by Magy Banhaim
Introduction
The “Digital Citizenship” association has taken note of the AI report published on June 22, 2020 relating to allegations concerning attacks on Omar Radi’s phone.
The association consulted several experts
- Citizen Lab (University of Toronto Laboratory): contacted on July 22, relaunched on August 04, this organization did not respond to our request.
- Homodigitalis (Greek NGO specializing in digital rights): contacted on August 04, our request was not answered.
- M.O. Jones (journalist and social media specialist): Contacted on twitter on July 16, he did not respond to our request.
- Access Now (NGO specialized in the digital protection of human rights defenders): This NGO replied: “Unfortunately this type of requests is not something our Helpline can assist you with as we don’t have the needed experience with state sponsored malware to provide accurate answers on your questions “.
- Tsukerman (Human rights defender, lawyer and researcher in digital rights): Her expertise is set out below.
Expertise
Amnesty International produced findings from its investigations which appear to pointed to repeated penetrations of O R’s phone.
However, several factors call these findings into question:
First, no independent examination of this device has been conducted. Amnesty International expects the world to rely on its technical expertise but its own record calls this into question.
For instance, NY Times has withdrawn a Reuters article containing this report. It has apparently sent a known hacker to correspond with the Moroccan authorities in light of its investigation. A recent Tel Aviv court decision related to Amnesty complaint about NSO likewise faulted Amnesty for lack of technical evidence. Furthermore, cybersecurity experts interviewed from a range of countries with respect to this and related complaints, ranging from Eastern European, Australian, and Indian, to American and Israeli (including those interviewed directly by me on matters related to NSO and human rights), have all concluded that contrary to Amnesty claims, tracing Pegasus is practically, if not completely, impossible, nor does it operate through Whatsapp messaging as Jeff Bezos, Facebook, and Amnesty have all claimed.
American Middle East and cybersecurity expert Benjamin Minick vociferously called on Amnesty to release the technical data used to compile this result so that he and others could could conduct an examination, adding that all of the evidence provided is dubious. Specifically, he explained that the report, rather than unveiling any previous attacks, actually instructs would-be hackers how to conduct one, and is useless in terms of understanding whether or not any penetration has been conducted, given that there is no way to technically examine an Apple product. Merely knowing the names of the files provided does not actually shed light on any relevant security information.
(Apple has been in the center of controversy related to the demand for backdoor options by various governments). He confirmed that the the files provided could be manipulated by people conducting the investigation.
Other red flags casting doubt on the veracity of this claim:
Omar Radi himself has been part of this investigation, which calls into question the authenticity of evidence provided to investigators. In a similar vein, many, if not all of all past reports of NSO/Pegasus applications, Amnesty have put out in the past have likewise relied heavily on the testimony of activists involved, including those with a clear political agenda such as Omar Abdulaziz, Jamal Khashoggi’s former business partner. In other instances, activists called to testify regarding hacked devices, never had physical access to said devices, such as in the instance of Jeff Bezos and his “security team”. Bezos allegations were likewise widely dismissed by technical experts and eventually retracted even by Washington Post itself.The claims and technical reports in these cases have been substantially similar. (see the internal links in the Bezos report for links to the technical analysis of those claims).
Furthermore, Amnesty links to a screenshot allegedly taken by Omar Radi, but taking a screenshot in the seconds required for the described operation is physically impossible unless the operation itself was set up in advance and Radi had prepared software for that precise moment. We do not have any evidence that the particular screenshot had originated with Radi’s device at all.
It is telling that Amnesty chose not to focus on damning evidence pointing to the possibility that Radi could be a legitimate security threat to Moroccan government and that he likely has a political agenda in pursuing even a spurious claim against the authorities.
The Amnesty Report, for instance, fails to note, by his own admission, prior to his arrest, had been visiting Algeria, which has tensions with Morocco and is among several foreign states with a political interests in the Rif issue. It also fails to address the fact that Radi is under a formal investigation on suspicions of being a paid foreign agent by Moroccan authorities. Amnesty relied on Radi’s own comments (why wasn’t he arrested already?) in dismissing this matter, but in fact, the reasons are fairly obvious. Given the international scrutiny, including by Amnesty, Morocco is not in a rush to arrest public figures like Radi without conclusive evidence, and in the event of a wider intelligence probe, have valid reasons not to make immediate arrests. Notably out of all the activists and journalists in Morocco who have claimed to be hacked, surveilled, or oppressed by Moroccan government, Amnesty has chosen to focus on a few, who all operate in a particular political sphere.has shifte
For instance, Maati Manjib’s NGO Freedom Now, focused on the fate of “political prisoners”, such as one Mohammed Al-Bambaary, with a record of allegations against Morocco’s activities in Sahara, which are more likely than not grossly exaggerated if not outright fabrications. Indeed, Morocco has had a challenging record in that region in the 1970s, but since then has shifted its position politically and has invested heavily into that area. The so-called human rights activists generally associated with this issue tend to be affiliates of the local separatist group Polisario and are generally heavily backed by Algeria. I have interviewed former Polisario members and prisoners in that region, and have determined that the political context of the Sahara issue has been hijacked by foreign interests, that there is a lack of unbiased coverage for the human rights situation, and that Polisario and its defenders present legitimate human rights and security concerns.
I further had an opportunity to tour that area (in late 2018), following which I myself ended up becoming surveilled by Algerian intelligence, including some members operating under journalist cover. Furthermore, as a result of my research at that time, I learned that other local Sahrawi organizations operating in the area had submitted cases of forced disappearances by Polisario on Algerian territory to Amnesty and had been either systematically ignored by Amnesty, or in some cases Amnesty’s perfunctory investigations have been based entirely on responses provided by Algerian government. As a result of this research I have concluded a level of bias by Amnesty with issues concerning human rights and Morocco that makes exclusive reliance on their testimony dangerous for the cause of human rights. While prison conditions in general are a legitimate cause for concern, the focus on this particular individual raises questions about the goals of the NGO and the level of its familiarity with the human rights claims and security challenges involved.
Furthermore, I found the involvement of Agnes Callamard, the UN rapporteur whose report on Khashoggi’s death was reportedly funded by a member state, rather than by the UN body, and who has had a controversial record of weighing in on the Jeff Bezos hacking claims with a technically flimsy reporting that has been criticized by experts, who has been heavily involved in the Saudi issues, while not having a similar record of criticizing Turkey, Qatar, China, or Russia over their mass surveillance and imprisonment of journalists, who had expressed outrage at the liquidation of Qassem Soleimani, while remaining mum on the fate of political oppression in Iran, curious and questionable at the same time. Callamard seems to be linked to the NSO issue, but lacks the technical expertise to evaluate these claims. Her connection various “free speech” NGOs with a record of leaving out serious national security concerns of the activists they defend call into question the leanings of this particular human rights body and the experts on whose testimony Amnesty relies time after time.
In other words, while it is certainly possible that Omar Radi’s device had been hacked by one or more parties at times suggested, the evidence in the report provided is insufficient to make a conclusive determination, and in fact calls into question its likelihood. Based on the reports submitted by Amnesty itself, not only is independent evaluation by multiple international experts is warranted, but the selective context and history of Amnesty’s involvement in this issue should be examined in the process of evaluating these claims.
Amnesty’s representations point in that direction, but the technical evidence is not only inconclusive but highly doubtful.
By Amnesty’s own admission, NSO software is nearly impossible to trace, which is supported by testimonies of various technical experts consulted on this and other related cases of the alleged usage of the software. It is noteworthy that other major human rights NGOs have not had the opportunity to examine the evidence and to present their findings.
Amnesty International claims it based its report on strong, material evidence, but the technical content within the report contradicts this assertion.The NGO outlines how Pegasus spyware infects a device, citing “forensic data” to allege Moroccan security services hacked Radi’s cell phone through network injections. The report describes two procedures for such hacking, confirming that “it is unclear which of these two options have been used against Omar.”
The report also admits that the spyware is “notoriously difficult to spot” and leaves few traces.
Despite the ambiguity in Amnesty International’s own words, the report pulls no punches in asserting a strong, conclusive claim: Moroccan authorities used NSO’s Pegasus spyware to monitor journalist Omar Radi.
The report claims that only the Moroccan government could be behind the attack because network injections require “either physical proximity to the targets or access over mobile networks in the country which only a government could authorize.”
Technical experts have argued that the assumption is far from straightforward. The process of tracking and identifying the use of Pegasus software leaves room for inaccuracy. Expert insight into the matter indicates that Amnesty International’s claim is unsubstantiated. Other experts have essentially stated that tracking the software is nearly impossible.
The report does not reference Morocco’s lack of diplomatic relations with Israel, which would severely complicate such a contract, nor does it detail better-evidenced allegations against some other countries. (The record of allegations of Saudi Arabia, which is even less open towards security-related transactions with Israel than Morocco calls into question these reports in general)
A 2018 report by researchers from the University of Ontario in Canada shows that the malware was in active use in 45 countries across the globe, including Western countries such as the UK, the US, and France.
This research further claims that the NSO spyware was in heavy use in Gulf countries, especially in Saudi Arabia and the UAE. However, no independent evidence is provided in any of these cases of this spyware, should it even exist, being used specifically against journalists, much less against those who are not a security threat.
The Amnesty International report briefly mentioned these countries in its report on Morocco. However, it has produced no country-specific reports for use of the spyware by these states, where allegations of its use are backed by third-party investigations.
Independent entities have also published reports highlighting questionable funding practices, namely funding from governments to which AI applies a less critical lens.
In the Radi case, Amnesty uses the same methodology as in the other two cases involving alleged use of Pegasus to surveil Moroccan activists.
“By inspecting Maati Monjib’s Safari browsing history we found visits to suspicious links that did not originate from SMS or WhatsApp messages. Safari records its entire browsing history in a SQLite database stored on the device (and exportable through an iTunes backup procedure). This database not only keeps individual records of particular links being visited, but it also records the origin and destination of each visit. This allows us to reconstruct redirections and the chronology of web requests”. — this is from Amnesty’s own previous report on this issue, which is cited as part of the latest report. HOwever, according to the plain text of this evidence, all this browsing history shows (even assuming that it is presented accurately with no tampering by Amnesty, Monjib himself, or any third parties), is that Monjib has had issues with malware unrelated to phone-specific usage. This undermines Amnesty’s claim that these suspicious links most likely came via Pegasus, given that in other parts of this and other reports, Amnesty has maintained that Whatsapp and SMS are the most common way of penetration.
The Facebook lawsuit against NSO likewise maintains that Pegasus has penetrated thousands of Whatsapp users, and Bezos had claimed that the Crown Prince of Saudi Arabia used his personal Whatsapp account to hack Bezos’s phone. The technical experts, however, contradict that Whatsapp could be used by Pegasus in this manner, which begs the question of how Amnesty expects anyone to find its contradictory technical analysis credible.
Amnesty presents Monjib’s case as part of establishing a pattern of bad behavior and abuses of Pegasus, by the Moroccan authorities in the Radi case, but admits that it could not conclusively establish causation in Monjib’s case, which is the precedent and supposed part of the burden of accusatory evidence in the instant matter:
“Currently, we do not have sufficient information to conclusively attribute these suspected network injection attacks to NSO Group’s products or services. However considering the technical similarities to other Pegasus infections, the fact that Monjib has already been targeted with NSO Group’s software and the fact that NSO Group advertise the network injection capability we suspect was used in this attack, there is reason to believe that NSO Group’s tools may also have been used in this attack.
We confirmed Maati Monjib had already been targeted with NSO Group’s Pegasus spyware via malicious SMS messages. The links contained in such messages closely resemble the URLs involved in the network injection attacks.” Once again, anyone with technical knowledge and experience would be instantly put on alert by the language used here. “Links closely resembling URLS involved in the network injection attacks” are a far cry from “establishing” that Pegasus was used, much less by Moroccan authorities. Pegasus is not the only type of spyware that MAY use network injection attacks, which is the first problem with this analysis.
Second, saying that links closely resembling something that may be used in a particular type of attack in fact is saying that not only was Amnesty unable to establish that it was a Pegasus attack but that it could not in fact confirm it was a network injection attack at all. “Suspicions of use” because a particular company advertises a particular general type of attack is hardly incontrovertible proof of usage.
As with the Monjib case, Amnesty did not produce any concrete evidence that this type of attack, much less linked to Pegasus, was used to penetrate Radi’s phone, if indeed, it had been hacked at all.
“Amnesty International’s Security Lab performed a forensic analysis of Omar Radi’s phone and found traces suggesting he was subjected to the same network injection attacks we first observed against Maati Monjib and described in our earlier report. Through our investigation we were able to confirm that his phone was targeted and put under surveillance during the same period he was prosecuted. This illustrates how human rights defenders (HRDs) may often have to deal with the twin challenges of digital surveillance alongside other tactics of criminalisation at the hands of Moroccan authorities leading to a shrinking space for dissent.”
As I have noted above, Amnesty had not in fact established that Monjib was subjected to network injection attack. The Radi report therefore does not meet the burden of proof to claim that these attacks were in any way the same, much less network injection attacks.
Another point worth noting is that contrary to Amnesty’s claims, the report did not at all establish that the surveillance of Radi phone, if it existed, came to be as a result of Moroccan authorities. Any number of state actors could have engaged in the same type of attacks for various reasons – especially since it is not known that Pegasus was used for that purpose. For instance, Radi may have become a subject of surveillance by Algerian government during his visit to that state. Alternatively, if Radi is an asset of British or other Western government, as suggested by the Moroccan press, his handlers may have installed spyware. It could have also been installed by a member of another country’s intelligence agency operating on Moroccan soil for entirely unrelated reasons. In short, there are many ways in which various parties could have gotten physically close to Radi’s device, without being either in Morocco, being Moroccan authorities, or controlling Moroccan phone operators.
“The lack of transparency around the surveillance industry makes it difficult to know what tools are being used, sold, purchased and abused, and therefore for victims and watchdogs to seek accountability. Despite this, our research so far has shed light on how NSO’s technologies have evolved. Until early 2018, NSO Group’s customers were found primarily using SMS and WhatsApp messages in order to trick targets into opening a malicious link, which would result in exploitation and infection of their mobile devices. As we documented in our October 2019 report, Amnesty International first observed attackers adopting new techniques to more stealthily and effectively deliver the malware. Using what we describe as “network injections”, attackers are now capable of installing the spyware without requiring any interaction by the target.”
Amnesty essentially confessed here that a) it has no way to establish any relevant technical or transactional information to draw any conclusions or determinations relevant to the Radi matter b) the entire report is speculative and all of Amnesty’s actions have been designed to fish for information and to draw attention to particular parties, without any real evidence of wrongdoing on their part c) the ulterior motive here is to expose Israel’s government potentially clandestine relatioships with Arab and Muslim majority states, which would necessarily make these states vulnerable to propaganda attacks by various activists, movements, other states, and agendas.
Amnesty has tried to explain the discrepancy in its own reporting but claiming that NSO has changed strategy; however given that most experts claim that that method was never used to begin with, theses comments only cast further shade on the quality of the report. Furthermore, Jeff Bezos and many of the Facebook users supposedly surveilled using Pegasus technology claimed that the surveillance through Whatsapp continued long after “early 2018”.
“However, NSO Group’s network injection capabilities were briefly described in a document named “Pegasus – Product Description” – apparently written by NSO Group – that was found in the 2015 leak of the competing Italian spyware vendor, Hacking Team. Specifically, in January 2020, Business Insider reported about mobile interception technology NSO Group exhibited during Milipol, an event and trade show on homeland security held in Paris in November 2019.”
The most troubling aspect of Amnesty’s report is its willingness to rely on unverified information, rumors and hearsay, and self-serving reports from competing companies.
Amnesty appears to have done no due diligence in investigating Hacking team’s claims; if that information is available, I would have liked to examine it to make further determination of the reliability of these reports.
What comes to mind at first glance, however, is that it is in Hacking Team’s best interests to cast aspersions on NSO, to undermine their business competitor, and to attract customers. It is also worth noting that Hacking Team may have the same capabilities as NSO, and could itself be the source of at least some if not all attacks attributed to its rival, if any had taken place at all.
Of note, Amnesty dismissed NSO’s human rights reporting out of hand, without explaining what issues it has faced, nor providing specific demands consistent with NSo’s own technical capabilities to provide them, as well as with legal realities of this business.
As NSO explained, it is under confidentiality agreement preventing it from confirming or denying such information, nor would any state government confirm or deny access to such information. Short of engaging in hacking and espionage, there is no real way to obtain that information at the moment, which is what Amnesty has tried to do, operating less as a human rights organization than an intelligence gathering tool for NSO’s rivals, and assorted other third parties with interests and agendas in obtaining this information.
However, it is worth pointing out that
1. Most Muslim majority states accused of using NSO would find it significantly easier to obtain equivalent software from other countries with which they have diplomatic relations
2. Any use of surveillance software is legitimate if the target presents a legitimate national security threat to the country
3. Short of eliminating all intelligence gathering against foreign assets, Amnesty cannot possibly prevent state actors from surveilling suspects; therefore, the likely reason for these reports is not a human rights concern, but a publicity/media campaign to attract negative attention to a particular country.
4. Amnesty has repeatedly failed to respond, provide clarifications, or additional technical evidence to Moroccan authorities, the Israeli court which examined its complaint, NSO, and other parties. Since the burden of proof is on the accuser, it is worth asking questions why an NGO focused on transparency is not itself transparent when the campaigns started against Morocco, NSO, and others can have a detrimental effect on innocent parties without any real benefit to the field of human rights. It is exceptional vital to provide without shadow of a doubt and with specificity when a software that can help eliminate deadly threats is being abused in a malicious way; failure to provide such evidence ultimately discredits human rights monitoring mechanisms, undermines attempts to help real victims, and plays into the hands of perpetrators.
Magy Benhaim is a board member of Digital Citizenship. Lawyer and Expert in Internet Security.
Digital Citizenship is an NGO based in Geneva that works on digital rights and human rights in the Internet sphere. It was founded in 2018 by volunteers and has representatives in Switzerland, Spain, Egypt and Morocco.
Featured Image credits: Amnesty.org