This is a blog dedicated to a personal interpretation of political news of the day. I attempt to be as knowledgeable as possible before commenting and committing my thoughts to a day's communication.

Monday, March 12, 2018

Turkey's Spyware Techniques

"Imagine that  your device could be silently commandeered and used to spy on you simply because you surfed the web. No need for anyone to have possession of it and physically install something. No need to trick you into downloading spyware, clicking on a malicious link, or entering your credentials into a phoney login page."
"Imagine no more."
"In Egypt, [Sandvine] devices were being used to block dozens of human rights, political, and news websites ... In Turkey, these devices were being used to block websites including Wikipedia, the website of the Dutch Broadcast Foundation [NOS], and the website of the Kurdistan Workers' Party [PKK]."
"[Nation states using] network injection [to spy on their citizens] has long been the stuff of legends."
Ron Deibert, director, The Citizen Lab, Munk School, University of Toronto
Photograph: Reuters

"Sandvine is deeply committed to ethical technology development and we hold our business processes and behaviour to the highest standards."
"We institute strong safeguards to ensure adherence to our principles of social responsibility, human rights, and privacy rights."
Sandvine Incorporated 

Sandvine Incorporated was lauded by the premier of Ontario who named it as a "true Ontario success story", in 2016. And a year later it was acquired by Francisco Partners and Procera Networks Inc. for $562-million. The former is an American private equity firm and the latter a networking equipment company operating out of California, selling Network Intelligence solutions based on deep packet inspection (DPI) technology.

Now it seems Citizen Lab has identified Sandvine products being used to hack Internet users' devices along the Turkey-Syrian border. Its purpose appears to be to install malicious spyware. Citizen Lab raises the issue as a "significant" human rights concern enabling the Turkish government in its mission to crack down on internal dissent and furthering its conflict with Kurdish militias in northern Syria.

The spying, according to The Citizen Lab likely was being done "by nation-states or (Internet Service Providers)", on the Turk Telekom network with ties to Turkish President Recep Tayyip Erdogan's ruling Justice and Development Party, rabidly Islamist. The report issued by Citizen Lab outlines a scenario whereby Internet users in Turkey and Syria downloading software like Avast Antivirus and CCleaner are redirected to malicious versions of the software, including spyware.
 Grooming the next generation for martyrdom: Turkey's President Recep Tayyip Erdogan salutes with children in commando uniforms. (AP Photo/Burhan Ozbilici)
This is a technique identified as "packet injection", used to contaminate the devices of people accessing Download.com, known to offer a variety of different download applications. Sandvine states in response, that they have initiated an internal investigation even as it criticizes the report as "technically inaccurate and intentionally misleading", without bothering to detail what exactly it is they take issue with.

On Telecom Egypt's networks, according to Citizen Lab, the Sandvine technology found its purpose to redirect Internet users to advertisements and cryptocurrency mining schemes, obviously related to economic issues, though the report goes on to suggest spyware may have been deployed, also. The Sandvine PacketLogic products were designed with legitimate Internet filtering in mind as well as network management uses.

However, Internet filtering devices can be used as well by repressive regimes for the purpose of censoring the Internet, blocking access to critical journalism, political opponents, or social media. Just down Turkey's alley. Evidence in fact of that type of censorship was found by The Citizen Lab in both Turkey and Egypt; in the former completely nefarious in nature, the latter much less so; more manipulative in purpose.

This is not, it would appear, the first time that Procera has been linked with Internet censorship and surveillance in Turkey. Forbes reported a group of Procera engineers had left the company in 2016, protesting a deal to provide surveillance hardware to Turk Telekom.

Turkey surveillance operation in five provinces with Sandvine tech
Citizen Lab says PC surveillance was taking place across five provinces in Turkey.  Map: Citizen Lab

Labels: , ,


Post a Comment

<< Home

() Follow @rheytah Tweet