Governments Likely Using Paragon Spyware, Citizen Lab Reports
▼ Summary
– The Citizen Lab’s report identifies Australia, Canada, Cyprus, Denmark, Israel, and Singapore as likely users of Paragon Solutions’ spyware.
– The report follows a January incident where WhatsApp notified 90 users, including some in Italy, of being targeted by Paragon spyware.
– Paragon Solutions has positioned itself as a responsible player in the surveillance market, claiming to sell only to global democracies.
– The Citizen Lab used unique fingerprints and digital certificates to map Paragon’s server infrastructure, revealing potential operational security lapses.
– The findings highlight the need for transparency and accountability in the surveillance industry, emphasizing the importance of robust regulatory frameworks.
The governments of Australia, Canada, Cyprus, Denmark, Israel, and Singapore are suspected customers of Israeli spyware maker Paragon Solutions, according to a new technical report from The Citizen Lab. The University of Toronto-based group, which has been investigating the spyware industry for over a decade, released its findings on Wednesday, naming the six governments as likely users of Paragon’s surveillance tools.
The revelation follows a scandal that erupted in January when WhatsApp notified around 90 users, some of whom were in Italy, that they had been targeted by Paragon spyware. This incident has cast a spotlight on Paragon’s operations and its claims of ethical business practices. Unlike its notorious competitor, NSO Group, Paragon has tried to position itself as a more responsible player in the surveillance market. In 2021, a senior Paragon executive asserted to Forbes that the company would never sell to authoritarian regimes.
In the wake of the January notifications, Paragon’s executive chairman John Fleming stated that the company licenses its technology exclusively to a select group of global democracies, primarily the United States and its allies. Nonetheless, this report from The Citizen Lab suggests a broader customer base, raising questions about the company’s vetting processes and ethical commitments.
The Citizen Lab’s report details how researchers mapped Paragon’s server infrastructure using a tip from a collaborator. By developing unique fingerprints to identify Paragon servers and digital certificates, they discovered several IP addresses hosted by local telecom companies. These findings were bolstered by circumstantial evidence, including TLS certificates and server responses linked to Paragon and its spyware tool codenamed Graphite.
The report also indicates that Paragon’s operational security may have been compromised through apparent mistakes, such as a digital certificate registered to Graphite, which facilitated the researchers’ investigation. The identification of several other codenames in the infrastructure suggests the possibility of additional governmental clients.
These findings come at a time when the surveillance industry faces increasing scrutiny. The acquisition of Paragon by U.S. venture capital firm AE Industrial Partners for over $500 million underscores the significant financial stakes involved. As governments and private entities continue to grapple with the ethical implications of surveillance technologies, the importance of transparency and accountability in this sector becomes ever more critical.
Ultimately, the Citizen Lab’s report raises crucial questions about the deployment and oversight of surveillance tools. The revelations about Paragon’s customer base and operational practices serve as a stark reminder of the pervasive reach of modern spyware and the need for robust regulatory frameworks to prevent abuse.
Source: TechCrunch
Topics
