U.S. citizen sues Ethiopia for allegedly using computer spyware against him

Video: The Post's Craig Timberg breaks down a new report by digital watchdog group The Citizen Lab, which suggests the Ethiopian government is hacking the computers of Ethiopian journalists in the D.C. area.

A Washington area man with ties to Ethiopia’s political opposition sued that country’s government in federal court Tuesday, alleging that agents had used powerful spyware to hack into his computer and snoop on his private communications for more than four months.

The suit says that forensics experts found more than 2,000 files related to a spyware program called FinSpy, including evidence that it had accessed the plaintiff’s Skype calls, e-mails and Web-browsing history in violation of U.S. wiretapping laws.

More tech stories

Real talk about innovations

Real talk about innovations

Just because something is new doesn’t mean it should be touted as an innovation.

Hey Domino’s, stop saying you’re innovative

Hey Domino’s, stop saying you’re innovative

News flash -- replacing a pizza’s crust with breaded chicken breast is not an innovation.

New pressure on Google to crack down on illegal drug sites

New pressure on Google to crack down on illegal drug sites

State attorneys general want the search giant to do more, and some shareholders have filed suit.

The case is the latest sign that the government of Ethi­o­pia, an American ally with a history of repressing political opponents, journalists and human rights activists, has used sophisticated Internet technology to monitor its perceived enemies, even when they are in other countries.

“The Ethio­pian government appears to be doing everything it can to spy on members of the diaspora, especially those in contact with opposition groups,” said Nate Cardozo, a staff attorney for the Electronic Frontier Foundation, a civil liberties group based in San Francisco that prepared the suit.

Ethio­pian officials did not respond to requests for comment Tuesday. Last week, for a separate article about the government’s alleged use of spyware against Ethio­pian journalists working in the United States, a government official said, “The Ethiopian government did not use and has no reason at all to use any spyware.”

Tuesday’s suit, filed in U.S. District Court for the District of Columbia, takes the unusual step of not naming the plaintiff, who says in an affidavit that revealing his identity would endanger him, his children and members of his family still in Ethi­o­pia.

The man came to the United States 22 years ago, won political asylum and now is a U.S. citizen living in Silver Spring, Md. He provides “technical and administrative support” to an Ethio­pian opposition group, Ginbot 7, but is not a formal member of that group, the affidavit says. In the suit, the plaintiff uses a pseudonym, “Kidane,” a common name in Ethi­o­pia. A judge must decide whether the pseudonym will be allowed in the suit.

“I would be extremely hesitant to continue to seek legal redress in this case should I be denied this request to proceed pseudonymously, as I fear the litigation would put my life and the lives of my family at substantial risk,” ­Kidane wrote in the affidavit.

Computer researchers tracking the spread of spyware have named Ethi­o­pia among a list of dozens of countries that use such products. The spyware typically can read e-mails, snatch documents and contact lists, record video chats, and remotely activate cameras and microphones, making a computer capable of spying on targets in their homes or workplaces. The market for spyware operates with few international restrictions, although using spyware can violate a range of laws.

Hidden files discovered by ­forensics experts show the hacking of Kidane’s computer began in October 2012, when he downloaded what appeared to be a Microsoft Word file attached to an ­e-mail, the suit alleges. The document, in Ethiopia’s Amharic language, contained a desperate plea from another Ethio­pian expatriate requesting Kidane’s help in protecting a relative in danger. It also contained FinSpy, which gradually took hold of Kidane’s computer.

More than four months later, in March 2013, an independent research group published a report detailing evidence that Ethi­o­pia was using FinSpy, produced by Gamma Group, a spyware maker based in Britain and Germany. That report, by Citizen Lab at the University of Toronto’s Munk School of Global Affairs, singled out a server based at Ethiopia’s state-owned telecommunications company as controlling the spyware.

Five days after that report was issued — prompting widespread news coverage — the server in Ethi­o­pia went offline and the hackers who had taken control of Kidane’s computer attempted to remove all traces of FinSpy from his machine, the lawsuit alleges.

But the attempted removal was incomplete: It left behind the hidden files that forensics researchers for the Electronic Frontier Foundation eventually found.

Gamma Group did not respond to a request for comment filed through its Web site, which describes the company as an “international manufacturer of surveillance & monitoring systems with technical and sales offices in Europe, Asia, the Middle East and Africa.”

The lawsuit, prepared in conjunction with the law firm Robins, Kaplan, Miller & Ciresi, seeks a court declaration that the Ethio­pian government was behind the hacking of Kidane’s computer, as well as attorney’s fees and $10,000 in damages.

Privacy International, an advocacy group based in Britain, filed a criminal complaint there Monday urging an investigation of the alleged use of FinSpy against an Ethio­pian political refu­gee based in the United Kingdom. Last week, Citizen Lab issued a report detailing evidence that the Ethio­pian government had used a different brand of spyware, produced by an Italian company called Hacking Team, against journalists working for Ethio­pian Satellite Television, a news service with offices in the Washington area.

 
Read what others are saying