Aletho News

ΑΛΗΘΩΣ

African governments are crushing opposition using Israeli spyware

By Suraya Dadoo | MEMO | February 24, 2021

As internet penetration and smartphone usage increases across Africa, digital spaces have become increasingly important for organising political uprisings and opposition movements. In response, several of the continent’s regimes have shut down the internet or blocked social media apps. To sidestep the economic costs and global criticism that these online shutdowns incur, governments have turned to digital surveillance technology as a shrewder way to crush all opposition.

In a recently-released report titled “Running in Circles: Uncovering the Clients of Cyberespionage Firm, Circles”, the University of Toronto’s Citizen Lab — which investigates digital espionage against civil society — details how government agencies in Botswana, Equatorial Guinea, Kenya, Morocco, Nigeria, Zambia and Zimbabwe are using the surveillance technology developed by Israeli telecom company Circles to snoop on the personal communications of opposition politicians, human rights activists and journalists. These seven African countries are among 25 around the world using Circles, which is affiliated with the notorious NSO Group whose invasive Pegasus spyware has been used to target human rights defenders and journalists around the world.

How does it work?

Circles technology is sold to nation states only, and intercepts data from 3G networks, allowing the infiltrator to read messages and emails, and listen to phone calls in real time. Using only the telephone number, a Circles platform can identify the location of a phone anywhere in the world within seconds.

Circles exploits flaws in Signalling System No.7 (SS7), the set of protocols that allows networks to exchange calls and text messages between each other. This allows government agencies to track individuals across borders without a warrant, bypassing international conventions.

In 2019, 3G became the leading mobile technology in Sub-Saharan Africa, accounting for over 45 per cent of all connections. With the faster — and possibly more secure — 4G networks being at least five years away from becoming the standard for mobile connectivity on the continent, Circles’ 3G-manipulating technology is ideal for power-hungry African leaders looking to cling to power by spying on critics.

The spying revelations came as African governments — including some named in the Citizen Lab report — are cracking down brutally on protestors and opposition groups.

Nigeria

Recent #EndSARS protests triggered a deadly response from Nigeria’s state security apparatus, with the government able to infiltrate the movement’s organisational structures successfully.

Citizen Lab identified two Circles systems in Nigeria that both began operating in June 2015. One of them was being used by the Nigerian Defence Intelligence Agency (DIA). In 2016, the governors of Delta and Bayelsa states also purchased Circles systems to spy on political opponents and critics. The presence of Circles products in Nigeria goes back more than a decade, when former Rivers state governor, Rotimi Amaechi, became the first Nigerian politician to use the surveillance technology in 2010.

Circles’ government clients in Nigeria have a long history of abusing surveillance technologies to conduct mass surveillance of citizens’ telecommunications. Femi Adeyeye, a Lagos-based political activist who has been detained several times for criticising the Nigerian government, is not surprised that Muhammadu Buhari’s regime is using the invasive spying technology.

Adeyeye cited several cases where Nigerians were swiftly traced, arrested and detained after criticising the government. These include journalists Omoyele SoworeAbubakar Idris Dadiyata and Stephen Kefas. The Committee to Protect Journalists (CPJ) has also reported numerous cases of the Nigerian authorities abusing phone surveillance by targeting journalists’ phones to reveal and track sources for stories investigating government corruption.

“We are already in the worst stage of dictatorship,” warns Adeyeye. “Freedom of expression, media, and political association have been further weakened by this spying technology.”

He says that Nigerian political analysts now self-censor when commenting on national political issues, after witnessing the government’s infiltration of #EndSARS. “They have seen how people have been traced, their passports seized and bank accounts frozen, and how they have been forced to go into exile.”

Zimbabwe

In Zimbabwe — which has witnessed intense anti-government protests recently — Citizen Lab detected three Circles platforms, with one dating back to 2013. A second platform was activated in March 2018 and is still operating.

As in Nigeria, there has been a government crackdown on anyone exposing corruption. Investigative journalist Hopewell Chin’ono, and Jacob Ngarivhume, the leader of the opposition group Transform Zimbabwe, were detained ahead of anti-government protests last year. Circles technology is facilitating this suppression.

Equatorial Guinea

A Circles surveillance system was also found in Equatorial Guinea, where dictator Tedoro Obiang has ruled for 40 years in a climate of torture, extra-judicial executions, arbitrary arrests and the persecution of political activists and human rights defenders. Obiang has crushed protests violently and ignored demands for electoral reforms and limits on terms of office.

Morocco

Morocco’s Ministry of the Interior has been a Circles client since 2018. Rabat has a history of leveraging digital technology to unlawfully target Moroccan human rights activists.

Eroding democracy in Botswana

It’s not just countries such as these facing protests, or those with a dismal record of human rights abuses, that are spying on their citizens. Even supposed democracies are involved. Botswana is hailed widely as one of Africa’s most stable democracies. Yet, the country’s Directorate of Intelligence and Security Services (DISS) was linked to two Circles surveillance systems dating back to 2015. The targets were journalists investigating corruption by politicians.

According to Moeti Mohwasa, spokesperson for the opposition Umbrella for Democratic Change (UDC), Israeli companies have been selling spyware to the Botswana government for years. Mohwasa says that some of this equipment has been used to eavesdrop on opposition politicians and union leaders in the country.

Enabling authoritarianism in Kenya

Citizen Lab also reported a Circles system in Kenya. While the East African nation is often lauded as a strong democracy, critics accuse the Uhuru Kenyatta administration of being an authoritarian regime.

“In Kenya, freedom of expression and media freedoms are under constant threat,” says Suhayl Omar, a policing, surveillance and militarism researcher from Nairobi. “The Kenyatta regime has waged a war against constitutionalism and any form of opposition in Kenya.”

Omar believes that the Kenyan government relies heavily on surveillance of its citizens to crack down on any form of opposition. “For this, they look to undemocratic and violent states — like Israel — to fund, equip and train their agents and armies for these unconstitutional missions.”

Zambia

Zambia is also a Circles client. In 2019, the Zambian authorities reportedly used a cyber-surveillance unit in the offices of Zambia’s telecommunications regulator to pinpoint the location of a group of bloggers who ran an opposition news site. They were duly arrested, with the authorities in constant contact with the police units on the ground throughout the operation. Given its capabilities, it is likely that a Circles system was used to do this.

Should the Israeli government be held accountable?

African governments will justify spying by claiming that it is a matter of national security. The Israeli government, meanwhile, has distanced itself from these anti-democracy purges. Israeli Minister Zeev Elkin denied any government involvement, telling Israeli radio, “Everyone understands that this is not about the state of Israel.” But it is.

The Israeli government, through its Ministry of Defence, implicitly sanctions such activities by providing tech firms with export licences. In January 2020, Amnesty International filed a lawsuit in Israel calling for the ministry to ban the export of invasive spying software, as it was being used to attack human rights activists by the governments purchasing them. Last July, an Israeli court denied Amnesty’s request.

“The Israeli regime has actively enabled the authoritarianism of Uhuru Kenyatta,” explains Suhayl Omar, commenting on the situation in Kenya. Moeti Mohwasa in Botswana agrees about official Israeli involvement. “In recent years, the Botswana government has increasingly been eroding civil rights, and becoming intolerant of political dissent. Israel is aiding these dangerous trends.”

Friends with benefits

Although developed by private companies, the spying equipment is also a key part of the Israeli government’s diplomatic charm offensive in Africa. By helping African governments cling to power through arming them with the weapons to wage cyber-warfare on their citizens, Tel Aviv is hoping to make more African friends. The aim is to dissolve African solidarity with Palestine, and capture African votes at the UN and so defeat resolutions that are critical of Israel’s brutal military occupation. Israel is also trying to find partners to lobby the African Union to grant the occupation state observer status.

In his book War Against the PeopleJeff Halper writes that Israel is exporting its expertise in population control gained through its occupation of Palestine, and leading the “global pacification” industry, assisting state security agencies around the world. The danger, Halper warns, is that gradually we will all become like Palestinians, fearful of being tracked and detained for organising a protest, defending human rights or trying to hold the powerful to account.

As repressive African governments continue looking to Israel to help them shrink the safe space for human rights defenders even further, the danger is that Abuja, Nairobi, Gaborone and other capitals across the continent may end up under digital occupation just like Ramallah, East Jerusalem and Gaza City.

READ ALSO:

Israel’s global cybercrime racket

February 24, 2021 Posted by | Civil Liberties, Corruption, Ethnic Cleansing, Racism, Zionism | , , , , | 1 Comment

Pro-Israel news outlets ran ‘deepfake’ op-eds in ‘new disinformation frontier’

MEMO | July 20, 2020

Pro-Israel news agencies have run “deepfake” op-eds, in what is said to be “a new disinformation frontier”. Details of the “hyper-realistic forgery” were uncovered by a Reuters report this week, which uncovered the mystery around the identity of Oliver Taylor.

Taylor has been writing for a number of well-known publications, including Israel National Newsthe Jerusalem Post, and the Times of Israel. However, his article in the US Jewish newspaper the Algemeiner, which accused a London based academic Mazen Masri and his wife, Palestinian rights campaigner Ryvka Barnard, of being “known terrorist sympathizers”, exposed his true identity.

Mystified by Taylor’s accusation, Masri and Barnard alerted Reuters to their suspicion over the anti-Palestinian writer. The senior lecturer in law said when he pulled up Taylor’s profile photo, he couldn’t put his finger on it, but he explained that something about the young man’s face “seemed off”.

It seems as though Masri had drawn the ire of Taylor over his work in late 2018 when the lecturer helped launch a lawsuit against the Israeli surveillance company NSO on behalf of alleged Mexican victims of the company’s phone hacking technology. The spyware company has been accused of being “deeply involved” in carrying out mobile phone hacks of 1,400 of its users.

Taylor’s identity was finally uncovered. Rather than being a real person, Taylor appears to be a “deepfake”, or a hyper-realistic forgery, created in part to criticise Mazen. Reuters interviewed six experts who conclude that it had the characteristics of forgery that would not be detectable to the naked eye.

In their report raising concerns over “the marriage of deepfakes and disinformation”, the Reuters report warned deepfakes like Taylor are “dangerous” because they undermined public discourse.

Taylor is just one of several deepfakes. Earlier this month, the Daily Beast, reported that 46 conservative news outlets, including some reporting on the Jewish community, were duped into publishing Middle East “hot takes” by 19 non-existent authors as part of a massive propaganda campaign that appears to have started in July 2019.

Only a few of the news outlets covering Israel are said to have removed articles that later turned out to be deepfakes.

July 20, 2020 Posted by | Deception, Ethnic Cleansing, Racism, Zionism, Mainstream Media, Warmongering | , , | 3 Comments

Spanish Politics Jolted by Claims of Government Spying

By Cain Burdeau – Courthouse News – July 14, 2020

Spain was rocked Tuesday by allegations that the government may have hacked a smartphone used by the pro-independence president of the Catalan parliament and spied on him and others during a tense period in the run-up to a politically explosive trial against Catalan leaders.

Allegations that the Spanish state may have used an Israeli company’s hacking spyware to target Roger Torrent, the speaker and president of Catalonia’s regional parliament, were revealed in a joint investigation by the newspapers El País and The Guardian.

The domestic espionage claims open a new chapter in an emotional and epochal fight in Spain over the future of Catalonia and its capital Barcelona. About half of Catalonia’s population wants to secede from Spain. An unauthorized independence referendum in 2017 led to massive protests, police violence, the arrests of Catalan politicians and the criminal conviction of pro-independence leaders last October.

The newspaper reports about the hacking of Torrent’s phone sprang from a wide-ranging probe by digital experts at a Canadian university into allegations that authoritarian governments around the world have abused technology developed by Israeli hacker-for-hire firm NSO Group and taken control of cellphones to spy on dissidents, journalists, lawyers, activists, human rights advocates and opposition politicians. NSO is fighting numerous lawsuits in the United States and elsewhere against it over its spying program called Pegasus.

NSO claims no responsibility for how its Pegasus spyware is used by governments and says it only sells the spyware to governments to help them fight crime and terrorism. The Pegasus program can take control of a phone, its cameras and microphones, and mine the user’s personal data.

Spanish authorities denied any knowledge of the alleged spying on Torrent.

Andrew Dowling, an expert on Spanish politics and history at Cardiff University, said the allegations against Spanish authorities appear solid.

“In one sense it is not that surprising at all,” he said in an email to Courthouse News. It appears, he said, that “sectors of the Spanish security services act autonomously and are not fully subject to democratic control.”

Torrent called on the Spanish state to investigate the claims. He said he was unsure who was behind the hacking but he suspects state actors carried out the surveillance without judicial authority.

“The espionage I have been subjected to violates my right to privacy, the right to secrecy of communications and the right to be able to develop a political project without illegitimate interference,” Torrent said on Tuesday in a statement to media at the Catalan parliament. “It is inappropriate in a democracy that state apparatuses illegally spy on political opponents.”
He charged that the evidence confirms the Spanish state is seeking to use illegal means to squash Catalonia’s drive for independence.

“This is the first time, therefore, that what many of us already knew and have been denouncing for a long time has been conclusively proven: espionage against political opponents is practiced in Spain,” he said.

He said he was told about the alleged hacking by newspaper reporters and that he feared his smartphone’s camera and microphone were remotely turned on to spy on him. He said the Pegasus program allowed hackers to listen to all his conversations on the phone and those that took place while the phone was close at hand. He said conversations he had with politicians, trade union members, economic leaders and international representatives had been put at risk.

“This type of software is intended for use in investigating complex and serious crimes, such as terrorism or drug trafficking,” Torrent said. He said watchdogs, including United Nations Rapporteur on freedom of expression David Kaye and Amnesty International, have warned that governments in Morocco, Mexico and Saudi Arabia have abused the Pegasus software to spy on opponents.

“Now,” he said, “we know that this practice has also occurred in Spain.”

He said Catalan authorities will “take all political and legal action” to “get to the bottom of the matter.”

The hacking of Torrent’s phone was confirmed by Citizen Lab, a center that researches digital threats, the newspapers reported. Citizen Lab is working with the social media platform WhatsApp to find improper hacking that took place around the world in April and May 2019 by exploiting a previous weakness in WhatsApp. The lab is based at the Munk School of Global Affairs at the University of Toronto.

Besides Torrent, a former Catalan parliamentarian, Anna Gabriel, and pro-Catalan activist Jordi Domingo also were hacked, according to the newspapers. Gabriel fled Spain after the Spanish state cracked down on the Catalan independence drive in 2017 and she remains in exile in Switzerland. Other Catalan politicians, most notably former Catalan President Carles Puigdemont, also fled Spain to avoid arrest. Puigdemont is a member of the European Parliament and condemned the alleged domestic espionage on Tuesday.

John Scott-Railton, a senior researcher at Citizen Lab, said on Twitter that there is a “troubling sign of a pattern of political hacking in Spain.”

The newspaper reports said WhatsApp believes the hacking took place between April and May 2019 and involved 1,400 of its users around the world. Until now, European governments had not been linked to the hacking attack.

WhatsApp is suing the NSO Group in the U.S. and charges that the Pegasus program was used to hack more than 100 journalists, human rights activists, diplomats and government officials in various countries around the world. The Pegasus program has been linked to surveillance of associates of slain Saudi Arabian journalist Jamal Khashoggi.

Citizen Lab says Bahrain, Kazakhstan, Mexico, Morocco, Saudi Arabia, the United Arab Emirates and India have been linked to abusive use of the spyware to target civil society.

Citizen Lab says the software is among the world’s most sophisticated commercial spyware and can be deceptively placed on phones without a user’s knowledge or permission. Once the software infects a phone, hackers can obtain a person’s private data, including passwords, contact lists, calendar events, text messages, and live voice calls, Citizen Lab says. Hackers can also turn on the phone’s camera and microphone to monitor activity in the phone’s vicinity and track someone’s movements through GPS, the group says.

On Monday, NSO won a case in an Israeli court brought by Amnesty International seeking to stop the company from selling its software around the world.

Spanish authorities said they were not behind the hacking of Torrent’s phone.

The newspapers said the National Intelligence Center, Spain’s domestic and foreign intelligence service, issued a statement saying it acts “in full accordance with the legal system” and that its work is overseen by Spain’s Supreme Court.

Socialist Spanish Prime Minister Pedro Sanchez also issued a statement saying his “government has no evidence” that Torrent was hacked, according to the newspapers. The hacking allegations have the potential to sour relations between Sanchez and Catalan politicians upon whose cooperation he depends in the Spanish parliament.

The hacking allegedly took place while Sanchez was prime minister and may erode trust in the Socialist leader’s promises to open dialogue with the Catalan separatists to find a political solution to demands for Catalan independence.

Torrent called on Sanchez to live up to his pledges, he is leading a progressive government in coalition with the far-left Podemos party.

“A government that claims to be the most progressive in history cannot allow such practices to go unpunished,” Torrent said. “We cannot make it normal for there to be prospective wiretaps, to criminalize a peaceful and democratic movement.”

Dowling, the Cardiff University expert, doubted the Spanish state or European Union institutions will investigate the allegations.

“Spain has little tradition of independent investigation into political scandals, however deep,” he said. “The fact that it has had widespread European coverage will be embarrassing but I don’t perceive the EU intervening in what it will consider to be the internal affairs of the Spanish state.”


Courthouse News reporter Cain Burdeau is based in the European Union.

July 20, 2020 Posted by | Civil Liberties, Progressive Hypocrite | , , , , , | Leave a comment

Israel Perfecting Surveillance Tech

Leave it to the Mossad and Shin Bet to profit militarily and financially from virus

By Philip Giraldi | American Free Press | May 11, 2020

Israel’s external spy organization Mossad and its internal espionage equivalent Shin Bet have reputations that are much larger than their actual successes, but the one area where they have excelled is electronic intelligence gathering. Recent electronic spying around the White House and other federal buildings in Washington carried out by the Israeli Embassy demonstrates that Israel does not differentiate much between friends and enemies when it conducts espionage. In fact, spying targeting the U.S. is probably its number one priority due to the fact that the Jewish state is so heavily dependent on American support that it feels compelled to learn what discussions relating to it are taking place behind closed doors.

Israeli penetration of U.S. telecommunications began in the 1990s, when American companies like AT&T and Verizon, the chief conduits of the National Security Agency (NSA) for communications surveillance, began to use Israeli-produced hardware, particularly for law enforcement-related surveillance and clandestine recording. The devices had a so-called back door, which meant that everything they did was shared with Israel. Israeli cyber-specialists even broke into classified networks with the NSA and FBI aware of what was going on but unwilling to confront “America’s best ally.” President Bill Clinton once quipped to Monica Lewinski that they should avoid using the Oval Office phone because someone might be listening in. He was referring to Israel.

To be sure, the Jewish state’s high-tech sector has been much assisted in its effort by “own goals” provided by the United States, which allows Israel to bid on government contracts relating to national security, virtually guaranteeing that any technical innovations will be stolen and re-exported by Israeli high-tech companies. Major technology innovators like Intel, which works with the NSA, have set up shop in Israel and have publicly stated, “We think of ourselves as an Israeli company as much as a U.S. company.” Vulture capitalist Zionist billionaire Paul Singer has recently been accused of steering highly paid U.S. tech sector jobs to Israel, jobs that are lost to the American economy forever.

So, Israel is a leader in using electronic resources to carry out espionage and collect information on various targets of interest. Israel is also an innovator, and its close relationship with the U.S. intelligence community (IC), most particularly the NSA, means that technologies and procedures developed by the Jewish state will inevitably show up in America.

The U.S. is in any event working hard on its own tools for managing the public, spurred by Covid-19 hysteria. Special ID cards could help track the health status of individuals. This status would be recorded and updated on a chip readable by government scanners that, by some accounts, might be either carried or even permanently embedded in everyone’s body. Another plan being promoted in a joint venture by Apple and Google that appears to have White House support involves “add[ing] technology to their smartphone platforms that will alert users if they have come into contact with a person with Covid-19. People must opt into the system, but it has the potential to monitor about a third of the world’s population” with monitoring done by central computers. Once the legal principle is established that phones can be manipulated to do what is now an “illegal search,” there are no technical or practical limits to what other tasks could also be performed.

DEVELOPMENTS IN ISRAEL

With those steps being taken to control the movements of possibly infected citizens in mind, some recent developments in Israel are, to put it mildly, ominous. The Jewish state is currently achieving multi-level 24/7 surveillance of everyone residing in the country conducted in real time. Investigative reporter and peace activist Richard Silverstein describes in some detail why it is happening now, what it means, and how it works.

Per Silverstein, Israel, like every other authoritarian state, is currently taking advantage of the distraction caused by the coronavirus pandemic. Prime Minister Benjamin Netanyahu, whose political fortunes seemed to be on the wane due to three hung elections, exploited the fear of the virus to assume emergency powers and obtain Knesset approval to use a highly classified national database “compiled by the Shin Bet and comprising private personal data on every Israeli citizen, both Jewish and Palestinian. In the aftermath of 9/11, Israel’s Knesset secretly assigned its domestic intelligence agency the task of creating the database, which was ostensibly meant as a counterterrorism measure.”

The database, nicknamed “The Tool,” includes names, addresses, phone numbers, employment, and educational information but it goes well beyond that in using phone tracking data to record every phone call made by the individual to include names and numbers of those called and the geo-location of where the call was made from. Phone tracking also enabled Shin Bet to create a log of where the caller traveled in Israel and the occupied territories. Internet use, if active on the phone, was also recorded. It is as complete and total surveillance of an individual as is possible to obtain and it does not involve any human participation at all, every bit of it being done by computer.

Netanyahu publicly proclaimed his intention to use the database, stating that it would be employed to combat the coronavirus, which he described as a threat to national survival. As a result of the claimed crisis, he and his principal opponent, Blue and White party leader Benny Gantz, were able to come to terms on April 20 to form a “national emergency unity government” with Netanyahu as prime minister yet again. The exploitation of the fear of the virus plus that revelation about Israel’s powerful technical tool to thwart it produced a victory for Netanyahu, who effectively portrayed himself as a strong and indispensable leader, erasing the stigma resulting from his pending trial on charges of massive corruption while in office. One of the first steps Netanyahu will reportedly take is to replace the attorney general and state prosecutor who were seeking to send him to prison, effectively taking away the threat that he might go to prison.

The exposure of the existence of the database inevitably led to charges that Netanyahu had, for personal gain, revealed Israel’s most powerful counterterrorism weapon. There were also concerns about the significance of the huge body of personal information collected by Shin Bet, to include suggestions that it constituted a gross violation of civil liberties. But carefully stoked fear of the virus combined with some political deals and maneuvers meant that use of the data was eventually approved by the Knesset security committee at the end of March.

Israel, which has closed its borders, and which still has a relatively low level of coronavirus infections and deaths, has already started using the Shin Bet database while also turning the attempts to deal with the disease as something like an intelligence war. The information obtained from “The Tool” enables the police and military to determine if someone were standing near someone else for more than a few minutes. If the contact included someone already infected, all parties are placed under quarantine. Any attempt to evade controls leads to arrest and punishment of a six-month prison term plus a $1,500 fine. Armed soldiers patrolling the streets are empowered to question anyone who is out and about.

Mossad is also involved in fighting the virus, boasting of having “stolen” 100,000 face masks and also respirators from a neighboring country presumed to be the United Arab Emirates. Silverstein observes that “Israel’s far-right government has militarized the contagion. Just as a hammer never met a nail it didn’t want to pound, it is only natural for a national security state like Israel to see Covid-19 as a security threat just as much or more than a health threat.” And when it comes to bioweapons, Israel is no parvenu. Ironically, the hidden story behind the “war on the coronavirus” is that Israel is itself one of the most advanced states in developing and testing biological weapons at its lab at Nes Tziona.

Returning to the emergence of “The Tool,” hardline Defense Minister Naftali Bennett has also suggested monetizing the product by selling a “civilian version of it,” to include its operating system, analytic capabilities, and setup details to foreign countries, including the United States. Israel has already successfully marketed to security agencies and governments a similar product called Pegasus, which has been described as the most sophisticated malware on the market.

Like The Tool, Pegasus does data mining and real-time analysis of individuals based on a range of collection techniques. The Israeli cyber company NSO Group that markets Pegasus was recently involved in an attempt to hack Facebook-owned secure communications system Whats-App, targeting journalists and political activists, on behalf of an unknown client. Ironically, it is believed that Facebook had earlier used NSO Group’s somewhat shadowy services. Perhaps more notoriously, Pegasus was also used to monitor contacts and establish physical location in the case of journalist Jamal Khashoggi, who was murdered by Saudi intelligence agents in Istanbul.

So, Americans should beware when confronted by the new cyber-security software being promoted by Israel because the Jewish state is also exporting its own vision of a centrally controlled militarized state where all rights are potentially sacrificed for security. As whistleblower Edward Snowden has already revealed, the NSA has the capability to collect vast amounts of information on citizens. If the United States government falls for the bait and moves in the Israeli direction, using that data to enable the surveillance and manage all the people all the time, the temptation will be great to employ the new capability even if its use is not strictly speaking warranted.

And there will be no one there to say nay to the new powers, not in Congress, on the Supreme Court or in the White House. And the media will be on board, too, arguing that security against external and internal threats requires some infringements of individual rights. It is one of the ironies of history that the United States of America, with its vast resources, large population and legacy of individual freedom, has been becoming more like its tiny militarized client state Israel. It is a tendency that must be resisted at all costs by every American who cares about fundamental liberties.

Philip Giraldi is a former CIA counter-terrorism specialist and military intelligence officer and a columnist and television commentator. He is also the executive director of the Council for the National Interest.

May 14, 2020 Posted by | Civil Liberties, Corruption | , , , | 4 Comments

Exposing a Biden Staffer’s Connections to Troubled Israeli Spyware Firm

By Jefferson Morley | Deep State | March 16, 2020

After Sunday night’s Democratic presidential debate, Anita Dunn, senior adviser to Joe Biden’s campaign, defended the vice president’s performance in a briefing with reporters.

Last year, Dunn, who served as communications director in Barack Obama’s White House, did a similar duty for NSO, the spyware firm founded by former Israeli intelligence officers. The NSO Group created the infamous Pegasus intrusion tool, which has been used to harass and disrupt journalists from India to Mexico to Saudi Arabia—and also to pick Jeff Bezos’ pocket.

As Avi Asher-Schapiro of the Committee to Protect Journalists noted on Twitter, Dunn is “Managing Director at SKDKnickerbocker, a firm that managed the US public relations work for NSO Group.”

Dunn’s work for NSO indicates a willingness to defend private power against the public interest. Her condescending remarks about Bernie Sanders’ performance evoke the arrogance that pervades the intersection of big government and corporate power in Washington. She represents the reasons why some of Sanders’ supporters are reluctant to support the former vice president. She embodies the difficulty of unifying the progressive and moderate wings of the Democratic Party going into the 2020 presidential election.

What Is NSO?

On the trail of NSO, Asher-Schapiro “has been tracking research by Citizen Lab, Amnesty International, and other local and international human rights groups involving journalists targeted by Pegasus, a spyware tool that the NSO Group markets and sells to governments.”

“Once covertly installed by means of spear-phishing attacks that trick the recipient into clicking on a malicious link, the technology passes control of a phone’s camera, microphone, and contents to the attacker,” Asher-Schapiro wrote last year.

Asher-Schapiro reported on:

“an attempted Pegasus attack targeting Griselda Triana, the widow of Mexican journalist Javier Valdez. Valdez, the winner of CPJ’s 2011 International Press Freedom Award, was murdered in May 2017; the Mexican government has not charged anyone for ordering the killing, which CPJ believes was in reprisal for his coverage of narcopolitics.”

When Asher-Schapiro sought comment from NSO, he says, “I would email Dunn’s subordinates at SKDK asking them to kindly provide comments explaining why their client kept being accused of spying on journalists.” He wrote:

“‘We do not tolerate misuse of our products,’ an NSO Group spokesperson told CPJ by email. ‘We regularly vet and review our contracts to ensure they are not being used for anything other than the prevention or investigation of terrorism and crime.’ The spokesperson declined to be named because the comment was from the organization, not an individual.”

And so Dunn’s role in the defense of NSO was not publicly reported.

Whom Dunn Defends

The privatization of intrusive surveillance technology has enabled repression of independent journalists seeking to hold governments accountable. Saudi Arabian intelligence officials reportedly used Pegasus to track dissident Washington Post columnist Jamal Khashoggi before his murder in the Saudi consulate in Istanbul, Turkey, in October 2018.

It may have also been used against the world’s richest man.

A technical report on the hack of Amazon founder Jeff Bezos’ phone (now available on Motherboard) concluded that the exact type of software used to extract Bezos’ data could not be determined but that it had the same capabilities as Pegasus.

A backlash against NSO has been growing.

The messaging giant WhatsApp is suing NSO, accusing it of “‘unlawful access and use’ of WhatsApp computers. According to the lawsuit [filed in northern California federal court] NSO Group developed the malware in order to access messages and other communications after they were decrypted on targeted devices, allowing intruders to bypass WhatsApp’s encryption.”

A Washington Post columnist who served as an adviser to NSO recently quit the firm after criticism. Juliette Kayyem, a Harvard professor, resigned after controversy over her role at the spyware group prompted Harvard to cancel an online seminar she was due to host.

The U.S. government and other leading countries will soon require buyers and sellers of intrusion technologies such as Pegasus to obtain licenses and thus disclose their identities. Whether this voluntary measure will curb abuses is unknown.

Given Dunn’s role in the Biden campaign, it is fair to ask: Is Biden soft on the abuse of private intelligence? Is he a defender of journalism?

March 18, 2020 Posted by | Progressive Hypocrite | , | 1 Comment

Israeli court orders Facebook to unblock account of NSO Group employee

MEMO | February 18, 2020

A Tel Aviv court ordered Facebook Inc to unblock the private account of a worker at Israeli surveillance company NSO Group, and similar rulings are expected for other employees in the coming days, an NSO spokeswoman said on Tuesday.

A group of NSO employees filed suit against Facebook in November, saying the social media giant had unfairly blocked their private accounts when it sued NSO in October.

Facebook-owned messaging service WhatsApp accused the Israeli firm of helping government spies break into the phones of about 1,400 users in a hacking spree targeting diplomats, political dissidents, journalists and senior government officials across the globe.

The NSO employees said their Facebook and Instagram accounts, and also those of former workers and family members, had been blocked.

Ruling on their complaint, Tel Aviv District Court ordered the account of one employee to be restored by Wednesday afternoon.

“We are certain that following the court’s unequivocal statements, Facebook will reverse the action it took against other employees,” the NSO spokeswoman said.

Facebook officials could not immediately comment.

The company said in November it had disabled “relevant accounts” after attributing a “sophisticated cyber attack” to the NSO Group and its employees, saying the measure was necessary for security reasons.

Read also:

UK to help controversial Israel spyware firm to sell product  

February 18, 2020 Posted by | Deception, Full Spectrum Dominance | , , | 1 Comment

Why a Shadowy Tech Firm With Ties to Israeli Intelligence Is Running Doomsday Election Simulations

Graphic by Claudio Cabrera for MintPress News
By Whitney Webb | MintPress News | January 4, 2020

Election Day 2020: 32 Americans dead, over 200 injured, martial law declared and the election itself is canceled. While this horrific scenario seems more like the plot of a Hollywood film, such was the end result of a recent simulation examining the preparedness of U.S. officials from the Federal Bureau of Investigation (FBI), the Department of Homeland Security (DHS) and the U.S. Secret Service against “bad actors” seeking to undermine the upcoming presidential election.

Yet, this simulation was not a government-organized exercise but was instead orchestrated by a private company with deep ties to foreign and domestic intelligence services, a company that is also funded by investors with clear connections to individuals who would stand to benefit if such a catastrophic election outcome were to become reality.

Much of the rhetoric since the last presidential election in 2016 has focused on the issue of foreign meddling by U.S. rival states like Russia, while China has emerged as the new “meddler” of choice in American corporate media as the 2020 election approaches. Though time has revealed that many of the post-2016 election meddling claims were not as significant as initially claimed, the constant media discussion of foreign threats to U.S. democracy and electoral processes – whether real or imagined – has undeniably created a climate of fear. 

Those fears have since been preyed upon by neoconservative groups and the U.S. military-industrial complex, both of which are hardly known for their love of democratic processes, to offer a series of ready-made solutions to these threats that actually undermine key pillars of American democracy, including independent reporting and voting machine software.

However, many of the very same media outlets and groups that frequently fretted about Russia, China or another rival state meddling in U.S. democracy have largely ignored the role of other nation states, such as Israel, in efforts to sway the last U.S. election in 2016 and meddle in numerous elections in Africa, Latin America and Asia in the years since.

As a consequence of this climate of fear, it should be hardly surprising that the corporate media lauded the recent 2020 election simulation that ended in an abysmal failure for U.S. officials, the cancellation of the U.S. election and the imposition of martial law. Yet, none of those reports on the exercise noted that the company that hosted the simulation, called Cybereason, is led by ex-members of Israel’s military intelligence unit 8200, advised by former top and current officials in both Israeli military intelligence and the CIA. In addition, it is funded by and partnered with top U.S. weapons manufacturer and government contractor Lockheed Martin and financial institutions with clear and direct ties to Saudi Crown Prince Mohammed bin Salman and White House adviser and the president’s son-in-law Jared Kushner. Also left unmentioned in media reports on Cybereason’s election simulations is the fact that Cybereason’s CEO, Lior Div, has openly admitted that he views his work at Cybereason as a “continuation” of his service to Israel’s intelligence apparatus.

With Cybereason planning to host more simulations in cooperation with federal agencies as the U.S. election inches closer, a deeper exploration of this company, its ties to intelligence and military contractors in the U.S. and Israel and its financial ties to key Trump allies both domestically and abroad warrants further investigation.

In this two part series, MintPress will not only explore these aspects but also how many of the technologies wielded by the “bad actors” in the Cybereason election simulation have been pioneered and perfected, not by U.S. rival states, but by Israeli companies and start-ups with clear ties to that country’s intelligence apparatus.

Also notable is the fact that Cybereason itself has covertly become a major software provider to the U.S. government and military through its direct partnership with Lockheed Martin, which followed the defense company’s decision to open an office at the Israeli military’s new cyber operations hub in the Negev desert. In examining all of these interlocking pieces, a picture emerges of a potentially sinister motive for Cybereason’s simulations aimed at gauging how U.S. federal officials respond to crisis situations on Election Day.

Understanding “Operation Blackout”

In early November, a team of “hackers” working for the private U.S.-based, Israeli-founded company Cybereason conducted a 2020 election simulation with members of various U.S. agencies, namely the DHS, FBI and the U.S. Secret Service. The simulation was organized by Cybereason and the law firm Venable and the U.S. agencies in attendance were invited and appear to not have been charged to participate.

The simulation, titled “Operation Blackout,” was set in a fictional swing state called “Adversaria” and pitted “ethical hackers” from Cybereason against a team of federal and local law enforcement officials. The opposing teams were supervised by a “white team” composed of members of Cybereason’s staff and Ari Schwartz — a former member of the White House’s National Security Council and the National Institute of Standards and Technology (NIST) — who set the rules of the simulation and would ultimately decide its outcome. Schwartz also used to work for the Center for Democracy and Technology (CDT), a major backer of Microsoft’s ElectionGuard software.

Operation Blackout did not involve hackers targeting election software or voting machines, instead, it focused on civilian infrastructure and psychological operations against the American citizens in the fictitious “Adversaria” on election day. The hacker team was led by Cybereason co-founder Yonathan Striem-Amit, a former contractor for Israeli government agencies and a former operative for the elite Israeli military intelligence Unit 8200, best known for its cyber offensives against other governments.

“In a country as fragmented as the US, the number of people needed to influence an election is surprisingly small,” Striem-Amit told Quartz of the exercise. “We attempted to create havoc and show law enforcement that protecting the electoral process is much more than the machine.”

Streim-Amit’s team completely devastated the U.S. law enforcement team in Operation Blackout by not only causing chaos but murdering numerous civilians. Hackers took control of city buses, ramming them into civilians waiting in line at polling stations, killing 32 and injuring over 200. They also took control of city traffic lights in order to cause traffic accidents, used so-called “deepfakes” to conduct psychological operations on the populace and created fake bomb threats posing as the terror group ISIS, which incidentally has its own ties to Israeli intelligence. Telecom networks and news outlets within the fictitious states were also hacked and flooded with deepfakes aimed at spreading disinformation and panic among U.S. citizens.

A map of targets in Adverseria is shown during Operation Blackout in Boston’s John Hancock Tower. Mark Albert | Twitter

The supervising team, composed of Cybereason employees and former NSC member Ari Schwartz, decided that the outcome of the face-off between the hacker and law enforcement teams was the outright cancellation of the 2020 election, the declaration of martial law by authorities, the growth of public fear regarding terrorism and allegations of U.S. government collusion with a foreign actor. Cybereason has stated that they will soon conduct another 2020 election simulation with federal authorities as the election draws closer.

Given how the simulation played out, it is quite clear that it is a far cry from the actual scope of alleged foreign meddling during the 2016 election, meddling which was allegedly the motivation behind Operation Blackout. Indeed, the extent of Russian interference in the 2016 election amounted to $100,000 worth of Facebook ads over three years, 25 percent of which were never seen by the public, and claims that Russian state actors were responsible for leaking emails from the then-Democratic presidential nominee Hillary Clinton and the Democratic National Committee (DNC). In contrast, Operation Blackout went well beyond any observed or even imagined “foreign meddling” related to the 2016 election and appears more like a terror attack targeting elections than a covert means of manipulating their outcomes.

Several mainstream publications have covered Operation Blackout but have failed to note that the company behind them has deep ties to foreign intelligence outfits and governments with a documented history of manipulating elections around the world, including the 2016 U.S. election.

Quartz framed the exercise as important for “preparing for any and all possibilities in 2020,” which “has become an urgent task for US regulators and law enforcement.” Similarly, CyberScoop treated the simulation as a “sophisticated exercise to help secure the vote.” Other articles took the same stance.

A series of simulations

In the weeks after the Washington area election simulation, Cybereason repeated the same exercise in London, this time with members of the U.K. Intelligence agency GCHQ, the U.K. Foreign Office and the Metropolitan Police. The law enforcement team in the exercise, which included the U.K. officials, was headed by a Cybereason employee — Alessandro Telami, who formerly worked for the NATO Communications and Information Agency (NCI). Like the prior simulation conducted in the U.S., Cybereason did not appear to charge U.K. government agencies for their participation in the exercise.

Cybereason has — with little fanfare — been promoting extreme election day scenarios since before the 2016 election. Cybereason’s first mention of these tactics appears in a September 2016 blog post written by the company’s CEO and former Israeli government contractor Lior Div — a former leader of offensive cyberattacks for the IDF’s elite Unit 8200 and a former development group leader at the controversial Israeli-American corporation Amdocs.

Div wrote that hackers may target U.S. elections by “breaking into the computers that operate traffic lighting systems and interfering with the ones around polling stations to create massive traffic jams, “hacking polling companies,” and “targeting live election coverage on cable or network television stations.” A follow-up post by Div from October 2016 added further meddling tactics such as “cut power to polling stations” and “mess with a voter’s mind.”

Two years later, Cybereason held its first election meddling simulation, touting many of these same tactics, in Boston. The simulation focused on local and state responses to such attacks and saw Boston-based Cybereason invite Massachusetts state and local officials as well as Boston police officers and a former police commissioner to participate. “Twitter accounts spreading fake news,” “turning off a city’s closed-circuit cameras,” “hacking self-driving cars and navigation apps,” and “targeting a city’s 911 call center with a DDoS attack” were all used in the simulation, which saw Cybereason’s “ethical hackers” attempt to disrupt election day. Media coverage of the simulation at the time framed it as a necessary preparation for countering “Russian” threats to U.S. democracy. Like the more recent simulations, the mock election was canceled and voter confidence in the electoral process was devastated.

This past July, Cybereason conducted a similar simulation with officials from the FBI, DHS and the Secret Service for the first time. That simulation, which also took place in Boston, was remarkably similar to that which occurred in November. One intelligence officer from DHS who participated in the July exercise called the simulation “very realistic.” Another claimed that the simulation was a way of applying “lessons learned from 9/11” by preventing the government’s “failure of imagination” that officials have long alleged was the reason for the government’s inability to thwart the September 11 attacks. Notably, The U.S. military simulated a scenario in which terrorists flew airplanes into the Pentagon less than a year before the September 11 attacks.

In this undated photo from Cybereason’s website, a faux ballot box is shown in the company’s Boston office.

Participating government officials, Cybereason staff and the media have consistently touted the importance of these simulations in securing elections against extreme threats, threats which — to date — have never materialized due to the efforts of foreign or domestic actors on election day. After all, these exercises are only simulations of possibilities and, even if those possibilities seem implausible or unlikely, it is important to be prepared for any eventuality.

But what if the very figures behind these simulations and the investors that fund them had a history of election meddling themselves? Cybereason’s deep ties to Israeli intelligence, which has a documented history of aggressive espionage and election meddling in the United States and in several nations worldwide, warrant a deeper look into the firms’ possible motives and the myriad conflicts of interest that arise in giving it such unprecedented access to the heart of America’s democracy.

What Does Cybereason Do?

Cybereason’s interest in terror events during elections seems out of place given that the company itself is focused on selling technological cybersecurity solutions like antivirus and ransomware protection software, software products that would be minimally effective against the type of threat encountered in the company’s election day simulations.

Cybereason is often described as offering a comprehensive technological defense platform to companies and governments that combines a next-generation antivirus with endpoint detection and response (EDR), which enables the company to respond to typical viruses and malware as well as sophisticated, complex attacks. The platform makes heavy use of artificial intelligence (AI) and cloud computing and specifically uses Amazon Web Services (AWS), which is used by a litany of private companies as well as U.S. intelligence agencies.

While many cybersecurity platforms combine antivirus and antimalware with EDR and AI, Cybereason claims that their military background is what sets them apart. They have marketed themselves as offering “a combination of military-acquired skills and cloud-powered machine learning to endpoint detection and response” and actively cite the fact that most of their employees are former members of Unit 8200 as proof that they are “applying the military’s perspective on cybersecurity to enterprise security.”

In 2018, Cybereason’s former senior director for intelligence, Ross Rustici, described the platform to CBR as follows:

Our founders are ex-Israeli intelligence who worked on the offensive side. They basically wanted to build a tool that would catch themselves. We follow the kill chain model started by Lockheed Martin [now a major investor in Cybereason] and try to interrupt every stage once an intruder’s inside a target network.”

Lior Div, Cybereason’s CEO described the difference between his company’s platform and that of past market leaders in this way to Forbes :

The old guard of antivirus companies like Symantec and McAfee would install something to block endpoints and you needed to do a lot [of monitoring] to make sure you weren’t under attack. We came with a different approach to see the whole enterprise and leverage AI to be able to fully autonomously identify where attackers are and what they’re doing.”

Thus, in looking at Cybereason’s product and its marketing objectively, it seems that the only innovative component of the company’s system is the large number of ex-military intelligence officers it employs and its tweaking of a previously developed and automated model for threat engagement, elimination and prevention.

Instead, Cybereason’s success seems to owe to its prominent connections to the private and public sectors, especially in Israel, and its investors who have funneled millions into the company’s operations, allowing them to expand rapidly and quickly claim a dominant position in emerging technology markets, such as the Internet of Things (IoT) and advanced healthcare systems.

A screenshot from a live stream of a 2019 Cybereason cyber-attack simulation

Their considerable funding from the likes of Lockheed Martin and Softbank, among others, has also helped them to expand their international presence from the U.S., Europe and Israel into Asia and Latin America, among other places. Notably, while Cybereason is open about their investors and how much funding they receive from each, they are extremely secretive about their financial performance as a company and decline to disclose their annual revenue, among other indicators. The significance of Cybereason’s main investors in the context of the company’s election simulations and its ties to Israeli and U.S. intelligence (the focus of this article) will be discussed in Part 2.

Cybereason also includes a security research arm called Nocturnus, currently headed by a former Unit 8200 officer. Nocturnus will be explored further in Part 2 of this series, as it essentially functions as a private intelligence company in the tech sector and has been behind several recent claims that have attributed alleged hacks to state actors, namely China and North Korea. For now, it is important to keep in mind that Nocturnus utilizes Cybereason’s “global network of millions of endpoints” for its intelligence gathering and research, meaning the endpoints of every device to which Cybereason’s software has access.

Given what Cybereason provides as a company, their interest in offering election simulations to government officials free of charge seems odd. Indeed, in the simulations hosted by Cybereason for U.S. officials, there is little opportunity for the company to market their software products given that the simulation did not involve electronic voting infrastructure at all and, instead, the malevolent actors used deep fakes, disinformation and terror attacks to accomplish their goals. Why then would this company be so interested in gauging the response of U.S. law enforcement to such crises on election day if there is no sales pitch to be made? While some may argue that these simulations are an altruistic effort by the company, an investigation into the company’s founders and the company’s ties to intelligence agencies suggests that this is unlikely to be the case.

The People Behind Cybereason

Cybereason was created in 2012 by three Israelis, all of whom served together as officers in the Israel Defense Force’s elite technological and signals intelligence unit, which is most often referred to as Unit 8200. Unit 8200 has been the subject of several MintPress investigative reports over the past year focusing on its ties to the tech industry.

Unit 8200 is an elite unit of the Israeli Intelligence corps that is part of the IDF’s Directorate of Military Intelligence and is involved mainly in signal intelligence, surveillance, cyberwarfare and code decryption. It is also well-known for its surveillance of Palestinian civilians and for using intercepted communications as blackmail in order to procure informants among Palestinians living under occupation in the West Bank.

The unit is frequently described as the Israeli equivalent of the NSA and Peter Roberts, a senior research fellow at Britain’s Royal United Services Institute, characterized the unit in an interview with the Financial Times as “probably the foremost technical intelligence agency in the world and stand[ing] on a par with the NSA in everything except scale.” Notably, the NSA and Unit 8200 have collaborated on numerous projects, most infamously on the Stuxnet virus as well as the Duqu malware.

Given the secrecy of the work conducted by Unit 8200, it is hard to know exactly what Cybereason’s co-founders did while serving in the controversial unit, however, a brief biography of the company’s current CEO and co-founder Lior Div states that “Div served as a commander [in Unit 8200] and carried out some of the world’s largest cyber offensive campaigns against nations and cybercrime groups. For his achievements, he received the Medal of Honor, the highest honor bestowed upon Unit 8200 members (emphasis added).”

Lior Div speaks during the Cyber Week conference in Tel Aviv, Israel, June 25, 2019. Corinna Kern | Reuters

After having served in leadership positions within Unit 8200, all three Cybereason co-founders went on to work for private Israel-based tech or telecom companies with a history of aggressive espionage against the U.S. government.

Cybereason co-founders Yonathan Striem Amit (Cybereason’s Chief Technology Officer) and Yossi Naar (Cybereason Chief Visionary Officer) both worked for Gita Technologies shortly before founding Cybereason with fellow Unit 8200 alumnus Lior Div. Gita, according to public records, is a subsidiary of Verint Systems, formerly known as Comverse Infosys.

Verint/Comverse was initially funded by the Israeli government and was founded by Jacob “Kobi” Alexander, a former Israeli intelligence officer who was wanted by the FBI on nearly three dozen charges of fraud, theft, lying, bribery, money laundering and other crimes for over a decade until he was finally extradited to the United States and pled guilty to some of those charges in 2016.

Despite its history of corruption and foreign intelligence connections, Verint/Comverse was hired by the National Security Agency (NSA) to create backdoors into all the major U.S. telecommunications systems and major tech companies, including Facebook, Microsoft and Google. An article on Verint’s access to U.S. tech infrastructure in Wired noted the following about Verint:

In a rare and candid admission to Forbes, Retired Brig. Gen. Hanan Gefen, a former commander of the highly secret Unit 8200, Israel’s NSA, noted his former organization’s influence on Comverse, which owns Verint, as well as other Israeli companies that dominate the U.S. eavesdropping and surveillance market. ‘Take NICE, Comverse and Check Point for example, three of the largest high-tech companies, which were all directly influenced by 8200 technology,’ said Gefen.”

Federal agents have reported systemic breaches at the Department of Justice, FBI, DEA, the State Department, and the White House going all the way back to the 1990s, breaches they claimed could all be traced back to two companies: Comverse/Verint and Amdocs. Cybereason’s other co-founder and current CEO, Lior Div, used to work for Amdocs as the company’s development group leader.

After leaving Amdocs, Div founded a company called Alfatech. Alfatech publicly claims to specialize in “professional Head Hunting and Quality Recruiting services,” yet it has no functional website. Despite its publicly stated mission statement, Israeli media reports that mention Alfatech describe it as “a cybersecurity services company for Israeli government agencies.” No reason for the obvious disconnect between the company’s own claims and those made by the media has been given.

Div left Alfatech in 2012 to found Cybereason alongside Striem-Amit and Naar. According to an interview that Div gave to TechCrunch earlier this year, he stated that his work at Cybereason is “the continuation of the six years of training and service he spent working with the Israeli army’s 8200 Unit (emphasis added).” Div was a high-level commander in Unit 8200 and “carried out some of the world’s largest cyber offensive campaigns against nations and cybercrime groups” during his time there. TechCrunch noted that “After his time in the military, Div worked for the Israeli government as a private contractor reverse-engineering hacking operations,” an apparent reference to his work at Alfatech.

Even deeper ties to intelligence

Not only do Cybereason’s own co-founders have considerable links to the Israeli government, Israeli intelligence and intelligence-connected private companies, but it also appears that the work of Cybereason itself is directly involved with Israeli intelligence.

The company periodically publishes reports by a secretive faction of the company called the Cybereason Intelligence Group or CIG. The only description of CIG’s composition available on Cybereason’s website is as follows:

The Cybereason Intelligence Group was formed with the unique mission of providing context to the most sophisticated threat actors. The group’s members include experts in cyber security and international security from various government agencies, including the Israel Defense Forces’ Unit 8200, which is dedicated to conducting offensive cyber operations. Their primary purpose is to examine and explain the Who and the Why behind cyber attacks, so that companies and individuals can better protect themselves (emphasis added).”

It is unclear how many members comprise CIG and if its members are employees of only Israeli government agencies, or if it includes officials from the U.S. government/Intelligence or other governments. However, what is clear is that it is composed entirely of government officials, which include active members of Unit 8200, and that the purpose of the group is to issue reports that place blame for cyberattacks on state and non-state actors. Perhaps unsurprisingly, the vast majority of CIG’s reports published by Cybereason focus exclusively on Russia and China. When discussing nation-state cyber threats in general, Cybereason’s website only mentions China, North Korea, Iran and Russia by name, all of which are incidentally rival states of the U.S. government. Notably, Israel’s government — listed as a “leading espionage threat” to U.S. financial institutions and federal agencies by the U.S.’ NSA — is absent from Cybereason’s discussions of state actors.

In addition to CIG, Cybereason’s cybersecurity research arm, Nocturnus, includes several Unit 8200 alumni and former Israeli military intelligence and government contractors and has assigned blame to state actors for several recent hacks. It also has claimed to have discovered more such hacks but has declined to publicly disclose them due to the “sensitive” nature of the hacks and companies affected.

Other hints at Cybereason’s connections to state intelligence can be seen in its advisory board. Robert Bigman, the former Chief Information Security Officer (CISO) for the Central Intelligence Agency (CIA) who oversaw the spy agency’s “commercial partner engagement” program (i.e. alliances with the private tech sector), is a key figure on the company’s advisory board. According to his biography, Bigman “ contributed to almost every Intelligence Community information security policy/technical standard and has provided numerous briefings to the National Security Council, Congress and presidential commissions. In recognition of his expertise and contributions, Bigman has received numerous CIA and Director of National Intelligence Awards.”

Cybereason’s leadership team features a who’s who of Israeli and US intel officials

Unmentioned in his biography published on his own website, or on Cybereason’s website, is that Bigman is also an advisor to another Israeli tech company, Sepio Systems. The chairman of Sepio, Tamir Pardo, is a self-described “leader” in the cybersecurity industry and former director of Israel’s Mossad. Sepio is funded by a venture capital firm founded by the creators of the controversial Israeli spy tech company NSO Group, which has received a slew of negative press coverage after its software was sold to several governments who used it to spy on dissidents and human rights activists.

In addition to Bigman, Cybereason’s advisory board includes Pinchas Buchris, the former head of Unit 8200 and former managing director of the IDF. Not unlike Bigman, Buchris’ bio fails to mention that he sits on the board of directors of Carbyne911, alongside former Israeli Prime Minister Ehud Barak and Nicole Junkerman, both well-known associates of intelligence-linked sex trafficker Jeffery Epstein. Epstein himself poured at least $1 million into Carbyne, an Israeli company that seeks to run all 911 call centers in the U.S. at the national level and has close ties to the Trump administration. More information on Carbyne and its ties to Israeli and U.S. intelligence as well as its connection to coming pre-crime policies to be enacted in 2020 by the U.S. Department of Justice can be found in this MintPress report from earlier this year. Given that Cybereason’s election day simulations involve the simulated collapse of 911 call center functionality, Buchris’ ties to both Cybereason and Carbyne911 are notable.

Another notable Cybereason advisor is the former commissioner of the Boston Police Department, Edward Davis. Davis heavily promoted Cybereason’s disturbing election day simulations and even participated directly in one of them. He was also police commissioner of the Boston PD at the time of the Boston Marathon bombing and oversaw the near-martial law conditions imposed on the city during the manhunt for the alleged perpetrators of that bombing (who themselves had a rather odd relationship with the FBI). This is notable given that Cybereason’s election day simulations ended with martial law being imposed on the fictional city used in the exercise

Cybereason also has several advisors who hold top positions at powerful U.S. companies that are also — incidentally — U.S. government contractors. These include the Vice President Security and Privacy Engineering at Google, Deputy Chief Information Security Officer (CISO) of Lockheed Martin and CISO at Motorola. Both Motorola and Lockheed Martin use Cybereason’s software and the latter is also a major investor in the company. Furthermore, as will be explained in Part 2 of this article, Lockheed Martin has used its privileged position as the top private contractor to the U.S. government to promote the widespread use of Cybereason’s software among U.S. government agencies, including the Pentagon.

Much more than a cybersecurity company

Given Cybereason’s deep and enduring ties to Israeli intelligence and its growing connections to the U.S. military and U.S. intelligence through its hiring of top CIA officials and partnership with Lockheed Martin, it’s worth asking if these disturbing election simulations could serve an ulterior purpose and, if so, who would benefit. While some aspects regarding clear conflicts of interest in relation to the 2020 election and Cybereason will be discussed in Part 2, this article will conclude by examining the possibility that Cybereason is acting as a front company for Israeli intelligence based on that country’s history of targeting the U.S. through private tech companies and on Cybereason’s own questionable characteristics.

First, Cybereason as a company presents several oddities. Its co-founder and CEO openly states that he views Cybereason’s work as a continuation of his service for Israeli military intelligence. In addition, he and the company’s other founders — after they left Unit 8200 — went to work for Israeli tech companies that have been known to spy on U.S. federal agencies for the Israeli government.

In addition, as previously mentioned, Cybereason has sought out former intelligence officers from the CIA and Unit 8200 for its management team and board of advisors. The company itself also functions as a private intelligence firm through CIG and Nocturnus, both of which employ former and current intelligence officials, and have made significant claims regarding the attribution of specific cybercrimes to state actors. It appears highly likely that these claims are influenced by those same intelligence agencies that boast close ties to Cybereason. Furthermore, Nocturnus’ access to Cybereason’s “global” network of endpoints makes it a private intelligence gathering company as it gathers and analyzes data from all devices that run Cybereason’s software.

Yet, even more telling is the fact that Israel’s government has an open policy of outsourcing intelligence-related activity to the private sector, specifically the country’s tech sector. As MintPress previously reported, this trend was first publicly acknowledged by Israel in 2012, the same year that Cybereason was founded by former Israeli military intelligence officers then-working for private contractors for Israel’s government (Alfatech) or private companies known to have ties to Israeli intelligence, including Verint/Comverse.

As noted in an article on the phenomenon from the Israeli media outlet The Calcalist:

Israel is siphoning cyber-related activities from its national defense apparatus to privately held companies. Since 2012, cyber-related and intelligence projects that were previously carried out in-house in the Israeli military and Israel’s main intelligence arms are transferred to companies that in some cases were built for this exact purpose.”

Mention of Israel’s policy of blurring the lines between the public and private sector when it comes to cybersecurity and intelligence gathering has even garnered the occasional mention in mainstream media, such as in a 2018 Foreign Policy article:

Israel, for one, has chosen to combat the problem on a statewide level by linking the public and private spheres, sometimes literally. The country’s cyberhub in the southern city of Beersheba is home not just to the Israeli military’s new technology campus but also to a high-tech corporate park, Ben-Gurion University of the Negev’s cyber-research center, and the Israel National Cyber Directorate, which reports directly to the prime minister’s office. “There’s a bridge between them—physically,” [Gabriel] Avner, the security consultant, said by way of emphasis.”

Notably, a year before Lockheed Martin invested in and partnered with Cybereason, the U.S.-based weapons company opened an office at the IDF’s public-private cyber hub in Beersheba. At the inauguration ceremony for Lockheed’s Beersheba office, company CEO Marilyn Hewson stated:

The consolidation of IDF Technical Units to new bases in the Negev Desert region is an important transformation of Israel’s information technology capability… By locating our new office in the capital of the Negev we are well positioned to work closely with our Israeli partners and stand ready to: accelerate project execution, reduce program risk and share our technical expertise by training and developing in-country talent.”

Lockheed Martin CEO Marillyn Hewson, inaugurates the Lockheed Martin Israel Demonstration Center in Tel Aviv.

Further evidence of this public-private merger can be seen in how two of Israel’s intelligence agencies, Shin Bet and Mossad, have both recently launched a private start-up accelerator and a hi-tech venture capital fund, respectively. The Shin Bet’s accelerator, called Xcelerator, usually makes its investments in private companies public, while Mossad’s Libertad Ventures refuses to disclose the tech companies and start-ups in which it invests. Former directors of both Mossad and Shin Bet have described these intelligence agencies themselves of being like start-ups, clearly showing how much the line between intelligence apparatus and private company has been blurred within the context of Israel’s tech industry and specifically its cybersecurity industry.

The advantages of outsourcing cyber intelligence operations to private companies have been noted by several analysts, including Sasha Romanosky, a former Cyber Policy Advisor at the Department of Defense and current analyst at RAND Corporation. Romanosky noted in 2017 that private intelligence and cybersecurity firms “do not necessarily face the same constraints or potential repercussions” as their public counterparts when it comes to designating blame for a cyberattack, for example. In addition, outsourcing intelligence objectives or missions to private companies provides a government with plausible deniability if that private company’s espionage-related activities or ties are made public.

Furthermore, Israeli intelligence has a long history of using private tech companies for the purposes of espionage, including against the United States. While Amdocs and Verint/Comverse were already mentioned as having been used by the state of Israel in this way, other private companies have also been used to market software backdoored by Israeli intelligence to countries around the world, both within the U.S. and elsewhere. The most well-known example of this is arguably the mass sale and distribution of the bugged PROMIS software, which was discussed at length in several recent MintPress News reports.

Given Cybereason’s ties to intelligence and Israeli intelligence’s history of placing backdoors in its software, it is worth pointing out that Cybereason’s main product, its antivirus and network defense platform, offers a major espionage opportunity. Blake Darché, a former N.S.A. operator, told the New York Times in 2017 that antivirus programs, which Cybereason’s defense platform includes, is “the ultimate backdoor,” adding that it “provides consistent, reliable and remote access that can be used for any purpose, from launching a destructive attack to conducting espionage on thousands or even millions of users.” Whether a company like Cybereason would use its software for such ends is unknown, though the company does acknowledge that its cybersecurity arm does gather intelligence from all systems that use the company’s software and currently employs and works with active duty Unit 8200 officials through CIG. This is notable because Unit 8200’s main task for Israeli military intelligence is signals intelligence, i.e. surveillance.

More of a mystery, however, is why a company like Cybereason is so interested in U.S. election security, particularly when Israeli intelligence and Israeli intelligence-connected private companies have been caught in recent years meddling in elections around the world, including the United States.

Whitney Webb is a MintPress News journalist based in Chile. She has contributed to several independent media outlets including Global Research, EcoWatch, the Ron Paul Institute and 21st Century Wire, among others. She has made several radio and television appearances and is the 2019 winner of the Serena Shim Award for Uncompromised Integrity in Journalism.

January 4, 2020 Posted by | Civil Liberties, Deception, False Flag Terrorism | , , , , , , , , , , , | 4 Comments

Israel tech ‘facilitating press freedom abuses around the world’

MEMO | August 23, 2019

Israel has been charged with enabling attacks on media freedom around the world by the Committee to Protect Journalists (CPJ), after export controls on surveillance technology were eased.

Citing a Reuters report, CPJ noted that Israeli officials have confirmed that – thanks to a rule change by the Defence Ministry – Israeli surveillance companies “are able to obtain exemptions on marketing license for the sale of some products to certain countries”.

According to Reuters, “the change took effect about a year ago”.

CPJ stated that:

Israeli-exported technology undermines press freedom globally by allowing authorities to track reporters and potentially identify their sources.

One example given by the press freedom watchdog was the Mexican government deploying Pegasus malware, sold by Israeli firm NSO Group, to infiltrate the mobile phones “of at least nine journalists”.

Pegasus was also used by Saudi Arabia to spy on the associates of journalist Jamal Khashoggi before he was murdered in the kingdom’s consulate in Turkey in October last year.

“Over and over again, we see Israeli technology facilitating press freedom abuses around the world, by lending a hand to governments that want to track and monitor reporters,” said CPJ Advocacy Director Courtney Radsch in Washington, D.C.

“An unregulated surveillance industry is bad for press freedom. The Israeli government should heed the UN Special Rapporteur’s call to respect human rights in its export policies.”

UN Special Rapporteur for Freedom of Expression David Kaye described Israel as “a major player in the surveillance technology market” in a June 2019 report which urged “a global moratorium on such exports until a human rights compliant regime was put in place”.

August 23, 2019 Posted by | Civil Liberties, Full Spectrum Dominance | , , , , | Leave a comment