Deutsch
Español
Français
Italiano
Nederlands
Polski
Português
Русский
Türkçe
Svenska
Chinese
MagyarCommercial spyware is out of control
Countries run by autocratic governments are usually off the map from the technological point of view, but sometimes they hold quite a few surprises. The fact that North Korea is pursuing intercontinental missiles with nuclear warheads--and they seem to be quite successful at it--while people are starving seems less impressive than Ethiopia's recent achievements in the field of cyber warfare that have become known to the public this week.
According to a report by The Citizen Lab, the attacks they identified were carried out by the Ethiopian specialized services using a product by Cyberbit, a wholly-owned subsidiary of Israel's international defense electronics company Elbit Systems. This product has been recently renamed to PC 360 but was previously known as PC Surveillance System (PSS).
Cutting a longer (and very interesting) story short, it is enough to say that a list of chosen individuals based in many areas of the world, including the United States and Canada, received suspicious emails throughout 2016 and 2017. These emails contained a malicious link that would allow the remote attackers to monitor the activity of their targets, even by activating the camera and microphone of their devices.
When contacted by The Citizen Lab, Cyberbit replied by saying they only sell such products "to sovereign governmental authorities and law enforcement agencies," also adding that "Such governmental authorities and law enforcement agencies are responsible to ensure that they are legally authorized to use the products in their jurisdictions." However, they did not confirm that the Ethiopian government is one of Cyberbit's clients, only saying that "any transaction made by it was approved by the competent authorities."
Ethiopia is one of the poorest countries in the world, less than 5 percent of its population having access to the internet and "free elections" or "human rights" being nothing more than meaningless words. A sad proof of this statement has been reported back in 2016, when the government's forces killed 100 peaceful protestors by direct gunfire. This doesn't seem to be a problem for Cyberbit, so when North Korea calls, they might be able to purchase some interesting malware as well. As long as the transaction will be "approved by the competent authorities," why not?
Source(s)
