(BOSTON) — An investigation by a global media consortium based on leaked targeting data provides further evidence that military-grade malware from Israel-based NSO Group, the world’s most infamous hacker-for-hire outfit, is being used to spy on journalists, human rights activists and political dissidents.
From a list of more than 50,000 cellphone numbers obtained by the Paris-based journalism nonprofit Forbidden Stories and the human rights group Amnesty International and shared with 16 news organizations, journalists were able to identify more than 1,000 individuals in 50 countries who were allegedly selected by NSO clients for potential surveillance.
They include 189 journalists, more than 600 politicians and government officials, at least 65 business executives, 85 human rights activists and several heads of state, according to The Washington Post, a consortium member. The journalists work for organizations including The Associated Press, Reuters, CNN, The Wall Street Journal, Le Monde and The Financial Times.
Amnesty also reported that its forensic researchers had determined that NSO Group’s flagship Pegasus spyware was successfully installed on the phone of Post journalist Jamal Khashoggi’s fiancee, Hatice Cengiz, just four days after he was killed in the Saudi Consulate in Istanbul in 2018. The company had previously been implicated in other spying on Khashoggi.
NSO Group denied in an emailed response to AP questions that it has ever maintained “a list of potential, past or existing targets” and said it has no visibility into its customers’ data. In a separate statement, it called the Forbidden Stories report “full of wrong assumptions and uncorroborated theories.”
The company reiterated its claim that it only sells to “vetted government agencies” for use against terrorists and major criminals. Critics call those claims dishonest and say repeated abuse of Pegasus spyware highlights the nearly complete lack of regulation of the private global surveillance industry.
The source of the leak—and how it was authenticated—was not disclosed. While a phone number’s presence in the data does not mean an attempt was made to hack a device, the consortium said it believed the data indicated potential targets of NSO’s government clients. The Post said it identified 37 hacked smartphones on the list. The Guardian, another consortium member, reported that Amnesty had found traces of Pegasus infections on the cellphones of 15 journalist s who let their phones be examined after discovering their number was in the leaked data.
The most numbers on the list, 15,000, were for Mexican phones, with a large share in the Middle East. NSO Group’s spyware has been implicated in targeted surveillance chiefly in the Middle East and Mexico. Saudi Arabia is reported to be among NSO clients. Also on the lists were phones in countries including France, Hungary, India, Azerbaijan, Kazakhstan and Pakistan.
“The number of journalists identified as targets vividly illustrates how Pegasus is used as a tool to intimidate critical media. It is about controlling public narrative, resisting scrutiny, and suppressing any dissenting voice,” Amnesty quoted its secretary-general, Agnes Callamard, as saying.
AP’s director of media relations, Lauren Easton, said the company is “deeply troubled to learn that two AP journalists, along with journalists from many news organizations” are on the list of the 1,000 potential targets for Pegasus infection. She said the AP was investigating to try to determine if its two staffers’ devices were compromised by the spyware.
The consortium’s findings build on extensive work by cybersecurity researchers, primarily from the University of Toronto-based watchdog Citizen Lab. NSO targets identified by researchers beginning in 2016 include dozens of Al-Jazeera journalists and executives, New York Times Beirut bureau chief Ben Hubbard, Moroccan journalist and activist Omar Radi and prominent Mexican anti-corruption reporter Carmen Aristegui. Her phone number was on the list, the Post reported. The Times said Hubbard and its former Mexico City bureau chief, Azam Ahmed, were on the list.
Two Hungarian investigative journalists, Andras Szabo and Szabolcs Panyi, were among journalists on the list whose phones were successfully infected with Pegasus, the Guardian reported.
Among more than two dozen previously documented Mexican targets are proponents of a soda tax, opposition politicians, human rights activists investigating a mass disappearance and the widow of a slain journalist. In the Middle East, the victims have mostly been journalists and dissidents, allegedly targeted by the Saudi and United Arab Emirates governments.
The consortium’s “Pegasus Project” reporting bolsters accusations that not just autocratic regimes but democratic governments, including India and Mexico, have used NSO Group’s Pegasus spyware for political ends. Its members, who include Le Monde and Sueddeutsche Zeitung of Germany, are promising a series of stories based on the leak.
Pegasus infiltrates phones to vacuum up personal and location data and surreptitiously control the smartphone’s microphones and cameras. In the case of journalists, that lets hackers spy on reporters’ communications with sources.
The program is designed to bypass detection and mask its activity. NSO Group’s methods to infect its victims have grown so sophisticated that researchers say it can now do so without any user interaction, the so-called “zero-click’ option.
In 2019, WhatsApp and its parent company Facebook sued NSO Group in U.S. federal court in San Francisco, accusing it of exploiting a flaw in the popular encrypted messaging service to target – with missed calls alone — some 1,400 users. NSO Group denies the accusations.
The Israeli company was sued the previous year in Israel and Cyprus, both countries from which it exports products. The plaintiffs include Al-Jazeera journalists, as well as other Qatari, Mexican and Saudi journalists and activists who say the company’s spyware was used to hack them.
Several of the suits draw heavily on leaked material provided to Abdullah Al-Athbah, editor of the Qatari newspaper Al-Arab and one of the alleged victims. The material appears to show officials in the United Arab Emirates discussing whether to hack into the phones of senior figures in Saudi Arabia and Qatar, including members of the Qatari royal family.
NSO Group does not disclose its clients and says it sells its technology to Israeli-approved governments to help them target terrorists and break up pedophile rings and sex- and drug-trafficking rings. It says its spyware is neither designed nor licensed for use against human rights activists or journalists. It says it has helped save thousands of lives in recent years. It denies its technology was in any way associated with Khashoggi’s murder.
NSO Group also denies involvement in elaborate undercover operations uncovered by The AP in 2019 in which shadowy operatives targeted NSO critics including a Citizen Lab researcher to try to discredit them.
Last year, an Israeli court dismissed an Amnesty International lawsuit seeking to strip NSO of its export license, citing insufficient evidence.
NSO Group is far from the only merchant of commercial spyware. But its behavior has drawn the most attention, and critics say that is with good reason.
Last month, it published its first transparency report, in which it says it has rejected “more than $300 million in sales opportunities as a result of its human rights review processes.” Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation and a strident critic, tweeted: “If this report was printed, it would not be worth the paper it was printed on.”
A new, interactive online data platform created by the group Forensic Architecture with support from Citizen Lab and Amnesty International catalogs NSO Group’s activities by country and target. The group partnered with filmmaker Laura Poitras, best known for her 2014 documentary “Citzenfour” about NSA whistleblower Edward Snowden, who offers video narrations.
“Stop what you’re doing and read this,” Snowden tweeted Sunday, referencing the consortium’s findings. “This leak is going to be the story of the year.”
Since 2019, the U.K. private equity firm Novalpina Capital has controlled a majority stake in NSO Group. Earlier this year, Israeli media reported the company was considering an initial public offering, most likely on the Tel Aviv Stock Exchange.
S Korea parliament committee votes to curb Google, Apple commission dominance
A South Korean parliamentary committee voted early on Wednesday to recommend amending a law, a key step toward banning Google and Apple from forcibly charging software developers commissions on in-app purchases, the first such curb by a major economy.
After the vote from the legislation and judiciary committee to amend the Telecommunications Business Act, dubbed the “Anti-Google law,” the amendment will come to a final vote in parliament.
That vote could come on Wednesday https://www.reuters.com/technology/skorea-set-curb-google-apple-commission-dominance-2021-08-24, although South Korean news agency Yonhap reported that parliament would act at a later date.
A parliament official told Reuters the office had not yet received an official request not to hold the meeting on Wednesday.
Apple Inc and Alphabet Inc’s Google have both faced global criticism because they require software developers using their app stores to use proprietary payment systems that charge commissions of up to 30per cent.
In a statement on Tuesday, Apple said the bill “will put users who purchase digital goods from other sources at risk of fraud, undermine their privacy protections”, hurt user trust in App Store purchases and lead to fewer opportunities for South Korean developers.
Wilson White, senior director of public policy at Google, said “the rushed process hasn’t allowed for enough analysis of the negative impact of this legislation on Korean consumers and app developers”.
Legal experts said app store operators could work with developers and other companies to create secure payment methods other than the ones they provide.
“Google and Apple aren’t the only ones that can create a secure payment system,” said Lee Hwang, a Korea University School of Law professor specialising in competition law. “I think it’s a problem to try to inspire excessive fear by talking about safety or security about using different payment methods.”
Based on South Korean parliament records, the amendment bans app store operators with dominant market positions from forcing payment systems on content providers and “inappropriately” delaying the review of, or deleting, mobile contents from app markets.
It also allows the South Korean government to require an app market operator to “prevent damage to users and protect the rights and interests of users”, probe app market operators, and mediate disputes regarding payment, cancellations or refunds in the app market.
This month in the United States, a bipartisan group of senators introduced a bill that would rein in app stores of companies that they said exert too much market control, including Apple and Google. REUTERS
US and Chinese tech juggernauts battle over ASEAN clouds
Amid the great U.S.-China tech divide, Southeast Asia and its fast-growing digital markets have become a main battleground for the digital behemoths of both superpowers.
There, Amazon.com, Microsoft, Google, Alibaba Group Holding and other players are investing heavily in cloud computing — services that provide processing power and data storage to all sizes of corporations and government institutions.
A massive 170,000-sq.-meter structure is going up in Tanjong Kling, about a 20-minute drive from Singapore’s city center. The 11-story building is taking on the appearance of a vast logistics center or warehouse. However, strict security teams and surveillance cameras around the site betray a much more critical piece of infrastructure. As a reporter pulled out his smartphone to take a photograph of the construction site, a security guard rushed up and warned, “This is private property. No photos allowed.”
Once completed, the “private property” facility will be filled by rows and rows of servers hosting hundreds of millions of internet users’ sensitive personal information. It will be Facebook’s first custom-built data center in Asia. The company has announced it will invest 1.4 billion Singapore dollars (US$1 billion) in the project.
It is one of many data centers that global tech giants are building in Southeast Asia. With a stable political system, an abundance of skilled tech workers and its connection to an undersea communications cable that links to the rest of the world, Singapore has become a prime spot for the big players of tech vying for slices of Southeast Asia’s swelling need for cloud services.
According to real estate service company Cushman & Wakefield, Singapore data centers have 410 megawatts of capacity, with another 170 megawatts on the way, making the city-state a global hub for data, matching the likes of Frankfurt and Chicago.
But Singapore stands out in that it is also a strategic foothold for Chinese tech companies such as Alibaba and Tencent, who are competing for the same clients.
Amazon is the global leader among cloud service providers. Its Amazon Web Services (AWS) controlled more than 30% of the worldwide market in the second quarter of 2021, according to research company Canalys. It is currently adding infrastructure in Jakarta, Indonesia, which is expected to be operational by the end of 2021 or early 2022.
The data centers will be AWS’ second location in Southeast Asia. AWS centers have been operating in Singapore since 2010.
“AWS sees tremendous potential in Southeast Asia,” Conor McNamara, AWS’ managing director for ASEAN operations, said via email. “Across the board, we see all segments, including startups, enterprises, and small and medium-sized businesses, continuing to drive cloud adoption.”
Microsoft, the world’s second-largest cloud service provider, early this year announced it would establish data centers in Indonesia and Malaysia. It is bullish on the region’s growth potential.
“If you look at Southeast Asia, [there are] 650 million people, that makes it [almost] 50% bigger than in the European Union [446 million],” Microsoft Asia President Ahmed Mazhari said. And the region’s “mobile penetration and mobile-first approach that is unparalleled in the world.”
Mazhari also sees ambition. “We continue to see growth traction from somebody that wants to go from idea to building a unicorn, to micro SMEs, to the biggest enterprise of the world,” he said.
Alibaba, No. 4 in the global cloud service market, behind Amazon, Microsoft and Google, in June announced it would invest up to $1 billion over the next three years to nurture developers and support Asia-Pacific startups. “We are seeing a strong demand for cloud-native technologies in emerging verticals across the region, from e-commerce and logistics platforms to fintech and online entertainment,” Jeff Zhang, president of Alibaba Cloud Intelligence, said in a news release.
The company’s cloud division launched its third data center in Indonesia and plans to launch one in the Philippines this year.
Cloud services are becoming a revenue pillar. In the second quarter of this year, the global market was worth $47 billion, up 36% from the year-earlier period, according to Canalys.
AWS’ net sales grew to $14.8 billion in the same quarter, up 37% from the year-earlier period, with AWS accounting for more than half of Amazon’s consolidated operating income.
Microsoft’s Azure revenue grew 51% during the quarter ended June.
Until recently, the global market has been bifurcated.
In China, Alibaba and Tencent have been able to dominate mainly due to restrictions imposed upon foreign tech companies. In the West, Amazon, Microsoft, Google and other players rigorously compete.
In recent years, however, Alibaba has been pushing into the West, including the United States. However, this ambition is dimming as Washington is increasingly concerned over possible security risks for companies that avail themselves to Chinese cloud services.
Amid this global dichotomy, Southeast Asia has emerged as a battleground where Chinese and Western companies “can compete with each other,” said Kevin Imboden, senior research manager of Data Center Insights, Global Research, at Cushman & Wakefield.
The cloud service providers’ intertwined customer lists in the region reflect intense competition.
Amazon and Microsoft provide cloud services to Singapore-based supper app Grab, according to both companies. Alibaba on its website boasts of having Indonesian e-commerce leader Tokopedia as a key cloud customer, and Amazon says AWS also provides services to Tokopedia.
Among the region’s unicorns, startups with valuations of $1 billion or more, Carsome, a Malaysia-based used car marketplace, and Carro, a Singapore online car sales platform, use AWS. Bukalapak, one of Indonesia’s largest e-commerce platforms and Tokopedia competitor, uses Microsoft’s Azure. Alibaba is one of Tokopedia’s largest shareholders, and Microsoft has stakes in Grab and Bukalapak.
U.S. and Chinese cloud companies “are very focused on acquiring market share,” Imboden said, even “at the expense of profit.”
According to Google, Temasek Holdings, and Bain & Co., the gross merchandise value of the region’s internet economy is expected to grow threefold, to $300 billion, by 2025 from 2020. Cloud services, which serve as the infrastructure of this burgeoning ecosystem, will surely expand, too.
However, geopolitical risks are also emerging.
According to a report by China’s Caixin news service, Chinese internet technology company ByteDance, which owns TikTok, has stopped using Alibaba’s cloud for its businesses outside China.
Last year, the Trump administration attempted to ban the popular social media app in the U.S., citing security risks. In June, U.S. President Joe Biden withdrew a series of executive orders related to the banning of TikTok but ordered a broad security review of apps connected to “foreign adversaries,” including China.
Alibaba on Aug. 3 announced cloud computing revenue of 16.05 billion yuan ($2.48 billion) for the quarter through June, up 29% from a year earlier. However, the company’s earnings release states that the cloud computing division’s “year-on-year revenue growth began to moderate since the last quarter primarily because of revenue decline from a top cloud customer in the Internet industry that has stopped using our overseas cloud services with respect to their international business due to non-product related requirements.”
Eric Schmidt, a former Google CEO and the chair of the U.S. National Security Commission on Artificial Intelligence, wonders if Alibaba can attract clients in the West. “Alibaba Cloud and so forth are good enough that you could build on the Chinese side, but you are not going to use them in the West. Similarly, American clouds are very, very good, but you can’t use them in China,” he recently told Nikkei Asia.
“As an entrepreneur, you would prefer to have one [cloud provider] but you live with two [one in China and one everywhere else].”
While well-funded unicorns and large corporations can minimize risks by dividing their cloud needs between Western and Chinese companies, many small and mid-size companies, as well as startups, lack the wherewithal to follow suit.
With American and Chinese players competing for slices of Southeast Asia, businesses in the region “need a geopolitical strategy” and might even have to “pick sides,” said Abishur Prakash, a geopolitical futurist at Toronto-based consultancy Center for Innovating the Future.
“What is your long-term strategy? What geographies do you plan to operate in? Which consumers do you want to access the most?” he asks. “Those should be the vectors that you [use to] decide whose cloud computing infrastructures to use.” NIKKEI
Authorities warn of scammers impersonating officers from government agencies, police
Scammers have been targeting members of the public by calling them and claiming to be officers from government agencies, said the Immigration and Checkpoints Authority (ICA) on Friday (Aug 13).
In an advisory, ICA said members of the public have received calls from +65 6812 5555, similar to its SafeTravel Enquiries Helpline (6812 5555).
“They accused the recipients of either spreading fake news related to COVID-19 or breaking COVID-19 rules, further saying that a report would be made against them or they had to pay a penalty,” said the authority. “This is a scam.”
ICA added that the calls were not made by ICA officers or officers from any other government agencies, and that it “does not call members of the public to request money in any form over the phone”.
The public is advised to ignore the calls and the caller’s instructions should they receive them.
No government agency will request for personal details or transfer of money over the phone or through automated voice machines, said ICA.
“Scammers may use caller ID spoofing technology to mask the actual phone number and display a different number. Calls that appear to be from a local number may not actually be made from Singapore,” said ICA.
“Do not provide your personal information such as name, identification number, passport details, contact details, bank account or credit card details to suspicious or unknown parties.”
The authority said it takes “a serious view of such scam calls as it undermines public trust in ICA”, adding that a police report has been made.
SCAMMERS IMPERSONATING POLICE OFFICERS
Separately on Friday, the Singapore Police Force (SPF) said there have been at least 200 reports of banking-related phishing scams where police officers were impersonated.
In a news release, SPF said scammers have been posing as police officers on messaging apps by using publicly available pictures of officers to validate their identity so that the victims would provide their banking details.
The victims received WhatsApp calls from an account with a profile picture showing police officers. During the conversation, the scammer would also provide an SPF name card as proof of identity.
“The victims would be informed that their bank accounts had been found to be involved in criminal activity and were frozen,” said SPF.
The scammer would instruct victims to provide their banking details under the pretext of facilitating the release of their bank accounts.
“Victims only realised that they had fallen prey to a scam when they received notifications informing them that money had been transferred from their bank accounts to bank accounts unfamiliar to them or when they discovered unknown transactions made using their credit or debit card,” said the police. CNA
Three Australian publishers accuse Facebook of unfairly taking their content
Three Australian publishers of lifestyle content say Facebook Inc used their articles on its just-launched news service after refusing to negotiate licensing deals, and that the country’s tough new internet law has failed to protect them.
Australia this year passed a law that pressured Facebook and Alphabet Inc’s Google to sign deals with some of the country’s biggest news companies by threatening government intervention.
The dispute highlights possible shortcomings in the controversial law. While most of Australia’s main media firms have signed deals, some smaller outlets say the law has not stopped their content generating clicks and advertising revenue for Facebook without compensation.
Broadsheet Media, Urban List and Concrete Playground, websites which publish entertainment news, reviews and listings, say that after the law was passed in February they approached the social media giant about payment for their content.
Facebook knocked them back, calling their content unsuitable for its Facebook News platform and recommending they apply for grants it was offering from a A$15 million (US$11 million) fund for Australian regional and digital newsrooms, the three companies told Reuters in a joint call.
“They told me that, ‘oh well, you’re not going to be included in News tab and that’s what we’re paying for’,” said Nick Shelton, founder of Broadsheet Media.
“To our surprise, we woke one morning last week and all of our content was there.”
Facebook News went live in Australia on Aug 4.
Facebook declined to comment directly on the three companies but said it created value for publishers by sending viewers to their sites.
Under the law, Facebook and Google must negotiate payment deals with outlets or a government-appointed arbitrator will do it for them, but a publisher must first prove its primary purpose is producing news and that it has been unfairly disqualified.
The three publishers said they want Facebook to come to the table to talk but if it declined they may seek government intervention.
“If at the end of the day we don’t get included in a commercial agreement, then absolutely they need a stick,” said Shelton. “We are three prime examples of publishers and media businesses which should be included as part of this framework.”
To be covered by the law, publishers must register as a news provider with the Australian Communications and Media Authority “based on criteria including the levels of ‘core news’ (essentially public interest journalism) that they produce”, the Australian Competition and Consumer Commission (ACCC), which drafted the law, said in an email.
Urban List has registered on the list. Broadsheet and Concrete Playground have yet to register, saying they want to hold out for a private deal.
Tama Leaver, a professor of internet studies at Australia’s Curtin University, said that while Facebook had not broken the law as the matter was not yet before arbitration, its apparent treatment of the three publishers was “extremely poor practice, disingenuous and further disadvantages the smaller players in the news business arena”.
In a separate dispute, the ACCC has said it would look into a claim by The Conversation, which publishes current affairs commentary by academics, that Facebook has refused to negotiate a licensing deal. The Conversation has secured a deal with Google. REUTERS
Twitter Suspends pro Trump US Lawmaker for Covid Misinformation
Twitter said Tuesday it had suspended the account of controversial US lawmaker Marjorie Taylor Greene, a staunch supporter of former Republican president Donald Trump, for a week over a “misleading” tweet on coronavirus vaccines.
The tweet in question, sent on Monday, said the US Food and Drug Administration should not give final approval to anti-coronavirus vaccines, with Greene saying they were “failing” and did not curb the spread of the virus.
Twitter labeled the message “misleading” and suggested that users consult information provided by US health authorities about vaccines and mask-wearing.
“The tweet you referenced was labeled in line with our Covid-19 misleading information policy,” a Twitter spokesperson said in a statement to AFP.
“The account will be in read-only mode for a week due to repeated violations of the Twitter rules.”
If the first-term Georgia congresswoman were to break the rules again, she could face a permanent ban.
Greene accused Twitter of suspending her for “speaking the truth, and tweeting what so many people are saying.”
The lawmaker has been a staunch defender of Trump and his unsubstantiated claims that Democrats stole the 2020 presidential election.
In February, she apologized for her past support for QAnon conspiracy theories but was stripped of her two committee assignments.
Then in May, she courted controversy by repeatedly equating mask mandates with Nazis forcing Jews to wear yellow stars in wartime Germany. AFP
New Child Safety Features for Google, YouTube
Google on Tuesday unveiled a series of online safety measures for children including a private setting for videos uploaded by teens and safeguard for ads shown to users under 18.
The new features, which come amid heightened concerns about online child exploitation and safety at a time of growing internet usage during the global pandemic, affect Google’s YouTube video platform as well its online services such as search and Google Assistant.
“As kids and teens spend more time online, parents, educators, child safety and privacy experts, and policy makers are rightly concerned about how to keep them safe,” said Google product and user experience director Mindy Brooks.
“We engage with these groups regularly, and share these concerns.”
Google’s “safe search” — which excludes sensitive or mature content — will be the default setting for users under 18, which up to now had been the case only for under-13 users.
On the massively popular YouTube platform, content from 13- to 17-year-olds will be private by default, the tech giant said.
“With private uploads, content can only be seen by the user and whomever they choose,” said a blog post by James Beser, head of product management for YouTube Kids and Family.
“We want to help younger users make informed decisions about their online footprint and digital privacy… If the user would like to make their content public, they can change the default upload visibility setting and we’ll provide reminders indicating who can see their video.”
Google will also make it easier for families to request removal of a child’s photos from image search requests.
“Of course, removing an image from search doesn’t remove it from the web, but we believe this change will help give young people more control of their images online,” Brooks said.
In another safety move, Google will turn off location history for all users under 18 globally, without an option to turn it back on. This is already in place for those under 13.
Google will also make changes in how it shows ads to minors, blocking any “age-sensitive” categories and banning targeting based on the age, gender or interests of people under 18. AFP
- Indonesian president’s approval hit by handling of pandemic: Survey 26/08/2021
- Indonesia’s B40 biodiesel plan faces new delay due to palm price 26/08/2021
- What is the Islamic State threat in Afghanistan? 26/08/2021
- S Korea parliament committee votes to curb Google, Apple commission dominance 26/08/2021
- The trailer for Spider-Man: No Way Home is out and is that Doc Ock we see? 26/08/2021