,
25 tweets,
13 min read
Read on Twitter
Next up at #HewlettVerify is @RonDeibert from @citizenlab to do a presentation before a talk with @NPRDina. Tweets to follow.
@RonDeibert @citizenlab @NPRDina @RonDeibert says @citizenlab is a counterintelligence organization for civil society.
They track the proliferation and abuse of commercial spyware.
They track the proliferation and abuse of commercial spyware.
@RonDeibert @citizenlab @NPRDina Begins with the story of Ahmed Mansoor, a human rights defender in the UAE, who received some weird sms messages trying to get him to click.
@RonDeibert @citizenlab @NPRDina Domains linked to an israeli intelligence group that worked for governments to investigate criminals and terrorists.
Checking the device, could see the exploit chain. Apple closed exploit, which affected over 1B devices.
Checking the device, could see the exploit chain. Apple closed exploit, which affected over 1B devices.
@RonDeibert @citizenlab @NPRDina Mansoor targeted by his own government using spyware from three separate vendors.
Later UAE arrested him, sentenced to 10 years in prison for "insulting the regime."
Later UAE arrested him, sentenced to 10 years in prison for "insulting the regime."
@RonDeibert @citizenlab @NPRDina Then Mexican journalist targeted from similar exploit kit from Israelis.
Resarchers looked into it and found more targets from this NSO Group.
This group began targeting anti-obesity advocates with sms messages suggesting a family emergency.
Resarchers looked into it and found more targets from this NSO Group.
This group began targeting anti-obesity advocates with sms messages suggesting a family emergency.
Turns out 25 in Mexico were targeted by this NSO group's spyware, including media, law, public health, government, etc.
Also tracked one particular spyware company because they left logs on a server without password protection, and could see who they had pitched to.
Also, telling story of targeting of Omar Abdulaziz who was friends with Jamal Khashoggi, and in sms contact with him shortly before he disappeared.
Also finding cybersecurity market booming, but unregulated and prone to abuse, especially on commercially available offensive tools.
One challenge is that civil society groups are not paying clients for the threat industry, so they are often left unprotected.
Effort to designate intrusion software as an export controlled software (instead of focusing on the companies) could have complicated @citizenlab's work.
@citizenlab @citizenlab also started writing to investor groups to let them know that NSO group was committing these abuses, so it created reputational risk.
@citizenlab Then an Israeli Group attempted to infiltrate @citizenlab.
@citizenlab apnews.com/9f31fa2aa72946…
The group, Black Cube, is known for targeting @ColinKahl & @brhodes) newyorker.com/news/news-desk…
The group, Black Cube, is known for targeting @ColinKahl & @brhodes) newyorker.com/news/news-desk…
In conversation with @NPRDina, @RonDeibert says @citizenlab found three associates of Khashoggi targeted by NSO group.
@NPRDina @RonDeibert @citizenlab @NPRDina asks @RonDeibert whether he fears indictment.
They're not hacking, have good lawyers, and have a research ethics protocol.
They're not hacking, have good lawyers, and have a research ethics protocol.
@NPRDina @RonDeibert @citizenlab How do you distinguish between @citizenlab and @wikileaks?
We're university based, treat everyone we interact with as a research subject. Don't claim to be journalists. Doesn't like how they don't redact.
We're university based, treat everyone we interact with as a research subject. Don't claim to be journalists. Doesn't like how they don't redact.
@NPRDina @RonDeibert @citizenlab @wikileaks Talks about @citizenlab report on GhostNet which was an effort to understand how China was spying on the Dalai Lama.
Report here: citizenlab.ca/2009/03/tracki…
Report here: citizenlab.ca/2009/03/tracki…
Now audience Questions.
Lessons for journalists?
What do you *not* see?
NSO suits, what's up with that?
Reaching Omar through non-electronic means?
Are there vulnerabilities we should know about?
Lessons for journalists?
What do you *not* see?
NSO suits, what's up with that?
Reaching Omar through non-electronic means?
Are there vulnerabilities we should know about?
Details on suits against private surveillance companies: citizenlab.ca/2018/12/litiga…
Litigation can impose penalties on companies, can find out limitations on targeting.
Litigation can impose penalties on companies, can find out limitations on targeting.
We're missing a lot. For those who are professional, they're staying away from these companies.
They're opportunistically identifying companies, not systematically. Israelis are leaders in this space, in part from entrepreneurial culture.
They're opportunistically identifying companies, not systematically. Israelis are leaders in this space, in part from entrepreneurial culture.
Vulnerabilities on devices?
No particular expertise, but
when crossing a border, you're moving through an area where you lose all your rights.
No particular expertise, but
when crossing a border, you're moving through an area where you lose all your rights.
What next?
Have other projects. Interested in Chinese social media applications. Can identify the key words that trigger surveillance.
Also on disinformation campaigns.
Thanks, folks. that's a wrap!
Have other projects. Interested in Chinese social media applications. Can identify the key words that trigger surveillance.
Also on disinformation campaigns.
Thanks, folks. that's a wrap!
