Turkey Using German Spy Software On Opposition Politicians & Activists

Opposition protesters in Turkey were reportedly deceived into downloading a spy app made by a German firm despite Germany having previously vowed to block exports of spy software to authoritarian countries.

The Turkish government used a German-made spy program to infiltrate the smartphones of Turkish opposition members, according to a report seen by German media. 

Germany has strict rules for exporting spy software and has in the past vowed to block exports to authoritarian countries.

What we Know so far:
German daily newspaper Süddeutsche Zeitung and public broadcasters NDR and WDR reported the news based on a study by the digital rights group Access Now. Access Now found evidence that Turkish officials had used the program "Finspy" by Finfisher, a German company headquartered in Munich, to spy on members of the opposition party CHP.

The software was primarily used during a three-week protest against Turkish President Recep Erdogan organized by CHP leader Kemal Kilicdaroglu in July 2017. Fake Twitter accounts posted links to websites that promised to inform protesters about the demonstration if they downloaded a smartphone app.

The app included Finspy software and allowed the government to gain real-time access to the smartphone owners contacts, photos and videos.

A security expert at Germany's University of Bochum independently analyzed the software and told the Süddeutsche Zeitung newspaper and regional broadcasters NDR and WDR that "it appeared to be a newer version" of previous Finspy software.

What were the Reactions?
Responding to a question by the three media outlets, the German Economy Ministry said it had not approved any export licenses for spy software since October 2014.  FinFisher refused to comment on the story after being contacted by Süddeutsche Zeitung, NDR and WDR.

The Germany director for Human Rights Watch, Wenzel Michalski, wrote on Twitter: "This [news] would mean there are holes in our export regulations. This must be investigated immediately." Green lawmaker Konstantin von Notz wrote on Twitter: "Turkish spy attacks on the opposition with technology that was created with German tax money and should never have been exported?! The #GroKo [German coalition government] must urgently clarify [the situation] and prevent something like this from happening in the future."

Germany's export policy: The same three media outlets reported in 2014 that then-Economy Minister Sigmar Gabriel wanted to stop exports of spy software to authoritarian governments. Gabriel was quoted as saying: "We want to stop the export of these types of technologies to countries that suppress civil rights movements and that do not accept basic human rights."

What is Finfisher? The company works exclusively with governments to provide police and intelligence software. On its website, it says its mission is "to provide first-class cyber solutions and knowledge for successful operations against organised crime."

DW

You Might Also Read: 

Some Notes About Wassenaar:

Snowden’s Haven - A New Surveillance App:

Biter Bitten: The Hacking Team Hit by Breach:
 

« Meet Tess: The Mental Health Chatbot
Facebook Suspends Hundreds Of Apps »

Directory of Suppliers

Darktrace

Darktrace

Darktrace’s Enterprise Immune System is capable of detecting and responding to emerging cyber-threats, from within the network.

EACS

EACS

Award winning and trusted provider of IT solutions and managed services to a wide range of UK organisations.

Bulb Security

Bulb Security

Whether your internal red team or penetration testing team needs training, or you lack internal resources and need an outsourced penetration test, Bulb Security can help.

Netshield

Netshield

Netshield is a Managed ICT Services provider specialising in the delivery of proactive ICT services, both on-premise and in the cloud.

Panda Security

Panda Security

Panda Security provides advanced anti-virus and threat protection solutions for home users and business networks.

Cybereason

Cybereason

Cybereason provides real-time detection of malicious activity enabling you to identify the cause and scope of an attack and ensure an effective response.

Bracket Computing

Bracket Computing

Bracket Computing has developed a Cloud Workload Protection Platform, called the Computing Cell.

Cyber Command

Cyber Command

Our Managed IT service allows clients to offload the management of day-to-day computer, server, and networking support to our team of professionals.

Cygate

Cygate

Cygate are specialists in information security, data networks, and data centre and cloud technologies.

BMS Group

BMS Group

BMS is an independent, employee-owned specialist insurance broking group. Broking solutions include Cyber and Technology.

Nexcom

Nexcom

Nexcom operates six global businesses - IoT Automation, Intelligent Digital Security, Internet of Things, Intelligent Platform & Services, Mobile Computing Solutions, Network & Communications.

Cyber Execs

Cyber Execs

Cyber Execs is a Cyber Security Consultancy & Executive Recruitment firm.

GDPR Guys

GDPR Guys

GDPR Guys have simplified the process for becoming GDPR compliant and deliver it in 5 easy modules.

Lynx Technology Partners

Lynx Technology Partners

Lynx Technology Partners provides highly regulated industries with IT security and risk management advisory services.

Future of Cyber Security Europe

Future of Cyber Security Europe

Future of Cyber Security Europe is a European wide event examining the latest cyber security strategies and technologies.