The software military grade spyr Pegasus, developed by the Israeli company NSO to track terrorists and criminals, has been used in at least 50 countries to spy on cell phones belonging to journalists, human rights activists, business executives and even presidents. This was revealed by media such as The Washington Post, The New York Times, The Guardian and Le Monde, among others, this week. The scandal has undoubtedly set off the alarm about massive virtual espionage and has put the company that developed the virus and Israel, where the company is native, in the eye of the hurricane.
The investigation published by these outlets is based on the leak of a list of up to 50,000 phone numbers believed to have been identified as belonging to persons of interest by NSO clients since 2016, according to reports. According to the researchers, so far 180 journalists, 600 politicians, 85 human rights activists and 65 businessmen have been affected.
international scandal
Throughout this week, since the scandal was uncovered, the press, the European Union, the UN and human rights organizations have expressed their outrage at the global espionage case. For example, the secretary general of Amnesty International, Agnès Callamard, in statements to the BBC, explained: “We are not just talking about some rogue states, but about the massive use of a spy program by at least twenty countries.” And she assured, “this is a major attack against critical journalism.”
The president of the European Commission, Ursula von der Leyen, said that this scandal “has to be verified, but if that were the case, it is completely unacceptable”. And for her part, the UN High Commissioner for Human Rights, Michelle Bachelet, called for better “regulation” of the commercialization of these surveillance technologies. “Without human rights-friendly regulation, there is too much danger that these tools will be used to intimidate critics and silence opponents,” she said.
We are not just talking about some rogue states, but about the massive use of an espionage program by at least twenty countries”. And he assured, “it is a major attack against critical journalism
And this particular software is very intrusive: it can hack mobile phones without the user’s knowledge, allowing clients to read all messages, track a user’s location and access the phone’s camera and microphone. “They can see the screen and manage the microphones and cameras of the cell phone”, says Gérôme Billois, a cybersecurity expert at the consulting firm Wavestone.
Who explains that these very sophisticated means of espionage were reserved for States with very important financial means, which allowed them to develop attack tools to be used in a well-defined framework. But now, private companies are providing these espionage tools to various countries, thus reducing costs. “A subscription to this type of benefit is several million dollars a year and is limited in the number of people to spy on. Cyber attacks are becoming more accessible and easier to carry out,” he explains.
the attacked
One of the most important revelations is that the cell phone of French President Emmanuel Macron was attacked with the software. After that information was released, Macron convened an “exceptional defense council.” And his office reported that the French president “changed his phone and phone number for some communications.” According to the information available, the espionage would come from Morocco, to which the French government demanded explanations. And the response of the Moroccans was to deny the accusations, saying that “he never acquired computer programs to infiltrate communication devices.”
Similarly, the environment of the Mexican president, Andrés Manuel López Obrador, would also have been a target. According to the Aristegui Noticias portal, the phones of relatives and collaborators of López Obrador, in power since December 2018, were presumably tapped between 2016 and 2017 using said program. Nevertheless, The president pointed out in his morning press conference that the espionage work of the current authorities points to organized crime and not opponents of the government.
In addition, the phone list includes that of Cecilio Pineda, a Mexican reporter murdered in March 2017. Relatives of 43 students who disappeared in 2014 in Ayotzinapa and human rights defenders were also targeted.
Beyond France and Mexico, which have been the most striking cases, the King of Morocco, Mohammed VI, and his entourage also appear on the list of targets.
The list includes numbers of journalists from media outlets around the world, such as Agence France-Presse, The Wall Street Journal, CNN, The New York Times, Al Jazeera, France 24, Radio Free Europe, Mediapart, El País, Associated Press , Le Monde, Bloomberg, The Economist, Reuters and Voice of America, The Guardian said.
Also listed are two numbers belonging to women close to Saudi-born journalist Jamal Khashoggi, who was killed by a Saudi hit squad in 2018.
The list does not identify NSO’s clients, but reports indicate that many were concentrated in 10 countries: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.
NSO, in the eye of the hurricane
Israel claims to be a pioneering country in technological innovation, but the accusations of espionage against journalists and activists through the Pegasus program of the Israeli company NSO reflect the hidden side of this digital diplomacy.
Created in 2010 by Shalev Hulio and Omri Lavie and based in Herzliya, north of Tel Aviv, the Israeli company NSO is often criticized for its Pegasus program. In Israel, this program is considered a “weapon” and to be sold to the secret services of other countries it must obtain the approval of the Israeli Ministry of Defense.
Israel’s NSO Group and its Pegasus malware have been in the headlines since at least 2016, when researchers accused it of helping spy on a dissident in the United Arab Emirates.
In a statement, NSO said the Forbidden Stories report is “riddled with erroneous assumptions and unsubstantiated theories,” and threatened to file a defamation lawsuit against the organization.
Israel exports its technological advances in the agricultural technology sector, but also in the military industry, such as drones, missile systems or artificial intelligence, which favors diplomatic relations with other countries.
According to the disclosures, four Arab countries used Pegasus: the United Arab Emirates, Morocco, Bahrain, and Saudi Arabia. The first three of them normalized their ties with Israel in 2020 and then there was also a certain thaw between Riyadh and Tel Aviv.
Yoel Guzansky, a researcher at the Institute for National Security Studies (INSS) in Tel Aviv, points out that “20 or 30 years ago, arms exports allowed Israel to establish numerous diplomatic or informal relations with countries in Africa, Asia or the Middle East. Medium and the same situation currently occurs. But now it has more things to sell, like a range of cybersecurity tools.”
However, this is “a double-edged sword, since Israel can also be seen as a country that helps authoritarian regimes to suppress civil liberties,” he says.
Key answers about the software
The Pegasus program, from the Israeli company NSO, which supposedly served to spy on activists, journalists and opponents around the world, is a very sophisticated system that constantly exploits the vulnerabilities of smartphones.
How does the NSO spy program work?
Once it is inserted into the mobile phone, Pegasus exports the user’s data (emails, messages, photographs, etc.) to internet pages created by NSO, which are constantly updated to avoid detection. It’s “like leaving your phone in someone else’s hands,” warns Alan Woodward, professor of cybersecurity at the University of Surrey (UK). This transmission of information goes completely unnoticed by the user and it is very difficult to find any evidence of this spying on Android phones. For this reason, Amnesty International’s investigation, revealed on Sunday, was based on Apple mobiles.
How is the victim’s phone hacked?
In its controversial past, very well documented by Amnesty, NSO used SMS traps, bugs in Whatsapp, in iMessage, Apple Music… A few years ago, a user action was required, such as clicking on a link, for the error to occur. phone hacking. But now even this gesture from the owner is no longer needed for Pegasus to be able to get into your smartphone.
How does NSO find bugs in phones to hack into them?
With over a thousand employees, NSO is a large company that employs elite hackers and this allows them to constantly find flaws in phones to break into them.
According to experts, it also tends to resort to the “black market” in which cybersecurity researchers, with very little morals, tend to market the flaws that serve as a gateway.
The most popular bugs are known as ‘zero days’ and are bugs that no one has ever seen before and are hard to fix. According to Bastien Bobe, technical director in southern Europe at Lookout, publisher of a smartphone protection program, the most valuable ‘zero days’ can be traded for up to two million dollars in iOS (Apple’s operating system) and 2.5 million on Android.
* With information from AFP
#Pegasus #story #digital #espionage #touches #presidents