Pegasus spyware on State Department phone

Software aiming at activists, journalists, and CEOs was also found on US government phones, according to reports. Apple has filed a lawsuit against its Israeli maker, NSO Group. It’s a serious case of cyber espionage. On 37 phones belonging to activists, rights campaigners, journalists, and enterprises, security experts identified evidence of attempted or successful installations of Pegasus. Its a malware manufactured by the Israeli cybersecurity firm NSO Group. They appear to have been the subject of covert surveillance by software designed to help governments track down criminals and terrorists.

According to Reuters, the US government made one of the most significant complaints to Pegasus, and one reason for the indignation could have surfaced on Friday: the spyware was located on the phones of at least nine State Department workers who had been warned about the invasion by Apple. The officials were either stationed in Uganda or involved in Uganda-related matters, according to the post, which cited unidentified sources, but it is unclear who hacked the phones. The accusation was confirmed by the New York Times, which stated that at least 11 employees were affected.

Pegasus has been a politically divisive topic, with activists and countries concerned that it could be used to exert pressure on Israel. The US federal government took even greater action in November, prohibiting the sale of US technology to NSO by placing the business on the government’s Entity List. NSO has stopped Pegasus privileges for some nations but has tried to defend its program and the limits it attempts to impose on its usage.

NSO Group:

Apple sued NSO Group in November, requesting that the company’s software be barred from being used on Apple devices, that NSO identifies and destroy any private data obtained by its program, and that the revenues from the activities are disclosed. “Private firms generating state-sponsored spyware have become much more hazardous,” warned Craig Federighi, Apple’s software head.

An activist organization generated a list of over 50,000 phone numbers for legislators, judges, attorneys, teachers, and others. Ten prime ministers, three presidents, and a monarch are also on the list, according to an international investigation released in mid-July by The Washington Post and other media outlets; however, being on the list does not mean an attack was planned or successful.

The most recent example of how vulnerable we are to digital eavesdropping is Pegasus. Images, text messages, and emails are among the most personal data stored on our phones. By bypassing the encryption that protects data sent over the internet, spyware may immediately reveal what is going on in our lives.

Despite NSO’s assertion that the list is tied to the real Pegasus phones, the 50,000 phone numbers are linked to phones all over the world. Among those on the list were the devices of dozens of people close to Mexican President Andrés Manuel López Obrador, as well as journalists from CNN, the Associated Press, The New York Times, and The Wall Street Journal. Several phones on the list were infected or misused, including one belonging to Claude Mangin, the French widow of a Moroccan political prisoner. Following the first discovery, further cases of Pegasus infection have emerged.

What is NSO Group?

It is a firm that sells surveillance software to government agencies. According to the business, its Pegasus software provides an essential service since encryption technology has enabled criminals and terrorists to operate in the “dark.” The program operates in the background on cellphones, revealing what their owners are up to. Similar software is available from other firms.

Shalev Hulio, the company’s CEO, co-founded it in 2010. NSO also provides tools for locating where a phone is being used, defending against drones, and mining law enforcement data for trends.

Previous claims and lawsuits have accused NSO of other attacks, including a suspected compromise of Amazon CEO Jeff Bezos in 2018. In 2018, a Saudi dissident sued the company for allegedly hacking the phone of journalist Jamal Khashoggi, who was slain inside the Saudi consulate in Turkey that year.

What is Pegasus?

Pegasus is NSO’s most well-known product. It may be deployed remotely, according to The Washington Post, without requiring a surveillance target to read a document or click on a website link. NSO clients can examine text messages, photos, emails, videos, and contact lists, and Pegasus can record phone calls. It may also secretly activate a phone’s microphone and cameras to generate new recordings, according to The Washington Post.

When skilled, well-funded attackers focus their attention on a particular individual. General security tactics such as software upgrades and two-factor authentication can help keep mainstream hackers at bay, but protection becomes incredibly tough.

Pegasus isn’t meant for tracking down activists, journalists, or politicians. “NSO Group licenses its products only to government intelligence and law enforcement organizations for the express objective of preventing and investigating terror and extreme crime,” according to the company’s website. ” To ensure that our technology is utilized properly and as intended, our verification approach goes above and beyond legal and regulatory requirements.”

Amnesty International, on the other hand, explains in detail how it linked hacked devices to NSO Group. After studying phone backup data, Citizen Lab, a Canadian security firm based at the University of Toronto, claimed it independently corroborated Amnesty International’s findings.

Apple, on the other hand, patched a security flaw that Pegasus used to install on iPhones in September. Malware frequently uses a series of such flaws to get a foothold on a device and subsequently grow privileges to become more powerful. NSO Group’s software is also compatible with Android phones.

What is the significance of Pegasus in the news?

A list of over 50,000 phone numbers for people deemed to be of interest to NSO customers was shared with 17 news organizations by Forbidden Stories, a Paris-based media NGO, and Amnesty International, a human rights organization.

The identities and phone numbers of several of the persons on the list were validated by news outlets. The Washington Post said that 37 of the 67 phones on the list had Pegasus installation or attempted installation symptoms. Apple iPhones accounted for 34 of the 37 phones.

Among the 50,000 phone numbers on the list are those of French President Emmanuel Macron, Iraqi President Barham Salih, and South African President Cyril Ramaphosa. There are seven former prime ministers on the list, as well as three current ones: Imran Khan of Pakistan, Mostafa Madbouly of Egypt, and Saad-Eddine El Othmani of Morocco. King Mohammed VI of Morocco is also on the list.

Apple’s reputation in terms of device security has suffered as a result of the event. “We take any assault on our users extremely seriously,” Federighi said. The company has indicated that it will donate $10 million. Any losses incurred as a consequence of the lawsuit, to organizations that promote privacy and perform research on internet eavesdropping. For Apple, which made a $20.5 billion profit in the most recent quarter, that’s a drop in the bucket, but it might be significant for much smaller companies like Citizen Lab.

Whose phones were affected by Pegasus?

According to the Guardian, two journalists from the Hungarian investigative newspaper Direkt36, in addition to Mangin, had infected phones.

According to the Washington Post, a Pegasus attack was started on the phone of Hanan Elatr, the wife of slain Saudi writer Jamal Khashoggi, although it was unclear whether the attack was effective. However, the virus was detected on the phone of Khashoggi’s girlfriend, Hatice Cengiz, shortly after his murder.

According to The Washington Post, seven people in India were found to have infected phones, including five journalists and one staffer to an opposition party opposed to Prime Minister Narendra Modi.

Furthermore, Citizen Lab reported in November that six Palestinian human rights workers had Pegasus-infected phones in their hands.

What are the ramifications of the Pegasus situation?                    

The US has blocked NSO Group from obtaining things made in the US. It is a significant move considering that the company requires computer processors, phones, and development tools. All of which are typically made in the US. NSO is charged with “supplying malware to other countries,” who then utilized it to target government officials, journalists, businessmen, activists, academics, and diplomats. According to the Commerce Department, “these capabilities have also enabled foreign governments to carry out worldwide repression.”

According to Politico, Macron changed one of his phone numbers and ordered extra security checks. To address the situation, he called a national security meeting. According to The Guardian, Macron also addressed Pegasus concerns with Israeli Prime Minister Naftali Bennett, urging the government to probe NSO and Pegasus. Pegasus’ export licenses must be approved by the Israeli government.

Israel established a review panel to investigate the Pegasus scenario. On July 28, Israeli defense officers personally examined NSO headquarters.

If the claims are true, the use of Pegasus is “absolutely intolerable,” according to European Commission President Ursula von der Leyen. “Media freedom, free press, is one of the key pillars of the EU,” she continued.

In India, the Nationalist Congress Party urged a probe into Pegasus usage.

In an interview with The Guardian, Edward Snowden, who disclosed details regarding US National Security Agency spying activities in 2013, urged for a ban on spyware sales. He contended that such instruments will soon be used to eavesdrop on millions of individuals. “When it comes to devices like the iPhone, they all run the same software all over the world. So if they figure out how to hack one iPhone, they’ve figured out how to hack all of them”, according to Snowden.

What does NSO think about this?

NSO is aware that its software can be used for malicious purposes. According to the Washington Post, two clients were dropped in the previous year owing to human rights concerns. In a June transparency report, NSO stated, “As a result of our human rights screening techniques, NSO has rejected over $300 million in sales prospects that went too far.”

On the other side, the National Security Organization is fiercely opposed to any link to the phone number list. The corporation said in a statement that “there is no relationship between the 50,000 numbers and NSO Group or Pegasus.”

“Any claim of system misuse concerns me,” Hulio told the Post. “It’s a breach of our client’s faith in us.” Every accusation is being investigated.

NSO disputed the allegations in a statement “It said that Pegasus made “false accusations” that were “based on a flawed interpretation of stolen material”. “Pegasus” cannot be used for cyber-surveillance in the United States “Furthermore, the business stated.

NSO Group did not immediately reply to a request for comment on the suspected infection of State Department phones. However, it informed Reuters that it has deleted related accounts, is investigating, and would take legal action if misuse is discovered.

NSO will attempt to overturn the US government’s censure. An NSO official added, “We are pleased to offer all of the facts about how we have the world’s most strict compliance and human rights programs”. “These programs are founded on American ideas that we strongly support. They have already resulted in the termination of some connections with government organizations that have taken advantage of our goods.”

According to the Washington Post, the National Security Organization already barred Saudi Arabia, Dubai in the United Arab Emirates, and several Mexican government institutions from using the program.

What should I do if my phone appears to be infected?

MVT (Mobile Verification Toolkit) was created by Amnesty International as an open-source program to identify Pegasus traces. The app examines data, including backup files produced from an iPhone or Android phone, on a personal computer.

Leave a comment

Your email address will not be published. Required fields are marked *