10/07/2021 2 articles washingtonpost.com  8min 🇬🇧 #191971

The Cybersecurity 202: Group maps alleged victims of Nso Group surveillance tool

Researchers built a platform to track the proliferation of a surveillance tool made by NSO Group. It is partially designed to be used as evidence in legal cases.

For years, activists, journalists and opposition figures around the world have decried the Israeli firm NSO Group for allegedly enabling the hacking of their phones. A  new platform developed by Forensic Architecture, a research group based at Goldsmiths, University of London that specializes in open-source investigations of human rights issues, aims to up the pressure on the firm.

The platform was built in partnership with Amnesty International and the Citizen Lab at the University of Toronto. To create its data set, Forensic Architecture scoured news reports, legal documents and reports by researchers from Amnesty and the Citizen Lab. It also conducted interviews with more than a dozen lawyers, researchers and alleged targets of NSO's Pegasus surveillance tool, which researchers  say has been deployed in dozens of countries worldwide.

The group also mapped the cyberattacks in what it is calling "the most comprehensive database to date" on reported Pegasus infections.

"The problem with digital violence is that it's hard to see," Forensic Architecture Director Eyal Weizman told The Cybersecurity 202. "We hope [the project] gives an image to what has happened."

"These are cyber weapons," Weizman said. "Things happen to you in the physical world at the time that you're infected in a digital space."

NSO dismissed the project in a statement.

"These are recycled claims, filled with inaccuracies and half-truths," a company spokesperson said, touting its  human rights policy. The company "investigates all credible claims of misuse, and takes appropriate action based on the results of its investigations. This includes shutting down a customer's system - a step NSO has taken several times in the past, and will not hesitate to take again if a situation warrants," the spokesperson said.

The spokesperson also noted that the company has notched legal victories, including one over Amnesty International in  Israel, and said the firm can neither confirm nor deny its government customers' identities for contractual and national security reasons.

The spokesperson also touted the company's release last week of its first "transparency and responsibility  report," which it called a "historic first-foray" into the conversation about surveillance companies and the interplay between security and human rights.

In interviews by Forensic Architecture and Oscar-winning director Laura Poitras, reported Pegasus targets describe how they discovered being under surveillance and how the infections impacted their lives.

"Things like hacking have long-term consequences that we don't always see in the beginning," said lawyer Mazen Masri, who has sued NSO Group on behalf of activists who say they were infected by Pegasus, and is interviewed in one of the videos.

One of those consequences is a sense of isolation, according to Weizman.

The project brought together a "very interesting coalition of very, very different practitioners," according to Weizman. Indeed, the videos have a high-profile narrator: Edward Snowden, the former National Security Agency contractor best known for  leaking top-secret government documents in 2013. The group also collaborated with Poitras, who created a film about the platform, and musician Brian Eno, who translated the data set into sound.

The collaborations with Eno, Poitras and Snowden go deeper than that, however. They fundamentally shaped how Forensic Architecture approached the project, Weizman said.

"I think the investigation of not just the NSO Group, but this sector and this technology, is the most important unwritten story in media today," Snowden said at a launch event for the project at the Haus der Kulturen der Welt, a Berlin cultural center.

The project aims to increase pressure on NSO Group in multiple arenas including courtrooms, where Forensic Architecture aims to use the work "as evidence in legal processes," showing the "systemic nature of the problem."

It's also designed to inform NSO's investors that they're investing in tools Forensic Architecture says have crossed the line into cyber weapons, and that they should reconsider those investments. Forensic Architecture also wanted to open the debate over cyber human rights violations to the public and turn the art sphere into a place for accountability, Weizman said.

Meanwhile, NSO isn't staying silent in Washington.

The company last week hired law firm Pillsbury Winthrop Shaw Pittman to advise it on "business development opportunities and strategies to educate potential business and government partners about NSO's state-of-the-art technologies, including legal advice on U.S. government procurement regulations and corporate compliance policies," according to a filing submitted to the Justice Department.

The law firm, which will be paid $450,000 by the company over the next six months, will also "provide assistance with education of government officials about NSO's technology," according to the filing. Pillsbury did not respond to a request for comment on the contract.

NSO is "delighted" to be working with the firm, a company spokesperson said. "We hope, through this partnership, to further enhance the company's activities and efforts to keep the world a safer place through use of our technologies."

The keys

Hackers say they locked more than 1 million devices in a ransomware attack on IT company Kaseya.

Russian-language hacking group REvil, which claimed responsibility for the cyberattack on Kaseya, demanded a $70 million ransom in exchange for a key to unlock the systems, Rachel Lerman and Gerrit De Vynck  report. President Biden said he directed "the full resources of the government to assist in the response." On Saturday, President Biden said that the initial thinking was that the Russian government was not involved, but that the U.S. government was still looking into it.

REvil was also responsible for a June  ransomware attack on JBS, the world's largest meat supplier. The company later  confirmed that it paid the group $11 million in ransom.

Just 50 to 60 of Kaseya's customers were compromised, chief executive Fred Voccola  told the Associated Press's Frank Bajak. But 70 percent were service providers who manage other customers, leading Voccola to estimate the number of victims in the low thousands.

Trump allies pressed Maricopa County officials to stop counting election ballots.

Forensic Architecture conducted interviews with more than a dozen lawyers, researchers and reported Pegasus targets (Forensic Architecture)

Arizona GOP Chair Kelli Ward told the Maricopa County Board's chairman at the time, Clint Hickman, that "we need you to stop the counting" in the days after the 2020 election, 12 News KPNX's Brahm Resnik  reports. Ward also sent baseless claims about election machines to Maricopa Supervisor Bill Gates and scolded the board for "throwing in the towel."

The board unanimously  certified the Maricopa County vote on Nov. 20.

The messages and recordings were first obtained by the Arizona Republic through a public records request. Ward responded on Twitter:

Trump lawyer Rudy Giuliani called the four Republican members of the five-member board as Republican lawmakers from Arizona called for election results to be thrown out. Only one member of the board followed up with Giuliani, according to the Arizona Republic.

The state's Republican-controlled Senate authorized a partisan audit of Maricopa County's election results, which began in April. The review has  prompted security concerns. The county says it will replace the voting equipment that was reviewed over fears the security of the machines was compromised.

China's cyberspace regulator ordered ride-share giant Didi to be removed from Chinese app stores.

Arizona Republican Party Chair Kelli Ward told Maricopa County officials to stop counting ballots, according to messages and recordings obtained through public records requests. (Ross D. Franklin/AP)

Regulators said Didi Chuxing "illegally collected and used users' personal information" in a "grave violation of law and regulation," Lyric Li and Pei Lin Wu  report. The company, which said it would continue to operate in China but without new users, said it expects the app takedown to "have an adverse impact on its revenue in China."

The state-owned Global Times cheered the ban. "We still do not know how Didi Chuxing illegally collected users' personal information," the newspaper said in an editorial. "The state will never allow tech giants to collect more detailed personal information in their mega-databases than the state has of the Chinese people."

 washingtonpost.com

Articles enfants
3 articles 18/07/2021 theguardian.com  7min 🇬🇧 #192347

 The Cybersecurity 202: Group maps alleged victims of Nso Group surveillance tool

Revealed: leak uncovers global abuse of cybersurveillance weapon

Spyware sold to authoritarian regimes used to target activists, politicians and journalists, data suggests

Stephanie Kirchgaessner, Paul Lewis, David Pegg and Sam Cutler
Sun 18 Jul 2021 17.00 BST

Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.