Tag: security

North Macedonia Leads Region in COVID-19 Tracing App

Posted on by Ivana Jeremic

North Macedonia has become the first country in the Western Balkans to launch a contact-tracing app to tackle the spread of COVID-19, with the government at pains to stress user data will be protected.

StopKorona! went live on April 13 as a Bluetooth-based smartphone app that warns users if they have come into contact with someone who has tested positive for the novel coronavirus, based on the distance between their mobile devices.

The app, downloaded more than 5,000 times on its first day, was developed and donated to the Macedonian authorities by Skopje-based software company Nextsense.

States are increasingly looking at digital solutions to control the spread of COVID-19 as they move to open up their economies while limiting the burden on their health services. The European Union and data protection campaigners, however, have voiced concern over the threat such technology poses to individual privacy.

Presenting the app, Health Minister Venko Filipce said North Macedonia was looking to use “all tools and possibilities” to combat a disease that, as of April 15, had killed 44 people.

Information Society Minister Damjan Manchevski said all data would be securely stored.

“This data is recorded on a secure server of the Ministry of Health,” Manchevski said at the launch. “And no other user has access to mobile numbers, nor is there any data stored about the owner of the number.”

If a person tests positive for COVID-19, they can “voluntarily” submit their data to the Ministry of Health, Manchevski said, enabling the app to warn other users if they come into contact with that person.

Data privacy concerns linger


Macedonian Minister of Health Venko Filipce accompanied by Prime Minister Oliver Spasovski in Skopje, Republic of North Macedonia, 2020. Photo: EPA-EFE/NAKE BATEV

China, Singapore, Israel and Russia are among a number of countries that have developed their own coronavirus mobile tracking apps, mainly using Bluetooth, GPS, cellular location tracking and QR codes. The Chinese government app colour codes citizens according to risk level.

The technology, however, has set alarm bells ringing among data protection campaigners and rights organisations concerned about the threat posed by mass surveillance and loosening of data protection laws.

Nextsense director Vasko Kronevski, however, said his firm’s StopKorona! app adhered to all legal requirements.

“This is a mobile app made by following best practices around the world in dealing with the coronavirus,” he said. “It guarantees the complete protection of users’ privacy.”

“The success will depend on the mass use of the application. It is important to emphasise that we used global experiences from different countries.”

One of those examples is Singapore’s TraceTogether app, which helped the Asian country successfully contain the COVID-19 outbreak within its borders while, unlike most countries, keeping businesses and schools open.

According to data privacy experts, the decentralized design of North Macedonia’s app guarantees that data will only be stored on those devices that run it, unless they voluntarily submit it to the ministry.

“The key part is that the citizen maintains full control over their data until the moment they decide to send it to the Ministry after being diagnosed,” said Danilo Krivokapic, director of the Serbia-based digital rights watchdog SHARE Foundation.

“Additionally, all data stored on the phone is being deleted after 14 days,” he told BIRN. “In that context, the app is in line with the legislation that covers Data Protection.”

Krivokapic stressed that once data is shared with the authorities, the Ministry and all data users are obliged to respect the legal framework regarding privacy and data protection.

EU countries warming up to digital solutions


People wearing face masks in Skopje, Republic of North Macedonia, 2020. Photo: EPA-EFE/GEORGI LICOVSKI

France and Germany are reported to be working on similar contact-tracing apps, while Poland has made the biggest progress within the EU.

Polish authorities have already launched a smartphone app for those in quarantine and are now working on another, similar to StopKorona!

The first app was mandatory for people in quarantine, meaning that they had to upload selfies so the authorities could track their exact location.

According to Krzysztof Izdebski, policy director at ePanstwo Foundation, a Poland-based NGO that promotes transparency and open data, the coronavirus pandemic has already posed significant threats to privacy, with governments deploying technologies primarily created for the surveillance of their citizens.

With the second app, the Bluetooth-based ProteGO, authorities have published the app’s source code online, to get feedback and opinions from IT experts before implementing it.

So ProteGO, said Izdebski, is an example of an app that is trying to meet privacy requirements.

“The data is stored on personal devices for up to two weeks, and only if the user is sick and agrees to share data with respective authorities, they are being sent to the server – without information on the location,” Izdebski told BIRN.

And while digital solutions such as these could become a game-changer in containing the outbreak, experts note that success still depends on how many people are willing to use them.

“For the technical solution to have some results, a substantial number of citizens need to run the apps and to decide to share their data in case they are diagnosed,” said SHARE Foundation’s Krivokapic. “This way, the app can serve its purpose.”

Romania: From ‘Hackerville’ to Cybersecurity Powerhouse

Posted on by BIRD

First there was Guccifer, real name Marcel Lazar Lehel, who hacked the email accounts of the Bush family in the United States; then came Hackerville, the moniker given to the town of Ramnicu Sarat due to the international cybergangs it was home to.

Fairly or not, hackers put Romania on the global online map, honing their skills to strike Internet users and companies in the West, particularly the US.

But today, 30 years since the fall of communism, IT and cybersecurity firms are looking to tap the same rich vein of ambition, ingenuity and education that made Romanian hackers so feared and famous.

“Romania is currently one of the largest pools of talent in the IT&C space,” said Bogdan Botezatu, senior e-threats analyst at Romanian antivirus and cybersecurity giant Bitdefender. 

“Based on our tradition in STAMP [Software Testing Amplification] and research, universities deliver engineers, reverse engineers, people who are highly skilled in IT.”

Romania, he said, is already internationally recognised in the field of cybersecurity, and has the potential to play an even greater role.

Made in Romania – a global leader in cybersecurity

Bitdefender is one of the global leaders in cybersecurity, with more than 500 million customers worldwide and a network of research labs in Romania – the largest such network in Europe – to combat online threats.

Some 40 per cent of the antivirus and digital security companies on the market currently use at least one technology developed by Bitdefender. Such success is unparalleled in Romania, a European Union member state where almost no other company has a significant international footprint.

From Bucharest and other Romanian cities, Bitdefender’s experts have led or participated in operations to halt some of the most damaging cyber attacks the world has seen in recent years. 

In 2018, Bitdefender partnered with Europol, Interpol, the FBI and police in a number of EU countries to take down a group of hackers – believed to be from Russia – behind a ransomware called GandCrab. The inventors of the malware sold it on to other hackers who used it against private and corporate users.


View of the Bitdefender’s central headquarters in Bucharest. Photo: BIRN

“It became such a large phenomenon that half of the ransomware attacks happening at that moment were caused by GandCrab,” Botezatu told BIRN. 

“We managed to decrypt [the computers of] 60,000 victims, saving the victims around 70 million dollars.”

Despite its unusual level of sophistication, GandCrab was created as a way for the private individuals behind it to steal other people’s money.

Another type of cyberthreat, however, is state-sponsored and is known among experts as Advanced Persistent Threats, or APTs. 

The goal in this case is to undermine the functioning of key strategic foreign infrastructures or steal secret information from other states. That was the purpose of NotPetya, or GoldenEye, which emerged in 2017 as the work of hackers suspected to have been working for the Kremlin.

These hackers infected the update servers of an accountancy product widely used in the Ukrainian state administration. Everytime a Ukrainian public servant updated the program, the virus entered his or her computer and encrypted all its files. 

The virus had a worm component and quickly contaminated the entire networks to which infected computers were connected, bringing, for example, the Kiev metro to a halt and shutting down at least one airport, several banks and the radiation monitoring system at Chernobyl.

It spread globally, including to Romania, where Bitdefender took charge of the preliminary investigation that led to the identification of the virus after its researchers identified a pattern in the threats suffered by many users of their antivirus products. 

‘You can’t trace them back’

Like the rest of the former Soviet bloc, Romania spent more than four decades under communism, when education placed a premium on scientific and technological training. 

That expertise – and a resourcefulness developed under communism and during the painful transition to capitalism and democracy after 1989 – is now at the disposal of the EU and NATO as they try to combat cyber threats from Russia and other countries vying for a geopolitical upper hand.

And the Romanian state is doing its bit too, via bodies like the Romanian Information Service, SRI, an intelligence agency that took part in investigations that led to the 2018 exposure of Russian state involvement in a cyber espionage and warfare group called Fancy Bear. 

Also known as Sofacy or APT28, Fancy Bear targeted governments and civil society organisations in countries including the Netherlands, Britain, Germany, Romania and the US.


Bogdan Botezatu from Bitdefender. Photo: BIRN

Botezatu said the fact that the infections happened between 9 a.m. and 5 p.m. Moscow Standard Time led investigators to conclude they were being launched from government offices, said Botezatu of Bitdefender, which uncovered the campaign in 2015.

“Behind these kinds of attacks there is a country, and particularly the intelligence community of that country,” said General Anton Rog, head of SRI’s Cyberint centre.

“Of course, governments don’t act directly; through their intelligence services, they infiltrate or create these cybercrimes groups in a way that you can’t trace them back to say that they work with an information service.”

Most APT attacks, Rog told BIRN, are mounted in order to steal sensitive information. “It is a modality of espionage,” he said, “but through cables and cybernetic tools.” 

SRI’s Cyberint centre relies on tip-offs from foreign agencies, technology that recognises abnormal online activity and cyber informers.

Hybrid attacks

Sometimes the dividing line between financial-motivated attacks and APTs becomes blurred, as in the case of the malware family known as Cobalt Strike.

Cobalt Strike was used by the so-called Carbanak group from Russia and Ukraine to extract more than one billion euros from around 100 banks in over 40 countries, including Romania.

“The technology used is [characteristic of an] APT, but the motivation is strictly financial,” said Botezatu. 

Bitdefender conducted ‘post-mortems’ at two of the affected banks. Botezatu said the malware was “extremely sophisticated”, managing even to access the banks’ payment systems.

“With that level of access, the nefarious individuals authorise fraudulent bank transfers, raise the balance of mule accounts or command affected ATMs to spit out the money for them,” Europol said in a statement on the arrest in Spain of alleged Carbanak leader ‘Denis K’ in a 2018 operation that Romania took part in.

“Our suspicion is that… these attacks are used to make money to sponsor strategic attacks,” said SRI’s Rog. “In our evaluation, we take into account the fact that these groups have members who are in contact with governments or information communities,” he told BIRN, noting the costs and human and technical resources needed to develop malware like Cobalt Strike.

“They [governments] don’t want to spend money from their budget, they want to steal money from other countries and sponsor strategic attacks with it,” Rog said.

Strong cybersecurity “ecosystem”

To strengthen security at home and boost Romania’s role in the global cybersecurity game, SRI’s Cyberint centre says it is trying to create “an ecosystem” already being nurtured by courses offered by Cyberint at several universities across the country.

Likewise, Bitdefender partners with universities and high schools in training the next generation.

They may be people like Alexandru Coltuneac, a White Hat Hacker so called because of his transition from developing an Internet virus as a teenager to using his self-taught skills to help giants like Google, Facebook, PayPal, Microsoft and Adobe test their product security.

“I have set myself a target,” Coltuneac told BIRN. “I want to find at least one vulnerability in a product of each big company.”

Coltuneac, who is one of a number of Romanian White Hat Hackers recognised by Google and other companies as stars of ‘bug hunting’, now runs his own company together with a colleague.

Called LooseByte, the firm offers businesses cybersecurity tests and services to improve their protection levels.

Coltuneac said he finds pleasure in outsmarting the world’s best professionals.

“It’s a way of doing hacking without harming anyone,” he said.

INSI: Decline in 2019 Media Workers’ Deaths as They Pull Back from Deadly Conflicts

Posted on by BIRD

According to the annual report “Killing the Messenger,” published last Friday by London-based International News Safety Institute, INSI, a total of 48 journalists died in 2019 in incidents and accidents directly related to their work, the lowest number in 16 years.

That does not, however, mean journalists are now safer while doing their jobs, said INSI director Elena Cosentino.

“The decline in casualties was simply because fewer journalists reported from conflict zones in the first place,” Cosentino said.

“Syria, Yemen and Afghanistan were deemed simply too dangerous for either local or international media to cover and were dropped from many outlets’ news agenda.”

The deadliest country for media workers in 2019 was Mexico, with 12 reporters killed, followed by Tanzania (5), Afghanistan (4), Syria (4), Honduras (3) and Somalia (3).

Last year also marked the first time in 21 years that no journalist was killed in a foreign country, which comes as a result of media organisations pulling back their staff from the most dangerous places.

All 48 causalities in 2019 were local journalists reporting from their home countries, and the majority of them died while reporting on crime, politics and corruption by unknown perpetrators.

The past year proved partially successful in terms of investigations into the murders of some prominent journalists, including “significant legal developments in the killings of Ján Kuciak from Slovakia; Saudi Arabia’s Jamal Kashoggi; and Daphne Caruana Galizia in Malta,” the report said.

Slovak investigative reporter Kuciak and his fiancée, Martina Kusnirova, were shot dead in their home in February 2018. The trial of four people accused of the brutal killing started in mid-January, while in December another accused was sentenced to 15 years in jail in a separate trial.

Jamal Kashoggi, a Saudi dissident and journalist, entered the Consulate of Saudi Arabia in Istanbul in October 2018 and never came out. At first, Saudi Arabia denied having anything to do with the reporter’s disappearance, but then the authorities finally acknowledged that their own officials were behind the murder. The whereabouts of his body is still unknown.

Daphne Caruana Galizia was a Maltese journalist, writer, and anti-corruption activist who was killed in a car bombing near her home in 2017. Last November, the case saw an important development when the main suspect and alleged sponsor of the crime was arrested. He then accused Keith Schembri, the chief of staff of former Prime Minister Joseph Muscat, of ordering the assassination.

The murder, like that of Kuciak in Slovakia, sparked mass protests that forced the prime ministers of both countries to resign.

However, INSI said that the legal developments happened thanks to the enormous pressure brought by Caruana Galizia’s family and international media coverage.

“Daphne’s case proves that with enough time and pressure even the most powerful could one day be held to account,” Cosentino said.

“As happened in Malta, raising the cost of killing a journalist is the ultimate aim for everyone in the news industry. Despite the progress made in 2019, that still feels like a long way off.”

BIRD Community

Are you a professional journalist or a media worker looking for an easily searchable and comprehensive database and interested in safely (re)connecting with more than thousands of colleagues from Southeastern and Central Europe?

We created BIRD Community, a place where you can have it all!

Join Now