UAE Accused of Using Israeli Spyware on Phones

The New York Times reports that authorities in the United Arab Emirates have been using spyware developed by an Israeli business to monitor calls made by dissidents in their country and political rivals abroad. The article by David D. Kirkpatrick and Azam Ahmed asserts:

…when top Emirati officials were offered a pricey update of the spying technology, they wanted to make sure it worked, according to leaked emails submitted Thursday in two lawsuits against the spyware’s maker, the Israel-based NSO Group.

Could the company secretly record the phones of the emir of Qatar, a regional rival, the Emiratis asked? How about the phone of a powerful Saudi prince who directed the kingdom’s national guard? Or what about recording the phone of the editor of a London-based Arab newspaper?

“Please find two recordings attached,” a company representative wrote back four days later, according to the emails. Appended were two recordings the company had made of calls by the editor, Abdulaziz Alkhamis, who confirmed this week that he had made the calls and said he did not know he was under surveillance.

If the law suit is to be believed, it seems the UAE authorities may wish their emails were more secure than the phones they were bugging!

NSO Group is being sued for their role in illegal spying.

The two lawsuits, filed in Israel and Cyprus, were brought by a Qatari citizen and by Mexican journalists and activists who were all targeted by the company’s spyware.

However, NSO Group says that their technology is legal and is sold to governments on the basis that it should only be used for tackling crime. They argue it is not their fault if the governments use the technology for other purposes.

Those who fear intrusive surveillance can take some comfort from the fact that the methods used are not that hard to understand, or counter. The victim downloads the spyware on to their own phone by clicking links in fake adverts and messages. So if anyone sends you a message saying “keep your car tires from exploding in the heat” then you know to ignore it!

The surveillance genie has been let out of its bottle, and I fear it will never return to it. Most governments appear to willfully ignore the consequences. They call for more rights to spy on citizens and demand the weakening of encryption, but blind themselves to the long-term implications. Every nation is engaged in a race to improve their surveillance capabilities as the relevant technology becomes more effective, widespread and affordable. This is a good argument for ordinary phone users to favor unbreakable end-to-end encryption in their communications services. Governments will never admit that such protection is in the individual’s best interests, but nor would the rulers of the UAE tell their citizens that they are being spied upon using Israeli software.

Eric Priezkalns
Eric Priezkalns
Eric is the Editor of Commsrisk. Look here for more about the history of Commsrisk and the role played by Eric.

Eric is also the Chief Executive of the Risk & Assurance Group (RAG), a global association of professionals working in risk management and business assurance for communications providers.

Previously Eric was Director of Risk Management for Qatar Telecom and he has worked with Cable & Wireless, T‑Mobile, Sky, Worldcom and other telcos. He was lead author of Revenue Assurance: Expert Opinions for Communications Providers, published by CRC Press. He is a qualified chartered accountant, with degrees in information systems, and in mathematics and philosophy.