Theater of Cruelty

Disc boom in the Sandberg case 

Per Sandberg did not need to go to Iran to be monitored. New monitoring techniques make it possible to locate mobile users – regardless of where they are. We take a closer look at these developments.


After Per Sandberg returned from his infamous holiday trip to Iran, surveillance of smartphones in public service has been updated in Norwegian media. The question many people ask is whether Sandberg could have avoided surveillance if he had not brought the work phone to Iran. 

But what is the potential for national and international security services, hackers and webspeakers with today's new surveillance techniques? And what surveillance traps should politicians and other public opinion makers guard against?  

Silent SMS 

Already in 2012, Sandberg's mobile phone was located and eavesdropped by Dagens Næringsliv using a location method for mobile phones called a "silent SMS" [silent text message].

In Germany this wiretapping method is very widespread. The mobile phone is first located over the telecommunications network, and then the hacker sends a silent SMS to the mobile phone to be tracked. When the phone receives  The SMS, it triggers a feedback from the phone to the telecommunications cell. This is how the mobile operator registers where the telephone is located and can then disseminate this information. The mobile user himself cannot see or hear the silent text message.

Historically, German and Iranian intelligence have worked closely.

If a silent SMS is sent for short intervals in succession, the hacker can create a motion profile of the mobile owner's movements and thus locate the owner of the phone. 

However, with applications like SnoopSnitch, Android smartphones can recognize a silent SMS. However, if the mobile phone is switched off or in flight mode, this tracking method will no longer work.

During the first half of 2018, Germany's federal and state security services sent 103 silent SMSs. The federal criminal police sent 000, while the federal police sent 31 such SMSs. However, the figures from the Customs Service and the German intelligence service BND are secret, the German website stated on August 000. 

New German law on surveillance

Therefore, when it comes to mobile monitoring, it pays to take a closer look at the North Sea: German security services and the country's investigators have long had legal access to telephone calls and SMS messages from smartphones, reports the German news channel ARD. 

Despite strong protests from the opposition, the German coalition government (CDU, SPD) legislated monitoring of Messenger services such as WhatsApp, as well as various other chat services over a year ago. 

The purpose of the new law is that investigators can intercept and read text messages - even before communication in WhatsApp services is encrypted. Instead of breaking the code, the encryption itself is avoided. Experts call this method of telecommunication monitoring – Quellen-TKÜ. 

"Currently, there are several espionage cases pending against Iran in German courts, which do not necessarily appear in the media as in my case."

On the basis of a legal verdict, investigators are now allowed to download spyware on their mobile phone to a potential suspect. They thus access messages, phone lists and other files stored on the phone. The same goes for computers, laptops and tablets. 

In order for this type of software to follow ongoing communications via WhatsApp, investigators must deliberately take advantage of the smartphone's security holes and disable the mobile's protective mechanisms. 

As a result of this new legislation, a number of IT experts and advocates for privacy protection fear that the state and government will suddenly become "mega hackers".

The law also provides the opportunity to expand the tracking of computers that are online. Previously, this was only allowed to a limited extent – primarily in the fight against terror.  

The authorities now have access not only to chat messages, but to the entire mobile device. Theoretically, they can turn on the cellphone's microphone and camera and listen, film and explore all stored data. 

The government claims that surveillance should be used in the investigation of killings, the spread of child pornography, drug crimes and other serious crime. 

The parties Die Linke and the Greens are temporarily critical of the law, claiming that surveillance is a massive encroachment on fundamental civil rights. Once this spyware software is first installed, it is virtually impossible to control the scope of the surveillance, they warn. 


According to the German website, the German Federal Police also installs spyware and state trojans on smartphones to monitor other Messenger services such as Telegram and Signal. Authorities can install such "snoke software" in two ways: Either they access people's cell phones using regular traffic control (police can physically grab suspects' cell phones through such checks), or they can hide Trojans by exploiting smartphones security holes. Such security holes are almost unknown to the public without exception. This  However, the method entails a risk: By maintaining security holes on behalf of the government and large companies, cybercrime and hacking attacks are being promoted. As a result, general security becomes more vulnerable. 

The trade in so-called zero-day exploits – hitherto unknown security holes – on Darknet, is good business for those who offer such services. The buyers of such exploits are not only cybercriminals and terrorists, but also include state intelligence. 

In Sandberg's case one may have shot sparrow with cannons. 

Edward Snowden revealed that US security agency NSA buys security holes for double-digit million dollars (probably in dollars) each year, according to an article published on in February.  

German IT expert Norbert Pohlman points out in the article the danger that the systematic use of security holes to install federal Trojans helps promote a bidding competition by exploits. He fears that the price of security holes will skyrocket and that this business will attract even more hackers in the future.

An example of how risky such practices are has recently emerged in the UK. Utpressings-
The WannaCry Trojan broke down the computers at a number of hospitals as well as hundreds of thousands of other data devices globally. This happened because of a security hole originally used by the intelligence service NSA, which was later made public because of a data leak. 

Per Sandberg. NTB scanpix

But forensic investigators can also effectively monitor Messenger services – completely without spying software, according to  South German newspaper. Investigators can simply connect another mobile phone device to the suspect's WhatsApp account, in addition to the already existing one. This option exists if the application does not encrypt the chat messages 100 percent. Using this method, the federal criminal police monitored chat messages from the German right-wing group Oldschool Society for months.

The 2018 WhatsApp service shares user data in Germany with its parent company Facebook does not make the monitoring situation any better: Phone numbers and other user information on the device are now shared with the company. 

When Facebook acquired WhatsApp in 2014, they stated that it was not possible to cross-check the data of each other's companies. This does not prove to be the case. Data transmitted via WhatsApp to millions of EU citizens is now linked to information that Facebook has already collected from its web portal. 

German intelligence

According to the German newspaper Süddeutsche Zeitung, the German intelligence service can intercept smartphones, e-mails, social media and the like, and track people regardless of where they are on the planet.

German secret services use the computer program PBDB – an automated and personalized database – which provides the user manual for tracking and monitoring globally of any person. The program stores so-called selectors, which digitally lead to a specific wanted person. These are technical data or number-related patterns, such as telephone numbers or a combination of numbers and email addresses. Together, the data forms a digital fingerprint. According to the German newspaper Die Zeit, the German intelligence service collects 220 million metadata monthly from foreign telephone calls (mobile, telephone and satellite). One percent of this amount is permanently archived and stored. In addition, the service collects data from social networks, emails, messenger services and the like to an unknown extent. The telephone data storage unit alone records approximately 11 billion calls per year. 

Intelligence organizations in many countries are likely to have similar monitoring technology.

Iranian intelligence

In March this year, a Pakistani man was sentenced to four years and three months' imprisonment at the Berlin District Court, the third and final court in the German state. On behalf of Tehran, he had spied on the SPD politician Reinhold Robbe for at least one year. The verdict is not yet enforceable; the defender has appealed. Robbe is the former president of the German-Israeli company DIG. The spy had, among other things, photographed Robbe when he visited the company's headquarters, and knew exactly which bus stops and subways the politician had used. 

In an interview with Die Welt newspaper in April last year, Robbe stated that Iran is engaged in extensive espionage activities in Germany. 

"Currently, there are several espionage cases against Iran in German courts that do not necessarily appear in the media as in my case," Robbe said.

Reinhold Robbe. Photo: Wikimedia Commons / Torsten Bätge

Asked about what Iranian intelligence is doing in Germany, in an interview with the German news channel NTV in January, espionage expert Erich Schmidt-Eenboom stated that an important task for Iranian intelligence is to monitor Iranian opposition in Germany. In particular, they are watching so-called People-Mujahedin groups, which have their main hub in Paris, but who are also active in the state of North Rhine-Westphalia and Cologne.

He also claimed that Iranian intelligence is interested in influencing the German government's Middle East policy. In connection with the US-Iran nuclear agreement, they will find out who is still supporting it and who is against it, he said. 

At the same time, Israel is threatening military attacks on Iran's nuclear facilities, while Iran's secret services are preparing potential retaliatory actions against Israeli and Jewish institutions and individuals. Eenboom also pointed out that Israeli representatives, institutions and embassies must count on attacks from Iranian secret services. However, he excludes attacks on German nationals and politicians from Iran. For agent and intelligence operations, Iranian intelligence typically employs young Iranian men with academic backgrounds and military rank who have worked in the Quds Brigade (Iranian Special Unit). They are placed in universities or in so-called tire companies. Especially when it comes to cooperative actions through so-called hit-and-run teams (guerrilla tactics where a target is attacked and the scene is then abandoned as quickly as possible) and in intelligence operations, people of relevant military background are used.

Intelligence cooperation between Germany and Iran

Historically, German and Iranian intelligence have worked closely. German BND had an excellent relationship with the Shah's secret services in the seventies, according to Eenboom. After the Iranian clergy took over power in 1979, the BND was the first intelligence service to establish contacts with Iranian colleagues – just three months after the change of power. 

Under Helmut Kohl's intelligence coordinator Bernd Schmidbauer, Iran's intelligence was one of the most important partners in German secret services in the Middle East. In some cases, it also appeared that the German secret services provided Iranian intelligence with technical photo equipment, telecommunications technology and more.

Edvard Snowden revealed that the US NSA buys security holes for double-digit million amounts each year.

Theoretically, therefore, it cannot be ruled out that a number of Norwegian politicians, with the help of German intelligence equipment, are being monitored by Iranian intelligence. This applies to Norwegian soil, in Europe, in Iran and in the rest of the world.

Per Sandberg therefore did not need to travel to Iran to be monitored. The interception has become limitless and global. In Sandberg's case one may have shot sparrow with cannons. 

The civil rights organization Gesellschaft für Freiheitsrechte and the Digitalcourage organization are now complaining about the law permitting state trojans and spyware that monitors smartphones and other electronic equipment, at the German Constitutional Court in Karlsruhe. 

On the Digitalcourage website, you can contribute your signature to stop the state's digital intrusion into citizens' private data. It also states: "The state does not fulfill its duty to protect its citizens digitally if it simultaneously maintains security holes instead of sealing them." 

Maybe something to think about for Norwegian politicians and authorities. 

Hans-Georg Kohler
Hans-Georg Kohler
Kohler is a regular reviewer for Ny Tid. Artist.

You may also like