Television program about the Mossad prompts controversy, strong denials in Israel

Tamir PardoIsraeli officials have denied reports that the head of the country’s internal security service was asked by the prime minister to spy on the director of the Mossad intelligence agency and the head of the military. The denials were prompted by allegations that will be made in full on Thursday, when the latest installment of the investigative news program Uvda (Fact) will be aired on Israel’s Channel 12 television channel. According to the program, the Israeli Prime Minister Benjamin Netanyahu requested that the personal phones of senior Israeli security officials, including those of the heads of the Mossad and the military, be wiretapped for security reasons.

The investigative news program reported on May 31 that the “unprecedented” request has its roots in a “major secret program” that was launched by the Israeli government in 2012. The program required a major transformation of the country’s intelligence budget, staffing and resources. Although numerous individuals from nearly every facet of the Israeli intelligence community had been briefed on the project, the Israeli prime minister was concerned about leaks to the media. He therefore kept his cabinet in the dark about the program, and did not consult with the Knesset, or even the members of the Knesset’s Subcommittee on Intelligence and Secret Services, which is required by law to be kept fully informed about Israeli intelligence operations.

Uvda further alleges that in 2013 Netanyahu convened an extraordinary meeting of senior officials, which included the participation of the attorney general, the head of the Shin Bet (Israel’s domestic security service) and others. It was during that meeting, according to Uvda, when Netanyahu allegedly approached Yora Cohen, the then-director of the Shin Bet, and asked him to “monitor the partners of the secret project”. When asked what he meant, Netanyahu allegedly said that the directors of the Israel Defense Forces (IDF) and the Mossad should have their telephones monitored for possible unauthorized leaks to the media. Two names mentioned during that meeting, according to Uvda: Tamir Pardo, head of the Mossad, and Benny Gantz, the IDF’s chief of staff. Both men were new at their posts. Eventually, however, when Cohen took Netanyahu’s request to senior officials at the Ministry of Defense, “they were shocked and rejected it”, Uvda reports.

On Sunday, Cohen took the unusual step of issuing a denial of Uvda’s allegations, calling “reports in the media” about the prime minister having instructed him to “specifically wiretap Gantz and Pardo […] untrue”. The Office of the Prime Minister also denied the Uvda report, describing it in a statement as “utterly baseless”. The statement went on to say that Uvda’s allegations represented “a total distortion of systemic efforts that are made from time to time to safeguard sensitive information related to Israel’s security”. Also on Sunday, Prime Minister Netanyahu directly criticized comments made by Pardo on the same program, which the Israeli leader saw as damaging to the reputation of the Mossad. Pardo told Uvda that “the fun part” about working for the Mossad was that the agency is “basically a crime syndicate with a license”. Netanyahu took exception to those comments on Sunday, saying that “the Mossad is not a criminal organization. It is a superb organization that does sacred work in the fight against terrorism and other threats to the state of Israel. We all salute it”.

Author: Joseph Fitsanakis | Date: 04 June 2018 | Permalink

Advertisements

Analysis: New legal framework for Dutch intelligence services becomes law

Wet op de Inlichtingen- en Veiligheidsdiensten
On May 1, 2018, the legal framework for the Dutch intelligence community changed as the new Intelligence and Security Services Act became operational. Previously, both chambers of parliament discussed and accepted the Act on February 14 and July 11, 2018. A group of Amsterdam-based students, however, were worried that the Act —which includes the power to intercept cable-bound communication in bulk— would induce a surveillance state. They initiated a public referendum, which was held on March 21, 2018.

In what was an intense and prolonged public debate in the months leading up to the referendum, critics of the new Act advanced their views against it. Among them was the digital civil rights group Bits of Freedom, which argued that the power to intercept cable-bound communication in bulk would destroy “the core value of our free society, that a law-abiding citizen will not be monitored”. The Act also allows the General Intelligence and Security Service (known by its Dutch acronym AIVD) and the Military Intelligence and Security service (abbreviated as MIVD) to exchange large sets of unevaluated data with their foreign counterparts without prior approval by the new independent review commission. The services see this quid pro quo data sharing as essential for their counter-terrorism mission. But in the view of opponents, the fact that unevaluated and unanalyzed datasets are exchanged is unacceptable.

Additionally, Bits of Freedom was opposed to the real-time access to databases of partners (such as tax authorities, other governmental agencies, but also banks) that was granted to the intelligence and security services. They argued that the oversight bodies and the responsible minister should have to sign off on this (it should be noted however, that such database access will be only granted on a hit/no-hit basis, so there will be no free searches. Finally, and more broadly, it was argued that the new Act contained too many “open norms”. This was in line with the cabinet’s goal to formulate a new act that would be more independent of technological developments —the Act of 2002 was not, and therefore the update was seen as necessary. But it also remains unspecified in which specific circumstances and under what criteria and norms the new powers can and cannot be applied. Read more of this post

US government publicly admits existence of rogue phone-tapping devices in DC

Embassy RowThe United States government has for the first time admitted publicly that it has detected devices known to be used by foreign intelligence services to spy on cellular communications in the nation’s capital. Known commonly as Stingrays, after a leading hardware brand, these devices are primarily used by government agencies, including law enforcement. But they can be purchased by anyone with anywhere from $1,000 to $200,000 to spare. They work by simulating the activity of legitimate cell towers and tricking cell phones into communicating with them. That allows the users of these cellphone-site simulators to monitor the physical whereabouts of targeted cell phones. Some of the more expensive Stingray models can intercept the actual content of telephone conversations and can even plant Trojans on the compromised phones of unsuspecting users.

Many governments have expressed concerns about the use of these devices, which are known to be used by intelligence agencies to monitor cellular communications on foreign soil. Major cities around the world, including Washington, are major targets of cellphone-site simulators, which are frequently located inside foreign embassies. However, the US government has never publicly commented on this issue, despite intense rumors that government agencies headquartered in Washington are major targets of Stingray devices. This changed recently, however, after Senator Ron Wyden (D-OR) wrote a letter to the Department of Homeland Security seeking information about the use of such devices in Washington. Wyden received a written response from Christopher Krebs, who heads the DHS’ National Protection and Programs Directorate. In the letter, dated March 26, Krebs confirmed that the DHS detected a number of active Stingrays in the DC area in 2017, which he referred to as “anomalous activity consistent with Stingrays”. But he added that the DHS lacks both funding and equipment needed to detect the full number of the devices and the full spectrum of Stingrays that are active in the nation’s capital.

The Associated Press, which published Krebs’ letter, said it acquired it from Wyden’s office in the US Senate. The news agency noted that the letter from DHS did not provide the technical specifications of the cellphone-site simulators, and did not enter into speculation about who might be employing them. Additionally the letter did not provide the exact number of Stingrays detected in DC in 2017, nor did it provide the exact locations in DC where Stingray activity was traced. In response to Krebs’ letter, Senator Wyden’s office released a statement blaming the US Federal Communications Commission for having failed to hold the cellular telecommunications industry accountable for the lack of security against Stingrays. “Leaving security to the phone companies has proven to be disastrous”, Senator Wyden’s statement concluded.

Author: Joseph Fitsanakis | Date: 4 April 2018 | Permalink

Report from Holland: Cable-bound interceptions and ‘dragnets’

Wet op de Inlichtingen- en VeiligheidsdienstenFor the past year, the Netherlands has had a new law governing its two secret services, the AIVD and the MIVD. The new Intelligence and Security Services Act (Wet op de inlichtingen- en veiligheidsdiensten or Wiv) was and still is heavily criticized, especially because it allows untargeted access to cable-bound telephone and internet traffic. Under the previous law, which dates from 2002, the intelligence services were only allowed to conduct bulk interception of wireless transmissions, like satellite and radio communications —besides of course the traditional targeted telephone and internet taps aimed at individual targets.

That prohibition of bulk cable tapping is not the only thing that makes Dutch intelligence services different from those of many other countries. Probably the biggest difference is the fact that the Wiv applies to both foreign and domestic operations, as if the two secret services were responsible for both domestic security and foreign intelligence.

The General Intelligence and Security Service (Algemene Inlichtingen- en Veiligheidsdienst, or AIVD) covers the civilian domain, and focuses at Jihadist terrorism, radicalization, rightwing and leftwing extremism, counter-intelligence and countering cyber threats. This is mostly domestic, but the AIVD also has a small branch that gathers foreign intelligence from and about a select range of countries. The Military Intelligence and Security Service (Militaire Inlichtingen- en Veiligheidsdienst, or MIVD) covers military issues, and is therefore more foreign-orientated than its civilian counterpart. The MIVD is responsible for the security of Dutch armed forces and for collecting foreign intelligence in military matters, while at the same time providing support of Dutch military missions abroad, like for example in Mali. When it comes to Signals Intelligence (SIGINT), the AIVD and MIVD combined their efforts in a joint unit called the Joint SIGINT Cyber Unit (JSCU), which became operational in 2014. The JSCU is responsible for most of the technical interception capabilities, from traditional wiretaps to cyber operations. The JSCU is not allowed to conduct offensive cyber operations. The latter are conducted by the Defence Cyber Command (DCC) of the Dutch armed forces. Read more of this post

Lebanese spy agency used Android app to spy on thousands, say researchers

GDGS EFF LookoutThe spy agency of Lebanon used a virus designed for the Android mobile operating system to compromise the cell phones of thousands of people in at least 20 countries, according to a new mobile security report. The 50-page report was published on Thursday by a team of researchers from Lookout, a mobile security company, and the Electronic Frontier Foundation in Washington, DC. In an accompanying press release, the researchers said that the virus, which they named Dark Caracal, has been in existence for at least six years. They added that it was traced to a building in Beirut belonging to the General Directorate of General Security (GDGS), Lebanon’s primary external intelligence agency.

According to the Lookout/EFF research team, the trojanized phone application was camouflaged as a secure messaging service, resembling popular applications like Signal or WhatsApp. However, once an Android user downloaded it, it gave remote users access to the compromised phone’s cameras and microphone, thus turning it into a bugging device. The virus also stole email and text messages, pins and passwords, lists of contacts, call logs, photographs, as well as video and audio recordings stored on the compromised device. The report states that compromised devices were found in over 20 countries, including Lebanon, France, Canada, the United States and Germany. The majority of those targeted by the virus were civilian and military officials of foreign governments, defense contractors, and employees of manufacturing companies, financial institutions and utility providers.

On Thursday, Reuters contacted Major General Abbas Ibrahim, who serves as director general of GDGS. He insisted that the GDGS is known for collecting intelligence using human sources, not cyber technologies. “General Security does not have these type[s] of capabilities. We wish we had these capabilities”, General Ibrahim told the news agency.

Author: Joseph Fitsanakis | Date: 19 January 2018 | Permalink

Pristine Cold War-era wiretapping rooms uncovered in Slovenian hotel

Hotel JamaFour hidden communications-surveillance compartments which are believed to date back to the Cold War, have been found in one of the most prestigious hotels of the former Yugoslavia. The discovery was made during an extensive renovation project that was recently completed in the Hotel Jama. The hotel is located in the southeastern Slovenian city of Postojnska, near the Italian border. For over a century, Postojnska has been famous for its network of limestone caves, which are among the largest in the world. Eager to cater to Italian, Austrian and other Western tourists, the government of Yugoslavia began construction on Hotel Jama in 1969. The hotel opened its doors in 1971, amidst much publicity and fanfare. It eventually became known as one of the most luxurious hotels in the communist world.

As the hotel’s reputation soared, the government of Yugoslavia began hosting foreign dignitaries there. Though socialist, the government of Yugoslavia never became an integral member of the communist bloc, preferring a policy of nonalignment. Because of that, it was courted by both East and West, with many Western leaders and other officials visiting the country regularly. On many occasions, they would use Hotel Jama as a retreat. Numerous world leaders stayed there with their entourage, escorted by Yugoslavia’s longtime communist leader Josip Broz, known commonly as Tito.

Today the hotel is situated on the territory of Slovenia, a small mountainous state of two million people, which declared its independence from Yugoslavia in 1991. The regional instability caused by the Yugoslav Wars of the 1990s nearly demolished Slovenia’s tourism industry, and Hotel Jama was forced to declare bankruptcy. In 2010, under new ownership, the hotel underwent major renovations. These were completed in 2016, when the hotel opened its doors to the public once again. It was during these renovations that construction crews discovered the surveillance rooms. The four compartmented rooms were found behind a large door made of steel at the back of the hotel, and are adjacent to a network of limestone caves, for which the area is famous.

News reports said the four rooms feature 1970s-era wiretapping equipment, most of which appears to be in pristine condition. There is a thick layer of dust over all the surfaces, which indicates that the rooms have not been used in several decades. The construction crews also found sets of cables that run from the surveillance compartments to several guest rooms in the hotel’s original wing that dates to the early 1970s.

Experts suggest that the rooms were built in the early stages of the hotel’s construction in the late 1960s. The equipment was probably operated by the State Security Service (SDB), Yugoslavia’s internal security police. It is believed that the surveillance facilities were used to facilitate the systematic wiretapping of foreign dignitaries and delegations that frequented the hotel during the Cold War. Hotel Jama’s administration said on Wednesday that there are plans to turn the surveillance rooms into part of an exhibit on the Cold War history of the establishment.

Author: Joseph Fitsanakis | Date: 13 April 2017 | Permalink

Did domestic snooping by Canadian spy agency increase 26-fold in a year?

CSE Canada - IAThe volume of domestic communications that were intercepted by Canada’s spy agency increased 26 times between 2014 and 2015, according to a recently released report by a government watchdog. The same report states that intercepted information about Canadian citizens, which is given to Canada’s spy agency by the intelligence organizations of other Western countries, has increased so much that it now requires an elaborate mechanism to analyze it. When asked to explain the reasons for these increases, Canadian government officials said they could not do so without divulging secrets of national importance.

Information about these increases is contained in the latest annual report by the Office of the Commissioner of the Communications Security Establishment. The body was set up in 1996 to review the operations of the Communications Security Establishment (CSE). Founded in 1946, CSE is Canada’s primary signals intelligence agency. It is responsible for interception foreign communications while at the same time securing the communications of the Canadian government. The Office of the Commissioner monitors CSE’s activities and ensures that they conform with Canadian law. It also investigates complaints against the CSE’s conduct of and its officers.

Canadian law forbids the CSE from intercepting communications in which at least one of the parties participating in the exchange is located in Canada. If that happens, the message exchange is termed “private communication” and CSE is not allowed to intercept it, unless it gets written permission from Canada’s National Defense minister. Such permission is usually given only if the interception is deemed essential to protect Canadian national security or national defense. If a “private communication” is inadvertently intercepted, CSE is required to take “satisfactory measures” to protect the personal privacy of the participant in the exchange that is located inside Canada.

According to the CSE commissioner’s report for 2015, which was released in July, but was only recently made available to the media, CSE intercepted 342 “private communications” in 2014-2015. The year before, the spy agency had intercepted just 13 such exchanges. The report states that all 342 instances of interception during 2014-2015 were either unintentional or critical for the protection of Canada’s security. It further states that the reason for the huge increase is to be found in “the technical characteristics of a particular communications technology and of the manner in which private communications are counted”.

Canadian newspaper The Ottawa Citizen asked the CSE commissioner, Jean-Pierre Plouffe, to explain what he meant by “technical characteristics of a particular communications technology” in his report. His office responded that the commissioner could not explain the subject in more detail, because doing so would “reveal CSE operational capabilities” and thus hurt Canada’s national security. The newspaper also contacted CSE, but was given a similar answer. Some telecommunications security experts speculate that the increase in intercepted “private communications” may be due to exchanges in social media, whereby each message is counted separately.

Author: Ian Allen | Date: 25 August 2016 | Permalink