Spying / en 鶹Ƶ's Citizen Lab uncovers Nile Phish, extensive phishing campaign targeting Egyptian NGOs /news/u-t-s-citizen-lab-uncovers-nile-phish-extensive-phishing-campaign-targeting-egyptian-ngos <span class="field field--name-title field--type-string field--label-hidden">鶹Ƶ's Citizen Lab uncovers Nile Phish, extensive phishing campaign targeting Egyptian NGOs</span> <div class="field field--name-field-featured-picture field--type-image field--label-hidden field__item"> <img loading="eager" srcset="/sites/default/files/styles/news_banner_370/public/2017-02-02-egypt.jpg?h=afdc3185&amp;itok=J6W4Z9Dx 370w, /sites/default/files/styles/news_banner_740/public/2017-02-02-egypt.jpg?h=afdc3185&amp;itok=P0C_-Lbz 740w, /sites/default/files/styles/news_banner_1110/public/2017-02-02-egypt.jpg?h=afdc3185&amp;itok=EZJnUE_w 1110w" sizes="(min-width:1200px) 1110px, (max-width: 1199px) 80vw, (max-width: 767px) 90vw, (max-width: 575px) 95vw" width="740" height="494" src="/sites/default/files/styles/news_banner_370/public/2017-02-02-egypt.jpg?h=afdc3185&amp;itok=J6W4Z9Dx" alt> </div> <span class="field field--name-uid field--type-entity-reference field--label-hidden"><span>ullahnor</span></span> <span class="field field--name-created field--type-created field--label-hidden"><time datetime="2017-02-02T09:57:44-05:00" title="Thursday, February 2, 2017 - 09:57" class="datetime">Thu, 02/02/2017 - 09:57</time> </span> <div class="clearfix text-formatted field field--name-field-cutline-long field--type-text-long field--label-above"> <div class="field__label">Cutline</div> <div class="field__item">Last month, Egyptians marked the sixth anniversary of the overthrow of dictator Hosni Mubarak at Tahrir Square (photo by Fayed El-Geziry/NurPhoto via Getty Images)</div> </div> <div class="field field--name-field-topic field--type-entity-reference field--label-above"> <div class="field__label">Topic</div> <div class="field__item"><a href="/news/topics/breaking-research" hreflang="en">Breaking Research</a></div> </div> <div class="field field--name-field-story-tags field--type-entity-reference field--label-hidden field__items"> <div class="field__item"><a href="/news/tags/citizen-lab" hreflang="en">Citizen Lab</a></div> <div class="field__item"><a href="/news/tags/cyber-espionage-0" hreflang="en">Cyber Espionage</a></div> <div class="field__item"><a href="/news/tags/spying" hreflang="en">Spying</a></div> <div class="field__item"><a href="/news/tags/munk-school-global-affairs-public-policy" hreflang="en">Munk School of Global Affairs &amp; Public Policy</a></div> <div class="field__item"><a href="/news/tags/political-science" hreflang="en">Political Science</a></div> <div class="field__item"><a href="/news/tags/faculty-arts-science" hreflang="en">Faculty of Arts &amp; Science</a></div> </div> <div class="clearfix text-formatted field field--name-body field--type-text-with-summary field--label-hidden field__item"><p>A new report from the Citizen Lab at 鶹Ƶ's Munk School of Global Affairs uncovers Nile Phish, an ongoing and extensive phishing campaign against Egyptian civil society.</p> <p>In recent years, Egypt has witnessed what is widely described as <a href="http://www.france24.com/en/20170113-egypt-crackdown-civil-society-ngo-amnesty-sisi">an “unprecedented crackdown”</a> on both civil society and dissent. Amidst this backdrop, in late November 2016 Citizen Lab began investigating phishing attempts on staff at the <a href="http://eipr.org/en">Egyptian Initiative for Personal Rights (EIPR)</a>, an Egyptian organization working on research, advocacy and legal engagement to support basic freedoms and rights.</p> <p>“The scale of the campaign and its persistence compound the many threats already faced by Egyptian NGOs,” says <strong>John Scott-Railton</strong>, senior researcher at the Citizen Lab.&nbsp;</p> <h3><a href="https://apnews.com/64ca55d26df3484da09172281b9c8e86/Embattled-Egyptian-NGOs-face-barrage-of-electronic-espionage">Read more from the Associated Press</a></h3> <p>With the collaboration and assistance of EIPR’s technical team, the investigation expanded to include seven Egyptian NGOs targeted by Nile Phish. These seven organizations work on human rights, political freedoms, gender issues and freedom of speech. Citizen Lab also identified individual targets, including Egyptian lawyers, journalists and independent activists.</p> <h3><a href="http://citizenlab.org/2017/02/nilephish-report/">Read the full report</a></h3> <p>With only a handful of exceptions, Nile Phish targets are also implicated in Case 173, a sprawling 5-year-old legal case brought against NGOs by the Egyptian government over issues of foreign funding. The phishing campaign also coincides with renewed pressure on these organizations and their staff by the Egyptian government, in the context of Case 173, including asset freezes, travel bans, forced closures, and arrests.</p> <p>Citizen Lab is not in a position in this report to conclusively attribute Nile Phish to a particular sponsor. But the sponsor of Nile Phish clearly has a strong interest in the activities of Egyptian NGOs, specifically those charged by the Egyptian government in Case 173. Nile Phish is clearly familiar with targeted NGOs’ activities, staff concerns, and is able to quickly phish on the heels of action by the Egyptian government.</p> <p>“When most of us think of state cyber espionage, what likely comes to mind are extraordinary technological capabilities: rare unpatched software vulnerabilities discovered by teams of highly skilled operators, or services purchased for millions from shadowy ‘cyber warfare’&nbsp;companies,” says Professor&nbsp;<strong>Ron Deibert</strong>&nbsp;of the department of political science in the Faculty of Arts &amp; Science, and Citizen Lab’s director.&nbsp;“To be sure, some cyber espionage fits this description, as any perusal through the Snowden disclosures or our recent ‘Million Dollar Dissident’&nbsp;report will show. But not all of them do. &nbsp;More often than not, cyber espionage can be surprisingly low-tech and inexpensive, and yet no less effective, than the glitzy stereotypes. The Nile Phish campaign is a case in point.”&nbsp;</p> <h3><a href="https://theintercept.com/2017/02/02/egyptian-rights-activists-are-targeted-by-sophisticated-hacking-attacks/">Read more from Intercept</a></h3> <p>By exposing the Nile Phish operation, and providing technical indicators, Citizen Lab hopes to help potential targets and other investigators identify and mitigate the campaign.</p> </div> <div class="field field--name-field-news-home-page-banner field--type-boolean field--label-above"> <div class="field__label">News home page banner</div> <div class="field__item">Off</div> </div> Thu, 02 Feb 2017 14:57:44 +0000 ullahnor 104262 at