A report released by The Citizen Lab at the University of Toronto this month found that multiple Ethiopian government agencies used spyware to monitor journalists, activists, and lawyers. One of the report’s authors, Bill Marczak, told Motherboard that he too was targeted.
According to the report, the government used commercially available spyware to target more than 40 dissidents living in 20 different countries including the U.S. and the U.K. Government attackers would send targets an email with a link to a hostile website. Once on the site, a pop-up would appear prompting the viewer to install an Adobe Flash update. If clicked on, the spyware would then infect the viewer’s computer without their knowledge. From there, the government could monitor all of their online activity.
Among those targeted were dissidents from Ethiopia’s Oromia region—one of Ethiopia’s nine ethnically based regional states. The members of this ethnic group have been at the center of a large regional conflict that has grown worse in recent months. Last week, Ethiopia’s government reportedly blocked Oromian access to social media sites following a series of protests that left 16 people dead.
Three days later on Decembeer 18, Reuters reported that ethnic Somalis in the Daro Lebu and Hawi Gudina districts attacked and killed 29 ethnic Oromos. The Oromos then retaliated and killed 32 Somalis. While this regional conflict has persisted for years the new report shows that the Ethiopian government is taking measures to expand its reach beyond its own borders.
To conduct its international spying campaign, the Ethiopian government reportedly used a product called PC surveillance System (PSS), a spyware software developed by Israel-based cybersecurity firm Cyberbit.
Ethiopia is just one of several nations bidding to use this software. The Citizen Lab researchers tracked Cyberbit servers and found IP addresses associated with The Royal Thai Army, Uzbekistan’s National Security Service, Zambia’s Financial Intelligence, and the Philippines President’s Malacanang Palace. The findings highlight the relative ease with which authoritarian regimes can access spyware technologies and suggests that companies like Cyberbt are willing to provide access.
This is not the first time Ethiopia has been caught spying on dissidents. In 2015, the government was found to have used Hacking Team offensive software to monitor and disrupt journalists working for the Ethiopian Satellite Television and Radio based in Alexandria, Virginia.
According to Human Rights Watch, Cyberbit is the third vendor Ethiopia has utilized since 2013. Human Rights Watch senior internet researcher Cynthia Wong said that this latest series of attacks highlights Ethiopia’s commitment on silencing dissent.
“The Ethiopian government has doubled down on its efforts to spy on its critics,” she said. “These attacks threaten freedom of expression and privacy and the digital security of the people affected.”
LIMA CHARLIE NEWS, with Mack DeGeurin
Lima Charlie provides global news, insight & analysis by military veterans and service members Worldwide.
For up-to-date news, please follow us on twitter at @LimaCharlieNews
In case you missed it: