[Some of many Bahraini pro-democracy activists whose computers were hacked by the regime using soft ware by a UK company]
Elham Asaad Buaras
Leaked internal documents released earlier this month has revealed UK-German surveillance company, Gamma Group International, has sold spy software to Bahrain during the regime’s crackdown on pro-democracy activists.
A report by the advocacy group Bahrain Watch (BW) suggests that the Bahraini Government infected 77 computers of the country’s most prominent lawyers, activists and politicians with the malicious FinFisher surveillance software. The spyware attacks covered a period between November 2010 and February 2012 and targeted computers in Bahrain, the UK and seven other countries.
Bahrain Watch concluded that, “Given that Gamma has repeatedly insisted that it ‘only supplies the FinFisher product range to government organisations and law enforcement agencies’ , the Bahraini customer must have been a government body.”
Bahrain Watch examined the list of computers infected with the spyware, and attempted to identify their targets based on usernames and IP addresses. In some cases they directly contacted suspected targets to verify the information.
The leaked data shows that Gamma Kingdom s support staff were communicating with a customer in Bahrain from 2010 to 2012, and had sold the customer licenses to spy on at least 30 computers simultaneously.
In a message dated November 2, 2011, Bahraini officials complained about FinFisher “not working at all” or bugs and issues that caused them to lose targets.
The Bahraini customer complains; “Please let us know what to do in this case, as this issue keeps going on” and “we are losing targets daily without our knowledge and we are sure that we didn’t do the removal” and “we can’t stay bugging and infecting the target every time since it is very sensitive” and “we don’t want the target to.. know that someone is infecting his PC or spying on him.”
In a statement to The Muslim News Bahrain Watch said, “The infections would have enabled the Government to steal passwords and files, and spy through an infected computer’s webcam and microphone. The list of 77 computers infected by Bahraini authorities was part of a massive leak of data purportedly hacked from the servers of the UK-German surveillance software company Gamma International – the makers of FinFisher.”
Bahrain Watch also says the leaked documents contradict claims by Gamma that it does not do business with Bahrain and that its software is used primarily to target criminals and terrorists.
Bahrain Watch suggested that Gamma may have violated UK export laws on surveillance technology, and called on Her Majesty’s Revenue and Customs (HMRC) to renew criminal investigations into the company in light of the new evidence.
HMRC will be under immense pressure to renew its investigations after a British court ruled on May 12 that it acted unlawfully and “irrationally” in refusing to disclose information on the status of any criminal proceedings into possible illegal export of FinFisher.
Privacy International, a British rights group that defends and promotes the right to privacy across the world, had at the time repeatedly asked HMRC on behalf of one of the founding members, Dr Ala’a Shehabi, whether it was investigating Gamma International for violation of exports laws. But the law enforcement body always refused to release any information.
Speaking after the court ruling, Privacy International’s Deputy Director, Eric King, said, “For two years we have been asking Government to come clean on what they are doing when it comes to the illegal export of FinFisher and to stand up for victims targeted by surveillance technology made on British soil. Today’s ruling is an important victory, and a step in the right direction to holding Gamma International, and the rest of this secretive industry, to account.”
A spokesman for HMRC told The Muslim News they are “not permitted to comment on any investigations”.
“This latest revelation provides strong evidence that not only has Gamma been misleading in its claim of not supplying the Bahraini Government, but it did so possessing evidence that its software was being used primarily to target political dissidents, lawyers and journalists,” said BW’s Bill Marczak.
“We call on governments in Europe to ensure they introduce adequate regulation and enforcement mechanisms to end the export of surveillance technology to repressive states.”