In December 2018, Amnesty International documented widespread targeted phishing attacks against human rights defenders (HRDs) in the Middle-East and North Africa, in the report “When Best Practice Isn’t Good Enough”. That report documented how attackers had specifically developed techniques to target HRDs who had taken extra steps to secure their online accounts, such as by using more secure, privacy-respecting email providers, or enabling two-factor authentication on their online accounts.

Explore the Security Lab’s extensive research, news, technical reports, advocacy briefings and campaigns.

Amnesty International is supporting a legal action to take the Israeli Ministry of Defence (MoD) to court, to demand that it revokes the export license of NSO Group, an Israeli company whose spyware products have been used in chilling attacks on human rights defenders around the world.

……

An investigation by Amnesty International has revealed that dozens of Egyptian human rights defenders have been targeted by phishing attacks since the beginning of this year, putting them in grave danger amid Abdelfattah al-Sisi’s government’s intensifying crackdown on dissent.

A new Amnesty International investigation has found a wave of digital attacks that likely originated from government-backed bodies starting from early January 2019 and involving multiple attempts to gain access to the email accounts of several prominent Egyptian human rights defenders, media and civil society organizations’ staff. The attacks appear to be part of a wider strategy, occurring amid an unprecedented crackdown on the same groups in what have turned Egypt into an “open-air” prison for critics. Because of the identities of the targets we have identified, the timing of these attacks, their apparent coordination and the notifications of state-sponsored attacks sent from Google, we conclude that these attacks were most likely carried out by, or on behalf of, the Egyptian authorities.

……

Novalpina Capital, the private equity firm that has supported NSO Group management to acquire the company from Francisco Partners, must immediately disclose how it plans to prevent further human rights abuses by NSO Group, which has been linked to several chilling attacks on human rights defenders, Amnesty International said today.

Amnesty’s latest course on digital security, launching on rdX January 28th, will teach you about digital threats, how to strengthen your security online and to take action to promote digital security and human rights worldwide.

From the arsenal of tools and tactics used for targeted surveillance, phishing remains one of the most common and insidious form of attack affecting civil society around the world. More and more Human Rights Defenders (HRDs) have become aware of these threats. Many have taken steps to increase their resilience to such tactics. These often include using more secure, privacy-respecting email providers, or enabling two-factor authentication on their online accounts.

Amnesty International is taking legal advice in order to revoke the export licence of Israeli-based NSO Group, after it was revealed the cyber firm’s spyware had been used in an attempt to spy on an Amnesty staff member.

AMNESTY INTERNATIONAL, ACCESS NOW, REPORTERS WITHOUT BORDERS