Formation | 2001 |
---|---|
Type | Research Laboratory |
Headquarters | University of Toronto |
Location | |
Director | Ronald Deibert |
Website | citizenlab |
The Citizen Lab is an interdisciplinary laboratory based at the Munk School of Global Affairs at the University of Toronto, Canada. It was founded by Ronald Deibert in 2001. The laboratory studies information controls that impact the openness and security of the Internet and that pose threats to human rights. [1] The organization uses a "mixed methods" approach which combines computer-generated interrogation, data mining, and analysis with intensive field research, qualitative social science, and legal and policy analysis methods. The organization has played a major role in providing technical support to journalists investigating the use of NSO Group's Pegasus spyware on journalists, politicians and human rights advocates.
The Citizen Lab was a founding partner of the OpenNet Initiative (2002–2013) and the Information Warfare Monitor (2002–2012) projects. The organization also developed the original design of the Psiphon censorship circumvention software, which was spun out of the Lab into a private Canadian corporation (Psiphon Inc.) in 2008.
In a 2009 report "Tracking GhostNet", researchers uncovered a suspected cyber espionage network of over 1,295 infected hosts in 103 countries between 2007 and 2009, a high percentage of which were high-value targets, including ministries of foreign affairs, embassies, international organizations, news media, and NGOs. The study was one of the first public reports to reveal a cyber espionage network that targeted civil society and government systems internationally. [2]
In Shadows in the Cloud (2010), researchers documented a complex ecosystem of cyber espionage that systematically compromised government, business, academic, and other computer network systems in India, the offices of the Dalai Lama, the United Nations, and several other countries. [3]
In Million Dollar Dissident, published in August 2016, researchers discovered that Ahmed Mansoor, one of the UAE Five, a human rights defender in the United Arab Emirates, was targeted with Pegasus software developed by Israeli cyber-intelligence firm NSO Group. Prior to the releases of the report, researchers contacted Apple who released a security update that patched the vulnerabilities exploited by the spyware operators. [4] Mansoor was imprisoned one year later and as of 2021, is still in jail. [5]
Researchers reported in October 2018, that NSO Group surveillance software was used to spy on the "inner circle" of Jamal Khashoggi just before his murder, "are being targeted in turn by international undercover operatives." A Citizen Lab October report revealed that NSO's "signature spy software" which had been placed on the iPhone of Saudi dissident Omar Abdulaziz, one of Khashoggi's confidantes, months before. Abdulaziz said that Saudi Arabia spies used the hacking software to reveal Khashoggi's "private criticisms of the Saudi royal family". He said this "played a major role" in his death. [6] [7]
According to a January 24, 2019 AP News report, Citizen Lab researchers were "being targeted" by "international undercover operatives" for its work on NSO Group. [6]
In January 2019, Citizen Lab invited the Associated Press to help reveal an undercover spy operation targeting reporters at Citizen Lab carried out by the firm Black Cube. [8] Ronan Farrow added to this reporting through interviews with a source of his who was involved in that espionage incident, among others. [9]
In March 2019, The New York Times reported that Citizen Lab had been a target of the UAE contractor DarkMatter. [10]
A major international investigation from 2020-2022 into the use of Pegasus spyware on journalists, politicians and human rights activists around the world relied on Citizen Lab and Amnesty International's Security Lab for technical support. [11]
In 2021, Citizen Lab along with Amnesty International's Security Lab analysed Front Line Defenders' report on the hacking of devices of six Palestinian human rights defenders (two were dual nationals; one French, one American) working for civil society organisations based in the West Bank. Four of the hacked devices used Israeli SIM cards (which NSO Group claimed was not allowed). [12]
In 2023, Citizen Lab found evidence of NSO Group's hacking tool Pegasus in a war setting for the first time [13] as well as in the device of a lead investigator of a Mexican human rights investigation. [14]
Ronald James Deibert is a Canadian professor of political science, philosopher, founder and director of the Citizen Lab at the Munk School of Global Affairs, University of Toronto.
Multiple forms of media including books, newspapers, magazines, films, television, and content published on the Internet are censored in Saudi Arabia.
Cyber spying, cyber espionage, or cyber-collection is the act or practice of obtaining secrets and information without the permission and knowledge of the holder of the information using methods on the Internet, networks or individual computers through the use of proxy servers, cracking techniques and malicious software including Trojan horses and spyware. Cyber espionage can be used to target various actors- individuals, competitors, rivals, groups, governments, and others- in order to obtain personal, economic, political or military advantages. It may wholly be perpetrated online from computer desks of professionals on bases in far away countries or may involve infiltration at home by computer trained conventional spies and moles or in other cases may be the criminal handiwork of amateur malicious hackers and software programmers.
Juliette N. Kayyem is an American former government official and author. She is host of the Boston-based radio channel WGBH (FM)'s podcast The SCIF, and has also appeared on CNN and Boston Public Radio, and written columns for The Boston Globe.
FinFisher, also known as FinSpy, is surveillance software marketed by Lench IT Solutions plc, which markets the spyware through law enforcement channels.
Hacking Team was a Milan-based information technology company that sold offensive intrusion and surveillance capabilities to governments, law enforcement agencies and corporations. Its "Remote Control Systems" enable governments and corporations to monitor the communications of internet users, decipher their encrypted files and emails, record Skype and other Voice over IP communications, and remotely activate microphones and camera on target computers. The company has been criticized for providing these capabilities to governments with poor human rights records, though HackingTeam states that they have the ability to disable their software if it is used unethically. The Italian government has restricted their licence to do business with countries outside Europe.
Morgan Marquis-Boire is a New Zealand-born hacker, journalist, and security researcher. Marquis-Boire previously served as an advisor to the Freedom of the Press Foundation. He was a Special Advisor to the Electronic Frontier Foundation (EFF) and advisor to the United Nations Interregional Crime and Justice Research Institute. He was the Director of Security at First Look Media and a contributing writer at The Intercept. He has been profiled by Wired, CNN, Süddeutsche Zeitung, and Tages Anzeiger. He was one of Wired Italy 's Top 50 people of 2014. In March 2015 he was named a Young Global Leader.
Peñabots is the nickname for automated social media accounts allegedly used by the Mexican government of Enrique Peña Nieto and the PRI political party to keep unfavorable news from reaching the Mexican public. Peñabot accusations are related to the broader issue of fake news in the 21st century.
NSO Group Technologies is an Israeli cyber-intelligence firm primarily known for its proprietary spyware Pegasus, which is capable of remote zero-click surveillance of smartphones. It employed almost 500 people as of 2017.
Pegasus is a spyware developed by the Israeli cyber-arms company NSO Group that is designed to be covertly and remotely installed on mobile phones running iOS and Android. While NSO Group markets Pegasus as a product for fighting crime and terrorism, governments around the world have routinely used the spyware to surveil journalists, lawyers, political dissidents, and human rights activists. The sale of Pegasus licenses to foreign governments must be approved by the Israeli Ministry of Defense.
DarkMatter Group is a computer security company founded in the United Arab Emirates (UAE) in 2014 or 2015. The company has described itself as a purely defensive company, however in 2016, it became a contractor for Project Raven, to help the UAE surveil other governments, militants, and human rights activists. It has employed former U.S. intelligence operatives and graduates of the Israel Defense Force technology units.
On October 30, 2019, WhatsApp's parent company Facebook, Inc. confirmed that Pegasus, a sophisticated snooping software developed by Israel's NSO Group, was used to target Indian journalists, activists, lawyers and senior government officials. The journalists and activists are believed to have been targets of surveillance for a two-week period until May, when the Indian national election was held.
The Pegasus Project is an international investigative journalism initiative that revealed governments' espionage on journalists, opposition politicians, activists, business people and others using the private Pegasus spyware developed by the Israeli technology and cyber-arms company NSO Group. Pegasus is ostensibly marketed for surveillance of "serious crimes and terrorism". In 2020, a target list of 50,000 phone numbers leaked to Forbidden Stories, and an analysis revealed the list contained the numbers of leading opposition politicians, human rights activists, journalists, lawyers and other political dissidents.
Candiru is a private Tel Aviv-based company founded in 2014 which provides spyware and cyber-espionage services to government clients. Its management and investors overlap significantly with that of NSO Group. Its operations began being uncovered in 2019 by researchers at CitizenLab, Kaspersky, ESET. Microsoft refers to the company's cyber-espionage operations as "Caramel Tsunami/SOURGUM" while Kaspersky refers to it as "SandCat"
In India, the Pegasus Project investigations alleged that the Pegasus spyware was used on ministers, opposition leaders, political strategist and tacticians, journalists, activists, minority leaders, Supreme Court judges, religious leaders, administrators like Election Commissioners and heads of Central Bureau of Investigation (CBI). Some of these phones were later digitally & forensically analysed by Amnesty International's Security Lab on 10 Indian phones and the analysis showed signs of either an attempted or successful Pegasus hack. However, the Supreme Court of India stated that the technical committee had found 'malware' in 5 of the 29 phones, but not able to say conclusively that the malware found was Pegasus. The Chief Justice also mentioned that the government refused to cooperate in the investigation.
FORCEDENTRY, also capitalized as ForcedEntry, is a security exploit allegedly developed by NSO Group to deploy their Pegasus spyware. It enables the "zero-click" exploit that is prevalent in iOS 13 and below, but also compromises recent safeguards set by Apple's "BlastDoor" in iOS 14 and later. In September 2021, Apple released new versions of its operating systems for multiple device families containing a fix for the vulnerability.
Quadream was an Israeli surveillance technology company. It prominently sold iPhone hacking tools, and was founded in 2014 by a group including two former NSO Group employees, Guy Geva, and Nimrod Reznik. Its offices were in Ramat Gan. The company is suspected to have shut down in April 2023. It is owned by a parent company in Cyprus.
CatalanGate is a 2022 political scandal involving accusations of espionage using the NSO Group's Pegasus spyware, against figures of the Catalan independence movement. Targets of the supposed espionage included elected officials, activists, lawyers, and computer scientists; in some cases, families of the main targets were also purportedly targeted.
Tamer Almisshal is a Palestinian journalist. He currently works for Al Jazeera, and is the host of the programme The Hidden is More Immense.
Cytrox is a company established in 2017 that makes malware used for cyberattacks and covert surveillance. Its Predator spyware was used to target Egyptian politician Ayman Nour in 2021 and to spy on 92 phones belonging to businessmen, journalists, politicians, government ministers and their associates in Greece. In 2023, the U.S. Department of Commerce added the Cytrox companies Cytrox AD in North Macedonia, and Cytrox Holdings Crt in Hungary to its Entity List and on March 5, 2024, the U.S. Department of Treasury imposed sanctions upon Cytrox AD of North Macedonia and the Intellexa Consortium, which is the parent firm of Cytrox AD, "for trafficking in cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide."
BPR interviewed Ronald Deibert, director of Citizens Lab at the Munk School of Global Affairs, University of Toronto, an interdisciplinary research organization focusing at the intersection of internet, global security and human rights. They have worked for the office of the Dalai Lama.