Top-secret documents reveal that the Directorate of Intelligence Services (DIS) is expanding its capacity to covertly monitor on-line and mobile phone activities of “opposition politicians, journalists and human rights lawyers”, Botswana Guardian has established.
A 19-page document leaked to this publication contains details of groundbreaking surveillance technology called Finfisher GmbH, which was developed by a Munich-based hacking firm to infect potentially thousands of computers and mobile phones countrywide with malware implants. The clandestine activity enables DIS to remotely monitor journalists’ and politicians’ smartphones and computers on a mass scale and siphon out data from foreign Internet and phone networks.
The covert infrastructure that supports the hacking efforts allegedly operates from the agency’s headquarters in Gaborone, and from eavesdropping bases at Phakalane and Serowe. Finfisher services peg at $64.7 million (approximately P517.6 million), according to Wikileaks estimates.
FinFisher has several intrusion systems, but sources within the intelligence community say DIS preferred two major malware services - FinSpy Mobile and FinSpy PC. The clandestine document shows that FinSpy Mobile and FinSpy PC can infect Apple OS X, Windows and Linux computers as well as Android, iOS, BlackBerry, Symbian and Windows Phone devices respectively. Finfisher reveals in a testimony to DIS that when FinSpy PC is installed on a computer system, it can “be remotely controlled and accessed as soon as it is connected to the Internet no matter where in the world the system is located”.
Similarly, FinSpy, according to the spy firm, is a field-proven monitoring solution that will enable DIS to monitor security aware politicians, businesspeople and journalists who regularly change location, use encrypted and anonymous communication channels and travel internationally.
Says Finfisher: “When FinSpy Mobile is installed on a mobile phone, it can be remotely controlled and monitored no matter where in the world the target is located.” It is not clear how FinSpy Mobile is deployed on a target’s mobile device, but Finfisher says it uses GPS tracking data and at times sends smses to targets whom, upon opening it, effectively transfer mobile data to headquarters, thereby allowing DIS to monitor every chat, call or sms.
In some cases FinSpy PC can masquerade as a fake Facebook server, using the social media site as a launching pad to infect a target’s computer and exfiltrate files from a hard drive. In several cases, it has sent out spam e-mails laced with the malware that can be tailored to covertly record audio from a computer’s microphone and take snapshots with its webcam.According to the document, the implants being deployed target several hard-to-reach targets whose communications could not be monitored through traditional wiretaps. Even so, a security analyst says DIS has aggressively accelerated its hacking initiatives in the past decade by computerising some processes previously handled by humans.
Finfisher sales director, Joseph Debs, is believed to have been in Botswana some time last year to close a clandestine deal on the procurement of the spy software. For more than 10 days, Debs has not returned several calls and an email from Botswana Guardian. Katja Bohlemann, a sales assistant at Finfisher offices in Munich, Germany said her boss is always out of the country and refused to discuss Finfisher deals with the media.The spy firm prides itself as “number one partner for many of the world’s leading intelligence agencies”. In Africa, Finfisher, has been criticised by Reporters Without Borders for violating human rights and freedom of information, The company has done business with Egypt’s Hosni Mubarak regime, Ethiopia and Nigeria.
It is not clear how long DIS has been using FinSpy PC and FinSpy Mobile to remotely intercept communication. The Director General of DIS, Isaac Kgosi, declined to answer questions about his outfit’s deployment of spying implants.