U.S. allies Bahrain and the United Arab Emirates, along with Syria, are using malicious email and Facebook messages to track and entrap journalists, dissidents and campaigners, who face jail and torture if identified and arrested, according to a new study.
The cyberattacks are often very simple — just a plausible email, Twitter or Facebook message with a malicious link. Clicking that link reveals the IP address of the user, linking a particular computer or home network to targeted email or other account, according to the study from The Citizen Lab, run by the Munk School of Global Affairs in Toronto.
But some attacks are more complex, using remote access and surveillance software marketed specifically to law enforcement and intelligence agencies all over the world by companies like Gamma International and Hacking Team.
Data from the attacks has been used in prosecutions, including one 19-year-old who got a year in prison for calling the King of Bahrain a dictator on Twitter, states the study.
But many of the attacks are borderline inept and could be thwarted with simple security procedures, the authors found.
By following the chain of malicious links and other suspicious messages sent to dissidents all the way back to government agencies, the study aims to refute these governments’ often strenuous denials that they do not use malicious software to track citizens.
When Governments Hack Opponents: A Look at Actors and Technology, is published in the proceedings of the USENIX Security Symposium, dated August 2014.