Turkey Using German Spy Software On Opposition Politicians & Activists

Uploaded on 2018-05-23 in NEWS-Cybersecurity News, INTELLIGENCE--Europe, GOVERNMENT-National, FREE TO VIEW

Opposition protesters in Turkey were reportedly deceived into downloading a spy app made by a German firm despite Germany having previously vowed to block exports of spy software to authoritarian countries.

The Turkish government used a German-made spy program to infiltrate the smartphones of Turkish opposition members, according to a report seen by German media. 

Germany has strict rules for exporting spy software and has in the past vowed to block exports to authoritarian countries.

What we Know so far:
German daily newspaper Süddeutsche Zeitung and public broadcasters NDR and WDR reported the news based on a study by the digital rights group Access Now. Access Now found evidence that Turkish officials had used the program "Finspy" by Finfisher, a German company headquartered in Munich, to spy on members of the opposition party CHP.

The software was primarily used during a three-week protest against Turkish President Recep Erdogan organized by CHP leader Kemal Kilicdaroglu in July 2017. Fake Twitter accounts posted links to websites that promised to inform protesters about the demonstration if they downloaded a smartphone app.

The app included Finspy software and allowed the government to gain real-time access to the smartphone owners contacts, photos and videos.

A security expert at Germany's University of Bochum independently analyzed the software and told the Süddeutsche Zeitung newspaper and regional broadcasters NDR and WDR that "it appeared to be a newer version" of previous Finspy software.

What were the Reactions?
Responding to a question by the three media outlets, the German Economy Ministry said it had not approved any export licenses for spy software since October 2014.  FinFisher refused to comment on the story after being contacted by Süddeutsche Zeitung, NDR and WDR.

The Germany director for Human Rights Watch, Wenzel Michalski, wrote on Twitter: "This [news] would mean there are holes in our export regulations. This must be investigated immediately." Green lawmaker Konstantin von Notz wrote on Twitter: "Turkish spy attacks on the opposition with technology that was created with German tax money and should never have been exported?! The #GroKo [German coalition government] must urgently clarify [the situation] and prevent something like this from happening in the future."

Germany's export policy: The same three media outlets reported in 2014 that then-Economy Minister Sigmar Gabriel wanted to stop exports of spy software to authoritarian governments. Gabriel was quoted as saying: "We want to stop the export of these types of technologies to countries that suppress civil rights movements and that do not accept basic human rights."

What is Finfisher? The company works exclusively with governments to provide police and intelligence software. On its website, it says its mission is "to provide first-class cyber solutions and knowledge for successful operations against organised crime."

DW

You Might Also Read: 

Some Notes About Wassenaar:

Snowden’s Haven - A New Surveillance App:

Biter Bitten: The Hacking Team Hit by Breach:
 

« Meet Tess: The Mental Health Chatbot
Facebook Suspends Hundreds Of Apps »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

ManTech International

ManTech International

ManTech provides comprehensive, integrated cyber security support, which includes computer and network design, implementation, and operations.

Ezenta

Ezenta

Ezenta is a Danish IT security consulting firm.

Telesoft Technologies

Telesoft Technologies

Telesoft Technologies is a global provider of cyber security, telecom and government infrastructure products and services.

Custodio Technologies

Custodio Technologies

Custodio Technologies was established as a Singaporean R&D Centre of Israel Aerospace Industries (IAI) in order to spearhead R&D activities in the field of cyber early warning.

Coursera

Coursera

Coursera provides universal access to the world’s best education, partnering with top universities and organizations to offer courses online. Subject areas include Computer Security & Networks.

CloudMask

CloudMask

CloudMask patent technology provides Dynamic Data Masking (DDM) that masks sensitive data, structured or non-structured, in real-time.

Tigera

Tigera

Tigera provides zero-trust network security and continuous compliance for Kubernetes platforms that enables enterprises to meet their security and compliance requirements.

iProov

iProov

iProov delivers authentication and verification simply and securely, based on a genuine one-time biometric.

Mindmajix Technologies

Mindmajix Technologies

Mindmajix is a live and interactive e-learning platform that offers professional online IT training in areas including cyber security.

Xopero Software

Xopero Software

Xopero Software develops a comprehensive range of professional tools for protecting and restoring critical business data.

Client Solution Architects (CSA)

Client Solution Architects (CSA)

Client Solution Architects (CSA) is a leading digital transformation consulting firm focused on the U.S. Defense Department and all U.S. Federal enterprise information technology service areas.

Minorities in Cybersecurity (MiC)

Minorities in Cybersecurity (MiC)

MiC was developed out of a unique passion to help fill the gap that exists in the support and development of women and minority leaders in the cybersecurity field.

Hack-X Security

Hack-X Security

Hack-X Security provide IT risk assessment and Digital Security Services. We are a trusted standard for businesses that must protect their data from cyber-attacks.

Hiya

Hiya

Hiya's mission is to secure voice with trust, identity and intelligence. We're protecting people from spam and fraud calls, and helping carriers secure their networks for all.

International Maritime Cyber Security Organisation (IMCSO)

International Maritime Cyber Security Organisation (IMCSO)

The IMCSO mission is to be the standard in the maritime cyber security industry, a collective voice, working towards alignment and standardisation.

ModelOp

ModelOp

ModelOp is the leading AI Governance software for enterprises and helps safeguard all AI initiatives.