CSE and friends target mobile phones

More Snowden revelations were reported last week by the CBC (Amber Hildebrandt & Dave Seglins, "Spy agencies target mobile phones, app stores to implant spyware," CBC News, 21 May 2015):

Canada and its spying partners exploited weaknesses in one of the world's most popular mobile browsers and planned to hack into smartphones via links to Google and Samsung app stores, a top secret document obtained by CBC News shows.

Electronic intelligence agencies began targeting UC Browser — a massively popular app in China and India with growing use in North America — in late 2011 after discovering it leaked revealing details about its half-billion users.

Their goal, in tapping into UC Browser and also looking for larger app store vulnerabilities, was to collect data on suspected terrorists and other intelligence targets — and, in some cases, implant spyware on targeted smartphones.

The 2012 document shows that the surveillance agencies exploited the weaknesses in certain mobile apps in pursuit of their national security interests, but it appears they didn't alert the companies or the public to these weaknesses. That potentially put millions of users in danger of their data being accessed by other governments' agencies, hackers or criminals.

The Citizen Lab released a separate report on the particular vulnerabilities of the UC Browser (A Chatty Squirrel: Privacy and Security Issues with UC Browser, Citizen Lab, 21 May 2015) in conjunction with the CBC report.

[Update 28 May 2015: See also "The Many Identifiers in Our Pockets: A primer on mobile privacy and security" (Citizen Lab, 21 May 2015) and Ron Deibert's commentary, "When it comes to cyberspace, should national security trump user security?" Globe and Mail, 21 May 2015.]

The CBC article also reported that

The so-called Five Eyes intelligence alliance — the spy group comprising Canada, the U.S., Britain, Australia and New Zealand — specifically sought ways to find and hijack data links to servers used by Google and Samsung's mobile app stores, according to the document obtained by Snowden.

Over the course of several workshops held in Canada and Australia in late 2011 and early 2012, a joint Five Eyes tradecraft team tried to find ways to implant spyware on smartphones by intercepting the transmissions sent when downloading or updating apps.

...

Ultimately, the spy agencies wanted to implant spyware on certain smartphones to take control of a person's device or extract data from it, the document suggests.

The spy agencies also sought to match their targets' smartphone devices to their online activities, using databases of emails, chats and browsing histories kept in the Five Eyes' powerful XKeyScore tool to help build profiles on the people they were tracking.

Making that connection was a much desired goal of the agencies because of the growing use of smartphones and the wealth of data they contain.

There's much more worth reading in the CBC report.

The Intercept also published a report on the document, focusing more on the NSA and the app store angle: Ryan Gallagher, "NSA Planned to Hijack Google App Store to Hack Smartphones," The Intercept, 21 May 2015.

The document that the reports are based on was produced by a "Network Tradecraft Advancement Team" that appears to be composed of representatives from all five Five Eyes agencies.

The redacted version of the document, released by the CBC, is well worth a close look.

Page 20, for example, seems to show that at least one of the app suppliers that shows up—apparently repeatedly—in the demonstration depicted in the presentation is a Calgary-based company. Multiple communications from Blackberry devices in Bahrain and Saudi Arabia to the supplier in Calgary, monitored by CSE's own EONBLUE system, are shown.

Some people might call that spying on Canadians.

But CSE would undoubtedly classify it as "incidental collection", while the CSE Commissioner would use the term "unintentional collection".

So fear not. As usual, it's all good.


Update 4 June 2015:

See also Christopher Parsons' discussion of the document.