Wednesday, October 4, 2023

Gov’t in covert talks to eavesdrop

The Botswana government is in secret talks with Israeli cellular phone reverse engineers, elite hackers and vulnerability researchers – Cellebrite Mobile Synchronization Ltd – as part of a plan to build a huge surveillance complex in Botswana ÔÇô Sunday Standard investigations have revealed.

There are fears that Batswana may lose their right to privacy to government’s burgeoning surveillance programme because there are currently no legal safeguards against abuse.

A Botswana Police Crime Intelligence Branch (CRIB) comprising head of the branch Nunu Lesetedi, Assistant Commissioner of Police Technical and Cyber Intelligence Kealeboga Keeditse and Cyber Intelligence and Forensic Officer Nonofo Dichabe were in Israel two weeks ago to negotiate a cooperation agreement with the Israeli company.

Cellebrite is made up of skilled reverse engineers, elite hackers and vulnerability researchers mostly from Unit 8200, the military’s large signal intelligence unit that gathers data on Israel’s enemies – and likely its friends – and engages in cyber warfare.

Unit 8200’s existence, until roughly a decade ago, had never been publicly acknowledged or identified and its history has never been revealed or reported, other than in snippets. The unit, however, is reported to be part of all Mossad (Israel’s king spy unit) and other Israeli intelligence agencies’ major operations.

As part of the agreement between the Botswana government and Cellebrite, the Israeli company will set up a mobile forensic laboratory in Gaborone for CRIB, the Botswana Crime Intelligence Branch.

In an interview with Sunday Standard, Lesetedi would not be drawn into discussing their agreement with Cellebrite or their recent visit to Israel.

The decision to expand government’s surveillance capability comes after Check Point, another Israeli company made up of Unit 8200 veterans, reported that Botswana was the most cyber attacked country in its list of 117 at-risk nations.

A few years ago, the International Cyber Security Protection Alliance also identified Botswana as a potential cybercrime hotspot which provides “organised cybercrime” with the ability and the hosting capacity to attack western countries.

There are fears that Batswana’s privacy faces growing threats from a growingsurveillance apparatus that is being justified in the name of national security. Without strong oversight to provide checks against illegal surveillance, Botswana government intelligent agencies may intrude upon the private communications of innocent citizens; amass vast databases of their calls and catalog “suspicious activities” based on the vaguest standards.

Cellebrite, which has been engaged by the Botswana government to set up a forensic lab in Gaborone which has become the epicentre of an increasingly controversial U.S. policy debate about government use of computing vulnerabilities and exploits for surveillance purposes and about how keeping that secret leaves the devices of millions of people open to intruders of all sorts.

Cellebrite is feted as the foremost mobile phone hacking outfit in the world; just as Apple has come to be seen as a warrior for digital protection and privacy against over-reaching government surveillance, Cellebrite is emerging as endeavouring to build tools to break through the barriers of Apple and other phone makers.

Cellebrite’s researchers have become, over the last decade, the FBI’s go-to hackers for mobile forensics. Many other United States federal agencies also rely on the company’s expertise to get into mobile devices.

Cellebrite has contracts with the FBI dating back to 2009, according to federal procurement records, but also with the Drug Enforcement Administration, the Secret Service and DHS’s Customs and Border Protection.

American state and local law enforcement agencies use Cellebrite’s researchers and tools as well, as does the US military, to extract data from phones seized from suspected terrorists and others in battle zones.

Cellebrite’s forensic tools include the Universal Forensic Extraction Device (UFED) a hardware bundled with proprietary software that acquires, decodes, and analyses data from smart phones, tablets and portable GPS devices. The UFED4PC, which is stand-alone software for use on a PC; and the UFED Pro, an add-on to the UFED does something called “physical extraction”, which siphons data directly from a phone’s flash memory chip.

This can include deleted SMS messages and call histories as well as data collected by the phone and apps that the user is unaware of.


Read this week's paper