Spyware used on investigators probing missing students in Mexico: report

FILE PHOTO: Relatives hold posters with images of some of the 43 missing students of Ayotzinapa College Raul Isidro Burgos as they take part in a march to mark National Teachers' Day along Reforma avenue, in Mexico City, Mexico May 15, 2017. REUTERS/Henry Romero/File Photo

MEXICO CITY (Reuters) – An international investigation into the disappearance of 43 students in Mexico was targeted with spying software sold to governments to fight criminals and terrorists, according to a report published on Monday.

The spying attempt was the latest example of civilians who have been targeted by the software known as Pegasus, which Israeli company NSO Group only sells to governments, according to the report by Citizen Lab, a group of researchers based at the University of Toronto’s Munk School of Global Affairs.

Mexican President Enrique Pena Nieto has asked the attorney general’s office to investigate previous charges that the government spied on private citizens, saying he wanted to get to the bottom of the accusations that he called “false.”

Citizen Lab said it had found a trace of the Pegasus software in a phone belonging to a group of experts backed by the Inter-American Commission on Human Rights (IACHR) who had traveled to Mexico to investigate the disappearance of the 43 students.

The attempt to infect the phone occurred in early March 2016, following criticism by the IACHR-backed group that the Mexican government had interfered with its investigation, Citizen Lab said.

“This is a very delicate matter … a big problem. Any state must react immediately,” Angela Buitrago, part of the IACHR’s team of experts, told Reuters.

Buitrago said that if any sensitive data was leaked it could have influenced the investigation.

The disappearance of the students from a rural teachers college in 2014 marked one of Mexico’s worse atrocities, and the government’s handling of the case marked a low point for Pena Nieto’s popularity.

Last month, Citizen Lab identified 15 activists, human-rights lawyers, journalists and opposition officials who had also seen attempts to infect their phones with the spyware.

(Reporting by David Alire Garcia and Liz Diaz; Editing by Leslie Adler)

Lithuania said found Russian spyware on its government computers

A man types on a computer keyboard in this illustration picture

By Andrius Sytas

VILNIUS (Reuters) – The Baltic state of Lithuania, on the frontline of growing tensions between the West and Russia, says the Kremlin is responsible for cyber attacks that have hit government computers over the last two years.

The head of cyber security told Reuters three cases of Russian spyware on its government computers had been discovered since 2015, and there had been 20 attempts to infect them this year

“The spyware we found was operating for at least half a year before it was detected – similar to how it was in the USA,” Rimtautas Cerniauskas, head of Lithuanian Cyber Security Centre said.

The Kremlin did not immediately respond to a Reuters written request for comments over the Lithuanian claims. But Russia has in the past denied accusations of hacking Western institutions.

Fears of cyber attacks have come to the fore since the U.S. election campaign when hacking of Democratic Party emails led to allegations from U.S. intelligence that Russia was involved.

Lithuania, Estonia and Latvia, all ruled by Moscow in communist times, have been alarmed by Russia’s annexation of Ukraine’s Crimea peninsula in 2014 and its support for pro-Russian separatists in eastern Ukraine.

In what Baltic officials say was a wake-up call, Estonia was hit by cyber attacks on extensive private and government Internet sites in 2007. State websites were brought to a crawl and an online banking site was closed.

Lithuanian intelligence services, in their annual report, say cyber attacks have moved from being mainly targeted at financial crimes to more political spying on state institutions.

Russian spyware was transferring all documents it could find, as well as all passwords entered on websites such as GMail or Facebook, to an internet address commonly used by Russian spy agencies, Cerniaukas said.

“This only confirms that attempts are made to infiltrate our political sphere,” said Cerniaukas.

PREPARATIONS

Germany’s domestic intelligence agency reported earlier this month a striking increase in Russian targeted cyber attacks against political parties and propaganda and disinformation campaigns aimed at destabilizing German society.

The domestic intelligence chief said Russia may seek to interfere in its national elections next year.

Although no Russian cyber meddling was detected in the run up and during the Lithuanian general election in October, Cerniauskas said his country needs to understand it is vulnerable to such meddling.

“Russians are really quite good in this area. They have been using information warfare since the old times. Cyberspace is part of that, only more frowned upon by law than simple propaganda”, he said.

“They have capacity, they have the attitude, they are interested, and they will get to it – so we need to prepare for it and we need to apply countermeasures.”

Lithuanian officials targeted by the Russian spyware held mid-to-low ranking positions at the government, but their computers contained a stream of drafts for government decisions of its positions on various matters, said Cerniauskas.

The head of the Lithuanian counter-intelligence agency Darius Jauniskis said Russia tried to sow chaos in Lithuania by orchestrating a cyber attack in 2012 against the Lithuanian central bank and its top online news website.

“It is all part of psychological warfare,” he told Reuters earlier this month.

(Reporting By Andrius Sytas; Editing by Alistair Scrutton)