World News

Has Serbia hacked the phones of activists, journalists? Why? | Intelligence News

Photo of tamiah312 tamiah312 Send an email December 19, 2024
2 7 minutes read
Has Serbia hacked the phones of activists, journalists? Why? | Intelligence News

Amnesty International has revealed that the phones of Serbian activists and journalists have been hacked by Serbian intelligence and police using Israeli spyware and other mobile surveillance tools.

The software is being used to “unlawfully target journalists, environmental activists and other people in a covert surveillance campaign”, Amnesty said on Monday.

Most of the people who were targeted have not been arrested or charged, it added.

The Serbian Security Intelligence Agency, known as BIA, has denied allegations that the spyware was used illegally.

“The research tool is used in the same way by other police forces around the world,” the statement said. “Therefore, we cannot even comment on the nonsense allegations coming from them [Amnesty’s] text, just as we don’t often comment on the same content.”

So what happened in Serbia and what does it all mean?

How did the use of spyware come about?

According to Amnesty’s 87-page report titled A Digital Prison: Surveillance and the Suppression of Civil Society in Serbia, freelance journalist Slavisa Milanov was taken to a police station after what appeared to be a routine traffic stop in February.

When he retrieved his phone after the police interview, Milanov noticed that both the data and Wi-Fi settings had been disabled. Seeing this as a possible indication of hacking, Milanov contacted the Amnesty International Security Lab and requested an examination of his mobile phone.

The lab found digital traces of Cellebrite’s Universal Forensic Extraction Device (UFED) software technology, which appears to have been used to unlock Milanov’s Android device.

It also found spyware that Amnesty said was previously unknown – a program called NoviSpy – that had been installed on Milanov’s phone.

Milanov said that he was not told that the police intended to search his phone and that the police did not give any legal reasons for doing so. He said he did not know what specific data was extracted from his phone.

Amnesty said the use of this type of technology without proper authorization is “illegal”.

“Our investigation reveals how the Serbian authorities have used surveillance technology and digital repression tactics as tools of state control and repression against the public,” said Dinushika Dissanayake, Amnesty International’s deputy regional director for Europe.

What did the Amnesty investigation find?

Amnesty International’s investigation made two important findings. First, it found “forensic evidence” showing the use of Cellebrite technology to access the reporter’s device.

Cellebrite, a digital intelligence company based in Israel, produces data extraction technology that is widely used by law enforcement agencies around the world, especially in the United States.

In response to Amnesty’s report, Cellebrite issued a statement saying: “We are investigating the claims made in this report and intend to take action consistent with our ethics and contracts, including terminating Cellebrite’s relationship with any relevant parties.”

Amnesty also found a second type of spyware on the journalist’s phone. It is not clear who created NoviSpy or where it came from.

This technology appears to be capable of allowing attackers to remotely access and extract confidential information from infected smartphones.

NoviSpy, which can be used to retrieve data from Android devices, may also provide unauthorized control over the device’s microphone and camera, posing significant privacy and security risks, the report found.

Amnesty’s report said: “Analysis of multiple samples of the NoviSpy spyware application found on infected machines, it was found that they all communicate with servers hosted in Serbia, both to receive commands and surveillance data. Notably, one of these spyware samples was configured to connect directly to an IP address range directly associated with the Serbian BIA.”

NoviSpy works in a similar way to commercial spies such as Pegasus, a sophisticated spy developed by the Israeli cyberintelligence company NSO, which was involved in a hacking scandal highlighted in 2020.

According to the report, the NoviSpy program infiltrates devices, captures multiple screenshots showing sensitive information such as the contents of email accounts, Signal and WhatsApp chats and social media interactions.

[Screengrab/Amnesty]

In another incident reported by Amnesty International involving NoviSpy software in October, Serbian authorities summoned to the BIA office an activist from the Belgrade-based NGO Krokodil, a non-governmental organization focused on culture, literature and social media.

While the activist was in the interview room, the activist’s Android phone was left outside unattended. Subsequent forensic testing by Amnesty International’s Security Lab revealed that during this time, NoviSpy spyware had been secretly installed on the phone.

Why are journalists and activists targeted?

Amnesty International and other human rights organizations say that spyware attacks are being used to stifle media freedom and widely control communications between countries.

“This is an incredibly effective way to completely eliminate human contact. Anything you say can be used against you, disabling on both personal and technical levels,” said the activist targeted by Pegasus spyware and referred to in the report as “Branko”. Amnesty said it has changed some names to protect people’s names.

“Goran” (his name has been changed), an activist who is also targeted by Pegasus spyware, said: “We are all in a digital prison, a digital gulag. We have the illusion of freedom, but in reality, we have no freedom at all. This has two consequences: you can choose to self-examine, which greatly affects your ability to do work, or you choose to speak regardless, in which case, you must be prepared to face the consequences.”

Spyware can be used to intimidate or prevent journalists and activists from reporting information about people in power, Amnesty said.

In February, Human Rights Watch (HRW) published findings that from 2019 to 2023, Pegasus spyware was used to target at least 33 people in Jordan, including journalists, activists and politicians. HRW commissioned the report from Access Now, a US-based non-profit organization focused on internet privacy, freedom of expression and data protection.

That report, based on a joint forensic investigation with Citizen Lab, an academic research center in Canada, found evidence of Pegasus spyware on mobile devices. Some devices have been found to be infected multiple times.

However, the investigation could not identify which specific organizations or countries were responsible for planning the attack.

“Surveillance technologies and cyberapons weapons such as NSO Group’s Pegasus spyware are being used to target human rights defenders and journalists, intimidate and block them from their work, infiltrate their networks, and collect information to be used against other targets,” the report said.

“Targeted surveillance of people violates their right to privacy, freedom of expression, association and peaceful assembly. It also has a negative effect, forcing people to check themselves and stop their activism or journalistic work, because they fear reprisals.”

That depends on the laws of each country.

Article 41 of the Constitution of Serbia guarantees individual confidentiality of correspondence and other forms of communication to protect individual privacy. As in other countries, the retrieval of data from the devices is allowed under the Criminal Procedure Code of Serbia but subject to restrictions – as ordered by the court.

Amnesty International’s report said: “The Criminal Procedure Code of Serbia does not use the term ‘digital evidence’, but considers computer data that can be used as evidence in criminal proceedings as a document (“isprava”).

“Surveillance of communications, including digital data, can be obtained through common evidentiary measures, such as examining and searching mobile devices or other devices that store digital records. These actions are usually not secret and are carried out with the knowledge and presence of the suspect.”

The BIA and the police also have the right to monitor private communications to gather evidence for criminal investigations, but this type of surveillance is also governed by the Code of Criminal Procedure.

Because of the complexity of different countries’ laws, it can be difficult to prove whether data has been illegally released, experts say.

There is international precedent related to how spyware can be used. Article 17 of the International Covenant on Civil and Political Rights states:

  • No one shall be unlawfully or unlawfully interfered with in his private, family, home, or correspondence affairs, or unlawfully attacked in his honor and dignity.
  • Everyone has the right to be protected by the law from such interference or attack.

As of June, 174 countries, including Serbia, have ratified the treaty, making it one of the most widely accepted human rights treaties.

Who else has been targeted by spyware in recent years?

  • In October, 2023Amnesty International’s Security Lab has revealed that two prominent journalists were targeted on their iPhones by Pegasus spyware. The victims were Siddharth Varadarajan, founding editor of The Wire, and Anand Mangnale, South Asia editor for the Organized Crime and Corruption Report Project. It is not known who did this.
  • In 2022HRW reported that Lama Fakih, a senior staff member and director of HRW’s Beirut office, was repeatedly attacked by a cyberattack using the Pegasus spy in 2021. Pegasus allegedly accessed Fakih’s phone five times from April to August that year. Fakih, who oversees HRW’s crisis response in countries including Afghanistan, Ethiopia, Israel, Myanmar, the Palestinian territories, Syria and the US, was targeted for unknown reasons by an unknown group.
  • In 2020a joint investigation by human rights group Access Now, the University of Toronto’s Citizen Lab and independent researcher Nikolai Kvantaliani from Georgia found that journalists and activists from Russia, Belarus, Latvia and Israel and several living in exile in Europe were targeted. Pegasus spyware. The offensive began in 2020 and intensified after Russia’s full-scale invasion of Ukraine in 2022. Citizen Lab also identified a series of attacks on journalists and activists in El Salvador. It is not known who made these spies.
  • In 2018Jamal Khashoggi, a famous Saudi journalist, Washington Post columnist and staunch critic of the government of Saudi Arabia, was killed and dismembered inside the Saudi embassy in Istanbul, Turkey. Subsequent investigations revealed that the Pegasus spyware had been commissioned to monitor several people close to Khashoggi.

Source link

Photo of tamiah312 tamiah312 Send an email December 19, 2024
2 7 minutes read
Photo of tamiah312

tamiah312

Related Articles

Fruits like food choices with caveat, means the researcher: the value of the value, here

Fruits like food choices with caveat, means the researcher: the value of the value, here

4 days ago
US says Ukraine ‘is ready to move on’ to fire swift

US says Ukraine ‘is ready to move on’ to fire swift

4 days ago
Whippet called miuccia wins better in Show in Crufts

Whippet called miuccia wins better in Show in Crufts

5 days ago
3/9: CBS news on CBS weekend – CBS news

3/9: CBS news on CBS weekend – CBS news

5 days ago
Back to top button