Posted on 08/08/2021 2:20:54 PM PDT by george76
Female journalists and activists say they had their private photos shared on social media by governments seeking to intimidate and silence them.
Ghada Oueiss, a Lebanese broadcast journalist at Al-Jazeera, was eating dinner at home with her husband last June when she received a message from a colleague telling her to check Twitter. Oueiss opened up the account and was horrified: A private photo taken when she was wearing a bikini in a jacuzzi was being circulated by a network of accounts, accompanied by false claims that the photos were taken at her boss’s house.
Over the next few days she was barraged with thousands of tweets and direct messages attacking her credibility as a journalist, describing her as a prostitute or telling her she was ugly and old. Many of the messages came from accounts that appeared to support Saudi Crown Prince Mohammed bin Salman Al Saud, known as MBS, including some verified accounts belonging to government officials.
“I immediately knew that my phone had been hacked,” said Oueiss, who believes she was targeted in an effort to silence her critical reporting on the Saudi regime. “Those photos were not published anywhere. They were only on my phone.”
“I am used to being harassed online. But this was different,” she added. “It was as if someone had entered my home, my bedroom, my bathroom. I felt so unsafe and traumatized.”
Oueiss is one of several high-profile female journalists and activists who have allegedly been targeted and harassed by authoritarian regimes in the Middle East through hack-and-leak attacks using the Pegasus spyware, created by Israeli surveillance technology company NSO Group. The spyware transforms a phone into a surveillance device, activating microphones and cameras and exporting files without a user knowing.
For Oueiss and several other women whose phones were allegedly targeted, a key part of the harassment and intimidation is the use of private photos. While these photos may seem tame by Western standards, they are considered scandalous in conservative societies like Saudi Arabia and were seemingly used to publicly shame these women and smear their reputations.
“I am an independent, liberal woman and that provokes a misogynistic regime,” Oueiss said.
In recent days, Oueiss has been reliving the trauma of the hack in light of an investigation into the leak of 50,000 phone numbers of potential surveillance targets identified by many of NSO Group’s government agency clients. The investigation — coordinated by Paris-based nonprofit organization Forbidden Stories and Amnesty International in collaboration with 16 media partners — appears to show how Pegasus spyware is linked to human rights violations around the world. The targets include heads of state, activists and journalists, including the family of Jamal Khashoggi, a Washington Post columnist who was assassinated by Saudi agents in the kingdom’s consulate in Turkey.
Oueiss said she was bombarded by another wave of online harassment when she shared some of the stories about the Amnesty International investigation on Twitter.
“I lived again and again the pictures and the harassment, the comments, the talking about my body, accusing me of prostitution,” she said. “But at least now the world knows how ugly those programs are and how vicious and evil it is when the tools that were supposed to protect people from terrorists or criminals are used against good people.”
“I am happy that the people who didn’t take me seriously when I said I was being spied on are now taking it seriously. I’m happy I am not alone,” she added.
Public shaming..
Until the jacuzzi photos were posted online, Oueiss said she had worked hard to maintain a professional public image as a serious journalist. She would only post photos of herself wearing a jacket and avoided doing interviews about her personal life.
“They wanted to destroy the image of Ghada, the serious journalist who is not afraid to ask tough questions,” she said. “They wanted to say, 'She’s trying to be professional and serious, but she’s just a prostitute and you shouldn’t believe her anymore.' I know they want to silence me, but I will not be silenced.”
In December, Ouiess filed a lawsuit against the crown prince, along with other defendants including the United Arab Emirates ruler Mohamed bin Zayed and two Florida-based Twitter users who Oueiss said shared her photos online, alleging that she was targeted for her reporting on the Saudi regime as part of a broader campaign to silence her and other critics. According to the complaint, filed in the United States District Court for the Southern District of Florida, Oueiss’ phone was examined by a digital forensic expert who determined that Pegasus spyware had been used to gain access to her photos.
The defendants have filed motions to dismiss the case.
Human rights experts said repressive governments commonly try to shame women into silence.
“Pegasus is a spyware tool and a weapon used against freedom of the press, freedom of expression, human rights activism and journalism,” said Rasha Abdul Rahim, director of Amnesty Tech, a division of Amnesty International focused on technology and surveillance tools. “Women’s freedom of expression is abused and targeted in a very specific way both online and offline.”
“The focus is on silencing them, putting the attention on their bodies or what they should be wearing or saying,” she added.
Moratorium requests..
Amnesty International is calling on governments to issue a moratorium on the export, sale and use of surveillance technology like Pegasus until there is a human-rights-compliant regulatory framework in place.
“There are certainly legitimate uses to this technology,” Abdul Rahim said, referring to law enforcement using the technology with judicial oversight. “The problem is there hasn’t been any meaningful accountability for abuse and there’s a lack of transparency about which governments have access to these tools.”
NSO Group licenses the military-grade spyware to governments for tracking terrorists and criminals who use encrypted devices to evade detection, the company says on its website.
NSO Group spokesperson Louis Rynsard told NBC News that “owing to contractual and national security considerations” the company “cannot confirm or deny the identity of our government customers.”
Rynsard added that although the company does not have sight of the targets selected for surveillance by its government clients, it carries out “vigorous pre-sale human rights and legal compliance checks” to minimize the potential for misuse.
“We take very seriously any allegation of misuse, including and especially the targeting of journalists, and do everything in our power to prevent that from happening,” Rynsard added, noting that if misuse is found, NSO Group can shut down that customer’s account to prevent further use of the spyware technology.
NSO Group has shut down multiple government accounts for misuse of Pegasus, Rynsard said.
The United Arab Emirates’ government press office did not respond to repeated requests for comment. But the Ministry of Foreign Affairs and International Cooperation issued a statement denying that it surveilled journalists.
“The allegations ... have no evidentiary basis and are categorically false,” the statement said, in part.
Saudi Arabia’s Ministry of Foreign Affairs also did not respond to repeated requests for comment, but it denied the allegations that “an entity in [the Kingdom of Saudi Arabia] used software to monitor phone calls” last month via the nation’s official news agency. It said the kingdom’s “policies do not condone such practices.”
‘I became the enemy’..
lya Alhwaiti, an activist and former professional equestrian from Saudi Arabia who now lives in London, said she believes she was also targeted in a hack-and-leak attack using NSO Group’s Pegasus spyware.
In 2018, her phone started behaving strangely: The device often froze. She received calls from strange numbers and occasionally messages appeared on screen indicating that files were being transferred, she said. At the same time, she was receiving threats and intimidating messages online that she said she believes were from individuals connected to the Saudi government.
Alhwaiti was Saudi Arabia’s first female professional equestrian and represented the kingdom in competitions between 2004 and 2011.
“I was playing nice. But then when I started speaking my mind about what’s going on in Saudi Arabia, I became the enemy,” she said, referring to her activism over the assassination of Khashogghi in 2018 and more recently her campaign to stop the forced displacement of the al-Huwaitat tribe to make way for the Saudi government’s futuristic NEOM megacity project.
Alhwaiti said she went to Scotland Yard, and police there said her phone had been hacked. But they couldn’t figure out by whom: The IP addresses traced back to public places such as branches of McDonald’s and Costa Coffee shops. She replaced her phone, and Scotland Yard gave her a panic alarm to keep in her flat. But she was always looking over her shoulder; she moved between 16 different homes in two years, she said.
“It’s hard to live with fear. What stops them from repeating what they did to Khashoggi everywhere?” she said. “They would get away with it.”
In summer 2020, about the same time as Oueiss’ jacuzzi photo was leaked on Twitter, pictures that Alhwaiti said had only been stored on her phone started appearing online. In one photo, she is at a friend’s wedding, wearing a short dress with a bruise on her leg from horse-riding. In another, she’s sunbathing in shorts and a T-shirt. The pictures were posted to Twitter with fabricated stories accusing her of being drunk, promiscuous and allowing someone to bite her thigh. Hundreds of people on social media called her a slut. Others sent her death threats. Like with Oueiss, many of the accounts disparaging her appeared to be pro-government, with Saudi flags or pictures of the crown prince as their profile pictures.
Alhwaiti said she contacted digital forensic firm Citizen Lab, home to some of the world’s experts in Pegasus spyware, and asked them to check her phone. She said they told her they found traces of Pegasus and advised her to change her device again.
“I don’t feel safe in any way. I feel like I am being watched and I always have to watch behind my shoulder,” she said.
Citizen Lab declined to comment.
Intimidation pushback...
Another alleged victim of this kind of attack was Alaa al-Siddiq, 33, an Emirati activist and executive director of human rights group ALQST.
Al-Siddiq’s phone started acting up in 2020 and she became concerned that she had been hacked like other prominent female activists, according to her co-worker Josh Cooper, deputy director of ALQST. She told friends and colleagues that she was scared her private photos would be leaked, said Cooper and an activist friend who did not wish to be identified over concerns for his safety.
Citizen Lab examined al-Siddiq’s phone and found signs of a Pegasus infection, Cooper said. Her number also appeared on the list of targets leaked to Amnesty International.
Citizen Lab declined to comment.
Al-Siddiq continued to fear her photos would be leaked until she died in a car accident in Oxfordshire, England, in June. Cooper said that after talking to police, there was “no evidence of foul play.” Thames Valley Police said no arrests had been made.
“It is shocking, of course, but we knew there was a cybersecurity problem for years and nobody did anything about it,” said Lina al-Hathloul, an activist whose sister Loujain, a leading campaigner for the right for women to drive in Saudi Arabia before a change in the law in late 2017, was jailed for more than 1,000 days and released in February.
Lina al-Hathloul said she submitted her phone to be checked by Amnesty International for traces of Pegasus spyware about a month ago. But she said digital forensic analysts didn’t find anything.
Loujain al-Hathloul, whose number was on a list of potential targets for Pegasus spyware allegedly maintained by the United Arab Emirates, a close ally of Saudi Arabia, couldn’t check her phone to confirm a spyware infection, as her devices were confiscated by Saudi authorities when she was jailed, Lina al-Hathloul said. However, a digital protection expert who now works at human rights group Front Line Defenders checked Loujain al-Hathloul’s devices at a cybersecurity conference in 2017 and discovered that her emails were being read by a third party located in the United Arab Emirates, Lina al-Hathloul said. Front Line Defenders confirmed this but was not able to confirm if the unauthorized access had any connection to Pegasus.
“If a woman tries to express their opinion about unjust laws or says something that doesn’t please the government, they will leak your private pictures to intimidate you,” Lina al-Hathloul said. “It’s effective in the short term, but in the long term it won’t work. Women will realize they are being shamed and oppressed, and they will gather to unite against it.”
4 later
Last month, two of our direct gene pools and one of their cousins were told by their 3 separate companies to bring their supposedly hack proof corporate smart phones in for an exchange of a “safer” phone.
2 of the 3 corporations would be classified as medium size and one as a world wide behemoth.
One of them sent a private email to the other 2 and me asking if we knew what was happening. Zero help or why from the organizations they work for. None of us knew why, except maybe a huge data break-in had occurred and spyware had been planted.
All of their old and new phones had the Covid tracing app added without their permission and not supposedly by their corporations. They deleted it on their new phones, personal and corporate.
The 3 of them have recently bought Plain Jane/John android phones for their personal use.
Since then, two of them are no longer using FB and are in the processes of removing a massive amt. of links.
The wife of the 3rd person, is a hopeless FB habitual user/Apple addict.
you’re equating different things as if they are the same
they do plant things on peoples phones, if they want to target them
but they are not the same thing
on one hand you have someone actively being dumb and putting the material on their phone to be blackmailed with
especially given this thing occurs quite a bit with women in particular
on the other hand you have a person who has things deliberately planted on their phone to be framed or blackmailed
they are not the same things even though its possible to hack into either targets’ phones
they could have equally decided to put child porn on her phone and blackmail her or report her, or confidential govt documents on her phone
but she gives them the material, no need for that
its also quite different in two other major ways
first, while the average modern woman is obssessed with taking photos of herself in all manners of dress and undress, the average man is not self-obssessed with taking endless selfies of himself in risque or nude poses, so typically men aren’t going to be blackmailed in this fashion
second, neither the average woman or the average man does not have child porn, much less sexual pics of the woman they are with, on their phones, so this would have to be planted as opposed to releasing photos that were already there
and the consequences are nowhere near the same, risque private personal photos versus child porn, the woman isnt going to jail because her private boudoir photos are released
she made it easy for them, she never thought her phone could be hacked
why make it so easy? given how often womens that are high profile are attempted to be hacked, for any number of reasons.
people have older but high quality phones that don’t have service or internet enabled anymore, but they have a lot of memory, decent cameras and still work, and would be much safer for taking pics than a phone that was hackable via active service
Its not ok. It is not ok for someone to steal your purse while you are shopping. So do you leave it sitting on some counter while you try on outfits? Hopefully NO YOU DON’T. If you did that and I advised you not to do that again after it was stolen, would you all screechy at me?
But they were on her phone, not her social media. She didn’t post pictures like that in public.
“A private photo taken when she was wearing a bikini in a jacuzzi was being circulated by a network of accounts, accompanied by false claims that the photos were taken at her boss’s house”
She took a picture of herself in a bikini. You think that makes her naughty and deserving of what they did to her.
They hacked her phone and slandered her in public. She was majorly wronged her and deserves sympathy.
Everything gets hacked today. Its a fact of life. You can either take proactive measures to deal with that reality or deal with the bad consequences.
See #28. I assume anything on my phone may be vulnerable. Any app that gets refreshed may have a zero day exploit. You either live with that reality or become a victim. I personally am not a big fan of being a victim.
Apple distributed an internal memo , dismissing their critics as “the screeching voices of the minority.”
We should never stop screeching about the importance of privacy, security, or civil liberties.
Seriously?
So, to you a woman wearing a bikini is a slut in your eyes?
Please tell me you were really joking with that comment. 🙂
islam is a scourge upon the Earth and must be expunged.
I’ve heard of Pegasus before. Has anyone figured out how to find out if it’s on a phone?
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.