With the threats coming from ISIS and other terrorist organisations around the world, many governmental and Intelligence agencies have started to work on upgrading their surveillance arsenal to help them to monitor their citizens and crackdown on potential and dormant terrorist cells, especially with the emerging technologies and apps that appeared in the recent years. [ CNN Money: An app called Telegram is the 'hot new thing among jihadists'].
After watching a small report made by Vice News about Britain's wiretapping and their "secret surveillance program" i though to myself, maybe i should talk about my home country as well.
Britain's Secret Surveillance (Trailer)
A breach exposed everything
Last year, many administrative documents, source codes and e-mails of the Italian security company "Hacking Team" were leaked, the big surprise is that Morocco is ranked among their most important clients with more than €3,173,550 of their revenues.
We are watching you, but other things might not be our priority
Neither the local newspapers nor online medias did mention Careto's trojan attack that targeted many countries since 2007 until 2014 (Unfortunately it wasn't a sex scandal), with a main focus on Morocco and Gibraltar and other Spanish speaking countries.
This attack was an advanced persistent threat that targeted many public and private organisations, starting from sensitive governmental entities to single activists.
The main targets of Careto fall into several categories:
- Government institutions
- Diplomatic / embassies
- Energy, oil and gas
- Private companies
- Research institutions
- Private equity firms
Careto's full report by Kaspersky (Page: 4).
What is Careto ?
Careto (Spanish for mask), sometimes called The Mask, is a piece of espionage malware discovered by Kaspersky Lab in 2014. Because of its high level of sophistication and professionalism, and a target list that included diplomatic offices and embassies, Careto is believed to be the work of a nation state. Kaspersky believes that the creators of the malware were Spanish-speaking.
Because of the focus on Spanish-speaking victims, the heavy targeting of Morocco, and the targeting of Gibraltar, Bruce Schneier speculates that Careto is operated by Spain.
[Wikipedia: Careto (malware)]
A wake up call came from Twitter
The Moroccan authorities weren't aware of those cyberespionage threats, until an important leak of sensitive documents happened on Twitter by an account named "Chris Coleman" (until now his identity is still unknown), but the first thing i noticed from those documents is that they date from 2007 to 2014, the same period believed that Cerato was active. [#Illuminati #ConspiracyTheory]
ISIS' threats and the ongoing surveillance program
With the raise of ISIS and the expansion of their operations in a global scale, starting from Iraq, Syria to Paris and Indonesia, the profiling of those group members became more and more difficult, especially here in Morocco (it's just an assumption ... I don't work for them by the way).
In the recent months, every like 15 or 30 days we hear that a cell that pledged allegiance to IS planned to make attacks on Moroccan territories was dismantled.
More than 130 "terrorist cells" have been dismantled, 2,720 suspects arrested and 276 plots foiled since 2002, according to Abdelhak Khiame, director of the newly established Central Bureau of Judicial Investigations. [26th March 2015]
[Yahoo News: Moroccan 'FBI' and imam training keep jihadists at bay]
Wiretapping and phone tracking is a common practice in those cases, no matter how "SMART" or "DUMB" your phone is, you are always under surveillance.
But if you do really care about your privacy, you might be interested to call up those people, but i don't think they might help you with Neflix:
Phone Hackers: Britain's Secret Surveillance
Some interesting facts were mentioned in this report, it talks about IMSI tracking and how intel agencies use them to track down and collect data about some people.
If you are interested to check if there is some fake mobile towers around, and you have an Android phone of course, you can use Android IMSI Catcher Detector:
This question will decide what you would do about this: Would you trade your own privacy for your safety and security ?