Activists and researchers found that the software was used to attack the phones of activists, journalists and businessmen. The governments of different countries expressed their dissatisfaction.
The Pegasus incident is a wacky case of digital espionage. Security researchers have found evidence of attempts or successful installation of Pegasus software, created by an Israeli cybersecurity company, on 37 phones of activists, journalists and businessmen. It appears that activists and others have become the targets of covert surveillance by software designed to pursue criminals and terrorists.
Suddenly, a politically explosive problem arose. Israel has come under tremendous pressure from both activists and governments concerned about the misuse of NSO Group software. France and the United States have raised concerns, and the National Statistical Office has suspended Pegasus privileges in some countries.
According to activist organizations, more than 50,000 phone numbers of politicians, judges, lawyers, teachers and others could have been hacked with the help of the program. Among the numbers are also the data of 10 prime ministers, three presidents and the king. However, there is no evidence from the activists that all the people on the list were actually attacked.
The Pegasus story illustrates how vulnerable we are to digital surveillance. Our most personally identifiable information - photos, text messages, and emails - is stored on our phones. Spyware can easily find out about everything that happens in our life. In this case, the program will not have problems with encryption, which protects data sent over the Internet.
The published list contains 50,000 phone numbers from all over the world. However, NSO denies the link between the list and the real phones that Pegasus is targeting. The list includes the devices of dozens of people close to Mexican President Andrés Manuel López Obrador, as well as the devices of reporters from CNN, The Associated Press, The New York Times and the Wall Street Journal. However, the phones of several people on the list were infected or attacked. The attack included the phone of Claude Mangin, the French wife of a political activist imprisoned in Morocco.
In this article I will try to understand the incident and give the necessary information about the Pegasus.
What is NSO Group?
This is a company that licenses video surveillance software to government agencies. The company says its Pegasus software provides valuable services as encryption technology keeps criminals and terrorists in the dark. The software runs secretly on smartphones, shedding light on what their owners are doing. Other companies provide similar software.
CEO Shalev Julio co-founded the company in 2010. NSO also offers other tools that can help determine where the phone is being used, help defend against drones, and uncover patterns in mine action data.
Previous reports and lawsuits have highlighted NSO's involvement in other hacks, including the 2018 hack of Amazon founder Jeff Bezos. In 2018, a Saudi dissident sued NSO, accusing the company of hacking into a device belonging to journalist Jamal Khashoggi, who was killed at the Saudi Arabian embassy in Turkey that same year.
What is Pegasus?
Pegasus is NSO's most famous product. According to The Washington Post, it can be installed remotely.
The target does not need to open any document or link to a website. Pegasus discloses all the information it needs to NSO clients - text messages, photos, emails, videos, contact lists - and can record phone calls. Pegasus may also secretly turn on the microphone and cameras of the phone to create new recordings, according to the Washington Post.
Common security techniques such as software updates and two-factor authentication will work for common hackers. However, if experienced, well-funded attackers concentrate their resources on an individual, defending can be extremely difficult.
Pegasus is not intended to target activists, journalists or politicians. “NSO Group licenses its products only to government intelligence agencies and law enforcement agencies for the sole purpose of preventing and investigating terrorist attacks and serious crimes,” the company's website says. "Our review process goes beyond legal and regulatory requirements to ensure that our technology is lawfully used as designed."
However, the human rights group Amnesty International was able to trace the compromised smartphones back to the NSO Group. Citizen Lab, a Canadian security agency at the University of Toronto, independently confirmed Amnesty International's findings after examining phone backup data.
Why did Pegasus make the news?
Forbidden Stories, a Paris-based journalistic nonprofit and human rights group Amnesty International, shared with 17 news organizations a list of more than 50,000 phone numbers of people believed to be of interest to NSO clients.
News sites have verified the identities of many of the individuals on the list and confirmed the presence of infections on their phones. Of the 67 phones on the list, 37 showed signs of installing or attempting to install Pegasus, according to The Washington Post . 34 of these 37 phones were Apple iPhones.
The list of 50,000 phone numbers includes French President Emmanuel Macron, Iraqi President Barham Salih and South African President Cyril Ramaphosa. It is also attended by seven former prime ministers and three current prime ministers, Pakistani Imran Khan, Egyptian Mostafa Madbuli and Moroccan Saad-Eddin el-Osmani. King of MRC is also on the list.
Whose phones did Pegasus infected?
In addition to the aforementioned Manzhin, the phones of two journalists from the Hungarian investigative agency Direkt36 were infected, The Guardian reports.
A Pegasus attack targeted the phone of Hanan Elatr, the wife of the murdered Saudi columnist Jamal Khashoggi.
However, according to The Washington Post, there is no confirmation that the attack was successful. However, spyware was found on the phone of Khashoggi's fiancée, Hatiji Cengiz, shortly after his death.
Seven people with infected phones were found in India, including five journalists and one adviser to an opposition party criticizing Prime Minister Narendra Modi, according to The Washington Post.
What does NSO say about this?
NSO recognizes its software can be misused. According to The Washington Post, over the past 12 months, NSO has disconnected two clients due to concerns about human rights violations. “To date, NSO has rejected sales opportunities in excess of US $ 300 million as a result of a human rights review,” the company said in its June transparency report.
However, the NSO vehemently disputes any link to the list of phone numbers. "There is no connection between the 50,000 numbers with NSO Group or Pegasus," the company said in a statement.
“All allegations of misuse of the system concern me personally,” CEO Shalev Julio told the Post. “The accusations undermine the trust we place in our clients. We are investigating all charges. "
The NSO has banned several governments from using the Pegasus during the investigation, NPR reported. In the past, the NSO has also banned the use of software in Saudi Arabia, Dubai, the United Arab Emirates and some Mexican government agencies, according to The Washington Post.
In a statement, the NSO denied "false claims" about Pegasus, which the company said were "based on misinterpretation of leaked data." The company added that the Pegasus "cannot be used for cyber surveillance in the United States."
NSO did not immediately comment on information about the ban on some countries from using Pegasus, as well as about the company's actions aimed at ensuring that the software is used for its intended purpose.
What are the implications of the Pegasus situation?
President Joe Biden's top Middle East adviser met with an Israeli Defense Ministry official to raise concerns, The Washington Post and Axios reported.
President Macron changed one of his cell phone numbers and requested new security checks, Politico reported.
Macron called a meeting on national security issues to discuss the issue. Macron also expressed Pegasus concerns to Israeli Prime Minister Naftali Bennett, urging the country to investigate NSO and Pegasus, The Guardian reported. Export licenses for Pegasus must be approved by the Israeli government.
Israel has set up a commission to review the Pegasus situation. And on July 28, Israel's defense forces personally inspected the offices of the NSO.
The head of the European Commission, Ursula von der Leyen, said that if the accusations were confirmed, the use of the Pegasus “is completely unacceptable. Freedom of the media, free press are one of the main values of the EU ”.
The Nationalist Congress Party of India has demanded an investigation into the use of the Pegasus.
Edward Snowden, who in 2013 revealed information about the surveillance methods of the US National Security Agency, in an interview with The Guardian called for a ban on the sale of spyware.
Otherwise, such tools will soon be used to spy on millions of people, Snowden says. “For example, all iPhones use the same software around the world. So if there is a way to jailbreak one iPhone, it’s immediately possible to jailbreak all the others, ”said Snowden.
How do I know if my phone is infected?
Amnesty International has released an open source utility called MVT (Mobile Verification Toolkit) to detect Pegasus footprints. The software runs on a personal computer and analyzes data, including backup files exported from an iPhone or Android phone.