A private surveillance firm that exploits mobile network vulnerabilities to spy on calls, texts and location data is doing business with at least 25 governments around the globe, including some with histories of human rights abuses, concludes a report released Tuesday.
The findings from the University of Toronto’s Citizen Lab scrutinize the work of the company Circles, which is a sister firm of the Israeli software surveillance broker NSO Group. Human rights activists frequently criticize NSO Group for selling its equipment to repressive regimes, a charge it rejects, even as it is the subject of a lawsuit from Facebook, which alleges that attackers used NSO Group tech to spy on thousands of WhatsApp users.
The countries Citizen Lab identified as “likely” customers of Circles: Australia, Belgium, Botswana, Chile, Denmark, Ecuador, El Salvador, Estonia, Equatorial Guinea, Guatemala, Honduras, Indonesia, Israel, Kenya, Malaysia, Mexico, Morocco, Nigeria, Peru, Serbia, Thailand, the United Arab Emirates, Vietnam, Zambia and Zimbabwe.
“The authoritarian profile of some of Circles’ apparent government clients is troubling, but not surprising,” the Citizen Lab team wrote. “Over the past decade, the explosion of the global surveillance industry has fueled a massive transfer of spy technology to problematic regimes and security services.”
Circles, which according to Citizen Lab says it only sells to nation-states, exploits weaknesses in Signalling System No. 7, a set of protocols used by telecommunications carriers to route calls. Attackers connected to an SS7 network can send ..