Digital and human rights watchdogs have documented the first case of spyware abuse in Serbia targeting civil society representatives.
That government critics are spied on in Serbia is nothing new. What is new, however, is that Citizen Lab, Access Now and Amnesty International in cooperation with the Belgrade-based SHARE Foundation have found evidence that two members of Serbian civil society – both openly critical of the government – were targeted with spyware.
The independent investigations came after Apple notified iPhone users worldwide that they may have been targeted by ‘state-sponsored attackers’. The attackers attempted to exploit the iPhone’s HomeKit functionality, a tactic consistent with those previously used by NSO Group’s Pegasus spyware. Still, investigators have not, for now, attributed the attacks to one particular operator.
Collecting more evidence about infected mobile devices would help determine both the vendor and the attacker. Nevertheless, previous research has shown that Serbian security services have been clients of cyber-espionage firms for almost a decade. Serbia’s main intelligence agency has a track record of deploying spyware and other digital surveillance tools, such as Cytrox’s Predator, Circles, Cyberbit, and FinSpy.
Even government bodies not mandated to provide security, such as the former Ministry of Trade, Tourism and Telecommunication, have shown interest in purchasing Cognyte spyware that gives authorities the power to listen in on calls, view text messages and web traffic including emails, and track the location of users without the assistance of telecom and internet firms.
Most of the sophisticated spyware was purchased from Israeli companies that are leaders in this field.
Israeli companies often insist that their products are sold directly to governments for use against criminals and terrorists. But reports from big tech companies, such as Meta, have concluded that the targets are journalists, dissidents, critics of authoritarian regimes, families of opposition members and human rights activists around the world.
In the case of Serbia, intrusive surveillance technologies have been procured in murky circumstances, without proper due diligence or any transparency.
Absence of democratic civilian control
The Serbian government often relies on public and private companies as intermediaries to purchase spyware from vendors. For example, in 2017 then Defence Minister Aleksandar Vulin visited Elbit Systems’ Israeli subsidiary, Cyberbit Ltd. and the company’s software was later detected in a business complex in Belgrade belonging to Delta Holding, owned by Miroslav Miskovic, a well-known Serbian tycoon and sponsor of the former and current political elite.
The weakest link is the absence of democratic civilian control of the executive, which is why Serbia’s top security officials continue to [mis]use advanced technology with few, if any, guardrails.
An illustrative example of this came when police under Vulin in his later role as interior minister recorded meetings of Russian opposition politicians in Belgrade in 2021 and handed the transcripts to Nikolai Patrushev, Secretary of the Russian Security Council.
Though Vulin has publicly denied passing information to Patrushev, his visit to Moscow preceded the arrest and imprisonment of activist and Open Russia director Andrei Pivovarov and Russian-British activist and journalist Vladimir Kara-Murza, who both attended the meetings in Belgrade. Ultimately, this has had a chilling effect on freedom of expression, freedom of assembly, and the right to privacy in Serbia.
Even more concerning is the fact that Vulin, who also served until recently as Serbia’s intelligence chief, was sanctioned earlier this year by the US in part for enabling “Russia’s malign activities in the region” and his alleged involvement in illegal arms shipments, drug trafficking, and misuse of public office.
With this in mind, most civil society representatives believe that the use of spyware in a country with poor governance and loose ‘checks and balances’ constitutes a threat to democracy and human rights.
Moreover, there is a widespread fear that advanced surveillance technology would allow Serbian authorities to exercise more robust political control over critics of the regime. It is no coincidence that the proliferation of spyware in Serbia coincides with mass protests against political violence and growing public discontent with the autocratic rule of President Aleksandar Vucic.
In this context, the use of spyware, including the installation of Chinese smart surveillance cameras – which are mushrooming across Serbia – is being legitimised in propagandised rhetoric, especially in the aftermath of protests.
Government officials are using belligerent rhetoric to convey the message that intrusive surveillance tools are legitimate to combat ‘colour revolution’ and ‘foreign mercenaries’ who, the officials claim, want to overthrow the Serbian leadership with the help of outside intelligence agencies.
Serbian government’s cyber toolkit
The unchecked use of commercial spyware against critics of the Serbian regime is just the tip of the iceberg. The cyber toolkit of the ruling Serbian Progressive Party includes thousands of trolls, mostly paid from public funds, who regularly attack political dissenters on social media.
In the context of December’s snap elections, the latest state-sponsored cyber-attack involves an attempt to blackmail a member of the opposition bloc ‘Serbia Against Violence’ with intimate pictures and footage from a stolen laptop. This attack was announced by Vucic on TV Pink – a channel that later published an intimate video that resulted in the withdrawal of the opponent from the election race.
More than once, the security services eavesdropped on the conversations of investigative journalists and their sources and later used it for a slanderous campaign in Serbian tabloids. In addition, personal data from police records was repeatedly published in government-affiliated tabloids, targeting political dissenters. One very well-known case in this context concerned the leaking of biometric data of the state attorney in charge of high-profile organised crime cases involving state officials.
During the pandemic, Serbian civil society and the media came under enormous pressure due to their work on exposing organised crime, corruption and human rights abuses. Then the finance ministry officially requested data and financial transactions from all commercial banks in Serbia for 57 non-profits, media and individuals suspected of “money laundering and terrorist financing”.
The list is not exhaustive, but it shows that with the help of digital surveillance tools, the government is trying to control every aspect of people’s lives, intimidate and discredit critical voices, expose journalists’ sources and put pressure on independent state institutions.
It is therefore crucial to secure a nation-wide debate on the risks associated with intrusive technology, transparent regulation of such systems to ensure the protection of fundamental human rights, as well as rigorous independent oversight of state and non-state actors using surveillance systems.
Maja Bjelos is a senior researcher at the Belgrade Centre for Security Policy
The opinions expressed are those of the author and do not necessarily reflect the views of BIRN.
Source : Balkan Insight