……

An investigation by Amnesty International has revealed that dozens of Egyptian human rights defenders have been targeted by phishing attacks since the beginning of this year, putting them in grave danger amid Abdelfattah al-Sisi’s government’s intensifying crackdown on dissent.

A new Amnesty International investigation has found a wave of digital attacks that likely originated from government-backed bodies starting from early January 2019 and involving multiple attempts to gain access to the email accounts of several prominent Egyptian human rights defenders, media and civil society organizations’ staff. The attacks appear to be part of a wider strategy, occurring amid an unprecedented crackdown on the same groups in what have turned Egypt into an “open-air” prison for critics. Because of the identities of the targets we have identified, the timing of these attacks, their apparent coordination and the notifications of state-sponsored attacks sent from Google, we conclude that these attacks were most likely carried out by, or on behalf of, the Egyptian authorities.

……

Novalpina Capital, the private equity firm that has supported NSO Group management to acquire the company from Francisco Partners, must immediately disclose how it plans to prevent further human rights abuses by NSO Group, which has been linked to several chilling attacks on human rights defenders, Amnesty International said today.

Amnesty’s latest course on digital security, launching on rdX January 28th, will teach you about digital threats, how to strengthen your security online and to take action to promote digital security and human rights worldwide.

From the arsenal of tools and tactics used for targeted surveillance, phishing remains one of the most common and insidious form of attack affecting civil society around the world. More and more Human Rights Defenders (HRDs) have become aware of these threats. Many have taken steps to increase their resilience to such tactics. These often include using more secure, privacy-respecting email providers, or enabling two-factor authentication on their online accounts.

Amnesty International is taking legal advice in order to revoke the export licence of Israeli-based NSO Group, after it was revealed the cyber firm’s spyware had been used in an attempt to spy on an Amnesty staff member.

AMNESTY INTERNATIONAL, ACCESS NOW, REPORTERS WITHOUT BORDERS

The Security Lab at Amnesty International is a multi-disciplinary team of researchers, hackers, coders, campaigners and advocates working to protect civil society from unlawful digital surveillance, spyware and other human rights abuses enabled by technology.

By Danna Ingleton, Research and Policy Advisor at Amnesty International

In June 2018, an Amnesty International staff member received a malicious WhatsApp message with Saudi Arabia-related bait content and carrying links Amnesty International believes are used to distribute and deploy sophisticated mobile spyware. Through the course of our subsequent investigation we discovered that a Saudi activist based abroad had also received similar malicious messages. In its analysis of these messages, Amnesty International found connections with a network of over 600 domain names. Not only are these domain names suspicious, but they also overlap with infrastructure that had previously been identified as part of Pegasus, a sophisticated commercial exploitation and spyware platform sold by the Israel surveillance vendor, NSO Group.