After the Arab Spring, Surveillance in Egypt Intensifies

Uploaded on 2015-03-19 in NEWS-Cybersecurity News, INTELLIGENCE--International, GOVERNMENT-National, FREE TO VIEW

It’s been four years since a popular uprising known as the Arab Spring forced Egyptian President Hosni Mubarak to resign, and yet leading information activists say that government surveillance is getting worse, not better.
The establishment of the High Council for Cyber Crime by decree of the Prime Minister on Dec. 14 cemented control of already tightly constrained Internet activity in Egypt, according to Ramy Raoof, one of the founders of Motoon, a new organization that provides information security consulting to non-governmental organizations and private companies. “The whole idea of [the Cyber Crime Council] is to make repression clearer and organized for the state,” he says.
The High Council for Cyber Crime is headed by Atef Holmi, the minister of Communications and Information Technology, and brings together top officials from across the Egyptian government, including the Ministries of Interior and Defense. Its sweeping mandate is “to fight threats in cyberspace.”
In the past, divisions between competing state bodies, whether ministries or institutions like the military, impeded cooperation in spying on and cracking down on civilian opponents. “Within the security agencies, they don’t share much information,” Raoof says. “They might share what they know, but not how they know it.”
The announcement of the formation of the High Council for Cyber Crime is part of a broader government shift toward greater surveillance on opposition figures and activists, according to Raoof.
“The Ministry of Interior has changed the way it talks about surveillance, from denials to, ‘Yes, we are spying, but only on the bad guys,’” Raoof says, speaking from Motoon’s office, which is modeled on the tech spaces of Silicon Valley, replete with beanbag chairs, Tetris graphics on the walls and a kitchen stocked with coffee and cookies.
The Ministry of Interior and other government officials have lately been saying, “We are trying to keep up with other democracies around the world, to move our country forward in a direction like the U.S.,” Raoof says. “So they give examples of the U.K. and U.S. as the model of governance that needs to be followed. And that model involves only surveillance.”
Egypt has a long history of communications surveillance. In the early 2000s, the Egyptian government began to pressure mobile companies to give up subscriber information. Tapping calls and text messages was then the Mubarak regime’s primary means of monitoring mass communications.
When it became clear that this was the best way to obtain operating permits and expand business, “mobile companies started to offer up information and strategies [to the government] for tracking users,” Raoof says.
In 2008, the state’s technological capacities for Internet surveillance leapt forward when it established an emergency task force to monitor and intercept online communications in response to a wave of protests in the industrial city of Mahalla. The Egyptian government turned to Western companies, purchasing hi-tech digital surveillance software such as Blue Coat, an online communication monitoring software developed by a U.S. company of the same name that has the ability to comb information from social media and emails, as well as penetrate programs like WhatsApp and Skype.
The sister-company to Blue Coat, called See Egypt, won a contract with the Egyptian government last year to sell its software and train the government in its use. Other Internet monitoring soft wares, like FinSpy from the U.K.-based Gamma International, and Remote Control System from the Italian-based company Hacking Team, have also won contracts with the Egyptian government.
In March 2011, protestors broke into the Egyptian State Security building and discovered documents that attested to extensive state surveillance activities — those revelations kicked off a series of high-profile information scandals. Yet rather than rolling back surveillance, the military-controlled government has used counterterrorism to justify expanding surveillance, according to Raoof and other activists. A rise in bomb attacks in Egypt, and the leak of a government tender requesting more advanced surveillance software, pushed the government to justify its activities, while also offering the excuse of national security.
The Egyptian government is far from alone in its domestic Internet surveillance activities, notes Runa Sandvik, an independent security researcher based in Washington, D.C. “As a security researcher in 2011 with the TOR project [developing software for anonymous internet browsing], I discovered that top information technology people from governments in the Middle East were meeting yearly to discuss website block lists, how to block TOR and other activities,” she says.
The biggest leaks have come from anonymous government figures attempting to compromise the presidency, yet the Ministry of Interior has focused on identifying and arresting groups of people critical of the regime, often based on little more than comments on Facebook, according to Amr Gharbeia, an information privacy advocate, who points to the recent condemnation of a prominent opposition blogger and activist to five years in prison by Egyptian courts.
In February, the pro-Muslim Brotherhood TV channel Mekameleen, based in Turkey, aired audio of what appeared to be Egyptian President Abdel Fatah El Sisi and senior government officials speaking contemptuously about wealthy Gulf funders, despite having received billions of dollars in cash and petroleum from Gulf states. It’s widely suspected that the leak, called Egypt’s “Watergate,” came from government sources.
Despite leaks like those, the authorities have focused mainly on prosecuting those critical of the regime, says Gharbeia, who is part of the Arab Digital Expression Foundation, a base for training Arab youth in digital technology and programming. “Police sources have been boasting of arresting people in the hundreds, even children, sweeping up groups of people associated with a particular IP address,” he says.   
Firstlook  http://ow.ly/KfJMI    Opensourceintelligence   http://ow.ly/KfJRE

 

« Wikipedia challenging mass surveillance by NSA
Snowden: IT Workers Are Now the Target of Spies »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Bulletproof Cyber

Bulletproof Cyber

Bulletproof offer a range of security services, from penetration testing and vulnerability assessments to 24/7 security monitoring, and consultancy.

Uhuru Corp

Uhuru Corp

Uhuru offers a wide variety of IoT products and solutions including enebular® IoT Orchestration Service.

Agility Networks

Agility Networks

Agility Networks is a technology company providing integrated services and solutions for Digital Transformation and Cyber Security.

Lightship Security

Lightship Security

Lightship Security is an accredited Common Criteria and FIPS 140-2 IT security testing laboratory that specializes in test conformance automation solutions and IT product security certifications.

BicDroid

BicDroid

BicDroid is a world leader in data and cyber security with innovative solutions that protect your data anywhere, anytime, against everything.

Force Majeure

Force Majeure

Force Majeure specializes in cybersecurity, incident response, and digital forensics, with experience spanning more than a decade.

nexSecurity

nexSecurity

neXSecurity is an IT and Information security consulting company with more than 2 decades worth of software development and security experience.

blueAllianceIT

blueAllianceIT

blueAlliance IT is an investment and growth platform that unites local MSP and IT companies around the nation, helping them to grow and operate competitively.

Great American Insurance Group

Great American Insurance Group

Great American's Cyber Risk Division offers cyber solutions for small and medium-sized businesses.

PKI Solutions

PKI Solutions

PKI Solutions offers Public Key Infrastructure (PKI) products, services, and training to help ensure the security of organizations now and in the future.

Identity Digital

Identity Digital

Identity Digital simplifies and connects a fragmented online world with domain names and related technologies that allow people and businesses to build, market and own their digital identities.

Multipoint Group

Multipoint Group

Multipoint is an information security and protection solutions company operating in the South EMEA region through value-added distribution channels.

Uptime Institute

Uptime Institute

Uptime Institute is an unbiased advisory organization focused on improving the performance, efficiency, and reliability of business critical infrastructure.

Omnex

Omnex

Omnex provides consulting and training services in Quality, Environmental, and Health and Safety standards-based management systems including Automotive Cybersecurity.

Infosec Ventures

Infosec Ventures

Infosec Ventures incubates and scales cyber security innovators that solve inefficiencies in cyber security.

tmc3

tmc3

tmc3 is an award-winning, people-centric consultancy that is transforming cyber security from an overhead into an organisational enabler.