From sophisticated spyware attacks to mass phishing via smartphones and the rise of facial recognition technology, the range and reach of surveillance threats to human rights defenders is growing.

Israel must revoke the export license of NSO Group whose spyware products have been used in malicious attacks on human rights activists around the world, Amnesty International said ahead of the latest court case to embroil the tech firm.

Responding to a statement by WhatsApp on Tuesday that spyware produced by the Israeli firm NSO Group was used to target more than 100 human rights activists, Danna Ingleton, Deputy Director of Amnesty Tech, said:

On 13 May 2019, reports emerged about a security vulnerability in the popular messaging service WhatsApp which was leveraged to spy on the device of a high-risk human rights defender among others.

Two prominent human rights defenders in Morocco have been targeted using surveillance technology developed by the Israeli-based company NSO Group, according to new research published by Amnesty Tech today.

Amnesty International has discovered that since at least October 2017, HRDs from Morocco have been targeted with the infamous “Pegasus“ spyware produced by the Israeli company ‘NSO Group’. This report uncovers how this spyware was used to unlawfully target two prominent HRDs from Morocco, who have a history of facing reprisals from the state for speaking out openly about human rights in the country. Amnesty International can reveal that the two targets are Maati Monjib, an academic and activist working on issues of freedom of expression, and Abdessadak El Bouchattaoui, a human rights lawyer involved in the legal defence of protestors in a social justice movement in Hirak El-Rif that took place across 2016 and 2017.

Responding to news that Israeli spyware firm NSO Group, whose malicious technology has been used by governments to target activists, has announced it will respect human rights and take steps to prevent its tools being used to commit abuses in future, Danna Ingleton, Deputy Director of Amnesty Tech, said:

From Mexico to Morocco, Vietnam to Hungary, governments are wielding a range of sophisticated cyber-tools to unlawfully spy on activists and journalists. When governments attack the people who are defending our rights, then we’re all at risk. We’re campaigning to end the unlawful targeted surveillance of human rights defenders.

Attackers who use phishing scams to target human rights defenders in the Middle East and North Africa (MENA) are developing increasingly sophisticated techniques to infiltrate their accounts and evade digital security tools, according to new research published by Amnesty Tech. 

Across the world right now, states and big businesses are cracking down on dissent and preventing human rights defenders (HRDs) from carrying out their work. HRDs are threatened using a range of tactics and tools. Shielded, and often proactively aided, by repressive laws across countries, these tactics of repression are carried out with virtual impunity. Those is power are learning from one another. Importing and applying these tactics of repression in their local contexts has imposed a chilling effect on the ability of HRDs to expose human rights violations. One such tactic that occupies a prominent space in government playbooks across the world is that of surveillance.

In December 2018, Amnesty International documented widespread targeted phishing attacks against human rights defenders (HRDs) in the Middle-East and North Africa, in the report “When Best Practice Isn’t Good Enough”. That report documented how attackers had specifically developed techniques to target HRDs who had taken extra steps to secure their online accounts, such as by using more secure, privacy-respecting email providers, or enabling two-factor authentication on their online accounts.

Explore the Security Lab’s extensive research, news, technical reports, advocacy briefings and campaigns.