On 3 August 2016, OSINT has reported that the countries
of Uzbek, KAZ, are alleged to be hacking and spying in their political dissidents. Radio Free Europe is reporting that Uzbekistan,
Kazakhstan, and other authoritarian type governments have reportedly acquired
cyber tools used by Western law enforcement and are using them to hack and
harass their political dissidents.
Cyber
researchers have allegedly found that since the early 2000s, western security companies
have sold mass surveillance products to the Uzbekistan and Kazakhstan. These tools have provided authorities the
ability to quickly locate and arrest people who discuss sensitive information
on the phone or via e-mail. This to include
a dissident Uzbek blogger. The hacking
campaign involved physical surveillance, threats of violence, and instances of
cyber attacks.
E-mail communication of
dissidents to their attorneys were used to trick recipients into installing one
of two types of commercially available spy software. What appears to becoming common in these
geographic areas are the use of malware by governments to spy on their political
dissidents, specifically exiles who live outside of their government's direct
sphere of influence. This practice shows
the use of legitimate cyber tools by governments in collaboration with black
hat hackers being utilized for political purposes.
Wapack Labs has conducted previous research
on China dissident targeting, very similar to this eastern European matter. Additionally, we knew Uzbekistan was buying cyber
exploits from the same cyber vendors which was highlighted in a 2015 research paper:
“the Hacking Team was working with some
customers directly and with others by using “channels.” One such re-seller was
the Israeli defense contractor, used to access markets in 2014 such as
Ethiopia, Honduras, Nigeria and Uzbekistan. Later, in December 2012, a cyber representative
asked the Hacking Team if they sold directly to FSB and hacking team
representatives replied that they did, but as the data breach shows, the
company was using Russian third parties.”
Wapack Labs continues to research this issue in support of our clients.
Publication Date: Publication Date: 3 August 2016
Handling Requirements: Traffic Light Protocol (TLP) GREEN
Attribution/Threat Actors: OSINT- hacking against Brazil
Actor Type: Tier II
Potential Targets: Uzbekistan, Kazakhstan
Handling Requirements: Traffic Light Protocol (TLP) GREEN
Attribution/Threat Actors: OSINT- hacking against Brazil
Actor Type: Tier II
Potential Targets: Uzbekistan, Kazakhstan
Source: http://www.rferl.mobi/a/uzbekistan-kazakhstan-said-hacking-spying-dissidents/27897226.html
WL RSA source: https://community.redskyalliance.org/docs/DOC-3336
Radio Free Europe
Associated Press
Reuters
This report was published in its entirety to the Financial Services ISAC and Red Sky Alliance portal on August 3, 2016. For more information, contact Wapack Labs at 844-4-WAPACK.
