Commercial surveillance is real

Gigabit Systems

•

20 min read

Share this post

Commercial Forensics Turned Against Civil Society

Commercial surveillance is no longer theoretical.

New research from Citizen Lab has found high-confidence indicators that a forensic extraction tool from Cellebrite was used on the phone of Kenyan activist Boniface Mwangi while it was in police custody in July 2025.

According to the report, the Samsung device was returned nearly two months later without password protection enabled — a strong signal of successful forensic access.

If accurate, this would have allowed full extraction of:

Messages
Files
Photos
Financial data
Saved credentials
Authentication tokens

Not malware.

Not phishing.

Physical custody plus forensic tooling.

This Is a Different Threat Model

Cellebrite tools are marketed for lawful investigations and digital evidence collection.

They are not spyware in the traditional sense.

They require device access.

But once access is obtained, they can:

Bypass certain lock protections
Extract encrypted app data
Pull deleted artifacts
Capture keychain credentials
Clone device contents

For activists, journalists, and dissidents, the risk is simple:

If authorities seize the phone, the perimeter is gone.

A Broader Pattern

Citizen Lab previously documented similar forensic extraction indicators involving activists in Jordan.

Separately, Amnesty International reported that Angolan journalist Teixeira Cândido’s iPhone was infected with Predator spyware developed by Intellexa.

Predator is not a forensic tool.

It is live spyware.

Once installed, it can:

Access messages
Activate microphones
Read emails
Monitor activity
Evade recording indicators

It reportedly includes anti-forensics and detection avoidance mechanisms, including regional checks to avoid operating in certain jurisdictions.

That’s a commercial surveillance ecosystem — not isolated misuse.

What This Means for Businesses

You may not be a dissident.

But the technical principles apply broadly.

Modern smartphones contain:

MFA tokens
Password manager vaults
Corporate email
Cloud session cookies
Banking credentials
CRM access
SaaS integrations

If a device is seized — at a border, during litigation, in a compliance investigation — full extraction could expose far more than text messages.

For SMBs, healthcare practices, law firms, and schools, this raises uncomfortable questions:

Are corporate devices configured with strong encryption enforcement?
Are passcodes long enough to resist brute-force bypass tools?
Is biometric unlock disabled after seizure scenarios?
Are device management policies enforcing remote wipe?
Are conditional access controls preventing token reuse?

Because once credentials are extracted, identity becomes the new perimeter.

The Surveillance Economy Is Expanding

The market for commercial surveillance tools is growing.

Vendors argue they support lawful investigations.

Researchers continue to document misuse.

And the technical sophistication is increasing.

The line between:

Forensics
Lawful access
Offensive spyware

Is narrowing in practical effect.

From a cybersecurity standpoint, this is not just a human rights story.

It is a device governance story.

The Strategic Lesson

Security leaders focus heavily on:

Network defense
Email filtering
Cloud security posture
Endpoint detection

But mobile device custody risk remains under-modeled.

If someone else controls the hardware, your encryption and identity strategy must assume extraction attempts.

Data protection cannot rely solely on:

“Who is holding the device?”

It must assume:

“Could this device be copied?”

The attack surface now includes legal systems, border crossings, and physical seizure events.

That is the modern reality of digital identity.

70% of all cyber attacks target small businesses, I can help protect yours.

#Cybersecurity #ManagedIT #DataProtection #MobileSecurity #MSP

Share this post

See some more of our most recent posts...

Cybersecurity

Technology

Smart glasses are watching your every move and they aren’t the product.

•

20 min read

The Device Watching You Is Selling Faster Than Ever

Smart glasses were supposed to feel futuristic.

Instead, they may become one of the largest privacy experiments ever quietly normalized.

According to reports, Meta’s Ray-Ban smart glasses sold over 7 million units last year alone, roughly tripling from the previous year.

At the same time, serious allegations emerged involving the handling of user footage captured by those devices.

And this is where the conversation stops being about technology.

It becomes about ethics.

The Privacy Problem Most People Never Realized Existed

Investigations alleged that contractors working for outsourcing firm Sama reviewed footage captured by Meta smart glasses users as part of AI training and moderation workflows.

According to reporting, that footage allegedly included:

private conversations
bedrooms
bathrooms
intimate moments
bank card information
highly sensitive personal environments

Moments users never realistically imagined would be viewed by another human being.

Much less categorized and labeled for machine learning systems.

That distinction matters enormously.

Because modern AI systems do not simply “learn automatically.”

Humans frequently sit behind the scenes reviewing, labeling, sorting, validating, and training the models.

And most consumers never fully understand how much human exposure may exist inside “AI-powered” ecosystems.

“Built With Privacy In Mind”

Meta publicly marketed the glasses as being “built with your privacy in mind.”

That phrase sounds reassuring.

But modern privacy language increasingly depends on something dangerous:

Consumers assuming they fully understand the data lifecycle behind the product.

Most do not.

The average user thinks:

“My data stays on my device.”
“AI handles everything automatically.”
“No one actually watches this footage.”

The operational reality inside many AI systems is far more complicated.

The Ethical Questions Become Much Darker

According to reports, when journalists exposed the story, Meta reportedly terminated its relationship with Sama.

More than 1,000 workers allegedly lost their jobs with extremely short notice.

The glasses continued selling.

Production reportedly continued scaling.

And the broader ethical conversation largely disappeared from public attention within days.

That may be the most important part of the story.

Not simply the alleged privacy exposure.

But how quickly society normalized it.

AI Is Quietly Reshaping Both Privacy And Labor

This story exposes two major realities happening simultaneously across the technology industry.

First:

Modern AI systems increasingly depend on enormous quantities of human-labeled data.

That data often includes:

voices
images
conversations
behaviors
locations
biometric information
environmental recordings

Consumers rarely understand the full chain of custody behind that information.

Second:

AI investment is increasingly restructuring the workforce itself.

Meta has publicly committed enormous resources toward:

AI infrastructure
model training
custom chips
hyperscale data centers
AI platform expansion

At the same time, large-scale layoffs continue across the technology sector.

Whether companies explicitly attribute reductions to AI or not, the economic transition is becoming increasingly difficult to ignore.

SMBs, Healthcare, Law Firms, And Schools Should Pay Attention

Many organizations still treat AI primarily as:

productivity software
automation tools
convenience features

But AI systems increasingly introduce:

privacy risks
data governance challenges
legal exposure
vendor trust concerns
compliance questions
workforce disruption issues

Especially for:

healthcare environments
law firms
schools
SMBs handling sensitive customer data

The core issue is no longer simply:
“Is AI useful?”

The real question is:
“What hidden tradeoffs are organizations accepting without realizing it?”

The Most Important Takeaway

Technology companies increasingly operate on one foundational assumption:

Users will prioritize convenience faster than they will question data ethics.

So far, that assumption appears correct.

The devices keep selling.

The ecosystems keep growing.

The data keeps flowing.

And society keeps adapting to levels of surveillance and data exposure that would have seemed deeply disturbing only a few years ago.

The uncomfortable reality is this:

The product is not always the glasses.

Sometimes the product is the behavioral data, the environmental footage, the biometric patterns, and the human interactions captured along the way.

And most people still do not fully understand how valuable that information has become.

70% of all cyber attacks target small businesses, I can help protect yours.

#CyberSecurity #ArtificialIntelligence #DataPrivacy #MSP #DataProtection

Mobile-Arena

Cybersecurity

Technology

Your Phone Carrier Knows Where You Sleep

May 28, 2026

•

20 min read

Your Phone Carrier Knows Where You Sleep

Most people think of mobile carriers as utility companies.

But modern telecom providers quietly hold some of the most sensitive personal information imaginable:

home addresses
phone numbers
email addresses
device identifiers
billing data
location history
authentication systems

Which is exactly why telecom platforms have become increasingly attractive cyberattack targets.

According to reports, Trump Mobile has confirmed a data exposure involving customer information tied to preorders and account systems.

Researchers reportedly discovered a vulnerability that allowed unauthorized access to customer data stored inside the platform’s systems.

The exposed information allegedly included:

names
phone numbers
email addresses
mailing addresses

Credit card data was reportedly not exposed.

But that does not make this harmless.

Why This Type Of Breach Matters

Many people underestimate how dangerous “basic” personal information can become when aggregated together.

A phone number linked to a physical home address creates enormous opportunity for:

phishing attacks
SIM swapping
identity theft
impersonation scams
social engineering
account recovery attacks
targeted fraud campaigns

Cybercriminals increasingly operate like intelligence analysts.

The goal is rarely just stealing one database.

The goal is building highly detailed identity profiles over time.

The Telecom Industry Has Become A Prime Target

Telecommunications providers now sit at the center of digital identity itself.

Your phone number is often tied directly to:

MFA authentication
password resets
banking alerts
email recovery
cryptocurrency accounts
cloud access
Microsoft 365
business systems

That makes telecom infrastructure extraordinarily valuable to attackers.

A compromised phone number can sometimes become the first domino in a much larger account takeover chain.

The Real Problem Is Often Not The Breach

It is the architecture behind it.

Early reporting suggests the exposure may have stemmed from weaknesses in how preorder systems stored or protected customer information.

That pattern appears constantly across modern cybersecurity incidents.

Organizations frequently secure:

payment systems
production infrastructure
authentication environments

But overlook:

marketing tools
temporary databases
third-party integrations
development environments
preorder systems
customer support platforms

Attackers look for the weakest connected system, not necessarily the primary one.

SMBs, Healthcare, Law Firms, And Schools Should Pay Attention

Many smaller organizations assume:
“We are not large enough to be targeted.”

But breaches increasingly occur because:

systems grow rapidly
platforms launch quickly
integrations expand
temporary workflows become permanent
visibility disappears across environments

This affects:

SMBs
healthcare providers
law firms
schools
nonprofits
startups

Especially organizations scaling quickly without mature cybersecurity oversight.

The New Reality Of Data Exposure

Modern businesses should assume:

breaches will happen
vendors may fail
third-party systems may become compromised
customer information will remain a major target

The companies that survive these incidents best are usually the ones that:

minimize stored data
segment systems properly
monitor exposures continuously
implement layered cybersecurity controls
plan for compromise before compromise occurs

Cybersecurity is no longer just about protecting servers.

It is about protecting identity itself.

Because in today’s digital economy, your phone number may be more valuable to attackers than your password.

70% of all cyber attacks target small businesses, I can help protect yours.

#CyberSecurity #DataProtection #MSP #TelecomSecurity #ManagedIT

Cybersecurity

Technology

The Strongest Networks Expect Failure

May 25, 2026

•

20 min read

The Strongest Networks Expect Failure

Most businesses build technology systems assuming everything will work normally tomorrow.

That assumption is becoming increasingly dangerous.

Outages, ransomware, hardware failures, cloud disruptions, accidental deletions, and human mistakes are no longer rare edge cases.

They are inevitable operational realities.

The companies that survive major disruptions are usually not the ones with “perfect” systems.

They are the ones designed to keep operating after something breaks.

The Brilliant Design Behind SONET

SONET stands for Synchronous Optical Network.

One of the smartest aspects of SONET architecture is its ring-based design.

Instead of relying on a single linear connection, SONET networks are built as loops.

If one fiber line gets cut, traffic automatically reroutes the opposite direction around the ring.

The network continues functioning because the system was engineered expecting failure from the beginning.

That philosophy is incredibly important far beyond telecommunications.

It may actually describe the future of business resilience itself.

The Black Swan Problem

The concept strongly mirrors the “Black Swan” theory popularized by Nassim Nicholas Taleb in his 2007 bestselling book The Black Swan.

A black swan event is:

rare
unexpected
massively disruptive
operationally devastating

Modern businesses face black swan risks constantly:

ransomware attacks
Microsoft 365 compromise
cloud outages
lost email
hardware failure
vendor compromise
insider mistakes
natural disasters
accidental deletions

Most organizations psychologically respond the same way:

“That would never happen to us.”

History repeatedly proves otherwise.

The Better Question Businesses Should Ask

One of the first questions I ask companies before they become clients is not:

“How secure are you?”

It’s this:

“If something catastrophic happened tomorrow, could you still operate?”

That question changes everything.

If:

your emails disappeared tonight
your server failed tomorrow morning
Microsoft 365 became inaccessible
ransomware encrypted your systems
your primary vendor went offline

What happens next?

Could your business function?

Or would operations stop completely?

Most companies discover they are far more fragile than they realized.

Cybersecurity Is No Longer Just Protection

For years, businesses viewed cybersecurity primarily as prevention:

firewalls
antivirus
spam filtering
endpoint protection

Those tools still matter enormously.

But modern resilience requires something deeper:

Operational survivability.

Because eventually, something will fail.

The organizations that recover fastest are usually the ones that already assumed failure was possible.

Building Your Own “SONET Ring”

At Gigabit Systems, we help businesses build layered resilience systems designed around continuity instead of perfection.

That includes:

secondary backups
redundant infrastructure
disaster recovery planning
layered cybersecurity protections
cloud redundancy
offline recovery systems
operational continuity planning

The goal is not predicting every possible disaster.

That is impossible.

The goal is ensuring one failure does not collapse the entire business.

Because resilience is not about avoiding black swans entirely.

It is about surviving them when they arrive.

70% of all cyber attacks target small businesses, I can help protect yours.

#CyberSecurity #MSP #BusinessContinuity #ManagedIT #DataProtection