Category Archives: Enemies of the Internet

Belarus: Apparatus of repression

Operations and Analysis Centre (OAC)

The Internet is the main bastion of freedom of information in Belarus, where censorship and self-censorship are the rule among traditional news outlets. Since 2008, the authorities have had an armoury of technological, administrative and legal weapons at their disposal to exert their control over the Web. Continue reading

Uzbekistan: Welcome to digital tyranny

Expert Commission on Information and Mass Communications

Since the bloody repression of protests in Andijan in 2005, the autocratic regime of Islam Karimov has done everything in its power to extend to the internet the absolute power that it wields over traditional media. The government has systematically established institutional structures, legislative tools and advanced technology to guard against any threat from online content. The Expert Commission currently heads this system of control and censorship. Continue reading

Pakistan: Upgraded censorship

Pakistan Telecommunication Authority

In February, 2012, Pakistan’s information technology minister invited bids for deployment of a national internet filtering system. China’s “Great Firewall” was the inspiration. Pakistani authorities’ intent to limit free information access online was confirmed in September, 2012, when Pakistani internet users were denied access to the entire YouTube platform, an official response to posting of the film, “The Innocence of Muslims,” which was deemed blasphemous. Currently, 20,000 to 40,000 sites are blocked in Pakistan. This massive censorship is the work of the Pakistan Telecommunication Authority, the main web regulation agency, itself closely controlled by the government and the military.

Continue reading

India: Big Brother up and running

Centre for Development of Telematics (C-Dot)

The Indian government carefully refrained from joining the wave of condemnation that followed Edward Snowden’s revelations of the scandalous scale of NSA surveillance. India had reason for silence. The extensive Indian surveillance system has been expanded since the Mumbai attacks in 2008. The Central Monitoring System, developed by the Centre for Development of Telematics, allows the government direct, unlimited and real-time access to a wide variety of electronic communications without relying on internet service providers.

Continue reading

Vietnam: Targeting bloggers

Ministry of Information and Communications

The Vietnamese government tolerates no online political debate. Bloggers and cyber-dissidents who dare to question the government’s legitimacy or domestic policies are ruthlessly suppressed. Authorities have deployed a judicial, administrative and technological strike force, based in the Ministry of Information and Communications, to control online information. Though officials and the justice system on their own do not hesitate to violate articles 88 and 79 of the criminal code by imprisoning independent news providers, the ministry conducts its own internet censorship policy – ever more meticulously and with overwhelming force.

Continue reading

China: Electronic Great Wall getting taller

State Internet Information Office

China’s leaders realized at a very early stage that the Internet was not just a free speech medium but also a major political challenge. To justify their oppressive censorship and systematic surveillance of the Internet and its users, they stress the need to ensure the country’s stability and harmony. Although China’s Internet is one of most regulated in the world, it continues to serve as an exceptional vehicle for circulating information.

Continue reading

Turkmenistan: News black hole


The extent of Internet censorship in Turkmenistan confirms the regime’s extremely despotic and paranoid nature. President Gurbanguly Berdimukhammedov has yet to keep his promises to develop the Internet and there still has not been any improvement in online freedoms. Continue reading

North Korea: the Web as a pawn in the power game

Central Scientific and Technological Information Agency (CSTIA)

North Korea is one of the few countries where censorship can be judged by what is seen online, rather than what is missing. The country is not linked to the Internet proper and the authorities keep most of the population isolated from the rest of the world and even from the national intranet. The intranet was developed by the Central Scientific and Technological Information Agency (CSTIA) and is highly restricted and closely controlled by the domestic intelligence agencies.  Its goal is not to keep the population informed but merely to broadcast the official ideology and strengthen the technical skills of those who work for the fatherland. To enforce this wall of silence, special units such as Group 109 and Department 27 are dedicated to tracking down digital devices brought in from outside the country.

Continue reading

Sudan: Scoring high in censorship

The National Intelligence and Security Service (NISS), the Cyber-Jihadist Unit and the National Telecommunication Corporation (NTC)

The Omar Al-Bashir regime has held Sudan in an iron grip for the past 25 years. As new technologies develop and internet penetration increases (17 per cent of the population was connected in 2012), methods of control and repression have also been evolving.

The Cyber-Jihadist Unit

In 2011, at the height of the Arab Spring, Sudan’s ruling National Congress Party, fearing the spread of political challenges from abroad via social media, decided to upgrade its internet surveillance capability by forming a “Cyber Jihadist Unit” assigned to conduct “online defence operations” to “crush” internet dissidents.

Two hundred agents spread throughout the country, working in shifts to provide 24 hour-a-day capability, especially during  peak internet usage hours – nights and weekends. The unit was strengthened in 2012, when the Sudanese blogosphere was experiencing an unprecedented boom, growing from 70 to 300 blogs over a period of 18 months.

 The security services recruit agents from public higher education institutions including the National Ribat University. New recruits receive online piracy training in Malaysia and India. They are trained to monitor internet content, hack online accounts (email, Facebook, Twitter), block or take down sites and identify targets to put out of action.

 However, the Cyber-Jihadist Unit on its own would be insignificant without the protection afforded  by its parent organization, the NISS, the main agency for repression and censorship in Sudan.

The National Intelligence and Security Services

 The Cyber-Jihadist Unit works with complete freedom of action thanks to the National Security Act of 2010, under which the NISS operates. This law reinforces the impunity with which NISS agents operate, allowing them to arrest any journalist and censor any publication on “national security” grounds. The NISS can keep an individual in detention for up to 45 days without charges, with the authorization renewable when the initial period expires.

Before the cyber unit was created, a series of laws had already authorized control and repression of online information. In 2007, adoption of the IT Crime Act further weakened freedom of expression on the web and imposed penalties of up to two years in prison and heavy fines. People who create web sites critical of the government risk these punishments. In 2008, a law requiring mobile phone owners to register their SIM cards allowed intelligence agencies to more easily trace journalists and activists through their phones.

 National Telecommunication Corporation

 The NISS and Cyber-Jihadist Unit are reinforced by the NTC. Founded in 1996, the NTC is a government agency in charge of regulating information and communication technology. The NTC formed an Internet Service Control Unit to decide what content should be accessible on the internet. If the government determines some information to be too sensitive, it blocks the host platform. This has occurred repeatedly since 2008 to the news site and forum, Sudanese Online, which posted information on the war in Darfur.

 In response to the anti-government demonstrations that broke out nationwide in 2013, the NTC frequently blocked the sites for Sudanese Online, Al-Rakaba, and Hurriyat as well YouTube and other sites.

The agency went so far as to cut off the internet entirely for the entire country. In June-July 2013, the internet transmission system was slowed to the point that the network was completely inaccessible for several hours. On 25 September 2013, a total internet blackout lasted 24 hours. The objective was to hamper the organizing of demonstrations on social networks. As information flow came to a halt, the extent of official repression could not be known for several hours. The NTC denied official responsibility for the blackout, accusing demonstrators. But they had nothing to gain by cutting off their means of communication, and lacked the capacity to do so.

 Faced with the expansion of online censorship, a growing number of opposition web sites install their servers abroad. Sudanese Online, for example, is hosted in the United States.

 NTC and NISS agents’ technological shortcomings and limited English-language skills stand as the last barrier against total government control of the internet. Content in English and its authors are subjected less frequently to officially sponsored attacks. The emphasis is on Arabic content, reflecting concerns over domestic developments.

 Online news and netizens under attack

 The pace of censorship accelerated in 2011-2012. In an effort to bypass controls, some media workers opted to post prohibited content on their Web pages or Facebook profiles. NISS agents then began targeting this form of online journalism. Private emails are increasingly intercepted, and mobile phones are used to geo-locate journalists and activists.

 Popular uprisings in June-July, 2012 and June and September of 2013 prompted the arrests of numerous bloggers, journalists and activists. Agents often forced them to open and take down their Facebook and Twitter accounts. This forcible access to personal data also allows security forces to map dissidents’ networks.

 Video blogger Najla Sid-Ahmed was systematically harassed by security services in 2012 and forced to flee the country in July of that year. She became a target because of her videos documenting human rights abuses. NISS agents robbed her, confiscated her audio-visual material, and arrested her, holding her for several hours without food. She was then accused conspiracy and hate incitement, charges punishable by death in Sudan.

 Journalist and activist Somaia Ibrahim Ismail, known as “Hundosa,” a government opponent, was arrested on 29 October 2010, then seized by security service agents who tortured her for three days, on the pretext of membership in an armed group. She fled the country in November, 2012.

 On 22 June 2012, NISS agents arrested Ussamah Mohamed, whose tweets and blog postings made him very popular, especially in Burri, a neighbourhood on the outskirts of Khartoum. He was beaten for hours after refusing to unlock his iPhone. He was released in early August, 2012, after a detention marked by long interrogations focused on his Facebook and Twitter accounts, and online opposition forums.

 Since 2008, due to its content about the war in Darfur and popular uprisings, the Sudanese Online site has been hit by repeated blocking, hacking and infiltration by the NISS cyber brigade. The unit penetrates online discussions to gather information on cyber-dissidents and spread false information. News sites characterized as oppositionist, such as Al-Rakoba and Hurriyat are frequently blocked. The longest-running of these actions hit Al-Rakoba, which was inaccessible for 10 months, from June, 2012 to April, 2013.

 In September, 2012, following the posting of the online video, “The Innocence of Muslims,” which unleashed massive protests throughout the Arab world, NTC blocked YouTube access for one month.

Widespread internet blackouts aimed at shutting down media amount to another form of radical censorship that the regime uses to hamper freedom of information and repress all criticism.

Ethiopia: full online powers

The Information Network Security Agency (INSA)

Created in 2011 with “Secured Cyber for Peace Development and Democracy” as its official motto and revamped in 2013, the INSA is at the forefront of the Ethiopian government’s Internet control and censorship strategy. Billed as the ultimate rampart against external attacks on Ethiopia’s national security, in practice it uses aggressive spyware to monitor news sites and dissident sites, suppress independent reporting and impose the regime’s monolithic views.

INSA – NSA copycat

The INSA is an independent government agency that was created by the Ethiopian parliament in 2011 and revamped in 2013 by means of a legislative proclamation. Its mandate is to protect the country’s vital transport, energy, aviation, communication and critical infrastructures from electronic attacks aimed at disabling and/or disrupting or destroying them. Its expanded duties since December 2013 include developing offensive capabilities, launching counter-attacks if and when needed in self-defence, and developing information communication technology tools for the government to systematize and standardize information documentation as well as cater to other ICT needs.

In practice, the INSA has extensive access to the country’s computer and information network infrastructure. Thanks to the 2013 proclamation, it is empowered to investigate computers, networks, the Internet, radio and television, and social media (such as Facebook) for possible “damage to the country’s social, economic, political and psychological well-being.” The justification given for these enhanced powers is that most infrastructures are now subject to computerized control and therefore social media, outlets, blogs and other Internet media are potentially able to instigate conflicts or war. In fact, the INSA also uses its mandate to monitor and control dissent online and on phone networks, in violation of users’ privacy.

Its controlling capabilities are facilitated by the very low level of connectivity in Ethiopia. Although the government has undertaken major infrastructural initiatives in many areas, Ethiopia remains one of the least connected countries in Africa, with only 1% of Ethiopians having access to the Internet. This seems largely due to the monopoly position of the state-owned telephone and Internet service provider, Ethio Telecomm. Because of its monopoly, Internet access is costly, very slow and unreliable, and there is limited coverage outside of the capital, Addis Ababa.

Intruding with complete impunity

As well as de facto absolute technical control, the INSA’s work is facilitated by the overall political climate and an array of controlling legislation.

While the Ethiopian authorities claim that they practice no more than “limited online surveillance,” the total lack of checks and balances in the Ethiopian governmental system undermines the credibility of this claim. The government clearly sees the Internet as a powerful tool that should be kept under control and, thanks to the INSA’s broad mandate, it can engage in intrusive actions that violate privacy laws and free speech with complete impunity.

On the legislative front, the INSA is buttressed by the July 2012 Proclamation on Telecom Fraud Offences (article 6), which extended the very controversial 2009 Anti-Terrorism Proclamation and the Criminal Code to include electronic communication. Officially aimed at protecting the state’s monopoly of telecommunications and safeguarding national security, it violates international standards on the right to freedom of expression and information, especially as it does not define the “national security” it is supposed to protect. This proclamation is also worrying for its lack of clarity on the range of offences that are criminalized. Its criminalization of unofficial VoIP communications caused so much concern that the government was forced to issue a statement promising that Skype would not fall under its purview and that it would not be used to prosecute anyone using free Internet software to make and receive calls. Nevertheless
the threat remains as the proclamation was signed into law without a written amendment.

China to the rescue

The INSA is known to use spyware and other kinds of software to monitor and censor the online activities of Ethiopian citizens, whether social activists, opposition members or journalists. At one point, the Ethiopian government considered putting network security and content surveillance out to bid, but finally decided to let the INSA handle all of these duties using Chinese technology. To this end, the government signed an 800-million US dollar contract in August 2013 with ZTE, a Chinese telecom giant that is banned in the United States for alleged hacking of Internet systems and theft of intellectual property. It has also been banned from public bidding in Australia and its contracts have come under scrutiny in Britain.

There have been many credible reports, notably from academic research centres, that the INSA has for several years been using Deep Packet Inspection (DPI), an advanced network filtering method, to selectively target data traffic. In May 2012, it blocked access to the ToR browser, which is used to access sites anonymously. The INSA has proved to have a significant technical arsenal for targeting and swiftly removing specific, politically-sensitive websites and web pages, censoring content deemed hostile to the regime and intercepting Internet-based voice communication.

According to Freedom House, Gamma International provided Ethio Telecom with its commercial spyware toolkit FinFisher from April to July 2012. FinFisher can be used to secretly monitor computers, turn on webcams, record everything a user types with a key logger and intercept Skype calls. According to Citizen Lab, FinFisher was used in March 2013 against suspected government opponents, ensnaring them by means of fake Facebook accounts or pictures of Ginbot 7, a persecuted political opposition group.

According to industry sources contacted by Freedom House, INSA technicians have used software that masks the user’s identity to gather personal passwords and usernames.

Although there seem to be no hard and fast rules as to which websites should be blocked or allowed, the common denominator seems to be the expression of any kind of political dissent or criticism of the regime. The most obvious censorship method is “untransparent” blocking, in which a requested a web page appears as “Not Available” instead of saying it has been blocked.

Tapped, read, convicted

Many journalists and dissidents claim to have had their phones intercepted and their emails read. They have no hard evidence but their claims are supported by the evidence presented in the trials of several journalists in 2012.

Telephone conversation intercepts and illegally obtained emails were used, for example, in the trial of Feteh columnist Reeyot Alemu, who was sentenced to 14 years in prison. Information posted and intercepted online was also used as grounds for sentencing two exile journalists, Mesfin Negash and Abiye Teklemariam, to eight years in prison in absentia in connection with the information they posted on their website, Addis Neger Online, about the US-based opposition group Ginbot 7.

Three other exile journalists were convicted in absentia in connection with their work for Ethiopian Satellite Television Service (ESAT), an independent satellite TV, radio and Internet news service run by Ethiopian diaspora members from headquarters in the Netherlands. Often critical of the Ethiopian authorities, ESAT is regarded by the government at “the mouthpiece of the terrorist organization Ginbot 7.” Fasil Yenealem was sentenced to life imprisonment while Abebe Gellaw of US-based Addis Voice and Abebe Belew of the US-based Internet radio Addis Dimts were each sentenced to 15 years in prison.

Already jammed from within Ethiopia several times in the past few years, ESAT was hacked three times in the space of two hours on 20 December 2013 with sophisticated computer spyware that targeted two ESAT employees. Designed to steal files and passwords, and intercept Skype calls and instant messages, the spyware used an IP address belonging to Ariave Satcom, a satellite provider that services Africa, Europe and Asia. In each case, the spyware appeared to be Remote Control System (RCS), which is sold exclusively to governments by Milan-based Hacking Team. Reporters Without Borders named Milan Hacking Team as one of the corporate “Enemies of the Internet” in its 2013 report.