Tag Archive for: Dissidents

Hacking Capabilities of Iranian Dissidents Adds to Tehran’s Woes

/in


Just over a year ago, the Islamic Republic of Iran experienced one of its most serious cybersecurity breaches, resulting in the temporary inaccessibility of several government websites and the disruption of power grids, surveillance cameras, and other digital infrastructure. Contrary to what one might have expected, the attacks came not from any of Tehran’s foreign adversaries but rather from a group of anti-government hacktivists known collectively as Gyamsarnegouni, or “Uprising Until Overthrow.”

Cybersecurity researchers discerned the domestic origins of the hack mainly based upon the fact that the operation also saw the release of vast quantities of government documents detailing personnel and financial records, secret strategic communications by regime authorities The leak involved such a tremendous amount of data that it likely would have been impossible to access remotely from outside the Islamic Republic, partly because Iranian internet access is notably slow, with frequent outages, and partially because the systems targeted by the underlying hack were effectively cut off from the global internet.

Our research pointed out that that not only that individuals inside the Islamic Republic carried out the attacks but also that they almost certainly required the participation of figures inside the regime itself, who would have had direct access to the systems in question.

It would be difficult to overstate the damage these attacks have done to Iran’s ruling system by opposition hacktivists alongside finely-honed modern cyber espionage and digital sabotage tools. The damage should be evident from the scale and diversity of Iranian hacktivists’ achievements in recent years, especially in the immediate aftermath of the killing of Mahsa Amini by morality police in September 2022, which sparked an immediate, nationwide uprising that many have called the clerical regime’s greatest challenge in all of its 44 years.

An attack on the Islamic Republic of Iran Broadcasting penetrated highly secure networks, typically isolated from the internet, and allowed hackers to briefly broadcast opposition messaging on state media, including some of the uprising’s defining slogans, like…

Source…

It’s time for democracies to protect dissidents from spyware – TechCrunch

/in


Ali Al-Ahmed is the founder and director of the Institute for Gulf Affairs.

Matthew Hedges
Contributor

Dr. Matthew Hedges is a postdoctoral teaching assistant at the University of Exeter.

The TechCrunch Global Affairs Project examines the increasingly intertwined relationship between the tech sector and global politics.

Governments that purchase spyware tend to share a common pretext: the need to fight terrorist and other public safety threats. But we know that when autocratic regimes acquire state-of-the-art surveillance technology, they also intend to use it against activists, journalists, academics and any other dissenting voices they deem a threat. Spyware programs — used to infect phones and other hardware without the owner’s knowledge in order to track movements and steal information — are tools of repression just as surely as guns.

There have been too many well-documented cases to ignore this basic 21st century reality. Yet companies continue to sell their spyware to despotic governments, in some cases claiming ignorance about what is likely to happen next. This trend has rocked the community of political dissidents across the globe and has put them at greater risk of arrest and much worse.

We know because this technology has been used on us. As a naturalized American from Saudi Arabia and a British academic, we count ourselves and many colleagues among the victims.

Read more from the TechCrunch Global Affairs Project

One of us, Ali Al-Ahmed, saw the Saudi government steal his personal data from Twitter, then use it to track down, imprison and torture his Twitter followers.

The other one of us, Matthew Hedges, was a graduate student on a research trip to the United Arab Emirates when he discovered that authorities had hacked his phone even before he arrived in the country. He was arrested in 2018, charged with spying and initially sentenced to life in prison. Ultimately held for six months, he was kept in handcuffs and fed debilitating drugs.

Painful though these experiences continue to be for us, we are relatively safe living in the United States and Britain. But our experiences are all too common. They highlight the ongoing, systemic abuse that…

Source…

DOJ fines NSA hackers who assisted UAE in attacks on dissidents

/in


The Justice Department announced a controversial deal with three former US intelligence operatives that allows them to pay a fine after breaking multiple laws through their offensive hacking for the repressive government of the United Arab Emirates.



text: (Image: file photo)

© By Mark Van Scyoc — Shutterstock

(Image: file photo)


The DOJ said 49-year-old Marc Baier, 34-year-old Ryan Adams and 40-year-old Daniel Gericke “entered into a deferred prosecution agreement” that allows them to avoid prison sentences in exchange for paying $1,685,000 “to resolve a Department of Justice investigation regarding violations of US export control, computer fraud and access device fraud laws.”

The three were part of Project Raven, an effort by the UAE to spy on human rights activists, politicians and dissidents opposed to the government. The three even hacked into US companies, creating two exploits that were used to break into smartphones.

Both Reuters and The Intercept conducted an in-depth investigation into the work of Project Raven and a UAE cybersecurity firm named DarkMatter after members of the team raised concerns about the kind of hacking they were being asked to do by UAE officials. 

Despite the accusations listed in the court filing, the DOJ said Baier, Adams and Gericke — all former NSA employees or members of the US military — reached an agreement on September 7 to pay the fines in addition to other restrictions on their work. 

Loading...

Load Error

Baier will be forced to pay $750,000, Adams will pay $600,000, and Gericke will pay $335,000 over a three-year term. All three will also be forced to cooperate with the FBI and DOJ on other investigations and relinquish any foreign or US security clearances. 

They are also permanently banned from having future US security clearances and will be restricted from any jobs involving computer network exploitation, working for certain UAE organizations, exporting defense articles or providing defense services.

The DOJ said the three were senior managers at a UAE company from 2016 to 2019 and continued to hack for the UAE despite being told they were violating rules that say people need a license from the State Department’s Directorate of Defense Trade…

Source…

PRC Spying, Malware and Disinformation Campaigns Push Hong Kong Dissidents to Underground Communications Channels

/in


Following the anti-extradition protests that spanned from 2019 into 2020, the Chinese Communist Party has stepped up its digital actions against Hong Kong activists and dissidents. A new report from threat intelligence firm Intsights finds that aggressive disinformation campaigns and related measures have forced organizers to move to the digital underground, using encryption and the dark web to keep the PRC from observing and inserting itself into their communications.

Disinformation campaigns, mass surveillance drive “dark web” uptick in Hong Kong

Though the Hong Kong street protests have since dissipated, tensions have nevertheless remained high as the Chinese government has aggressively moved to control the flow of information in the region. It has also made mass arrests of protesters under charges such as “subverting state power.” The PRC has also been conducting blanket surveillance that sweeps up even those that are not politically involved, for example monitoring and censoring Zoom conferences organized by businesses and schools. The country’s national security laws require companies based in its territory to turn over any information requested by the government.

Dissidents have responded to disinformation campaigns and surveillance by moving their communications to encrypted messaging apps and dark web forums. However, the researchers warn that this opens up inexperienced navigators to a new realm of criminal threats; some paid services have sprung up to safely guide activists and dissidents to the clandestine meeting places and resources that they are seeking.

The dark web is best known for the sale of illicit goods, everything from credit card skimming equipment to illegal drugs. This is the world that novices must learn to navigate, generally without assistance (unless they pay for it). And when they do find homes for political discussion, they are not necessarily ideologically friendly. The report finds that the most popular Chinese-language discussion forums on the dark web actually tend to be pro-PRC. And the dark web is not free from the eyes of the government; posts from users indicate that Chinese espionage agents monitor at…

Source…