COP, LOOK, LISTEN
ISSUE 2 | 1 DEC 23 |
|
|
|
|
Welcome back to COP, LOOK, LISTEN. We are gathering momentum on day two as the World Action Climate
Summit begins. World leaders and climate envoys are descending on Dubai to make sweeping public statements and set the tone for their country’s role in negotiations.
With thousands of high-profile people convening in one place, this conference is a goldmine for hackers and surveillance. Last year, we learned about potential security risks around the official COP27 app
launched by the Egyptian Presidency. Unfortunately, we have discovered that this year is no different.
|
|
|
|
|
Based on analysis seen by Climate Action Against Disinformation, the “COP28 UAE Official App” poses a credible security risk to anyone downloading it. According
to a detailed review of the source code, its features “present a collective pattern that could be deemed suspicious for an app designed for a conference setting”.
|
|
|
|
|
What are these features? The most concerning capabilities include:
Extensive profiling of your device and any networks it may access.
Manipulation of device settings and data.
Unauthorised download of files onto your device.
Accessing external storage without notification.
|
|
|
To make matters worse, the app is also loaded with ‘anti-debugging’ and other evasive techniques, making it extremely difficult to look under the hood. The analysis says that this “[raises]
questions about the intent behind such robust security measures”.
Without further investigation, we cannot say conclusively how the app will be used by its creators or bad actors writ large. However, considering all that we know, we strongly advise not to download the app. If you already have the app on a device, do not panic. Delete it, and stay alert for suspicious activity, such as login requests to your private accounts.
|
|
|
|
|
Action 1
There are more than 5,000 downloads on Google Play at the time of writing. Word of mouth is the best approach here. Talk to colleagues and others you meet about the security risks. If you think a device has been hacked, AccessNow runs a free, 24/7 Digital Security Helpline in multiple languages.
|
|
|
|
|
|
|
‘I’ll take greenwashing for $5 million’. Analysis ahead of COP28 shows that 13 fossil fuel companies have spent between $4.13 and $5.21 million on Facebook advertising since January 2023. Due to transparency issues with Meta’s ad library, this is likely a serious underestimate. 98% of spend came from just four corporations: Shell,
ExxonMobil, BP and TotalEnergies. Content often emphasises companies’ ‘green credentials’, even though only 3% of the industry’s capital budgets were invested in clean energy in 2022.
|
|
|
|
|
Just 1% of global investment in clean energy came from oil and gas companies in 2022. The International Energy Agency's analysis also shows that represented just 3% of the industry's total capital budgets
in 2022.
|
|
|
|
|
Russia is playing both sides on decarbonisation. On Facebook, Russian state media accounts are using climate and energy to control the narrative on other issues, including the country’s full-scale invasion of Ukraine. Their English, French, Spanish and German accounts adopt a flexible position on everything from wind turbines to climate change itself. For example, oil and gas investments in Africa are condemned as neo-colonial or extractive when
linked to Western countries, but hailed as championing economic development when related to Russia. The probable aim? Sow confusion, increase geopolitical divides, and keep money flowing in for Russian oil and gas. Read more in Deny, Deceive, Delay Vol. 3.
|
|
|
|
|
|
|
A Spanish-language post by Russian state media praises “impressive” Chinese wind turbines. The same account reports on a wind turbine in Germany “knocked down by a gust of
wind”
|
|
|
|
|
Buckle up, there’s a lot of information out there. The beginning of COP usually sees a spike in climate coverage worldwide. With it comes a torrent of misinformation, conspiracy
theories and junk science. To help sift through the noise, here are some handy CAAD resources:
|
|
|
|
|
|
|
In yesterday’s edition, one image caption stated that an article titled “When the young are brainwashed by the climate hoax” was monetised on The Washington Post. This was an error - the text should have read “The Washington
Times”, a conservative US media company that regularly publishes climate conspiracies, greenwashing and disinformation, including from Russian officials. The screenshot correctly displayed The Washington Times article and associated URL. As this text featured in a section about websites publishing climate misinformation, we want to clarify that The Washington Post did not feature in our analysis at all. You can read the full case study and methodology in our Deny, Deceive, Delay Vol.3 report.
|
|
|
Stay safe out there,
The Climate Action Against Disinformation team
If you have any investigative leads CAAD should explore, or want to find out more about our research and intel during the summit, please email contact@caad.info. We also have team members on the ground in the UAE who are available for interviews and side-events as useful.
|
|
|
|
|
|
|
Click here to unsubscribe | Sent to: pnewell@climatenexus.org | Web version
CAAD, www.caad.info, United Kingdom
|
|
|
