How DISS Bugs Your Phones – US Report
- Circles’ Pegasus spy software snoops on calls and text messages
- SS7 system intercepts networks and locations for DISS
- Spy software can hack your Facebook and WhatsApp
- DISS accused of snooping on phones in 2019 elections
- Software is used by only 25 countries worldwide
- UN condemns human rights violations
LETLHOGILE MPUANG
Botswana’s Directorate of Intelligence and Security Services (DISS) has been listed as one of the few national intelligence agencies in the world using Israeli hackers Circles spyware that is used to spy on citizens without hacking the phone itself, The Botswana Gazette has established.
Although DISS spokesman Edward Robert has neither denied nor confirmed the use of the Circles systems, saying only that they do not share internal operations with third parties, the spyware are believed to be used by the DISS to snoop on texts and calls and to locate private individuals. Botswana is said to be among only 25 countries worldwide using the spyware. These spyware are sold only to nation-states, the according to the US report.
“We identified two Circles systems in Botswana: an unnamed system and a system named Bentley Boulevard that appears to be operated by Botswana’s Directorate of Intelligence and Security Service (DISS), as TLS certificate used on the Check Point firewalls were signed by a self-signed TLS certificate for “CN=sid.org.bw” which is a domain name used by the Directorate of Intelligence and Security Service. The DISS is sometimes referred to as the ‘Directorate of Intelligence and Security’ (DIS),” reads an investigation report released by a Canadian investigating laboratory called the Citizen Lab, late last year.
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs & Public Policy, University of Toronto, focusing on research, development, and high-level strategic policy and legal engagement at the intersection of information and communication technologies, human rights and global security.
The report, which is titled “Running in Circles: Uncovering the Clients of Cyber espionage Firm Circles,” also states: “‘Circles’ is a surveillance firm that reportedly exploits weaknesses in the global mobile phone system to snoop on calls, texts, and the location of phones around the globe. Circles is affiliated with NSO Group, which develops the often-abused Pegasus spyware.”
Research done by this publication shows that Pegasus spyware enable remote surveillance of smartphones without the user’s knowledge or permission. Once Pegasus is installed, it targets the user’s private data, including passwords, contact lists, calendar events, text messages and live voice calls from popular mobile messaging apps. They also use Signalling System 7 (SS7), which is a protocol suite developed in 1975 for exchanging information and routing phone calls between different wireline telecommunications companies, says the report.
Because of SS7’s lack of authentication, any attacker that interconnects with its network (such as an intelligence agency, a cyber criminal purchasing SS7 access, or a surveillance firm running a fake phone company) can send commands to a subscriber’s “home network” falsely indicating that the subscriber is roaming. These commands allow the attacker to track the victim’s location, and intercept voice calls and SMS text messages. Such capabilities could also be used to intercept codes used for two-factor authentication sent via SMS – WhatsApp.
It was reported in May 2019 that WhatsApp identified and shortly thereafter fixed a vulnerability that allowed attackers to inject commercial spyware onto phones simply by ringing the number of a target’s device in at least 20 countries across the globe, ranging from Africa, Asia, Europe, the Middle East and North America. The attack on WhatsApp was linked to the Pegasus spyware, which is developed by the same developers of the Circles spyware used by the DISS.
“After the incident, Citizen Lab volunteered to help WhatsApp identify cases where the suspected targets of this attack were members of civil society, such as human rights defenders and journalists,” states a statement released by Citizen Lab in May 2019. Australia, Belgium, Botswana, Chile, Denmark, Ecuador, El Salvador, Estonia, Equatorial Guinea, Guatemala, Honduras, Indonesia, Israel, Kenya, Malaysia, Mexico, Morocco, Nigeria, Peru, Serbia, Thailand, the United Arab Emirates (UAE), Vietnam, Zambia and Zimbabwe are countries that are believed to be Circles customers.Surveillance Abuses in Botswana
There are multiple reports of alleged abuse of surveillance equipment by the DISS. Although many of the reports were associated to former president Ian Khama’s regime, some still believe President Mokgweetsi Masisi’s administration has not stopped the snooping on citizens. Ahead of the 2019 elections, opposition parties often complained that DISS was hacking their phones and recording their conversations. Though these allegations are yet to be proven, it still remains a mystery how secret conversations between the Umbrella for Democratic Change (UDC) president Duma Boko and his financer Zunaid Moti were laid, as well as audios of an alleged secret meeting between former high profile Botswana Democratic Party (BDP) members and South African businesswoman Bridgette Motsepe at Victoria Falls. In a 2019 report on the surveillance industry, the UN Special Rapporteur on the Promotion and Protection of the Right to Freedom of Opinion and Expression, David Kaye, called for “an immediate moratorium on the global sale and transfer of private surveillance technology until rigorous human rights safeguards are put in place to regulate such practices and guarantee that governments and non-state actors use the tools in legitimate ways”.