facebook linkedin twitter

Pegasus Spyware Used to Target Activists, Journalists, Report Finds

July 26, 2021 by Reece Nations
This Feb 23, 2019, file photo shows the inside of a computer. The Biden administration will offer rewards up to $10 million for information leading to the identification of foreign state-sanctioned malicious cyber activity against critical U.S. infrastructure, including ransomware attacks. The administration is launching the website stopransomware.gov to offer the public resources for countering the threat. (AP Photo/Jenny Kane, File)

An investigation by the Paris-based journalism nonprofit Forbidden Stories and the human rights group Amnesty International revealed thousands of people were targeted by spyware developed by the Israel-based NSO Group Technologies.

Hundreds of human rights activists, government officials, business executives and journalists worldwide had their cellphones compromised by the “Pegasus” spyware, remotely granting hackers access to targeted individuals’ text messages, emails, microphone, camera, contacts and call logs. NSO Group has circulated a written statement to media outlets refuting much of the report’s findings.

“NSO Group firmly denies false claims made in [Forbidden Stories’] report, many of which are uncorroborated theories that raise serious doubts about the reliability of [the report’s] sources, as well as the basis of [Forbidden Stories’ report],” the firm said in a written statement. 

“NSO Group has good reason to believe that claims that [Forbidden Stories has] been provided with are based on misleading interpretation of leaked data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers’ targets of Pegasus or any other NSO products.”

Forbidden Stories undertook its investigative report with assistance from international media publications The Guardian, Le Monde, Süddeutsche Zeitung and The Washington Post, according to Amnesty International. Because of “contractual and national security considerations,” NSO Group could not name its government customers or former customers.

NSO Group regularly sells the spyware to governments around the world, although the technology is classified as a weapon by Israel and the firm must get government permission to export it, according to The Washington Post. Once sold to vetted government customers, NSO Group claims it does not operate the systems or have access to the data of the customers’ targets.

“The Pegasus Project lays bare how NSO’s spyware is a weapon of choice for repressive governments seeking to silence journalists, attack activists and crush dissent, placing countless lives in peril,” Agnès Callamard, secretary general of Amnesty International, said in a written statement. “These revelations blow apart any claims by NSO that such attacks are rare and down to rogue use of their technology. While the company claims its spyware is only used for legitimate criminal and terror investigations, it’s clear its technology facilitates systemic abuse. They paint a picture of legitimacy, while profiting from widespread human rights violations.”

Pegasus spyware can remotely infiltrate and infect targeted iPhone and Android devices through messaging applications with so-called “zero-click” exploits, meaning targeted individuals can have their data compromised with no interaction necessary. In its investigation, Forbidden Stories alongside its media partners identified potential NSO clients in 11 countries: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Togo, and the United Arab Emirates.

Many of the targeted victims identified in the report are well-known public figures, including Hatice Cengiz, the fiancée of murdered Saudi Arabian journalist Jamal Khashoggi. Pegasus spyware had previously been implicated in the electronic surveillance of friends and associates of Khashoggi, TWN previously reported.

From 2016 to June 2021, at least 180 journalists in 20 countries were identified as potential targets of NSO spyware, according to the report. Further, at least 40 journalists from almost all major media outlets in India were tapped as potential targets between 2017 and 2021. 

“The alleged amount of ‘leaked data of more than 50,000 phone numbers’ cannot be a list of numbers targeted by governments using Pegasus, based on this exaggerated number,” NSO Group’s written statement continued. “The fact that a number appears on that list is in no way indicative of whether that number was selected for surveillance using Pegasus. NSO is not related to the list [of numbers], it is not an NSO list, and it never was. It is not a list of targets or potential targets of NSO’s customers. Forbidden Stories never shared the leaked list with NSO Group to allow it to verify or comment on the list.”

Targeted individuals included 189 journalists, over 600 government officials and politicians, at least 65 business executives, 85 human rights activists and multiple heads of state — including French President Emmanuel Macron — according to The Washington Post. The phone of Mexican journalist Cecilio Pineda was targeted weeks before his murder in 2017. 

A Dec. 2020 report published by Citizen Lab tied the hacking of 36 journalists, producers, anchors and executives at Al-Jazeera to Pegasus spyware likely employed by Saudi Arabia and the United Arab Emirates, TWN previously reported. The Forbidden Stories report identified targeted journalists who work for the Associated Press, CNN, The New York Times and Reuters, as victims of the spyware. 

“Clearly, their actions pose larger questions about the wholesale lack of regulation that has created a wild west of rampant abusive targeting of activists and journalists,” Callamard continued in her written statement. “Until this company and the industry as a whole can show it is capable of respecting human rights, there must be an immediate moratorium on the export, sale, transfer and use of surveillance technology.” 

Cybercrime

October 22, 2021
by Reece Nations
Commerce Department Tightens Export Controls on Cybersecurity Items

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls... Read More

WASHINGTON — The Department of Commerce’s Bureau of Industry and Security announced on Wednesday it would institute new export controls over cybersecurity items such as cyber intrusion software that can be used maliciously. The department’s new policy also creates a new license exception for authorized cybersecurity... Read More

October 5, 2021
by Victoria Turner
Cybersecurity Minimum Standards Needed to Keep North America Secure

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based... Read More

North American governments should come together to create a trilateral strategy to assess and address threats in a holistic risk-based approach to cybersecurity that includes a minimum set of standards, said three experts yesterday. As much as the pandemic has accelerated the rate in which governments... Read More

September 29, 2021
by Victoria Turner
Aspen Cyber Summit Explores Collective Defense in a Digital World

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,”... Read More

WASHINGTON -- The Cybersecurity Infrastructure and Security Agency has met President Biden’s cybersecurity executive order’s “highly aggressive deadlines so far,” but there is “still a lot of work to do,” said CISA Director Jen Easterly Wednesday.  Kicking off the 6th annual Aspen Cyber Summit, Exploring Collective... Read More

September 22, 2021
by Victoria Turner
Identity Authentication Key Piece of Cybersecurity Puzzle

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S.... Read More

WASHINGTON -- Identity authentication is taking a front-and-center role in the administration's approach to ensuring robust cybersecurity across the U.S. government, according to Carole House, director of cybersecurity and secure digital Innovation at the White House National Security Council.  It “sits at the heart of zero... Read More

September 1, 2021
by Tom Ramstack
Executives Advocate for Legislation to Unite Government and Private Cybersecurity

WASHINGTON -- A cybersecurity expert told a congressional panel Wednesday that private industry alone cannot be expected to effectively confront... Read More

WASHINGTON -- A cybersecurity expert told a congressional panel Wednesday that private industry alone cannot be expected to effectively confront the kinds of cyberattacks that have wreaked havoc on U.S. computer networks in recent years. He testified to a House Homeland Security subcommittee as it considers... Read More

August 27, 2021
by Reece Nations
FBI Warns of New Hive Ransomware Threat

WASHINGTON — The Federal Bureau of Investigation distributed a Flash report on Friday warning of indicators of compromise from the... Read More

WASHINGTON — The Federal Bureau of Investigation distributed a Flash report on Friday warning of indicators of compromise from the Hive ransomware known to have infiltrated business networks. The ransomware utilizes multiple mechanisms as attachments to gain access and “Remote Desktop Protocol” to operate once embedded,... Read More

News From The Well
scroll top