Brazil: Illegal phone surveillance

Featured image: Alexandre Ramagem and Augusto Heleno. Source: Valter Campanato/Agência Brasil

A Nova Democracia reports that more that 30,000 Brazilians were targeted by illegal surveillance during the government of the previous president of Brazil, Jair Bolsonaro. It has been revealed that the Brazilian Intelligence Agency (Abin), when under the leadership of Bolsonaro appointed Alexandre Ramagem, used an Israeli spyware to illegally spy on opponents of the government. Among those who were surveilled were activists, journalists, trade unionists and teachers opposed to the government of Bolsonaro, as well as politicians and judges.

The spyware called First Mile is developed by the Israeli company Gognyte. It is reported to likely exploits a vulnerability in SS7, which has been an international standard for telecommunication since 1988, and is still used, for example for 5G. First Mile can track devices using 2G, 3G, and 4G networks, simply by entering the the phone number of the device. The tool could be used to track 10,000 phone numbers every 12 months, with a single exception: it was not allowed to be used for targeting Israeli or North-American citizens. The tool also provided real time alerts of targets’ movement, and could be used to uncover or confirm relations between targeted people.

All the data that was collected was stored on servers in Israel, easily accessible by Gognyte. Gognyte also had access to information connecting the records with phone numbers, allowing the personal identification of the targets. The article from AND states that the scheme is “a serious attack against the Nation, which deserves the utmost seriousness in its treatment”. Depending on how classified the data is, the case comes close to violating the “Law on Crimes against the Democratic Rule of Law”, but there is no signs that the law is going to be used against the involved officials. According to the article from AND, Ramagem did not coordinate the illegal surveillance by himself, but with the direct connivance of Bolsonaro, and Augusto Heleno, who coordinated Abin’s supervisory body, the Institutional Security Office (GSI).

While spyware such as First Mile can be used to illegally track people, the information is anyways available to phone service providers. Information such as this can thus easily be obtained by State actors through court orders or law enforcement requests. Another way for a State to get this kind of information without going through the legal steps is to use fake cell towers called “cell-site simulators”. In the US, the Secret Service as well as the Immigration and Customs Enforcement (ICE) have been reveled to repeatedly illegally use fake cell towers for spying without a court order. In Norway it was revealed that the local police in Oslo had illegally used fake cell towers to surveil random people in order to practice using the technology.

There are also more advanced and intrusive spyware available to State actors. What is considered the “gold standard” for phone surveillance tools is Pegasus, developed by the Israeli company NSO. The tool is used by several State actors, among other Yankee-imperialism, through the FBI and the CIA.

Depending on the phone and the operating system version, Pegasus can be installed either through either “minimal or no engagement from the target”, without the target knowing. When installed the tool can be used for running code, reading text messages, call snooping, collecting passwords, accurate location tracking through GPS, accessing the target device’s microphone and camera, and gathering information from apps.

A section of a brochure describing “Phantom”, the brand name used to sell Pegasus in the US. Source: Vice

The usage of Pegasus by the State of Mexico has been one of the most extensive examples that have been revealed. The Mexican military has used the tool to surveil journalists, human rights defenders, political opponents of the government, among others. The current president of Mexico, Andrés Manuel López Obrador, has promised to stop the illegal surveillance, but the Mexican military has continued to use Pegasus.

Another case is the surveillance of the Catalan independence movement by the Spanish State. It is reported that at least 63 were targeted or infected with Pegasus. The targets included “Members of the European Parliament, Catalan Presidents, legislators, jurists, and members of civil society organisations”. In some cases family members also had their phones infected with Pegasus. The Spanish government has also itself been a target of the spyware. In 2021 the phones of the prime minister, Pedro Sánchez, and the defense minister, Margarita Robles are reported to have been infected with Pegasus.

In a recent case of phone surveillance an 18 year old British student was arrested and is now facing terrorism charges after joking about blowing up a plane. The university student had made the joke to his friends using Snapchat, while he was on a flight from England to Spain. The message was picked up by British intelligence services, which shared it with Spanish authorities. The Spanish State sent two F-18 fighter jets after the plane, and arrested the 18 year old student when the plane landed. In addition to facing time in prison, he could be fined up to 22,500 euros if he is convicted. In addition the Spanish defense ministry is demanding 95,000 euros in expenses.

Previous post Mexico: AMLO, Slim and the power mafia
Next post Turkey: Update on the case of the imprisoned journalist of Yeni Demokrasi