibert @citizenlab @wikileaks Talks about @citizenlab report on GhostNet which was an effort to understand how China was spying on the Dalai Lama.

Report here: citizenlab.ca/2009/03/tracki…
Now audience Questions.

Lessons for journalists?
What do you *not* see?
NSO suits, what's up with that?
Reaching Omar through non-electronic means?
Are there vulnerabilities we should know about?
Details on suits against private surveillance companies: citizenlab.ca/2018/12/litiga…

Litigation can impose penalties on companies, can find out limitations on targeting.
We're missing a lot. For those who are professional, they're staying away from these companies.

They're opportunistically identifying companies, not systematically. Israelis are leaders in this space, in part from entrepreneurial culture.
Vulnerabilities on devices?
No particular expertise, but
when crossing a border, you're moving through an area where you lose all your rights.
What next?

Have other projects. Interested in Chinese social media applications. Can identify the key words that trigger surveillance.

Also on disinformation campaigns.

Thanks, folks. that's a wrap!
Missing some Tweet in this thread?
You can try to force a refresh.

Like this thread? Get email updates or save it to PDF!

Subscribe to Mieke Eoyang
Profile picture

Get real-time email alerts when new unrolls are available from this author!

This content may be removed anytime!

Twitter may remove this content at anytime, convert it as a PDF, save and print for later use!

Try unrolling a thread yourself!

how to unroll video

1) Follow Thread Reader App on Twitter so you can easily mention us!

2) Go to a Twitter thread (series of Tweets by the same owner) and mention us with a keyword "unroll" @threadreaderapp unroll

You can practice here first or read more on our help page!

Follow Us on Twitter!

Did Thread Reader help you today?

Support us! We are indie developers!


This site is made by just three indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3.00/month or $30.00/year) and get exclusive features!

Become Premium

Too expensive? Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal Become our Patreon

Thank you for your support!