TITLE: Serbia: Authorities using spyware and Cellebrite forensic extraction tools to hack journalists and activists
https://www.amnesty.org/en/latest/news/2024/12/serbia-authorities-using-spyware-and-cellebrite-forensic-extraction-tools-to-hack-journalists-and-activists/
EXCERPTS: Serbian police and intelligence authorities are using advanced phone spyware alongside mobile phone forensic products to unlawfully target journalists, environmental activists and other individuals in a covert surveillance campaign, a new Amnesty International report has revealed.
The report, “A Digital Prison”: Surveillance and the Suppression of Civil Society in Serbia,” documents how mobile forensic products made by Israeli company Cellebrite are being used to extract data from mobile devices belonging to journalists and activists. It also reveals how the Serbian police and the Security Information Agency (Bezbedonosno-informativna Agencija – BIA) have used a bespoke Android spyware system, NoviSpy, to covertly infect individuals’ devices during periods of detention or police interviews.
“Our investigation reveals how Serbian authorities have deployed surveillance technology and digital repression tactics as instruments of wider state control and repression directed against civil society,” said Dinushika Dissanayake, Amnesty International’s Deputy Regional Director for Europe.
“It also highlights how Cellebrite mobile forensic products – used widely by police and intelligence services worldwide – can pose an enormous risk to those advocating for human rights, the environment and freedom of speech, when used outside of strict legal control and oversight.”
Cellebrite, a firm founded and headquartered in Israel but with offices globally, develops the Cellebrite UFED suite of products for law enforcement agencies and government entities. It enables the extraction of data from a wide range of mobile devices including some of the most recent Android devices and iPhone models, even without access to the device passcode.
While less technically advanced than highly-invasive commercial spyware like Pegasus, NoviSpy – a previously unknown Android spyware – still provides Serbian authorities with extensive surveillance capabilities once installed on a target’s device.
NoviSpy can capture sensitive personal data from a target phone and provide capabilities to turn on a phone’s microphone or camera remotely, while Cellebrite forensic tools are used to both unlock the phone prior to spyware infection and also allow the extraction of the data on a device.
Critically, Amnesty International uncovered forensic evidence showing how Serbian authorities used Cellebrite products to enable NoviSpy spyware infections of activists’ phones. In at least two cases, Cellebrite UFED exploits (software that takes advantage of a bug or vulnerability) were used to bypass Android device security mechanisms, allowing the authorities to covertly install the NoviSpy spyware during police interviews.
“This is an incredibly effective way to completely discourage communication between people. Anything that you say could be used against you, which is paralyzing at both personal and professional levels,” said Branko*, an activist who was targeted with Pegasus spyware.
The targeting has also resulted in self-censorship.
“We are all in the form of a digital prison, a digital gulag. We have an illusion of freedom, but in reality, we have no freedom at all. This has two effects: you either opt for self-censorship, which profoundly affects your ability to do work, or you choose to speak up regardless, in which case, you have to be ready to face the consequences,” said Goran*, an activist also targeted with Pegasus spyware.
Activist, Aleksandar* who was also targeted with Pegasus spyware, said: “My privacy was invaded, and this completely shattered my sense of personal security. It caused huge anxiety…I felt a sense of panic and became quite isolated.”
In a response to these findings, NSO Group, which developed Pegasus, could not confirm whether Serbia was its customer but stated that the Group “takes seriously its responsibility to respect human rights, and is strongly committed to avoiding causing, contributing to, or being directly linked to negative human rights impacts, and thoroughly review all credible allegations of misuse of NSO Group products.”
In response to our findings, Cellebrite said, “Our digital investigative software solutions do not install malware nor do they perform real-time surveillance consistent with spyware or any other type of offensive cyber activity.
“We appreciate Amnesty International highlighting the alleged misuse of our technology. We take all allegations seriously of a customer’s potential misuse of our technology in ways that would run counter to both explicit and implied conditions outlined in our end-user agreement. “
While this may be the intended use, Amnesty International’s research demonstrates how Cellebrite’s products can be misused to enable spyware deployment and the broad collection of data from mobile phones outside of justified criminal investigations, posing grave risks to human rights.
TITLE: Israeli Spyware Firm Paragon Sold to U.S., as Trump's Digital Arsenal Grows
https://www.haaretz.com/israel-news/security-aviation/2024-12-16/ty-article/.premium/israeli-spyware-firm-paragon-sold-to-u-s-as-trumps-digital-arsenal-grows/00000193-cd72-d450-a7b3-cffb9a180000
EXCERPTS: Paragon, the largest competitor to NSO and one of Israel's top offensive cyber companies, has been sold to an American investment firm for over half a billion dollars in a deal that symbolizes the start of a new era in Washington and Jerusalem's ties over commercial spyware.
Paragon was founded by former Prime Minister Ehud Barak and is led by the former commander of the elite military intelligence Unit 8200, Ehud Schneorson.
The company developed Graphite, an advanced spyware whose sale is highly regulated and can be sold only to state bodies. Among Paragon's clients: law enforcement and intelligence agencies in Israel, Europe, and the U.S. The firm's activities are overseen by Israel's Ministry of Defense, which greenlighted the deal.
As part of the sale to the American firm, Paragon will remain in Israel and continue its operations from here. The buyer, RED Lattice, is an American cybersecurity firm owned by AE Industrial Partners, which specializes in aviation, defense, and homeland security, working with U.S. security agencies.
Paragon already works with the DEA and with ICE, and is expected to expand its presence in the U.S. through the deal. An American unit of Paragon, focused on the American market, will be merged into the buyer, itself part of the software focused defense contractor AEI.
Two years ago, another U.S. defense conglomerate, L3Harris, attempted to acquire Israel's most famous spyware firm, NSO, which develops the infamous Pegasus spyware, sold to state clients, at Israel's encouragement, across the globe.
However, despite support from America's intelligence community, the 2022 deal to see NSO sold to the U.S. was blocked by Israel's Defense Ministry, which opposed the sale of the leading defense company to a foreign entity, and by the White House, which adopted a tough stance against the spyware industry, and NSO in particular.
The sale of Paragon has been approved by the relevant authorities in both Israel and the U.S., signaling what many in Israel see as a new phase in relations with Washington on offensive cybersecurity.
Paragon, like another company called Bindency, emerged after the Pegasus scandal, which revealed that NSO spyware sold with Israel's help to questionable clients in the Arab world and Africa was used it against regime opponents, journalists, and others.
The Biden administration decided to combat the misuse of commercial spyware, blacklisting NSO and Candiru and preventing them from selling to U.S. intelligence and law enforcement agencies, opening the door for companies like Paragon.
After four years of the U.S. leading the fight against offensive cyber activities, many in Israel believe that Trump's re-election will reverse this policy.
The U.S. offensive cyber arms industry has been growing, some say at the expense of Israel's, which is still recovering from the Biden administration's policies and the war.
This crisis with the U.S. over spyware led Israel to dramatically increase restrictions on the field and limit the number of countries it allows to buy spyware, resulting in the closure of several companies in the field.
Despite sanctioning Israeli firms like NSO, Candiru, and Intellexa, the U.S. has developed and acquired similar capabilities, often with Israeli firms' assistance.
TITLE: World of Warcraft: There is a new arms race driven by AI, surveillance, drones & robots
www.bozemandailychronicle.com/news/world-of-warcraft-there-is-a-new-arms-race-driven-by-ai-surveillance-drones-robots/article_fd8d5f26-e360-5b0a-ba93-da40f444260f.html
EXCERPTS: The U.S. isn’t alone, with militaries in countries such as Israel and China coupling AI with surveillance.
China’s Skynet system (which shares the name of the mythical high-tech military system in The Terminator movies) has a network of 600 million security surveillance cameras that is tied to a social credit system that rewards behaviors deemed “good” and sanctions those with undesirable behaviors, including government opposition.
Skynet and its Orwellian social credit system have increasingly been linked to AI.
In the U.S., surveillance — including facial recognition technology — is being rolled out at airports by the U.S. Department of Homeland Security and is used by police agencies.
That creates privacy and “Big Brother” worries.
A cadre of U.S. senators – including Democrats Jeff Merkley and Ron Wyden of Oregon and Republicans such as Steve Daines of Montana and Cynthia Lummis of Wyoming — have voiced concerns about the use of facial recognition technology at airports.
A U.S. Transportation Security Administration spokesperson said the security checkpoint face scans are voluntary and images are not retained except for quality control checks.
Arunkumar Thirunagalingam, senior manager for data and technology operations at McKesson Corp., expects to see more surveillance technology deployed worldwide for various purposes, including “to monitor and control populations.”
He sees growth avenues in the U.S.
"Concerns about national security and crime prevention could lead to expanded use, especially in critical areas like border control, public spaces, and cybersecurity,” Thirunagalingam said.
Yashin Manraj, CEO of Oregon-based Pvotal Technologies. said governmental and military players along with private companies are all part of ever-growing data collection and global sales of that information for various purposes.
"We have access to so much data. They are just a credit card away," he said.