Blue Coat Internet monitoring devices (mis)used in Iran, Syria, Sudan
Posted on 11 July 2013.
Even though US sanctions should have made it impossible, filtering and Internet monitoring devices by US-based Blue Coat Systems can be found on many computer networks in Iran, Syria, and Sudan, a recent report compiled by researchers with Citizen Lab has revealed.

The Lab, based at the Munk School of Global Affairs at the University of Toronto, Canada, is an interdisciplinary laboratory that monitors, analyses, and impacts the exercise of political power in cyberspace, and this is not the first report on Blue Coat Systems they made.

The company has also been recently named a "corporate enemy" of the Internet by Reporters Without Borders.

According to the results produced by network measurement and scanning methods and tools made to search for instances of Blue Coat ProxySG and PacketShaper devices, the researchers have discovered them on public networks of 83 countries.

"Blue Coat is just one among the many companies that develop, market, and export dual-use technologies, including technologies that can be used to monitor Internet traffic, block websites, and
by extension track users’ online activities and communications," the researchers point out, adding that Western technologies capable of surveillance and censorship are now standard network building blocks for ISPs around the world.

"Even in cases where restrictions are explicit, or part of formalized sanctions and export control regimes, devices still make their way to governments in countries like Iran, Sudan, and Syria. Many more devices are present in countries with questionable records on human rights, surveillance, and the rule of law," they say.

Among these countries are the politicly volatile Côte d’Ivoire, censor-happy Thailand, and many others.

"The market for dual-use technology lacks effective mechanisms for external accountability and transparency to civil society or export control regimes," the researchers point out. "The issues raised by this report go beyond one company and its products and services, and underscore the imperatives of addressing global public policy implications of internationally-marketed communications infrastructure and services."

Citizen Lab's exhaustive report includes information on their methods for scanning for Blue Coat devices, particular findings regarding the aforementioned countries, the legal and policy considerations regarding those findings, as well as recommendations for action. Even though it's 40+ pages long, it is well worth a read.


Pen-testing drone searches for unsecured devices

You're sitting in an office, and you send a print job to the main office printer. You see or hear a drone flying outside your window. Next thing you know, the printer buzzes to life and, after spitting out your print job, it continues to work and presents you with more filled pages than you expected.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Fri, Oct 9th