“Eleventh: Don’t get caught”: How to avoid traps set for us by the services?

From the publisher: The Pegasus scandal showed that it doesn’t take much to strip us of the most intimate details of our lives. We lose privacy at every step: cameras, systems, programs follow us. Surveillance is ubiquitous and seemingly inevitable. But Piotr Niemczyk, a security expert, argues that a lot depends on us. And he provides reliable ways to outsmart the prying eye of big brother watching us.

We are publishing a fragment of Piotr Niemczyk’s reportage “Eleventh: Don’t get caught. A plot guide based on the advice of former spies” published by Harde Publishing House.

Operation Lizard, revealed in September 2023, is probably the best documented case of surveillance using Pegasus. And not only in Poland, but probably in the world. According to media information, in 2019, during the election campaign before the parliamentary elections, senator Krzysztof Brejza’s phone was infected over forty times. But the surveillance, importantly, did not only involve hacking into the two phones of the senator and some of his entourage. Traditional wiretapping of telecommunications lines and surveillance were also launched, and Krzysztof Brejza’s friends and associates were harassed by service officers and even summoned for interrogations. The pretext for launching such an extensive surveillance operation was the case of alleged abuses at the Inowrocław City Hall, which was headed by the senator’s father, President Ryszard Brejza.

However, it can be assumed that the real reason for the surveillance of the politician was that in 2019 he was the head of the electoral staff of the Civic Coalition, an alliance of several parties that fielded candidates for parliament, competing with the ruling party to gain a majority in the Sejm and Senate. It also appears that the surveillance of the chief of staff contributed to the defeat of the Civic Coalition in the elections.

The biggest wiretapping scandal in recent years

And the politician’s case is not the only one revealed in Poland by international laboratories working to identify cases of smartphones being infected with Pegasus. The mentioned laboratories, Citizens Lab and Amnesty Tech, revealed that the phones of people with very different professions and various involvement in public affairs were also infected. They were: prosecutor Ewa Wrzosek, who was inconvenient for the politicians running the Ministry of Justice, lawyer Roman Giertych, journalist and activist Tomasz Szwejgiert, and former head of the Central Anticorruption Bureau Paweł Wojtunik. Interestingly, Pegasus was also used against people associated with the government but suspected of disloyalty to the PiS leadership. Among them were former MPs, a former minister, a lobbyist and the previously dismissed head of the Political Cabinet of the Minister of National Defense.

Journalistic investigations and the work of a special commission appointed by the Senate showed that the purchase of Pegasus was carried out in violation of public finance regulations, the use of the system was contrary to Polish law, and the system was not certified by the Internal Security Agency, in particular due to the fact that data obtained by Pegasus were transmitted via servers located in Israel and other countries, so it was highly probable that they would be intercepted by foreign special services.

Such actions of the special services can only be compared to the largest wiretapping scandals in the world. Even with Watergatei.e. the disclosure of illegal wiretaps installed by persons associated with the CIA in the Democratic Party’s electoral headquarters before the US presidential elections in 1972, in which the Democrats fielded an opponent against the incumbent President Richard Nixon.

Cover of the book ‘Eleven: Don’t Get Caught’ promotional materials of Harde Publishing House

Known surveillance programs

Unfortunately, the disclosure of Pegasus and blocking it by the author of the program, the Israeli company NSO, in some countries suspected of violating the rule of law did not solve the problem. Earlier and later, state services, political police, organized criminal groups and companies operating within the so-called competitive intelligence used and still use more or less advanced programs that allow them to break into other people’s smartphones and computers. The most famous are the products of the Italian company Hacking Team (Da Vinci and Galileo), but on the market of services related to security and economic espionage you can find many programs such as malware and spyware, which have restrictions that prevent illegal hacking, but professional programmers can remove them. Just enter words like: spyware, spyone, spylogger Whether spyphoneto find out.

In addition to commercial programs, NSO and Hacking Team, operating under new names, continue to create applications for state services, and their competitors offer new, even more efficient surveillance systems. One of the most famous is the Predator offered by the also Israeli company Quadream.

However, it should be remembered that programs offered to services by external companies are only the tip of the iceberg. The services of all countries important in international politics are developing their own spying programs. The most famous, next to Pegasus, is the American PRISM, used by the NSA and disclosed by Edward Snowden. In Poland, there is talk of the little-known Harnaś program, which apparently came into use in 2013. However, it is difficult to check whether it is a system created by Polish programmers or just a foreign program adapted to the specificity of the Polish language.

Why is it worth remembering all this?

Professional secret service officers treat such systems as work tools. Counterintelligence services and those responsible for internal security use them to observe officers and possible foreign intelligence agents, as well as terrorists and organized criminal groups. However, spies operating in hostile areas must be aware that such systems work against them. Therefore, one of the most important skills learned in spy training centers is being active in a situation where every step can be tracked, every conversation recorded, every meeting photographed.

Can anyone feel safe?

Thanks to previous scandals, as well as cases revealed by Citizens Lab and Amnesty Tech, we all learned that in many countries surveillance systems control opposition politicians, social activists, journalists, lawyers, ecologists and even clergy.

Therefore, it can be said that there are actually no people who could say about themselves that no one is interested in them. The fact that operational control may cover completely random people is proven by the case of Mariusz Gierszewski, an investigative journalist of Radio Zet, about whom more in the chapter on wiretapping.

Completely random people may come to the attention of the services for very different reasons. You can imagine that a member of an organized criminal group regularly visits the dentist. It is only a matter of time before intelligence experts start to consider whether to start recording the dentist’s telephone conversations and whether to install a listening device in the office to learn the content of the doctor’s conversations with patients.

Similar suspicions may fall, for example, on an accountant who provides services to companies involved in tax abuses or even owned by members of some local mafia. As a result, the guilty man becomes the hero of recordings and films recorded by some Pegasus. No wonder that politicians, lawyers, journalists, opposition activists, especially the so-called street opposition, leave their phones in the next room when they make an appointment. Is it effective? Not necessarily. Professionals have various procedures thanks to which they can still determine what the meeting was about. The very fact that several phones are in one place usually turns out to be interesting.

Is it possible to protect yourself against all these techniques?

Even professionally trained intelligence officers slip up sometimes. And what about people who conduct public political or social activity or – when working on a journalistic investigation – have to stay in contact with the editorial office?

When technology fails…

History knows cases where wanted people took extreme security measures and were still caught. One of the most famous is Ted Kaczyński, i.e Unabomber. This American with Polish roots hid from law enforcement agencies for 27 (twenty-seven) years, while simultaneously committing terrorist attacks using bombs hidden in letters. The FBI went out of their way to get him. He was caught only in 1996. But not thanks to sophisticated operational techniques, but because his own brother, David, with whom he had not been in contact for years, recognized his writing style when reading Kaczyński’s manifesto in The New York Times, published in June 1995. Thanks to this, both Kaczyński brothers made history.

The most modern technology of the time did not help determine where the perpetrator of the attacks was hiding. Unabomber he practically broke off contact with the world. He lived in the middle of nowhere in Montana. His cottage didn’t even have water or electricity, let alone telephone or electronic communication facilities. He sent bombs from various post offices throughout the United States, some of which he planted himself. He probably didn’t cooperate with anyone. But what’s the moral of this? Even if you cut off all contacts and do not use any electronics, the services may still catch you because one of your friends or family will sooner or later report you.

All subheadings in the fragment of Piotr Niemczyk’s book “Eleventh: Don’t get caught. A guide to plotting based on the advice of former spies”, Wydawnictwo Harde 2023, come from the editors.