Creating new perspectives since 2009

Israel firm's spyware used against Ethiopia dissidents

December 6, 2017 at 4:46 pm

Elbit Systems, Israeli surveillance software, 6 December 2017 [Tangopaso/Wikipedia]

Surveillance software from Israeli defence contractor Elbit Systems Ltd was used in an espionage campaign targeting Ethiopian dissidents living outside the East African nation, a Canadian research institute said today.

Citizen Lab, at the University of Toronto’s Munk School of Global Affairs, said it found evidence Ethiopian dissidents in Britain, the United States and other nations were targeted with emails seeking to infect their computers with surveillance tools that Elbit sells to law enforcement and intelligence agencies.

Citizen Lab, which helps human rights activists defend themselves against spy software, has previously reported on Israel malware being used against activists in the UAE.

An Elbit representative had no immediate comment on the group’s latest report. Ethiopian Communications Minister Negeri Lencho declined comment on the report.

Citizen Lab said the attacks, which began in 2016 and continued through this year, sought to infect computers of Ethiopian dissidents with the PC Surveillance System, or PSS, made by Elbit’s Cyberbit unit. The system can extract a wide variety of information from computers, including emails, passwords, audio conversations, and screenshots.

The campaign focused on individuals linked to Oromiya, Ethiopia’s largest region by size and population, which has been the subject of a crackdown by the national government since late 2015, according to Citizen Lab.

Read: BDS France disrupts Israel’s Elbit Systems exhibition at Paris Air Show

Tainted emails targeted individuals associated with the US-based Oromia Media Network and a Citizen Lab researcher, Bill Marczak, who has been corresponding by email with one of the targets whose Gmail account had been compromised, according to the report.

The emails included a link to a malicious website impersonating an Eritrean video portal, which asked targets to download an Adobe Flash software update bundled with Cyberbit’s spyware, according to Citizen Lab.

Researchers analysed logs on servers used to control the operation, which indicate its operators are inside Ethiopia and identified targets as Oromo activists along with Eritrean companies and government agencies, the report said.

Citizen Lab was unable to determine what data, if any, was obtained from individuals targeted in the operation, Marczak said.

Citizen Lab Director Ronald Diebert said in a letter to Cyberbit that the findings raised questions about the company’s human rights due-diligence practices and processes for preventing misuse of its software.

“Companies have an independent responsibility to respect human rights – to avoid causing or contributing to adverse human rights impacts, and to address such impacts when they occur,” Diebert said.