Economic and development analysis: Perspectives on economics, society, development, freedom & social justice. Leading issues in Oromo, Oromia, Africa & world affairs. Oromo News. African News. world News. Views. Formerly Oromia Quarterly
A first-of-its kind lawsuit that resumes in a U.S. District Court on Tuesday has drawn attention to the private surveillance-technology industry as a potential enabler of spying on Americans. The case involves a U.S. citizen who alleges that “clandestine computer programs” assumed “what amounts to complete control” over his personal computer and relayed copies of his electronic activity — including Skype calls, Internet searches and emails — to the Ethiopian government.
Kidane — the pseudonym under which the complainant is known in the case to protect his family from retribution — says his computer was monitored by spyware placed on his computer while he was living in the United States. He is an Ethiopian-born naturalized U.S. citizen who sought asylum in the U.S., where he has lived for more than two decades. His case is being closely watched by activists and civil liberties campaigners because of its potential implications for domestic cybersurveillance by security agencies such as the National Security Agency (NSA).
A victory for Kidane “would be a clear statement from a U.S court to say that wiretapping without court authorization is illegal, no matter who does it. And yes, absolutely that would have implications for the NSA,” said his legal counsel, Nate Cardozo, a staff attorney at the Electronic Frontier Foundation.
“We know that the NSA engages in full content wiretapping … without a court order authorizing it,” he added. “That conduct is simply illegal, and I think a U.S. court order holding Ethiopia responsible for doing the same thing but on a much smaller scale here hopefully would at least raise some eyebrows at the NSA.”
The suit alleges that FinSpy, an intrusion and surveillance program, was transmitted by a Microsoft Word document attachment sent to Kidane’s computer via email by or on behalf of the Ethiopian government. It began targeting Kidane’s machine in late October 2012.
Ethiopia was accused of deploying FinSpy in a March 2013 report by Citizen Lab, an organization that studies surveillance, on the basis of the IP address from which the software was transmitted. The attack on Kidane’s computer was found to have originated from the same server. Days after the Citizen Lab report appeared, the Ethiopian government tried to shut down FinSpy on Kidane’s computer, Cardozo alleged. However, there was a malfunction, and traces of the software remained on his client’s machine.
“We caught the Ethiopian government red-handed,” Cardozo said.
Kidane is seeking damages and an acknowledgment from the Ethiopian government that it acted outside the law. Ethiopia has stated in court documents that “computer addresses can be and are easily [faked],” but it has not denied the allegations. It has argued that because it is a foreign sovereign power, a U.S. court lacks jurisdiction to hear the case.
It is designed to evade detection and can bypass 40 anti-virus systems, according to the leaked company files.
The spyware tool is a part of the FinFisher product suite formerly under the umbrella of the U.K.-based Gamma Group, which, according to its website, provides “advanced technical surveillance, monitoring solutions and advanced government training.”
The FinFisher company, based in Munich, maintains that the products are sold to “government agencies only” and that the spyware is designed to target individuals and is not to intended for mass surveillance.
But the British government has criticized the group.Gamma lacks “due diligence processes that would protect against abusive use of its products,” according a U.K. government report.
Gamma does not say to which countries it has sent products, and it did not respond to an Al Jazeera query.
Even if the manufacturer’s intent is that FinSpy be used lawfully, human rights groups say the technology has been used to facilitate abuses. FinFisher command and control servers are said to be active in some three dozen countries, including Brunei, Nigeria, Pakistan, Qatar, Romania, Turkey, Turkmenistan and the United Arab Emirates, according to 2013 report by Citizen Lab.
Bahraini authorities have been accused of using it to target three Bahraini activists who have been granted asylum in the United Kingdom. And the Lahore High Court is set to hear a case about the use of the spyware in Pakistan. The suit alleges that the government indiscriminately spied on its citizens with the help of the FinFisher technology.
But laws in many other countries governing the use of surveillance have not kept up with its rapid development and global reach.“The lawful interception of communications must be performed with proper legal authorization, but what this authorization looks like varies across jurisdictions,”said Privacy International.
“Often, laws are vague and broadly interpreted, courts authorize and review surveillance in secret, and individuals are monitored surreptitiously and are not notified that they were placed under surveillance,” the group said.
Hacking Team boss: we sold to Ethiopia but ‘we’re the good guys’
Attack that revealed data exposing deals with dictatorships was on a ‘governmental level’ and ‘planned for months’, says David Vincenzetti in first statement
Hacking Team founder speaks out about attacks that revealed company deals with dictatorships. Photograph: LJSphotography / Alamy/Alamy
The founder of cybersecurity firm Hacking Team has finally spoken out over the attack that saw 400GB of its data dumped on the internet, insisting: “We’re the good guys”.
David Vincenzetti, 47, founder of the Milan-based company, told Italian newspaper La Stampa that the cyber attack – which saw the code for companies hacking tools and its email archive published online – was not enabled by poor security or weak passwords and that it could have only been an organisation “at the governmental level”.
Vincenzetti said: “This is not an impromptu initiative: the attack was planned for months, with significant resources, the extraction of data took a long time.” But he did not explain how Hacking Team apparently failed to notice the attack while it was taking place.
In response to concerns that Hacking Team supplied tools to repressive states which could be used to hack into and spy on almost anyone, Vincenzetti said: “We did [sell tools to Libya] when suddenly it seemed that the Libyans had become our best friends.” He also admitted providing tools to Egypt, Ethiopia, Morocco and Sudan, as exposed by the company’s email archive, though denied dealing with Syria.
But Vincenzetti said: “The geopolitical changes rapidly, and sometimes situations evolve. But we do not trade in weapons, we do not sell guns that can be used for years.” He said that without regular updates its tools are rapidly blocked by cyber security countermeasures.
In the case of the Ethiopian government, which used Hacking Team tools to spy on journalists and activists, Vincenzetti said: “We’re the good guys … when we heard that Galileo had been used to spy on a journalist in opposition of the government, we asked about this, and finally decided to stop supplying them in 2014.”
Meanwhile, the impact of the Hacking Team data dump continues to affect wider cubersecurity. A further two vulnerabilities within Adobe’s Flash plugin have been exposed and are actively being exploited as a result of the attack, Adobe has confirmed.
SALTED HASH-TOP SECURITY NEWS: Hacking Team hacked, attackers claim 400GB in dumped data: An email from a person linked to several domains allegedly tied to the Meles Zenawi Foundation (MZF), Ethiopia’s Prime Minister until his death in 2012, was published as part of the cache of files taken from Hacking Team
Documents obtained by hackers from the Italian spyware manufacturer Hacking Team confirm that the company sells its powerful surveillance technology to countries with dubious human rights records.
Internal emails and financial records show that in the past five years, Hacking Team’s Remote Control System software — which can infect a target’s computer or phone from afar and steal files, read emails, take photos and record conversations — has been sold to government agencies in Ethiopia, Bahrain, Egypt, Kazakhstan, Morocco, Russia, Saudi Arabia, South Sudan, Azerbaijan and Turkey. An in-depth analysis of those documents byThe Intercept shows Hacking Team’s leadership was, at turns, dismissive of concerns over human rights and privacy; exasperated at the bumbling and technical deficiency of some of its more controversial clients; and explicitly concerned about losing revenue if cut off from such clients.
An email from a person linked to several domains allegedly tied to the Meles Zenawi Foundation (MZF), Ethiopia’s Prime Minister until his death in 2012, was published Sunday evening as part of the cache of files taken from Hacking Team.
In the email, Biniam Tewolde offers his thanks to Hacking Team for their help in getting a high value target.
Around the time the email was sent, which was eight months after the Prime Minister’s death, Tewolde had registered eight different MZF related domains. Given the context of the email and the sudden appearance (and disappearance) of the domains, it’s possible all of them were part of a Phishing campaign to access the target. Who the high value target is, remains unknown.
An invoice leaked with the Hacking Team cache shows that Ethiopia paid $1,000,000 Birr (ETB) for Hacking Team’s Remote Control System, professional services, and communications equipment.
Meeshaalee fi tajaajili dhaabbanni kun Mootummotaa fi dhaabbiilee basaasaaf kennu dhimmoota dhuunfaa dhaabbiilee qoratootaa fi Miidiyaalee keessa seenuun miidhaa geesisaa jira.
Dhaabbanni Reporters Without Borders kaampaanii basaasaa Hacking Team kana toora kaampaanota diina Interneetii ittiin jedhe galmeessee bubbuleera.
Dhaabbanni nama hatuu ofii isaatiin nan hatama jedhee yaadee hin beeku kan jedhe gabaasichi,akka ragaa amma argame kanaan faayiloota ,Imeelota dokumantoota adda addaa argatan ifa gochaa jiru.
Akka gabaasa Human Rights Watch tti Dhaabbanni Hacking Team Mootummaan Sudan yuuroo kuma 400 fi kuma 80 dhaabbata kanaaf kennuu isaa kanaan dura kan haale oggaa ta’u, amma garuu ragaa kanaan ifattii saaxilameera.
Dhaabbanni Mootummota Gamtoomanii tibba sana Mootummaan Sudaan dhimma kana akka qulqulleessuuf xalayaan kan gaafate yemmuu ta’u, gocha sana hin raawwannee jechuun Sudaan haaltee turuun ishee ni yaadatama.
Daabbanni Mirga dhala namaaf falmu Human Rights Watch Bitootessaa bara 2015 ibsa baaseen,Mootummaan Itoophiyaa meeshaale basaasa spyware jedhaman biyya alaatii galchuun yaada walabaa lammiilee isaa ukkamsaa jira.
One day they arrested me and they showed me everything. They showed me a list of all my phone calls and they played a conversation I had with my brother. They arrested me because we talked about politics on the phone. It was the first phone I ever owned, and I thought I could finally talk freely. — Former member of an Oromo opposition party, now a refugee in Kenya, May 2013
The vast majority of the cases documented by Human Rights Watch involving access to phone recordings involved Oromo defendants organizing Oromos in cultural associations, student associations, and trade unions. No credible evidence was presented that would appear to justify their arrest and detention or the accessing of their private phone records. These interrogations took place not only in Addis Ababa, but in numerous police stations and detention centers throughout Oromia and elsewhere in Ethiopia. As described in other publications, the government has gone to great lengths to prevent Oromos and other ethnicities from organizing groups and associations.123 While the increasing usefulness of the mobile phone to mobilize large groups of people quickly provides opportunities for young people, in particular, to form their own networks, Ethiopia’s monopoly and control over this technology provides Ethiopia with another tool to suppress the formation of these organizations and restrict freedoms of association and peaceful assembly. Human Rights Watch interviews revealed that interrogations seem to follow a similar pattern in which individuals are repeatedly told that security “is monitoring everything” and they should confess to various charges. If confessions are not forthcoming, security officials reveal knowledge of individual phone calls. If a confession or information is not revealed then an entire list of phone calls is produced or an individual phone call is played. At this stage, if no confession or information is obtained, prolonged detention takes place. As is often the case in Ethiopia, arbitrary detention without formal charges is common. In the cases Human Rights Watch has documented, mistreatment in detention at this stage frequently occurs. THEY KNOW EVERYTHING WE DO
(Human Rights Watch, New York) – The Ethiopian government has renewed efforts to silence independent voices abroad by using apparent foreign spyware, Human Rights Watch said today. The Ethiopian authorities should immediately cease digital attacks on journalists, while foreign surveillance technology sellers should investigate alleged abuses linked to their products.
Independent researchers at the Toronto-based research center Citizen Lab on March 9, 2015, reported new attempts by Ethiopia to hack into computers and accounts of Ethiopian Satellite Television (ESAT) employees based in the United States. The attacks bear similarities to earlier attempts to target Ethiopian journalists outside Ethiopia dating back to December 2013. ESAT is an independent, diaspora-run television and radio station.
“Ethiopia’s government has over the past year intensified its assault on media freedom by systematically trying to silence journalists,” saidCynthia Wong, senior Internet researcher at Human Rights Watch. “These digital attacks threaten journalists’ ability to protect the safety of their sources and to avoid retaliation.”
The government has repressed independent media in Ethiopia ahead of the general elections scheduled for May, Human Rights Watch said. Many privately owned print publications heavily self-censor coverage of politically sensitive issues or have shut down. In the last year, at least 22 journalists, bloggers, and publishers have been criminally charged, at least six publications have closed amid a campaign of harassment, and many journalists have fled the country.
Many Ethiopians turn to ESAT and other foreign stations to obtain news and analysis that is independent of the ruling Ethiopian People’s Revolutionary Democratic Front. However, intrusive surveillance of these news organizations undermines their ability to protect sources and further restricts the media environment ahead of the elections. Government authorities have repeatedly intimidated, harassed, and arbitrarily detained sources providing information to ESAT and other foreign stations.
Citizen Lab’s analysis suggests the attacks were carried out with spyware called Remote Control System (RCS) sold by the Italian firm Hacking Team, which sells surveillance and hacking technology. This spyware was allegedly used in previous attempts to infect computers of ESAT employees in December 2013. If successfully installed on a target’s computer, the spyware would allow a government controlling the software access to activity on a computer or phone, including email, files, passwords typed into the device, contact lists, and audio and video from the device’s microphone and camera.
Citizen Lab also found that the spyware used in the attacks against ESAT appeared to have been updated as recently as December 2014. On November 19, a security researcher, Claudio Guarnieri, along with several nongovernmental organizations, publicly released a tool called Detekt, which can be used to scan computers for Hacking Team RCS and other spyware. Citizen Lab’s testing determined that Detekt was able to successfully recognize the version of RCS used in a November attack, but not the version used in a December attack. Citizen Lab concluded that this may indicate that the software had been updated sometime between the two attempts.
These new findings, if accurate, raise serious concerns that Hacking Team has not addressed evidence of abuseof its product by the Ethiopian government and may be continuing to facilitate that abuse through updates or other support, Human Rights Watch said.
Hacking Team states that it sells exclusively to governments, particularly law enforcement and intelligence agencies. The firm told Human Rights Watch in 2014 that “we expect our clients to behave responsibly and within the law as it applies to them” and that the firm will suspend support for its technology if it believes the customer has used it “to facilitate gross human rights abuses” or “who refuse to agree to or comply with provisions in [the company’s] contracts that describe intended use of HT [Hacking Team] software.” Hacking Team has also stated that it has suspended support for their product in the past, in which case the “product soon becomes useless.”
Media reports and research by independent human rights organizations in the past year have documented serious human rights violations by the Ethiopian government that at times have been facilitated by misuse of surveillance powers. Although spyware companies market their products as “lawful intercept” solutions used to fight serious crime or counterterrorism, the Ethiopian government has abused its counterterrorism laws to prosecute bloggers and journalists who merely report on public affairs or politically sensitive issues. Ethiopian laws that authorize surveillance do not adequately protect the right to privacy, due process, and other basic rights, and are inconsistent with international human rights requirements.
Hacking Team previously told Human Rights Watch that “to maintain their confidentiality” the firm does not “confirm or deny the existence of any individual customer or their country location.” On February 25, 2015, Human Rights Watch wrote to the firm to ask whether it has investigated possible abuse of its products by the Ethiopian government to target independent media and hack into ESAT computers. In response, on March 6 a representative of the firm emailed Human Rights Watch that the company “take[s] precautions with every client to assure that they do not abuse our systems, and, we investigate when allegations of misuse arise” and that the firm is “attempting to understand the circumstances in this case.” The company also stated that “it can be quite difficult to get to actual facts particularly since we do not operate surveillance systems in the field for our clients.” Hacking Team raised unspecified questions about the evidence presented to identify the spyware used in these attacks.
Human Rights Watch also asked the company whether contractual provisions to which governmental customers agree address governments’ obligations under international human rights law to protect the right to privacy, freedom of expression, and other human rights. In a separate March 7 response from the firm’s representative, Hacking Team told Human Rights Watch that the use of its technology is “governed by the laws of the countries of our clients,” and sales of its technology are regulated by the Italian Economics Ministry under the Wassenaar Arrangement, a multilateral export controls regime for dual-use technologies. The company stated that it relies “on the International community to enforce its standards for human rights protection.”
The firm has not reported on what, if any, investigation was undertaken in response to the March 2014 Human Rights Watch report discussing how spyware that appeared to be Hacking Team’s RCS was used to target ESAT employees in 2013. In its March 7 response, the company told Human Rights Watch that it will “take appropriate action depending on what we can determine,” but they “do not report the results of our investigation to the press or other groups, because we consider this to be an internal business matter.”
Without more disclosure of how Hacking Team has addressed potential abuses linked to its business, the strength of its human rights policy will be in question, Human Rights Watch said.
Sellers of surveillance systems have a responsibility to respect human rights, which includes preventing, mitigating, and addressing abuses linked to its business operations, regardless of whether government customers adequately protect rights.
“Hacking Team should publicly disclose what steps it has taken to avoid abuses of its product such as those alleged against the Ethiopian government,” Wong said. “The company protects the confidentiality of its customers, yet the Ethiopian government appears to use its spyware to compromise the privacy and security of journalists and their sources.”
OromianEconomist 
You must be logged in to post a comment.