How Western spyware is being used to shut down Arab rights activists
Since the Arab Spring seven years ago, autocratic regimes have spent millions on Western firms' technology to steal activists' contacts, listen in on their conversations, and more.
Since the Arab Spring seven years ago, autocratic regimes have spent millions on Western firms' technology to steal activists' contacts, listen in on their conversations, and more.
For veteran observers in the Middle East, the revelation that the UAE may have hacked Qatar鈥檚 news agency, precipitating a diplomatic crisis, reads like the rejected plot for a spy novel. Yet for democracy and human rights activists across the Arab world, the scenario is all too familiar 鈥 and all too real.
Since the so-called Arab Spring erupted seven years ago, Arab governments and intelligence agencies have spent millions on spyware, malware, and hacking services, experts and analysts say,听waging a digital battle against听their own citizens.
Regimes are using spyware from Western companies to take down those who dare to demand democracy and human rights, often by infiltrating the same technologies that activists used to take down dictatorial regimes 鈥 such as Facebook and Skype.听
Arab activists in the Gulf and North Africa tell of receiving urgent text messages and emails from colleagues asking for information or setting up meetings 鈥 messages that听their colleagues听never typed 鈥 setting traps that would lead to meetings being busted, protests averted, and activists arrested.
鈥The hacking industry 鈥 has become a very big, billion-dollar business, and these governments are doing what they have always done, using technology to keep track of their citizens,鈥 says Fred Kaplan, author of听鈥Dark Territory: The Secret History of Cyber War.鈥
鈥淥n the one hand activists can talk to each other more and amass crowds like we saw in the Arab Spring,鈥 he says. 鈥淏ut once communications are open, they are open both ways.鈥澨
Response to protests
As protests erupted across the Arab world in 2011, several Arab governments opened million-dollar contracts with Western companies to provide surveillance and hacking solutions, according to experts and releases by WikiLeaks.
Milan-based Hacking Team has听signed two different contracts in Egypt, three in Saudi Arabia, and one each in Bahrain, the UAE, and Oman, according to experts and WikiLeaks.听
In June, BBC Arabic revealed that UK-based defense giant BAE used a Danish subsidiary to sell its Evident surveillance systems to Saudi Arabia, the UAE, Qatar, Oman, Morocco, and Algeria. Evident allows users to monitor and track users at a national level and decrypt messaging software previously thought to be impervious to such snooping.听
Activists and experts say Arab regimes often go after high-profile opposition leaders, human rights activists, and lawyers. But they are not the intended target听of such surveillance.
Arab intelligence services likely听already have听detailed files on such figures, compiled through traditional intelligence-gathering methods. What they are truly after, say experts, are activists鈥 personal contacts, chat history, and anything else that leads to听lower-profile听sympathizers.听
鈥淧eople who are not publicly against the government, but who are silently supporting the cause, are almost always the target,鈥 says Bill Marczak, senior research fellow at Citizen Lab at the University of Toronto, which tracks governments鈥 cyberwarfare and provides technical support for beleaguered activists across the听world.
鈥淭hey can be tracked through personal email contacts, phone contacts, chats 鈥 that is the goal.鈥
鈥楪uns for hire鈥
As Arab governments鈥 technological capabilities are still nascent, they rely almost exclusively on spyware, phishing, and hacking services from Western companies described by tech experts as 鈥済uns for hire,鈥 which are able to take advantage of legal loopholes to sell to authoritarian governments.
A sampling of cases from the past seven years reveals how vital Western firms鈥 tools have been to autocratic regimes 鈥 and how little success human rights activists have had in pressuring those firms not to sell their technology for such uses.听
Bahrain, which is embroiled in a bloody crackdown against its Shiite population and dissidents, has used spyware known as FinFisher. Targets would be sent emails with politically charged subject lines, and attachments purporting to contain information about the status of an arrested activist, or on the opposition, but in fact containing malicious spyware that would access activists鈥 devices and take all their contacts and data.听Activists analyzing WikiLeaks-released conversations between Bahrain and Anglo-German firm Gamma Group, which sells FinFisher, matched the targets鈥 IP addresses with Bahraini activists in Britain.
The UAE used Israeli spyware to infect the iPhone of Emirati dissident Ahmed Mansoor, experts who tested his phone say, believing that the information gathered from his phone likely led to his rearrest by Emirati authorities this April. The spyware, sold by NSO Group, transmits all communications and location of the targeted iPhone, including communications on WhatsApp, Telegram, and Skype 鈥 encrypted messaging services favored by activists 鈥 along with iMessage, Gmail, Viber, and Facebook.
Egypt entered a 1 million euro ($1.16 million) contract with Milan-based Hacking Team for its Remote Controlled System, according to the听UK-based civil liberties advocate Privacy International. Egypt has reportedly used RCS to monitor and hack not only Apple computers and iPhones, but pirated copies of Microsoft Windows 鈥 favored by an estimated 90 percent of computer users in Egypt.
According to Citizen Lab, a recent phishing campaign allegedly led by Egyptian authorities has targeted seven NGOs and several Egyptian lawyers, journalists and independent activists 鈥 all of whom have been named and implicated in the Case 173, the legal case brought by the Egyptian government against NGOs over foreign funding.听
Arab security officials from two different countries, who declined to be quoted, defended the purchase of surveillance system as an 鈥渆ssential tool in the fight against terrorism.鈥 In order to bust sleeper cells and foil IS-inspired terror plots, they claim they need mass surveillance 鈥 a听claim听they reportedly use听to justify the use听of such tools to their Western allies.听
Human rights groups have tried to hold Western firms accountable. In 2014, Privacy International, acting on behalf of Bahraini activists residing in Britain, sent a criminal complaint against Gamma to the National Cyber Crime Unit of the British National Crime Agency.
However, to date no legal action has been taken against the firm, and despite pressure from human rights groups, experts claim companies such as Gamma and Hacking听Team continue to sell their products to governments while distancing themselves from how their products are being used.
How activists have changed their methods
Egyptian activists say they now meet behind closed doors, leaving their mobiles and laptops behind. In the Gulf, human rights activists 鈥 who refused to allow their names or locations to be revealed due to security concerns 鈥 are forced to use 鈥渒ey words鈥 and code to discuss any issue in the country.
Although they are unlikely to听gain a听technical edge听over听Western spyware for hire, experts say human rights activists recognize that the tactic behind all the diverse attacks: social engineering that makes the ultimate 鈥渃lick-bait.鈥澨鼳nd that is something that can be guarded against, to some extent.
鈥淭hese messages are crafted to appeal to a person鈥檚 emotions and curiosity; they create a sense of urgency and tell users, 鈥楥lick the link soon or there will be consequences,鈥欌 says Mr. Marczak.
鈥淭he key is for people to be aware for how this happens and look for the signs.鈥