Nigeria’s Defence Intelligence Agency has acquired equipment that it can use to spy on its citizens’ calls and text messages, according to a report by the University of Toronto’s Citizen Lab, which researches digital surveillance, security, privacy and accountability.
The report, titled Running in Circles: Uncovering the Clients of Cyber-espionage Firm Circles, said a telecom surveillance company by the name of Circles has been helping state security apparatuses across 25 countries, including Nigeria, to spy on the communications of opposition figures, journalists, and protesters.
The Citizen Lab report also said Circles was affiliated with Tel Aviv-based NSO Group, an Israeli hacker-for-hire company, whose software, Pegasus, has allegedly been used by several governments to spy on dissidents by taking control of their smartphone, its cameras and microphones, and mining the user’s personal data.
Circles, on the other hand, is known for selling systems to exploit Signalling System 7 (SS7) vulnerabilities and claims to have sold the technology to several countries, according to the report.
SS7 is a system that allows one mobile network to connect with another.
“Unlike NSO Group’s Pegasus spyware, the SS7 mechanism by which Circles’ product reportedly operates does not have an obvious signature on a target’s phone,” explained the report.
The report indicated that Pegasus and Circles products could possibly be integrated.
But there is limited information on how the Circles system integrates with NSO Group’s flagship Pegasus spyware, though a former NSO Group employee told Motherboard that Pegasus had an “awful integration with Circles” and that Circles had “exaggerated their system’s abilities,” according to the report.
Nigerian governors using Circles’ product
According to the report, at least two entities in Nigeria have deployed Circles’ product.
“One system may be operated by the same entity as one of the Nigerian customers of the FinFisher spyware that we detected in December 2014,” said the report.
“The other client appears to be the Nigerian Defence Intelligence Agency (DIA), as its firewall IPs are in AS37258, a block of IP addresses registered to “HQ Defence Intelligence Agency Asokoro, Nigeria, Abuja,” it added.
The report also referred to an investigation by online newspaper Premium Times, which concluded that the governors of two Nigerian states “had purchased systems from Circles to spy on their political opponents”.
“In Delta State, Premium Times reports that the system was installed … and operated by employees of the governor, rather than police,” said the report.
“In Bayelsa State, the governor reportedly used the Circles system to spy on his opponent in an election, as well as his opponent’s wife and aides.
“The investigation also found that the two Circles systems were imported without the proper authorisations from Nigeria’s Office of the National Security Adviser,” the report added.
Earlier this year, an Israeli court rejected a request to strip the NSO Group of its export licence over the suspected use of the company’s technology to target journalists and dissidents worldwide.
The case, brought by Amnesty International in January, called on the court to prevent NSO from selling its technology abroad, especially to repressive governments.
While NSO does not disclose its clients, the Israeli company’s cellphone-hacking software, Pegasus, has been linked to political surveillance in Mexico, Saudi Arabia, and the United Arab Emirates, according to Citizen Lab.
Last year, WhatsApp, which is owned by Facebook Inc, sued NSO in a US federal court in San Francisco, accusing it of helping government spies break into the phones of about 1,400 users across four continents.
Targets of the alleged hacking spree included diplomats, political dissidents, journalists and senior government officials.
NSO denied the allegations, saying it only “provides technology to licensed government intelligence and law enforcement agencies to help them fight terrorism and serious crime”.