As African governments crack down on protestors and opposition leaders in countries such as Nigeria and Uganda, it is emerging that state security agencies in seven regional countries are among 25 around the world using an Israeli surveillance platform to snoop on private communications of citizens.
A new report names Nigeria, Kenya, Zimbabwe, Botswana, Equatorial Guinea, Morocco, and Zambia as the African countries that have been employing Circles’ surveillance platforms to exploit flaws in telecoms systems and to access telephone calls, SMS messages and location services.
The report by the University of Toronto’s Citizen Lab titled Running in Circles: Uncovering the Clients of Cyberespionage Firm Circles offers new perspectives detailing how the telecom surveillance company, Circles has deployed its platforms across Africa, helping state security departments to snoop on communications of opposition politicians, journalists, and protestors.
It’s worth noting Circles is said to be affiliated with Tel Aviv-based NSO Group, which became globally known last year for the Pegasus spyware scandal after it was reported to have been used to exploit a vulnerability in the popular WhatsApp app to spy opposition organizers in several countries.
One such example is Botswana, where Citizen Lab has detailed how the Directorate for Intelligence and Security’s domain was used to identify two snooping systems linked to Circles platforms. This was undertaken through cryptographic TLS certificates signed under “CN=sid.org.bw” which is a domain name linked to the country’s state security and defense department. The targets for this surveillance seemed to have been media houses, journalists, and their sources in cases involving corruption by politicians.
The outbreak of EndSARS protests in Nigeria, where young citizens demonstrated peacefully against the heavy-handed and violent nature of the now-disbanded SARS police unit, triggered a deadly state security crackdown on protestors features followed by various attempts by the government to infiltrate and undermine protest organizers. This is not new, Front Line Defenders had already concluded in a 2018 report that that the Nigerian government “has conducted mass surveillance of citizens’ telecommunications.”
But it’s not just the countries facing protests that are resorting to surveillance of private communications of citizens. In Zambia, for example, there is a entire cyber-surveillance unit in the office of the country’s telecommunications regulator. As in Uganda more recently, Zambia and several other African countries have relied on a mix of Chinese-bought facial recognition and digital surveillance tools from companies including Huawei and Cloudwalk.
As internet penetration and smartphone usage increases with young Africans, social media has become more influential for organizing civil society and opposition movements across Africa. This has led to several governments shutting down the internet or blocking social media apps especially around elections and protests. But given the economic cost of shutdowns and widespread criticism, covert surveillance of digital footprints may now be seen as a more effective option.
Hiding behind code names or completely operating behind anonymous domains is an emerging trend for African state departments undertaking covert surveillance of private citizens as there was an unidentified client using Circles’ platform in Zimbabwe, in addition to another client going by the code name “Zagato Zeus”. Another client, Zimbabwe Telcel has also been identified as having relied on Circles’ platform for surveillance of private telecommunications in the southern African country.
Equatorial Guinea, which has previously shut down the internet, also had an anonymous client using surveillance systems while Telco Kali Rainbow was identified as being behind usage of a surveillance system geo-located to Mauritius but traced back to IP addresses in Kenya.
As surveillance of private citizens’ communications increases across Africa, there are fresh worries that telecom companies are not yet adequately geared to deal with this trend.
“Abuse of the global telephone system for tracking and monitoring is believed to be widespread, however it is difficult to investigate,” notes Citizen Lab in its report. “Meanwhile, cellular carriers have many technical difficulties identifying and blocking abuses of their infrastructure.”
By Tawanda Karombo