The Albanian government said on Tuesday that it has signed a memorandum of understanding with the US-based Jones International Group, which is expected to advise on cyber security measures after the country suffered a huge data leak in late December.
The agreement with the Virginia-based Jones International Group was made public through a decision by Albania’s Council of Ministers but no details of tender procedures or the costs involved were disclosed.
“This is just an agreement of understanding in which the parties agree that they will work with each other. The other documents [contracts] will become known in the future,” the spokesperson at the Ministry of Infrastructure and Energy, Florian Serjani, told BIRN on Tuesday when asked about the cost.
When asked what was the basis upon which the company was chosen, Serjani said that “we have experience with this company because they have worked with the OST [Albania’s transmission system operator]”.
The Jones International Group, which provides cyber security, energy, telecommunications and political consulting services and products, is run by James Logan Jones, a former US Navy general and former US National Security Advisor. Jones was also the US supreme allied commander in Europe.
The Minister of Infrastructure and Energy, Belinda Balluku, met Jones on Monday and said that he has “expressed readiness to cooperate with the Albanian government for cyber protection, as one of the companies with the greatest experience in the US and Europe”.
Quoted by local media on Tuesday, Jonas said he feels honoured to help Albania in “cyberwar.”
“…There is a clear and obvious danger…”, he was quoted as saying.
The US company, which according to the official data was established in July 2020, plans a strategy of how to install multilayer protective systems to prevent cyberattacks in a country where people can find more than 90 per cent of their public administration services online.
Jones has previous connections with Albania. In 2019, while working as US National Security Advisor, in Albania he met the People’s Mojahedin Organisation of Iran, MEK, a controversial Iranian opposition group that has been sheltered by Albania since 2013. He has been presented as a longtime supporter of the Iranian resistance, especially the members of the MEK in Iraq.
At a NATO conference on security challenges facing technology two years ago in Tirana, he warned Albania to be vigilant about China offering to provide 5G technology.
After the huge data leak in December, the Tirana prosecution started checking a list allegedly containing the personal data of hundreds of thousands of Albanian citizens which was circulated on WhatsApp. Four people are under investigation over the leak.
It was alleged that the data contained the monthly salaries, job positions, employer names and ID numbers of some 630,000 citizens, from both the public and private sectors.
Another data leak of salaries for the month of April was released and circulated via WhatsApp one day later.
It was followed by a further data leak that contained private information about citizens’ vehicle number plates.
In April 2021, a few days before elections in the country, a database with the private information of around 910,000 voters in Tirana was leaked to the media.
It was claimed that the database belonged to the ruling Socialist Party and was taken from state institutions and used for electoral purposes.
The database, which BIRN has seen, included names, addresses, birth dates, personal ID cards, employment information and other data.
The Socialist Party denied wrongdoing, insisting that the information was gathered in door-in-door surveys. The case is still with the prosecution.
The Prosecutor of Tirana, Elisabeta Imeraj, told the media on Friday that police had arrested four people in connection with the massive data leaks that have rocked Albania.
Two people from state institutions suspected of selling people’s personal data and two others from private entities suspected of buying it had been arrested.
“They are employed in the National Information Service Agency, but practice their profession in the General Directorate of Taxes”, she said referring to the two arrested from state institutions.
The Tirana prosecution in December started checking a list allegedly containing the personal data of hundreds of thousands of Albanian citizens which has been circulated on social media.
It was alleged that the data contained the monthly salaries, job positions, employer names and ID numbers of some 630,000 citizens, from both the public and private sectors for January 2021.
Another data leak of salaries for the month of April was released and circulated through WhatsApp just one day later.
It was followed by another data leak that contained private information about citizens’ car plates.
Experts told BIRN that these leaks pose public security questions.
In April 2021, a few days before elections, a database with the private information of around 910,000 voters in Tirana was leaked to the media.
It was claimed that the database belonged to the ruling Socialist Party and was taken from state institutions and used for electoral purposes.
The database, which BIRN has seen, contained some 910,000 entries including names, addresses, birth dates, personal ID cards, employment information and other data.
The Socialist Party denied wrongdoing, insisting that the information was gathered in door-in-door surveys. The case is still with the prosecution.
The University of Toronto’s Citizen Lab, an internet watchdog that has been investigating the use of military-grade spyware from Israeli company NSO Group by authoritarian governments, said on Tuesday that the first two confirmed victims of phone-hacking using the Pegasus software in Poland are prosecutor Ewa Wrzosek and lawyer Roman Giertych.
Pegasus essentially turns infected phones into spying devices, making those who deploy the spyware able to access all data on the target’s phone, including messages and contacts.
The Associated Press, which first reported the new Citizen Lab findings on Tuesday, said that it cannot be confirmed who ordered the targeting of the two Poles.
Both targets have indicated that they suspect the Polish government.
In response to an inquiry from the AP, Polish state security spokesman Stanislaw Zaryn neither confirmed nor denied whether the government ordered the hacks.
Wrzosek is a well-known independent prosecutor who opposes the Polish government’s controversial justice reforms.
She also ordered an investigation into whether the 2020 presidential elections, which were organised during the pandemic, should have been postponed because they were too risky. Two days after she launched the case, she was transferred to a distant provincial town.
Giertych has been acting as lawyer for high-profile opposition politicians, including former Prime Minister Donald Tusk and former Foreign Minister Radoslaw Sikorski.
He also defended an Austrian developer who revealed the involvement of ruling Law and Justice Party leader Jaroslaw Kaczynski in a huge real estate deal to build to skyscrapers in the centre of Warsaw, which caused a major scandal.
Earlier this year, an international investigation by 17 media organisations found that the Hungarian government was among those that acquired the controversial Pegasus software from Israeli surveillance company NSO and used it to target a range of journalists, businessmen and activists.
No targets in Poland or other central European countries were identified at the time, but Citizen Lab warned that it had detected spyware infections in Poland dating back to November 2017.
In October 2015, two years after a banking crisis left Cyprus in desperate need of new financing, President Nicos Anastasiades visited China on a charm offensive, touting the Mediterranean island’s low tax rates, its European Union membership and its readiness to take part in China’s Belt and Road Initiative, BRI.
The floodgates opened, but there was nothing sporadic about the Chinese outlay.
Today, money from Chinese state-owned or state-linked corporations has penetrated the core of just about every key Cypriot sector, from real estate to natural resources, transport to aviation, all in the name of a transcontinental infrastructure project linking countries along the route of the old Silk Road.
Thanks in part to the BRI, China is set to surpass the United States as the world’s leading economy by 2028 and become the standout superpower heading into the ‘Fourth Industrial Revolution.’
A key component of the BRI is the Digital Silk Road, DSR, through which the Chinese Communist Party seeks to develop and export key technological infrastructure – including 5G – to participating states, boosting the importance and presence of Chinese tech companies around the world and, to a degree, replicating its digital authoritarian model.
Chinese investments in Cyprus. Illustration: BIRN/Igor Vujcic
In Cyprus, according to BIRN’s findings, China now dominates the 5G networks and the island’s wider tech ecosystem, creating a key Chinese outpost inside the EU with potentially far-reaching consequences for data security and the independence of Cypriot – and by extension EU – foreign policy.
It is a state of affairs that contradicts US and EU recommendations and the island’s own claims to be pursuing a multi-vendor strategy.
5G underpins power grids, transportation and water supplies, and, in the future, will enable military tools including artificial intelligence, said Carisa Nietsche, associate fellow for the Transatlantic Security Program at the Washington-based Centre for a New American Security.
“In extreme cases, analysts suspect China could pull the plug on the network, gather intelligence from data pulsing through the networks or cut off a 5G-enabled energy grid,” Nietsche told BIRN.
Chinese investment in Cyprus
In 2015, China’s largest private copper smelter, Yanggu Xiangguang Copper, bought a 22 per cent stake in Cyprus-registered copper mining company Atalaya Mining Plc for 96.2 million euros.
In November 2019, a consortium led by state-owned China Petroleum Pipeline Engineering signed a 290 million-euro deal with the Cypriot natural gas infrastructure company ETYFA to build a liquefied natural gas terminal for electricity generation. Among the four firms in the consortium is state-owned Hudong-Zhonghua Shipbuilding, the top warship producer for the Chinese navy.
Before it pulled out in 2019, state-owned Aviation Industry Corp. of China, AVIC, was the largest shareholder in Cypriot airline Cobalt.
JimChang Global Group has invested 100 million euros in a five-star hotel and housing development near Ayia Napa via a joint venture announced in 2016 with Cyprus property group Giovani. The residential part was completed last year.
Macau-based Melco is investing $677 million in the City of Dreams Mediterranean, an ‘integrated casino resort’ in Limassol, Cyprus. It is expected to open in 2022.
Building 5G on Chinese foundations
Illustration: BIRN/Igor Vujcic
On his 2015 visit to China, Anastasiades, who was re-elected in 2018, visited the Shanghai research centre of Huawei, the world’s largest manufacturer of telecommunications equipment.
Huawei plays a key role in driving global industry standards in Beijing’s favour through the filing of patents that make the industry more likely to adopt Chinese proposals as global standards.
In terms of 5G standard essential patents, Huawei has the largest portfolio worldwide. The company claims to hold more commercial 5G contracts than any other telecom manufacturer in the world – 91. Forty-seven of these are in Europe.
At the research centre, Anastasiades lauded Huawei’s “important contributions to communications network construction in Cyprus” and called for “deeper ties”.
Huawei’s dominance, however, has unsettled the United States and others, which say the company’s equipment could be used by Beijing for spying, something Huawei has vigorously disputed.
In a rare interview with foreign media in 2019, Huawei founder and CEO Ren Zhengfei said: “I love my country. I support the Communist Party. But I will not do anything to harm the world.” He said that Beijing had never asked him or Huawei to share “improper information” about its partners and that he would “never harm the interest” of his customers.
Unconvinced, in October 2020 then US undersecretary of state for economic growth, energy and the environment, Keith Krach, visited Nicosia and, with the 5G licence application process underway in Cyprus, incorporated the island into the US ‘Clean Network’ on 5G, an initiative launched under former President Donald Trump to build a global alliance excluding technology that Washington says can be manipulated by the Chinese Communist Party.
The Americans are concerned, in part, by the proximity of Chinese-dominated 5G networks to military bases. But while on paper the Cypriots may have sided with the Americans, in practice Huawei is still very much in play.
Huawei (Nicosia)-the building in which Huawei’s main Cyprus offices reside. Photo: BIRN
The company entered the local market in 2009, taking a lead role in the upgrade of the island’s information and communications technology and the 2/3/4G infrastructure of its four telecommunications companies, CyTA, Epic, Cablenet and Primetel.
Since Cyprus uses the so-called Non-Standalone, or NSA, mode for 5G – effectively building on top of its existing 4G infrastructure – and with Huawei providing the components for 100 per cent of the telecom companies’ 4G Radio Access Network, RAN – the Chinese giant looked perfectly placed last year to take the lead in the 5G rollout as well.
The RAN is comprised of various facilities such as cell towers and masts that connect users and devices to the Core Network, which in turn encompasses all 5G data exchanges such as authentication, security, session management and traffic aggregation across devices.
In December 2020, the two biggest 5G contracts were awarded to CyTA and Epic.
But both companies, sources say, are overwhelmingly dependent on Huawei for their Core Network and their RAN infrastructure.
Semi-governmental CyTA launched its 5G Network in January 2021, catering to 70 per cent of the population on launch and aiming for 98 per cent coverage by the start of 2022.
A senior CyTA manager told BIRN that 80 per cent of the company’s Core Network and 100 per cent of its RAN is covered by Huawei infrastructure. The remaining 20 per cent of its Core Network is provided by Swedish Ericsson.
“CyTA is a governmental company and comes up with tenders for the equipment, and Huawei has been a long-term provider of infrastructure and support and offers the best prices,” said the senior manager, who asked not to be named since he was not authorised to speak to media.
Asked about the makeup of its Core Network and RAN infrastructure, CyTA told BIRN: “We inform you that any information regarding the CyTA network is a trade secret and any disclosure of it is contrary to the commercial interests of CyTA and its partners (article 34 (2) Law 184 (I) / 2017).”
Huawei also accounts for 90 per cent of Epic’s Core Network infrastructure and 100 per cent of the RAN, said a senior manager at Epic, who also spoke on condition of anonymity.
Epic’s collaboration with Huawei dates to 2009, when the company, then named MTN, sealed a 20 million-euro contract with the Chinese firm to upgrade its network.
Now owned by Monaco Telecom, Epic went on to develop Cyprus’s first 4G LTE network, leveraging Huawei’s RAN solution, on which another Cypriot telecommunications firm, Primetel, also entered into an access-sharing agreement. In February 2019, shortly before its rebranding as Epic, MTN signed a deal with Huawei for the development of its 5G network.
An Epic spokesperson did not respond to repeated requests for comment.
Nietsche, of the Centre for a New American Security, told BIRN: “For 5G to deliver on its promises of faster speeds, it requires an immense amount of data to travel through the network. And that data is pushed closer and closer to the end user, or the edge of the network.”
“In Europe, some governments have distinguished between implementation of Huawei in the Core Network and the Radio Access Network, or edge of the network. These governments argue that you can essentially create a firewall between the core and edge of the network.”
“However, we should not make such a distinction. As 5G networks develop, more and more data is pushed toward the edge of the network, and it becomes harder to distinguish between the core and edge of the network.”
Chinese ‘fusion’
Huawei section of the Gulf Information Technology Exhibition (GITEX) Global 2021. Photo: EPA-EFE/ALI HAIDER
Using Huawei components within 5G infrastructure is not a direct violation of European Union guidelines, since the EU toolbox on 5G – a common set of guidelines laid out by the bloc to limit 5G cybersecurity risks – did not explicitly ban any specific company but left it to member states to decide which providers were ‘high-risk’.
Authorities in Cyprus have not as yet identified any provider as ‘high-risk’.
The October 2020 memorandum of understanding that saw Cyprus sign up to the US Clean Network “does not imply in an implicit or explicit way that Cyprus will move away from Huawei”, said the man who signed it, Deputy Minister for Research, Innovation and Digital Policy Kyriacos Kokkinos.
“What it says is that we will collaborate with US agencies and authorities so that we ensure that the security standards are respected in the infrastructure we deploy,” Kokkinos told BIRN.
EU guidelines, however, do stress caution over suppliers “subject to interference from a non-EU country”, warning that a member state’s network could be vulnerable if there was a “strong link between the supplier and a government of a third country.”
Huawei’s state ties are considerable.
Zhengfei, the company’s founder, was a former Deputy Regimental Chief of the People’s Liberation Army; reports say that a considerable number of Huawei employees are believed to have worked for the military; and some Huawei employees have collaborated on research projects with military personnel.
But it was legislation passed in China in 2017 that really raised eyebrows.
Article 7 of China’s 2017 National Intelligence Law requires any organisation to support, provide assistance and cooperate in “national intelligence work”. Even before that, Article 22 of the 2014 Counter-Espionage Law required any “relevant organisations and individuals” to “truthfully provide” information during any “counter-espionage investigation”.
China’s “military-civil fusion” – which calls for private sector assistance in the country’s military objectives – was inscribed as a strategic priority in the Chinese Communist Party’s constitution in October 2017.
Some European countries have already balked.
In October, Swedish telecom regulator PTS banned Huawei from supplying 5G equipment to Swedish mobile firms due to security concerns raised by Sweden’s SAP security service, a decision upheld by a Swedish court in June this year.
Huawei has repeatedly denied posing a security threat, while China threatened “all necessary measures” in response to the Swedish ban. Beijing also told France and Germany not to “discriminate” against the company.
In the United Kingdom, a firm US ally, the government set a cap of 35 per cent limit on Huawei’s involvement in 5G RAN. It also excluded Huawei from safety-related and safety critical networks and sensitive locations such as nuclear sites and military bases.
In Cyprus, Kokkinos would not be drawn on whether Cyprus might set a similar cap.
“I don’t want to make a statement that might be misleading that this is not something that might happen in the future,” he said. “But at the moment we do not exclude any vendor.”
Critics of the Chinese government say the stakes could not be higher.
Given how much states and societies will come to depend on fifth generation technology, its security poses an unprecedented challenge, with any potential ‘hack’ snowballing into a threat to national security.
As a host to British military bases and US spy stations at the crossroads of Europe, Asia and the Middle East, Cyprus is no ‘island’ when it comes to geostrategic importance. Some experts say the threat posed by Huawei’s political and military ties and its data dominance in Cyprus cannot be ignored.
“One day Cyprus has to choose a side,” said Chen Yonglin, a former Chinese consular official in Sydney, Australia, whose work included monitoring Chinese dissidents until he defected in 2005. “One day China will take off its mask and Cyprus won’t be able to stand in the middle.”
“Cyprus needs to be careful about handing over its sovereignty to China,” he told BIRN.
John Strand, director and founder of telecommunications consultancy firm Strand Consult, concurred:
“The China we have today is a different China than we had five years ago,” he said. “China is a country which is very aggressive to countries which basically have an opinion, or have citizens who have an opinion about what is going on in China, Hong Kong or Tibet, and other places.”
“We have seen that China is not only threatening countries which go against them or criticise them, they also punish countries,” he told BIRN.
“If the Internet broke down 10 to 15 years ago, society could move on, it was not an issue. Nowadays, everything in our society is built on top of IT solutions which are connected to each other through the Internet of Things.
Cyprus embraces Chinese blockchain
Huawei, however, is not the only cause of potential concern when it comes to Cyprus.
Another is VeChain, a Chinese state-backed blockchain platform that in November 2018 entered into a national partnership with Cyprus to assist the island in the development and implementation of blockchain solutions across a range of private and public sectors.
Mediterranean Hospital of Cyprus (Limassol),one of two Cypriot hospitals to partner with VeChain store vaccination records on the VeChainThor blockchain. Photo: BIRN
It is the only such state partnership VeChain has outside of China.
The platform, launched in 2015, is a favourite of the Chinese Communist Party, which has entrusted it with contracts in, among other areas, agriculture and telecoms.
In July 2018, after thousands of children were given faulty vaccines, the Chinese government called on VeChain to create a nationwide vaccine tracking solution with health data stored on the blockchain.
When VeChain presented its solution at the China International Import Expo in November 2018, President Xi Jinping was in attendance. Xi has declared blockchain a national priority, with VeChain a co-founder of the Belt and Road Initiative Blockchain Alliance that aims to develop blockchain along the route of the BRI.
In Cyprus, VeChain developed the E-HCert App, which records COVID-19 PCR and antibody test results on the VeChain Thor Blockchain and is being expanded to serve as a wallet for all medical records of Cypriot citizens and as a vaccination certificate.
The ‘V-Pass’, a vaccination certificate sealed in the VeChain Thor, is also in the pipeline for the general public.
Two of the island’s biggest private hospitals have also struck agreements with VeChain for it to host their medical records on its blockchain.
Christiana Aristidou, co-founder and vice-chair of the Cyprus Blockchain Association, said that all necessary measures had been put in place “to maintain the safety of health data.”
“Blockchain is very secure and VeChain intends to take the lead in this sector in Cyprus,” Aristidou told BIRN.
Asked about any risks to data security, the Cypriot Health Ministry replied: “The Ministry of Health does not use blockchain technology in public hospitals.”
Golden passports and a city of dreams
But while some experts voice deep concern over the extent of China’s data presence in Cyprus, domestic scrutiny appears lacking. One reason may by the stakes involved for a number of influential political and legal figures.
In August 2020, an undercover report by Al Jazeera exposed a scam at the heart of a Cypriot policy to provide citizenship to foreign nationals who invest two million euros in the island’s economy.
According to the report, a number of high-level Cypriot officials had abused the scheme to secure passports for several thousand foreigners who did not meet the legal requirements.
Passport control at the derelict former Nicosia International Airport in Nicosia, Cyprus. Photo: EPA/JAN RAKOCZY
An official investigation, published in June this year, said that 97 per cent of the 6,546 ‘golden’ passports issued between 2007 and August 2020 had been issued since Anastasiades took power in 2013.
More than half, or 3,609, were for family members of investors and executives of companies and who were granted citizenship without actually meeting the legal criteria.
Between 2017 and 2019, the Al Jazeera report found that 482 wealthy Chinese nationals applied for passports via the scheme, more than any other nationality bar Russian. They include several members of the Chinese People’s Political Consultative Conference, an advisory body to the Communist Party.
The chief protagonist in the Al Jazeera exposé was Dimitris Syllouris, who as speaker of the parliament at the time was the country’s second highest-ranking official after the president.
Syllouris was caught helping to fast-track a Cypriot passport for a fictitious Chinese businessman despite being told the applicant had a criminal record and was therefore barred from a ‘golden’ passport under the rules of the scheme.
Syllouris, who resigned over the scandal, had been a key player in a number of deals between Nicosia and Beijing, including in the tech sector.
Property developer and MP Christakis Giovanis, whose company partnered in 2016 with Chinese group JimChang Global on a 100 million-euro hotel and luxury housing development, also resigned his public post over the scam.
Invest Cyprus, the government agency tasked with attracting foreign investment and which signed the 2018 MoU with VeChain, plays a central role in bringing Chinese money into the country.
When Invest Cyprus facilitated the arrival in 2018 of Macau-based conglomerate Melco for the development of a casino mega resort worth $667 million in Limassol, the agency’s CEO, George Campanellas, became a member of the management team overseeing the project.
Melco CEO Lawrence Ho is a member of the National Committee of the Chinese People’s Political Consultative Conference, CPPCC, an advisory body to China’s central government.
Melco is also linked to the Cypriot telecom company Cablenet via the latter’s owner, Cyprus-based CNS Group, which is the parent company of The Cyprus Phassouri (Zakaki) Limited, Melco’s partner in the Integrated Casino Resorts Cyprus Consortium behind the Limassol casino development, City of Dreams Mediterranean. The resort is expected to open in 2022.
In 2019, Melco’s Ho attended the 2nd Belt and Road Forum for International Cooperation in Beijing with Melis Shiacolas, the managing director of CNS Group and a relative of Cablenet non-executive chairman and 37 per cent owner, Nicos Shiacolas.
The Invest Cyprus board also includes Pantelis Leptos, a prominent property developer whose law firm, Leptos Group, handled the paperwork for 169 applications to the golden passport scheme between 2013 and 2019, according to interior ministry data reported by Cypriot media group Dialogos. The company also has an office in China.
A senior official at Invest Cyprus initially agreed to be interviewed for this story but then said he needed to seek authorisation to speak to the media. He subsequently did not respond to repeated efforts to arrange a meeting.
In Paphos, on the southwest coast of Cyprus, the head of the local Chamber of Commerce and Industry, Andreas Demetriades, signed a memorandum of cooperation in 2017 with the Hi Tech District and Chamber of Commerce of the eastern Chinese city of Changzhou, near Shanghai, for the development of a pharmaceutical tech park in Paphos, with tech parks – industrial zones specialising in science and technology – high on the agenda of Invest Cyprus and the government.
Demetriades’ law firm, Andreas Demetriades LLC, handled 272 golden passport applications between 2013 and 2019, more than any other firm.
Stelios Orphanides, an investigative journalist with the Organised Crime and Corruption Reporting Project, OCCRP, said China could come to dominate the telecommunications sector “because there is the lowest level of scrutiny in terms of risk management.”
“Cyprus doesn’t have the will to carry out thorough checks,” he told BIRN, “because those who manage the system – both the old elites and new elites, lawyers, accountants and so on – have learned to do just one thing, which is to prostitute the sovereignty of Cyprus in exchange for personal benefits.”
The violations recorded in the second half of October show that routine digital violations are not disappearing. Hate speech, discrimination and war-mongering flourish in Bosnia’s digital environment, and, following the introduction of a new decree by the President of the Serb-led entity, Republika Srpska, digital violations have accelerated further.
Local elections in Hungary and North Macedonia, where ruling parties suffered setbacks, also caused a rise in violations, triggered by a climate of political antagonism.
Finally, in Serbia and Romania, the presence of unsolved issues at home resulted in the resurgence of the one and the same violations.
Hate Speech and War-mongering Rhetoric Poison Bosnia
With 45 violations recorded in our database out of a total of 101 cases between August 1, 2020, and August 31, 2021, hate speech and discrimination remain the most widespread form of violation in the Bosnian digital environment.
Zeljka Cvijanovic (L) speaks during the 29th Economic Forum in Krynica-Zdroj, southern Poland, 03 September 2019. Photo: EPA-EFE/GRZEGORZ MOMOT POLAND OUT
Following recent developments, including the entry into force of a presidential decree from Zeljka Cvijanovic, head of Bosnia’s Serb-dominated entity, Republika Srpska, aimed at not complying with a state law banning the denial of genocide and war crimes, there has been a further acceleration in hate speech and war-mongering rhetoric in the country.
Two hate speech and warmongering incidents were recorded in the second half of October. After the release of a video on Twitter on October 22 from the online news outlet Istraga, several comments inciting ethnic hatred and war propaganda showed up. Footage had showed Dragan Lukač, RS Minister of Interior, with members of the RS special forces doing exercises in Jahorina.
The second case involved Muhamed Velic, a Muslim cleric in Sarajevo, who called for war on his Facebook page, garnering 2,200 likes and 60 shares. The post, published on October 16 and later removed, said: “Ammunition in Konjic and Gorazde! Howitzers in Travnik! RPGs in Hadžići! Etc. Trust yourself and your hooves! They know that this is not a joke and that Bosnian might is not a small cat!” The message, which was then shared on Twitter by Bosnia’s consul in Frankfurt, Admir Atović, forced the country’s Foreign Ministry to intervene and seek urgent clarifications from him.
Hungarian Opposition Primaries Prompt Flow of Digital Violations
The 2021 Hungarian opposition primary, held in two rounds between September 18 and October 16, featured a harsh political confrontation between opposition candidates and the ruling Fidesz party. The stakes were high: to choose the challenger against Prime Minister Viktor Orbán in next year’s parliamentary elections. After the second round of the primary, voters elected Peter Marki-Zay, the conservative mayor of Hódmezővásárhely, to lead the opposition into the 2022 parliamentary election.
Hungarian opposition leader Peter Marki-Zay gives an international press conference at Brussels Press club, Belgium, 11 November 2021. Marki-Zay was nominated as a candidate by six-party opposition alliance formed specifically to oust Hungarian Prime Minister Viktor Orban in next year’s election. Photo: EPA-EFE/OLIVIER HOSLET
Before and during the primaries, a series of cyberattacks were carried out. The opposition asked Ferenc Frész, a senior cyber defence expert, to investigate the causes and origins of these DDoS attacks. The aftermath of the election after the second round was also a breeding ground for online violations. Three independent media outlets were attacked on announcing the primary election results. The pro-government website, Origo, was also repeatedly hit by DDoS attacks between October 22 and 24, making the site inaccessible. Internal investigations suggested that unknown individuals externally attacked the website. In the final days of the primaries, strange advertisements, apparently promoting the main opposition candidate, appeared in the news feeds of several Hungarian Facebook users, claiming that Márki-Zay was building a “new Fidesz” party. The messages quoted and distorted many of his statements on subjects like the corporal punishment of children.
Another incident recorded in our database involved the temporary suspension and unavailability of Valasz.hu, a website storing the complete archive of Heti Válasz, a conservative weekly established by Fidesz in 2001 and shut down in June 2018, after Lajos Simicska, a business magnate close to Orban, bought its publisher. As reported earlier by BIRN, Hungary remains a critical country in terms of the role of genuinely independent media. Members of Orban’s closest circle now own almost 88 media outlets.
Interference in North Macedonia’s Election Alleged, COVID Certificates Hacked
A woman votes at the polling station in Skopje, Republic of North Macedonia, 17 October 2021. Photo: EPA-EFE/GEORGI LICOVSKI
In the second half of October, political confrontation worsened in North Macedonia following two rounds of local elections on October 17 and 31. As Balkan Insight reported, the elections were of crucial significance, as the opposition VMRO-DPMNE party, for the first time since 2017, re-established itself as the dominant political force, also declaring that it now had the strength in parliament to lead a government.
On October 24, Stevcho Jakimovski, leader of the Citizen Option for Macedonia Party GROM and a candidate in the local elections for the municipality of Karpos, claimed that Chinese troll farms targeted his Facebook profile. He called on political rivals to behave ethically and not engage in such campaigns during the election. GROM, in coalition with VMRO-DPMNE at national level, ran alone in the Karpos mayoral race. On October 29, as our new focus page on COVID-19 Crisis and Tech Response reported, the Ministry of Health withdrew its EU digital certificates and QR codes, following a hacker attack.
Users of a forum said the hackers, who broke into the system and started issuing QR codes, using data from Macedonian citizens, penetrated the unprotected Macedonian server, from where they managed to get the key to the codes. IT.mk, a Macedonian information technology portal, showed how easy it was to bypass the national health system and has shared several posts of Twitter users with valid certificates, issued for Adolf Hitler, Sponge Bob and other dead or fictitious characters.
COVID-19 Fake News and Online Harassment Persist in Romania
Following a global trend, Romania’s digital environment is experiencing a rise in fake news, misinformation, and other manipulative content on the COVID-19 pandemic. Romania’s online space also continued to record a high number of episodes of misogyny towards women, especially those working in education. For instance, on January 6, a former presidential candidate and TikTok influencer, Alexandru Cumpanasu, was arrested for sending comments of a sexual nature, and instigating hatred and discrimination, against teachers and professors. Some violations that occurred in October confirm this trend in Romania’s digital environment.
On October 19, Piatra Neamț County Police opened a criminal investigation into the spread of false information after a woman streamed herself on Facebook in front of a critical care ward, where COVID patients were being treated in Piatra Neamț, north-east Romania. The woman, filming from a distance, claimed that “there is no one” inside the clinic, suggesting the pandemic was fiction. The video also became known thanks to a Facebook post of Oana Gheorghiu, cofounder of the NGO Dăruiește Viață, who immediately reported the incident.
A Romanian woman gets a Pfizer vaccine dose from a volunteer nurse, at a Covid-19 Marathon Vaccination For Life center organized at Children Palace venue in Bucharest, Romania, 22 October 2021. Photo: EPA-EFE/ROBERT GHEMENT
A second case concerned Florentina Golea, a schoolteacher who was harassed after posting photos on Facebook while teaching a class of 12-year-old girls on the importance of vaccination. On October 5, RO vaccinare, the official page of the National Committee for Vaccination, promoting the vaccination campaign in Romania, shared photos from the teacher’s profile on Facebook. After that, the teacher received hundreds of insulting comments via Facebook, from “profiteer” and “be ashamed” to “monster” and “criminal”. The teacher also received death threats from people who claimed to know where she lived and the address of her school in Tecuci, in Galați County. Sorin Cîmpeanu, Minister of Education, announced that he would support the teacher if she sued those who had harassed her on Facebook.
COVID-19 Manipulation and Threats to Journalists in Serbia
Manipulation, conspiracy theories and other fake news have spread fast in Serbia’s online environment, where most cases still seem to be linked to the COVID pandemic.
The logo of the messaging application Viber pictured on a smartphone. Photo: EPA/RITCHIE B. TONGO
Recently, a case was uncovered where some citizens were wrongly prescribed anti-parasite treatment for COVID via a Viber group. At the same time, alarmingly, Serbia stands out as one of the countries with the most attacks on independent journalists. Between August 1, 2020, and August 31, 2021, 30 out of a total of 111 such cases targeted journalists. BIRN editor and investigative journalist Ivana Jeremić was threatened by a Twitter user last December 2.
The latest cases recorded by our monitoring team confirm this trend in the Serbian digital space.
On October 10, after Serbian virologist Ana Banko stated on Radio Television of Serbia RTS that vaccinated citizens can transmit the Delta strain of the coronavirus, part of her statement was spread on social media with the intention of manipulating her words. The video shared by many users, together with the title, took the sentence out of context, leading readers to the wrong conclusion. The virologist was answering a series of questions on a talk show, and her intention was not to diminish the effects of the vaccine but only to emphasize the speed of transmission of the new Delta variant.
On October 21, meanwhile, online threats targeted two Serbian journalists, Jovana Gligorijević and Snežana Čongradin, the historian Dubravka Stojanović and the literary critic, Jelena Lalatović.
The threats, which have been condemned by the Independent Association of Journalists of Serbia, were misogynistic and anti-feminist, and were posted from an anonymous Twitter account. This is not the first-time threats have been sent from this account. A year ago, the journalist Vesna Mališić was also threatened by the same profile, which called for a lynch and her murder.
North Maceodnian police on Monday said they were aware of a case in which human rights activists have alerted that explicit photos and videos of Roma girls and women are being posted on a Facebook group, and are “working to apprehending the persons responsible”.
The police said that they are also working on removing the explicit online content, adding that instances of online sexual abuse have increased over the past two years, since the start of the global COVID-19 pandemic.
The case was first reported in the media over the weekend.
“The posts contain private photos and videos of Roma women living in the Republic of North Macedonia but also outside our country,” the Suto Orizari Women’s Initiative, a human rights group from Skopje’s mainly Roma municipality of Shuto Orizari, said on Sunday.
“All the posts on the Facebook page are provoking an avalanche of harassing comments and hate speech from individuals, as well as calls for a public lynching, which violates the dignity of the Roma women whose photos have been published,” it added.
The organisation said the Facebook fan page has been active for some two months, since August 21, and has over 1,600 followers.
Reportedly the Facebook page also contains calls for collecting more photos and videos in order to post them and expose “dishonest women”, along with teases from the page administrators, who ask members whether they would like to see uncensored videos.
The Facebook page was also reported to the authorities last Friday by CIVIL – Center for Freedom, a prominent human rights NGO.
“CIVIL condemns this gruesome act and reported this Facebook page on Friday to the Interior Ministry’s department for computer crime and digital forensics, and to the Public Prosecution, so that they immediately take measures, shut down this page, and uncover and accordingly punish the administrators,” CIVIL said on Sunday.
The recent case was reminiscent of the earlier so-called “Public Room” affair. A group known as Public Room, with some 7,000 users, shared explicit pornographic content on the social network Telegram. It was first shut down in January 2020 after a public outcry, only to re-emerge a year later, before it was closed again on January 29.
The group shared explicit content of often under-age girls.
In April this year, the prosecution charged two persons, a creator and an administrator of Public Room, with producing and distributing child pornography.
These occurrences sparked a wide debate, as well as criticism of the authorities for being too slow to react to such cases and curb online harassment and violence against women and girls.
This prompted authorities to earlier this year to promise changes to the penal code, to precise that the crime of “stalking”, which is punishable with up to three years in jail, can also involve abuse of victims’ personal data online.
North Macedonia’s Interior Ministry has meanwhile launched a campaign to raise awareness about privacy protection and against online sexual misuse, called “Say no”.
We would like to hear from parents and teachers willing to share their experience with us to help in an upcoming investigation into the safety of children and young teenagers using TikTok.
Scroll down for more information about how to take part.
The key things we want to know:
What steps did parents take to protect their children and young teenagers on the platform?
Were there any cases in which children and young teenagers were the targets of bullying, identity theft, privacy issues etc.?
If/how the potential danger in the digital environment is harming their childrens’ physical safety?
What do teachers know about the network and how do they educate children about it?
We will not publish any documents or names without prior consent and we do not plan to use specific examples, but rather show more general systemic problems. Your responses are secure and encrypted.
Your stories will be used to help us with an ongoing investigation.
A new report published by the Freedom of Expression Association in Turkey on Monday says that the Turkish government under Recep Tayyip Erdogan has increased its censorship over the years on internet and social media.
The report, entitled ‘Disabled Web 2020: Fahrenheit 5651, The Corrosive Effect of Censorship’, says that more than 467,000 websites have been banned in Turkey since 2006, with 58,809 website bans in 2020.
Since 2006, the Turkish authorities have also banned access to 150,000 URLs, 7,500 Twitter accounts, 12,000 YouTube videos, 8,000 Facebook posts and 6,800 Instagram posts, according to the report.
In 2020 alone, 15,832 news articles were ordered to be removed from media webpages, the majority of them critical of Erdogan’s government.
“The Turkish state’s complex internet censorship mechanism continues to be more active than ever before,” the report says.
The Freedom of Expression Association accuses the government of using measures to curb the coronavirus pandemic as an opportunity to increase censorship.
The report says that 764 different state institutions – ministries, directorates and the presidency and its branches, as well as courts – have banned access to webpages for various reasons.
However, according to the data collected by the Freedom of Expression Association, a relatively small proportion of the websites and URLs have been banned by the courts – around 35,000 since 2006.
According to the data that the Freedom of Expression Association obtained from the Interior Ministry, a total of 75,292 social media accounts were investigated in 2020 and legal action was taken against 32,000 of them.
The report also says that sanctions on the internet are “no longer limited to only access-blocking practices, there has been a significant increase in the number of news and content removed with the content removal sanction, and censorship has begun to be implemented more effectively”.
“The corrosive and destructive effect of censorship and control mechanisms will continue in the years to come,” the report concludes.
Twitter has started to label accounts belonging to various pro-government media in Serbia as state-affiliated media.
Among those it deems affiliated with Serbia’s government are the dailies Srpski Telegraf, Kurir, Informer, Politika, and three free-to-air channels – Happy, Prva TV and B92, RTV Pink’s online portal, as well as the news agency Tanjug.
The label appears on the profile page of the Twitter account and on the Tweets sent by and shared from these accounts. Labels contain information about the country the account is affiliated with and whether it is operated by a government representative or is a state-affiliated media entity.
These labels include a small icon of a flag to signal the account’s status as a government account and a podium for state-affiliated media. In the case of state-affiliated media entities, Twitter will not recommend or amplify accounts or their Tweets with these labels to people.
As noted in Twitter’s rules and regulations, Twitter defines state-affiliated media as “outlets where the state exercises control over editorial content through financial resources, direct or indirect political pressures, and/or control over production and distribution.”
None of the media affected has yet reacted publicly to the new rule.
Although the media in question are widely perceived as pro-government due to their highly positive reporting on the government and sharp criticism of the opposition, it is not clear what steps Twitter took to determine whether they fit the criteria. BIRN has asked Twitter about the methodology it used but has not received a reply by the time of publication.
The “Serbia state-affiliated media” label is visible on the pro-government media Twitter page. Photo: Screenshot/Twitter.com
Twitter announced it will start labelling state-affiliated accounts in August 2020, and a number of accounts linked to governments across the world have been labelled since then. However, Serbia is the first country in the Balkan region to be added to this list.
Serbia’s public broadcaster, Radio Television of Serbia, RTS, and Radio Television of Vojvodina, RTV, are among those whose accounts are also labelled state-affiliated.
Twitter said it draws a distinction between state-affiliated broadcasters and those working more independently like the BBC.
“State-financed media organizations with editorial independence, like the BBC in the UK or NPR in the US for example, are not defined as state-affiliated media for the purposes of this policy,” it said.
Currently, besides Serbia, labels appear on relevant Twitter accounts from China, France, Russia, the United Kingdom, the United States, Canada, Germany, Italy, Japan, Cuba, Ecuador, Egypt, Honduras, Indonesia, Iran, Saudi Arabia, Spain, Thailand, Turkey, and the United Arab Emirates.
Last year, Twitter deleted 8,558 accounts engaged in “inauthentic coordinated activity” – some 43 million tweets criticising the Serbian opposition, independent media and individuals critical of president Aleksandar Vucic and his Progressive Party rule.
BIRN analysis showed that before it was removed, a network of accounts in the service of Serbia’s ruling Progressive Party found its way into the pages of pro-government tabloids, such as Informer and Kurir, disguised as the “voice of the people”.
A Turkish group called Cyber Warrior Tim Akincilar hacked the Serbian Public Debt Administration’s website on Friday in what appeared to be a protest against Serbia’s denial of the Srebrenica genocide.
On the Public Debt Administration site’s front page, the hackers posted a photograph of a hall full of coffins and the number 8372 – a reference to the number of Bosniaks killed by Bosnian Serb forces in the Srebrenica genocide in July 1995, Serbian news website 021 reported.
Over the photo were the words “Unutmadik”, Turkish for “We haven’t forgotten”. This was also a reference to a quote by the first Bosnian President Alija Izetbegovic, who said: “Do not forget genocide, because a forgotten genocide will be repeated.”
The photo posted by the hackers was taken down and the Public Debt Administration site was functioning normally again on Friday afternoon.
The Serbian authorities do not accept that the massacres and deportations of Bosniaks from Srebrenica constituted genocide, despite the rulings of international courts.
Hacking group Cyber Warrior Tim Akincilar states on its website that it was founded in 2001 and fights “attacks on our faith and moral values, actions against our state and our country, and events that negatively affect society and the public conscience”.
It has often been reported that Cyber Warrior Tim Akincilar is related to Turkish nationalist groups, while ‘Akincilar’ refers to the Ottoman army’s vanguard units.
In previous years, the hackers have attacked the websites of various Greek authorities, such as Greece’s Foreign Ministry in September 2020, but also sites belonging to the Dutch government in 2018 and the sites of some government institutions in Egypt in 2019, when these countries had disagreements with Turkish government.
So far, the UN tribunal in The Hague and Balkan courts have sentenced a total of 48 people to more than 700 years in prison, plus five life sentences, for Srebrenica crimes.
Are you a professional journalist or a media worker looking for an easily searchable and comprehensive database and interested in safely (re)connecting with more than thousands of colleagues from Southeastern and Central Europe?
We created BIRD Community, a place where you can have it all!
Illustration: BIRN/Igor Vujcic
Huawei (Nicosia)-the building in which Huawei’s main Cyprus offices reside. Photo: BIRN
Mediterranean Hospital of Cyprus (Limassol),one of two Cypriot hospitals to partner with VeChain store vaccination records on the VeChainThor blockchain. Photo: BIRN
Passport control at the derelict former Nicosia International Airport in Nicosia, Cyprus. Photo: EPA/JAN RAKOCZY
