This week, Morgan Marquis-Boire and Bill Marczak of the University of Toronto's Citizen Lab provided a disturbing look into the likely use of a commercial surveillance program, FinFisher, to remotely invade and control the computers of Bahraini activists. After the software installs itself onto unsuspecting users' computer, it can record and relay emails, screenshots, and Skype audio conversations. It was deployed against Bahraini users after being concealed in seemingly innocent emails. In one example decoded by Marquis-Bore's team, the message was crafted to appear to be from Melissa Chan, a journalist working for Al-Jazeera English. The attackers were using Chan's reputation as a journalist to trick their victims into opening the document. Chan now works for Al-Jazeera in Jerusalem, but when she was a correspondent in China she was the target of email attacks herself. In an attempt to take control of her real Gmail address, a message was sent to her from someone implying they were connected to China's "Jasmine revolution." The independent Bahraini newspaper Al-Wasat said it has been targeted with fake messages from sources as well--not to deliver malware, but to trick it into running false stories the government then used to try to discredit the paper. Fake email sources are relatively easy to imitate. The "From" address used in the Bahraini attack was not Chan's own email address, but a throwaway Gmail account that looked like an address ("melissa.aljazeera@gmail.com") Chan might conceivably use. Broad caution with unknown correspondents is a defense: If you don't download attachments and don't click on links in strange emails, you aren't vulnerable to the hacking attacks these emails are designed to allow. When I spoke to Chan about the attacks in her name, she noted that "many people do not look at the email address, but just the 'Last Name, First Name.' ... There were one or two times when I wasn't sure about the sender and I wrote back asking them to identify themselves in a way I'd know was definitely him/her." That's a good technique, but it's even better if you can use an alternative medium for your fact-checking. Use a phone call or instant messaging to confirm a message before opening any attachment. If an attacker has already used malware to take control of another users' computer, they may have access to private information. They can also act as a "man in the middle" online, relaying email questions and answers between two unsuspecting correspondents--but able to spy or add their own fabrications. A live phone call is harder to fake. In terms of sophistication, it's hard to know what to think of the Bahraini espionage revealed by Citizen Lab. In some ways, the masquerade was clumsy--but, then, if it had been more convincing, it may have gone unnoticed. We only see the results of unsuccessful espionage. Still, even that is enough to see the damage being caused to the reputations of journalists and the safety of their communications. Security services faking messages from real journalists in order to spy on activists is a grave danger to press freedom. Citizen Lab's analysis demonstrates that spyware supposedly made for law enforcement purposes by the UK company Gamma International is now being used in ways that no democratic society can tolerate. Gamma should immediately reveal whether they have been selling this technology to the Bahraini authorities and what it intends to do to prevent abuses from recurring. CPJ
GMT 11:44 2018 Wednesday ,10 October
Palestinian sentenced to 10 months in prison over Facebook postsGMT 15:17 2018 Wednesday ,03 October
Twitter allows publishers to monetise video views globallyGMT 19:45 2018 Sunday ,16 September
WhatsApp calls unblocked in UAE? TRA respondsGMT 14:17 2018 Thursday ,06 September
Gazprom-Media and Yandex discussing amicable agreementGMT 12:04 2018 Wednesday ,05 September
Kremlin: watchdog’s claims against Google do not mean crisisGMT 08:13 2018 Tuesday ,23 January
Facebook acknowledges social media's risks to democracyGMT 08:47 2018 Sunday ,21 January
Twitter says Russia-linked accounts more widespreadGMT 09:47 2018 Saturday ,20 January
Amazon boosts Prime fees for US monthly subscribersMaintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©
Maintained and developed by Arabs Today Group SAL.
All rights reserved to Arab Today Media Group 2021 ©
Send your comments
Your comment as a visitor