
Undercover Agents Target Citizen Lab - jbegley
https://www.nytimes.com/aponline/2019/01/25/us/ap-cybersecurity-undercover-operatives.html
======
bendoernberg
From the Israeli newspaper Haaretz: 'Revealed: Israel's Cyber-spy Industry
Helps World Dictators Hunt Dissidents and Gays'

"Within a few years, the Israeli espionage industry has become the spearhead
of the global commerce in surveillance tools and communications interception.
Today, every self-respecting governmental agency that has no respect for the
privacy of its citizens, is equipped with spy capabilities created in Herzliya
Pituah."

[https://www.haaretz.com/israel-news/.premium.MAGAZINE-
israel...](https://www.haaretz.com/israel-news/.premium.MAGAZINE-israel-s-
cyber-spy-industry-aids-dictators-hunt-dissidents-and-gays-1.6573027)

------
Sgt_Apone
> "I know what I'm doing," Lambert said, as he put his files — and his pen —
> into a bag. Then he stood up, bumped into a chair and walked off, saying
> "Ciao" and waving his hand, before returning because he had neglected to pay
> the bill.

> As he paced around the restaurant waiting for the check, Lambert refused to
> answer questions about who he worked for or why no trace of his firm could
> be found.

My god. This would be perfect comedy if wasn't so concerning that it happened
at all.

~~~
jacobolus
Reminds me of the time the _Silicon Valley_ writers met with the head of
GoogleX: [https://www.newyorker.com/culture/culture-desk/how-
silicon-v...](https://www.newyorker.com/culture/culture-desk/how-silicon-
valley-nails-silicon-valley)

> _Teller ended the meeting by standing up in a huff, but his attempt at a
> dramatic exit was marred by the fact that he was wearing Rollerblades. He
> wobbled to the door in silence. “Then there was this awkward moment of him
> fumbling with his I.D. badge, trying to get the door to open,” Kemper said.
> “It felt like it lasted an hour. We were all trying not to laugh. Even while
> it was happening, I knew we were all thinking the same thing: Can we use
> this?” In the end, the joke was deemed “too hacky to use on the show.”_

------
tgragnato
> Like FlameTech, CPW-Consulting was a fiction. Searches of Orbis and the
> French commercial court registry Infogreffe turned up no trace of the
> supposedly Paris-based company or indeed of any Paris-based company bearing
> the acronym CPW. And when the AP visited CPW's alleged office there was no
> evidence of the company; the address was home to a mainly residential
> apartment building. Residents and the building's caretaker said they had
> never heard of the firm.

This obviously doesn't mean anything, but the IPs associated with cpw-
consulting.com are riddled with malware.

[https://www.documentcloud.org/documents/5684892-Gmail-
Kite-A...](https://www.documentcloud.org/documents/5684892-Gmail-Kite-Aerial-
Photography.html)

[http://archive.is/K54Ax](http://archive.is/K54Ax)

[https://www.virustotal.com/#/domain/cpw-
consulting.com](https://www.virustotal.com/#/domain/cpw-consulting.com)

[https://www.virustotal.com/#/ip-
address/66.111.4.54](https://www.virustotal.com/#/ip-address/66.111.4.54)
[https://www.virustotal.com/#/ip-
address/209.99.40.222](https://www.virustotal.com/#/ip-address/209.99.40.222)
[https://www.virustotal.com/#/ip-
address/66.111.4.53](https://www.virustotal.com/#/ip-address/66.111.4.53)

------
walrus01
One interesting thing to point out is that all of Canada is a single-party
consent jurisdiction for recording of conversations. You do not have to notify
the other party.

CBC's investigative journalists have used this extensively, in all sorts of
scam/fraud/corruption investigations, if you watch the past twenty years of
output from The Fifth Estate and other reputable documentary series.

The Citizen Lab researchers would be smart to bring pocket sized recording
devices with them to meet with these sketchy characters, and then publish the
results.

~~~
3pt14159
This isn't quiet as clear cut as you're saying. There are instances where you
cannot record conversations. For example, in the bedroom or other places where
someone has a reasonable expectation of privacy like a therapist's office.

But the general thrust of what you're saying is true. Phone calls, and
interviews or conversations in public can be.

------
rrggrr
States and large companies routinely try to understand who is behind
journalistic endeavors, to influence them, and to counter other state's
influence over them. This stuff is never going away, and it is very likely to
get worse and more complex.

Influence and counter-influence operations:
[https://www.rand.org/topics/information-
operations.html](https://www.rand.org/topics/information-operations.html)

~~~
opportune
[https://en.wikipedia.org/wiki/Operation_Mockingbird](https://en.wikipedia.org/wiki/Operation_Mockingbird)

------
secfirstmd
Citizen Lab are an outstanding bunch of people, really love the work that they
do.

A pity, though not surprising that they are being targeted this way. This sort
of thing happens all the time with many of the NGOs we provide security for.
Many of the infiltration attempts are much more sophisticated though, with far
wider efforts to build better cover.

------
kejaed
If you’d like to support Citizen Lab you can donate here:

[https://donate.utoronto.ca/give/show/84](https://donate.utoronto.ca/give/show/84)

------
adrianmonk
This appears to be an AP news story, so here's a link:

[https://www.apnews.com/9f31fa2aa72946c694555a5074fc9f42](https://www.apnews.com/9f31fa2aa72946c694555a5074fc9f42)

In addition to presumably being a more direct / original source, this doesn't
appear to have a paywall like the NY Times site.

~~~
rblatz
Thanks! I routinely avoid articles that I'm interested in, because of the NYT
paywall and instead have to ration out my views for the most intriguing
stories.

------
onetimemanytime
They messed with shady people's livelyhood and with even worse people...like
secret services from all corrupt countries that used that spyware. Dangerous.
But brave.

No matter what we think, for them its perfectly reasonable to get even and to
protect their thing. Watch our for drugs slipped in your car or whatever.
Setting you up is extremely easy

~~~
zenexer
This all started with what I assume was a murder, so they’re well aware of the
risks.

------
duxup
>"Work drama? Tell me, I like drama!" Lambert said at one point

Who goes to a meeting with a stranger and spills the beans on "work drama"?

~~~
NikolaNovak
Depends on nature of the drama I suppose. In complex corporate environments, I
tend to brief new team members on some of the "work drama" background their
first week, to equip them to handle, process, and react appropriately.

~~~
AlexCoventry
How do you do that without compromising yourself politically?

~~~
NikolaNovak
Good question; two parts I think: 1\. I try to present the situation as
neutrally/objectively as possible (inasmuch as any one of us can do so of
course:). At the very least, present both aspects of the conflict or
situation; 99% of the time, disagreements and politics are not because people
are evil, stupid, or actively trying to sabotage - underneath it are differing
goals and priorities which create competing or conflicting situations. By
presenting the potential underlying differing goals and perspectives, I can
prepare those coming in, without necessarily discussing something I
cannot/would not be prepared to face in the open.

2\. At the end of the day, I need to trust people coming on my team :)

~~~
AlexCoventry
Thanks.

------
xfitm3
Why would an agent be afraid of dine & dash?

~~~
MertsA
It sounds like that would be a very trivial way to reveal their identity. Get
locked up for something minor but now the agent has to go through booking and
post bail. I don't think the local police would look too kindly on someone
providing a false name either.

------
baybal2
It will be very easy for Canadian officials to trace the person if they have:

1\. Face

2\. Assumption that the guy fled the country ASAP as soon a he was spooked

~~~
walrus01
You're assuming the person isn't traveling on a totally false passport,
Israeli intelligence has been caught in the past stealing identities of real
new zealanders to obtain legitimate, issued by NZ government passports, for
instance.

[https://en.wikipedia.org/wiki/2004_Israel–New_Zealand_passpo...](https://en.wikipedia.org/wiki/2004_Israel–New_Zealand_passport_scandal)

~~~
baybal2
> You're assuming the person isn't traveling on a totally false passport,

Face recognition, unless they passed the border at the only remaining paper
only checkpoint in the country

~~~
walrus01
The Russian intelligence offers traveling on fake passports involved in the
recent Skripal poisoning case didn't care one whit about the UK's customs face
recognition, or omnipresent camera systems, and they were up to something far
more nefarious than this.

~~~
onetimemanytime
Ummm...the Russians are on a suicide mission of sort. Do this and stay in
mother Russia for the rest of your life, if you don't get arrested. They have
a powerful nation state behind them and one that does not extradite its
citizens. Even if regime changes, its very unlikely that they will be
surrendered due to bad precedent.

------
CapacitorSet
Intelligence agents are by far some of the most infamous people.

------
jarym
Everyone loves a good spy story but this one just misses a lot.

Creepy people with seemingly fragile LinkedIn profiles setup meetings to ask
questions in fancy hotels and restaurants.

It could be something, it could be nothing. Either way the story doesn’t seem
to provide much one way or another. Maybe it’s just me, not expecting James
Bond but some evidence of something sinister would have made this more
compelling

~~~
pdpi
Some evidence of something sinister would have the other side incompetent.

The problem with this sort of smoke and mirrors business is that it's
borderline impossible to tell an appropriately-sophisticated adversary from
paranoia.

~~~
jarym
You put what I was getting at far more eloquently. If there are bad guys up to
no good then there needs to be more evidence to counteract the possibility of
paranoia.

~~~
nyolfen
a stranger asking about workplace rivalries and drama suggests to me that they
were looking to sow discord between the employees or identify one they could
flip for dirt about the others. recording the meeting and asking weird leading
questions seems to imply some kind of james o'keefe-style attempt to portray
them in a negative light in the press. both together, by someone using a
fabricated identity, leaves little ambiguity about ill intent imo.

