Leak Ties Ethiopian Government To International Cyber Espionage Campaigns

Earlier this week I read a piece of news which caught my attention for two reasons. First, because the Government of Ethiopia was indicated in an electronic leak and second, an Israeli spy firm made it all possible. I know, shocking – right?

In case you do not understand my sarcasm here, in the same way that Israel has been given a certain level of immunity by the international community in regards to land disputes and military conflicts over the yeas, this has also been a luxury awarded to them within the technological landscape as well. I do not believe it is inaccurate to say that no other country or Government on Earth “offensively hacks” more people/countries each year than the Israeli Government and as a result of their continued legal immunity for such crimes, Israel has slowly turned themselves into a safe haven for hacking and cyber espionage over the decades.

For example, leaked documents released online earlier this week by Citizen Lab expose how the Ethiopian Government awarded a contract to an Israel spy/tech firm known as Cyberbit, in order to hack political activists, dissidents and opponents living within the country and abroad. But Ethiopia is far from alone, this is a service Israel provides to Governments all around the world, including the United States of America. Not only has the NSA publicly listed dozens of contracts with Israeli tech firms throughout the past, but the FBI has also paid Israeli firms to invent back-doors to software products or crack the encryption of US technological devices. For example, on two separate occasions in the past the FBI has paid Israeli hackers 1 million dollars each to develop a 0day for the Tor Browser and for a means to bypass Apple’s Iphone encryption. That is all Tax Payer Funded contracts by the way, the taxes of US citizens paying to get themselves hacked.

Getting back to the story at hand, as was reported by Catlin Cimpanu of Bleeping Computer yesterday, December 6th 2017, an unprotected server has accidentally leaked spyware logs used by the Ethiopian Government to spy on “dissidents” all around the world. Campanu’s article explains how inside the leaked “web folders, researchers found everything they needed to understand what attackers were after, including logs of the attackers’ IP addresses, and a detailed list of targets Ethiopian government operatives were trying to infect and keep under surveillance.

As was also previously alluded to, the Ethiopian Government happened to be using software created for them and deployed by Israeli contractors in order to collect this data.

In response to news of the leak and subsequent invasion of peoples privacy at the hands of the Ethiopian Government, Human Rights Watch released an article explaining how “These attacks follow a long, documented history of similar government efforts to monitor critics, inside and outside of Ethiopia.” Adding that “The Ethiopian government has doubled down on its efforts to spy on its critics, no matter where they are in the world” and “These attacks threaten freedom of expression and the privacy and the digital security of the people targeted.

Not only is Human Rights Watch calling for a complete shutdown of these activities in the future, but they are also attempting to use their platform in an attempt to start holding the individual tech firms which invent and develop these spy programs more accountable in the future.

A few years back I remember activists setting up secure/encrypted chat rooms for Ethiopian activists and protesters, where they were also able to safely learn how to use VPN’s and Proxies to circumvent Ethiopian firewalls and censorship, while also concealing their online identities from the state sponsored ISP’s tracking them. Yet, browsing through Citizen Lab‘s new report report this week, none of the information was referenced. So, score one for internet activism, I suppose.

According to a new Freedom of The Internet report released by security researches at Freedom House earlier this year, as of November 2017, Ethiopia is currently the worlds 3rd worst country in terms of internet access, internet freedom and freedom of expression online. Just so you understand the full gravity of the situation here, Ethiopian citizens are not afforded the same rights as people in the US or EU and are quite literally killed by their Government for the things they say or do online. This is also exactly why hacktivists, activists and human rights organizations have all worked particularly hard over the years trying to help educate the Ethiopian people and keep them safe.



Categories: Hacking News

%d bloggers like this: