Georgia: Hacker Case Raises Questions About Political Inconsistencies

By

By Molly Corso

In recent months, criticism has persisted that Georgian Prime Minister Bidzina Ivanishvili’s government is allowing politics, rather than evidence, to guide criminal prosecutions of old foes. A curious case against a 19-year-old computer programmer, Vasil Jamalashvili, helps illustrate how that criticism has taken root.

Jamalashvili, a former employee of the Ministry of Internal Affairs’ Department of Constitutional Security, is charged with devising malware that was allegedly used to spy on Ivanishvili and his Georgian Dream coalition prior to Georgia’s 2012 parliamentary elections. He faces up to eight years in prison if convicted on charges of illegal surveillance and eavesdropping.

Last November, Jamalashvili admitted to having a role in developing malware for the ministry that, when activated, supposedly could turn on microphones and video cameras on targeted computers. It could also record keystrokes and access documents. Jamalashvili has additionally stated that he acted in the belief that the computers to be targeted would be in Russia.

Prosecutors say that all of the computers that ended up being infected with the Jamalashvili-designed malware, both Apples and PCs, were allegedly connected to either Bidzina Ivanishvili, including devices at his Tbilisi residence, or to Ivanishvili’s Georgian Dream coalition, the opposition movement that was, at the time, challenging President Mikheil Saakashvili’s United National Movement (UNM) for control of parliament.

Giorgi Popkhadze, Jamalashvili’s lawyer, has claimed that his client was coerced into developing the malware by ex-Interior Minister Bacho Akhalaia, and his deputy, Vazha Liluashvili. “[T]hey told the child [Jamalashvili] that the Russians are coming, [and that] ‘If we can’t stop them, if we don’t do this,’ … [there will be consequences],” recounted Popkhadze.

Akhalaia — now in jail and awaiting trial on charges of torture and abuse of power — has headlined the list of targets for prosecutors investigating alleged past wrongdoing by Saakashvili’s close political associates. The accusations against Jamalashvili and 10 others came a few weeks after Akhalaia’s arrest.

The teen is the only defendant to have acknowledged working on the alleged malware project. Yet three months into the criminal investigation, there seem to be more questions than answers surrounding the case.

Popkhadze told EurasiaNet.org in January that Jamalashvili had entered into discussions with the Interior Ministry to return to his old job. The ministry, citing the ongoing investigation into the alleged malware attack against the Georgian Dream, declined to comment on Popkhadze’s claim. Popkhadze subsequently stopped responding to interview requests. Similarly, Jamalashvili, photographed in January for a full-page portrait in Hot Chocolate magazine as one of Georgia’s “People of 2012,” is now also keeping a low profile. Contacted by EurasiaNet.org, Jamalashvili declined one interview request, and vanished after receiving a second.

Arguably, any decision by the Georgian government to rehire the programmer whom it is, at the same time, prosecuting for a malware attack against the prime minister and the now-governing coalition would muddle the criminal case. Maia Mtsariashvili, a prosecutor on the case, told EurasiaNet.org she was unaware of any effort by the Interior Ministry to rehire Jamalashvili. His trial is scheduled to begin March 26; the investigation is ongoing, Mtsariashvili said.

Essential facts in the case have proven stubbornly difficult to verify. The prosecutor’s office reportedly has yet to officially determine what type of malware was used against the Ivanishvili and Georgian-Dream computers. Despite numerous requests from EurasiaNet.org, Georgian Dream representatives have not released any details about the malware, nor have they disclosed information about the “foreign experts” who were brought in for consultations last summer after the alleged breach of the Ivanishvili and Georgian-Dream computers supposedly was discovered.

The most vocal among those experts is American security specialist Paul Joyal, a publicity representative for Ivanishvili during the 2012 parliamentary election campaign, who argued that the scope of the attack pointed to a government role in it. “It was within their capabilities both from an in-house standpoint, and from a purchasing standpoint,” Joyal said, referring to the Interior Ministry under UNM control.

Yet what is believed to be an essential element in the malware, a program called the Dark Comet remote administration tool (RAT), would be within the purchasing power of many. In 2012, Dark Comet RAT could be bought online for a mere 25 euros, or $33.41, according to the blog Malwarebytes.

Hacking into a Georgia-based computer also does not necessarily present a great challenge. Microsoft Corporation estimates that in 2012, 89 percent of all computers in Georgia were still using unlicensed software, which often makes it easier for hackers to break into computers.

Mamia Sanadiradze, the former owner of Caucasus Online, an Internet Service Provider, maintains that the National Movement-dominated government had a long history of listening in on civilians and eavesdropping on their computers. “Not just privacy, everything was abused in this country,” claimed Sanadiradze, a Saakashvili critic.

The government snooping doesn’t seem to be easing up under Ivanishvili, he added. “[T]here is a big hope that everything will be changed, but they have been slow to change it, they have been slow.”

Davit Darchiashvili, a senior UNM MP, dismisses the allegations that Georgia’s Interior Ministry unleashed a malware attack against Ivanishvili or the Georgian Dream, during the election campaign. The UNM, when in power, “never made such an order,” he asserted. [Editor’s note: Darchiashvili is the former director of the Open Society Georgia Foundation, part of the network of Open Society Foundations (OSF). EurasiaNet.org operates under OSF’s auspices in New York].

For now, making sure that Georgian law protects computer users against snooping by any unauthorized outsider does not appear to be a legislative priority for either the Georgian Dream or the UNM. A 2012 law on cyber-security still requires additional legislation for implementation.

Molly Corso is a freelance journalist who also works as editor of Investor.ge, a monthly publication by the American Chamber of Commerce in Georgia.

EurasiaNet

Originally published by EurasiaNet.org. EurasiaNet provides information and analysis about political, economic, environmental, and social developments in the countries of Central Asia and the Caucasus as well as in Russia, the Middle East and Southwest Asia.

Copyright (c) 2003 Open Society Institute. Reprinted with the permission of the Open Society Institute, 400 West 59th Street, New York, NY 10019 USA, www.EurasiaNet.org or www.soros.org

To ensure Eurasia Review continues to operate, please click on the donate button below. We thank you in advance.

Help Eurasia Review

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>