Angela Lang / CNET
This is a case of digital espionage. Security researchers have found evidence of attempts or success of installations of Pegasus, software manufactured by the cybersecurity company based in Israel NSO Group, on 37 phones of activists, journalists and businessmen. The targets appear to have been targets of covert surveillance by software designed to help governments prosecute criminals and terrorists.
Pegasus has been a politically explosive issue that has put Israel under pressure from activists and governments concerned about the misuse of software. France and the United States have expressed concerns and the OSN has suspended the Pegasus privileges of some countries.
Nor has it helped Apple’s reputation as a reliable technology provider. Monday, however, Apple fixed a security hole that Pegasus blew up for installation on iPhones, reported The New York Times and Apple confirmed it. Malicious software often uses collections of these vulnerabilities to establish itself on a device and then extend privileges to become more powerful. NSO Group software also works with Android phones.
The phones were on an activist organization’s list of more than 50,000 phone numbers for politicians, judges, lawyers, teachers and others. There are also 10 prime ministers, three presidents and a king on this list, according to an international investigation published in mid-July by the Washington Post and other media, although there is no evidence that being on the list means attempt or succeed an attack. .
Pegasus is the latest example of how vulnerable we are all in digital practice. Our most personal information (photos, text messages and emails) is stored on our phones. Spyware can directly reveal what is happening in our lives, skipping the encryption that protects data sent over the Internet.
The 50,000 phone numbers are connected to phones around the world, though NSO discusses the link between the list and actual Pegasus target phones. The devices of dozens of people close to Mexican President Andrés Manuel López Obrador were on the list, as were those belonging to journalists from CNN, the Associated Press, The New York Times and The Wall Street Journal. But the phones of several on the list, including Claude Mangin, the French wife of a political activist imprisoned in Morocco, were infected or attacked.
Here’s what you need to know about Pegasus.
What is NSO Group?
It is a company that licenses surveillance software to government agencies. The company claims that its Pegasus software provides a valuable service because encryption technology has allowed criminals and terrorists to go “dark”. The software runs secretly on smartphones and illuminates what their owners do. Other companies provide similar software.
CEO Shalev Hulio co-founded the company in 2010. NSO also offers other tools for locating where a phone is used, fending off drones and law enforcement data to detect patterns.
NSO has been implicated in previous reports and lawsuits in other hackers, including a report by Amazon’s founding hacker Jeff Bezos in 2018. A Saudi dissident sued the company in 2018 for his alleged role in hacking a device of journalist Jamal Khashoggi, who had been killed at the Saudi embassy in Turkey that year.
What is Pegasus?
Pegasus is NSO’s best known product. It can be installed remotely without a surveillance target ever having to open a document or link to the website, according to the Washington Post. Pegasus reveals all this to NSO customers who control it (text messages, photos, emails, videos, contact lists) and can record calls. He can also secretly turn on the phone’s microphone and cameras to create new recordings, the Washington Post said.
General security practices, such as updating software and using two-factor authentication, can help keep key hackers at bay, but protection is very harsh when skilled, well-funded attackers concentrate their resources on one person. .
Pegasus is not supposed to get used to persecuting activists, journalists and politicians. “The NSO group licenses its products only to government and police intelligence services for the sole purpose of preventing and investigating terrorism and serious crime,” the company says on its website. “Our verification process goes beyond the legal and regulatory requirements to ensure the lawful use of our technology as designed.”
However, human rights group Amnesty International documents in detail how the smartphone committed to the NSO group was located. Citizen Lab, a Canadian security organization at the University of Toronto, said it independently validated Amnesty International’s findings after examining the phone’s backup data.
Why is Pegasus news now?
Forbidden Stories, a Paris-based non-profit journalism organization, and Amnesty International, a human rights group, shared with 17 news organizations a list of more than 50,000 phone numbers for people believed to be interested in clients of Paris. the OSN.
News sites confirmed the identities of many of the people on the list and infections on their phones. Of the data from 67 phones on the list, 37 showed signs of installation or attempted installation of Pegasus, according to the Washington Post. Of those 37 phones, 34 were Apple iPhones.
The list of 50,000 phone numbers includes French President Emmanuel Macron, Iraqi President Barham Salih and South African President Cyril Ramaphosa. There are also seven former prime ministers and three current ones, the Pakistani Imran Khan, the Egyptian Mostafa Madbouly and the Moroccan Saad-Eddine El Othmani. King Mohammed VI of Morocco is also on the list.
Who infected Pegasus?
In addition to Mangin, two journalists from the Hungarian research center Direkt36 had infected phones, The Guardian reported.
The Washington Post launched a Pegasus attack on the phone of Hanan Elatr, wife of the murdered Saudi columnist Jamal Khashoggi, although it was unclear whether the attack was successful. But the spyware arrived on the phone of Khashoggi’s fiancée, Hatice Cengiz, shortly after her death.
And seven people were found in India with infected phones, including five journalists and a critical opposition party adviser to Prime Minister Narendra Modi, the Washington Post said.
What can the ONS say about it?
NSO recognizes that your software may be misused. According to the Washington Post, it has cut two customers in the past twelve months because of concerns about human rights abuses. “To date, NSO has declined more than $ 300 million in sales opportunities as a result of its human rights review processes,” the company said in a June transparency report.
However, OSN strongly challenges any link in the list of phone numbers. “There is no link between the 50,000 numbers with NSO Group or Pegasus,” the company said in a statement.
“All allegations of misuse of the system concern me,” Hulio told the Post. “It violates the trust we place in customers. We are investigating all allegations.”
The NSO blocked some governments from using Pegasus while investigating the current situation, NPR reported. In the past, the OSN had also blocked Saudi Arabia, Dubai in the United Arab Emirates and some Mexican government agencies from using the software, The Washington Post reported.
In a statement, the OSN denied “false claims” about Pegasus that it was “based on a misleading interpretation of the leaked data.” Pegasus “cannot be used to conduct cyber surveillance in the United States,” the company added.
NSO did not comment on the suspension of some countries’ ability to use Pegasus or on its actions to ensure that its software was used as intended.
What are the consequences of the situation in Pegasus?
President Joe Biden’s top adviser in the Middle East met with an Israeli Defense Ministry official to express his concern, the Washington Post and Axios reported.
Macron changed one of its cell phone numbers and requested new security checks, Politico reported. He convened a national security meeting to discuss the issue. Macron also raised Pegasus’ concerns with Israeli Prime Minister Naftali Bennett and called on the country to investigate NSO and Pegasus, The Guardian reported. The Israeli government must approve Pegasus export licenses.
Israel set up a review commission to examine the situation in Pegasus. And on July 28, Israeli defense authorities personally inspected the OSN offices.
The head of the European Commission, Ursula von der Leyen, said that if the allegations are verified, the use of Pegasus is “completely unacceptable”. He added: “Freedom of the media, free press is one of the core values of the EU.”
The Nationalist Congress Party in India demanded an investigation into the use of Pegasus.
Edward Snowden, who leaked information about the U.S. National Security Agency’s surveillance practices in 2013, called for a ban on the sale of spyware in an interview with The Guardian. He argued that these tools would otherwise soon be used to spy on millions of people. “When we talk about something like an iPhone, they all run the same software all over the world. So if they find a way to hack an iPhone, they’ve found a way to hack them all,” Snowden said. .
How do I know if my phone has been infected?
Amnesty International launched an open source utility called MVT (Mobile Verification Toolkit) designed to detect traces of Pegasus. The software runs on a personal computer and analyzes data, including backup files exported from an iPhone or Android phone.