Wednesday December 07, 2022

Powerful spyware

August 13, 2021

We have just learned about a powerful spyware known as Pegasus, manufactured and leased by the Israeli company NSO Group and capable of extracting just about every kind of data stored in a smart phone. The Pegasus Project, a consortium of 17 organizations and individuals, mostly journalists, has acquired a leaked list of 50,000 individuals around the world whose phones may have been hacked, though not necessarily penetrated.

Purportedly developed to track criminals and terrorists, Pegasus is also being widely used to hack into the smart phones of human rights activists, journalists, and their political opponents at home and even abroad.

Who is using Pegasus to track enemies? Only a fraction of the 50,000 hacked phone numbers so far obtained have been examined, but that’s enough to reveal that governments from left to right have made use of Pegasus. Among them: Saudi Arabia, India, and Hungary.

The two people closest to the murdered Saudi journalist Jared Khashoggi, including his widow, are among those whose phones were penetrated. The Modi government in India and the Orban government in Hungary have caused uproars over their use of Pegasus to spy on critics.

Pegagus is also being used against current high-level government officials. Among the people on the list: Three presidents, from France, Iraq, and South Africa; three current prime ministers, from Pakistan, Egypt, and Morocco; and one king (Morocco). That means all of them have been tracked and their private messaging probably collected – though exactly what was culled and who is doing the hacking are uncertain. All these officials refused to turn over their phones for forensic analysis.

There’s a connection between the surveillance industry and lobbying, which I examined a few weeks ago. NSO can only sell its technology with Israeli government approval, which means it must lobby Israel’s defense ministry. And that effort extends to the US. For while NSO maintains that Pegasus will never be used “to conduct cybersurveillance within the United States,” why has it retained a prominent Washington, DC law firm to lobby US officials about NSO’s technology?

It is entirely possible that Pegasus has been used or might yet be used against Americans who, for example, write from home about human rights abuses abroad.

The fact that nothing in a smart phone is safe from Pegasus makes it a weapon, another piece of infowar technology, and all the more insidious for being able to hide within the phone and, even if discovered, be difficult to track.

Just think of all the information a smart phone contains: contacts, passwords, text and email messages, videos, pictures. Planting bugs and wiretapping seem ancient by comparison. A technology like Pegasus conceivably can infect millions of phones anywhere, anytime, giving a government or a gang access to potentially lethal information.

Excerpted: ‘Pegasus and the Global Surveillance Business’