Pegasus: What you need to know about Israeli spyware

The Israeli company has been linked to governments exploiting its technology to spy on journalists, activists and politicians.

Israeli cyber firm NSO Group's exhibition stand at Tel Aviv international defence expo
Israeli cybersecurity firm NSO Group's exhibition stand is seen at ISDEF 2019, an international defence and homeland security expo, in Tel Aviv, Israel, June 4, 2019 [File: Keren Manor/Reuters]

Pegasus, spyware made by the Israeli technology company NSO Group, is making headlines again after it was reported that the Israeli police used it for spying on dozens of its own citizens – including senior government officials and protesters rallying up against former Prime Minister Benjamin Netanyahu.

The report brought a months-long international scandal into the world’s most infamous hacker-for-hire company back to full circle, following reports that it was used by governments across the world to spy on activists, journalists, and even heads of state.

What is Pegasus? What does it do?

NSO Group, founded in 2010, describes itself on its website as creating “technology that helps government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe”.

Pegasus is a spyware that can infiltrate a mobile phone and harvest personal and location data, and can control the phone’s microphones and cameras without the user’s knowledge or permission.

Some of the information Pegasus has access to includes photos, web searches, passwords, call logs, communications and social media posts.

The spyware is designed to bypass detection and mask its activity.

Researchers have found several examples of NSO Group sophisticated tools using so-called “zero click” exploits that infect targeted mobile phones without any user interaction.

This means that a successful spyware attack on a phone needs just an operating system installed or a particular vulnerable app.

Who has been targeted?

An investigation by 17 news organisations into more than 50,000 numbers was published by the Paris-based journalism nonprofit Forbidden Stories and Amnesty International. It found that more than 1,000 individuals across 50 countries were allegedly selected by NSO clients for potential surveillance since 2016.

That list includes 189 journalists, more than 600 politicians and government officials, and several heads of state, including France’s Emmanuel Macron, South African President Cyril Ramaphosa and Pakistan Prime Minister Imran Khan.

The journalists include employees from Al Jazeera, The Associated Press, Reuters, CNN, The Wall Street Journal, Le Monde and The Financial Times.

At least 65 business executives and 85 human rights activists worldwide have also been targeted.

The media consortium reports said most of Pegasus’s clients were clustered in 10 countries: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.

What has the reaction been?

In a statement issued after the publication of the report, Amnesty International Secretary-General Agnes Callamard dismissed NSO’s claims that its technology is used for law enforcement work.

“NSO Group can no longer hide behind the claim that its spyware is only used to fight crime – it appears that Pegasus is also the spyware of choice for those wanting to snoop on foreign governments,” Callamard said.

Watchdog group The Citizen Lab said the proliferation of Pegasus among countries with records of human rights abuses “paint a bleak picture of the human rights risks” of the targeted.

In July 2021, the Paris prosecutor’s office opened an investigation into allegations that Moroccan intelligence services spied on several French journalists. Morocco has denied the allegations.

Last November, the US Commerce Department blacklisted NSO Group, barring it from access to US technology after saying its tools have been used to “conduct transnational repression”.

Apple subsequently sued the company, calling it “amoral 21st century mercenaries”.

Facebook is suing NSO Group in the US federal court for allegedly targeting some 1,400 WhatsApp users.

Lawsuits were also filed in 2018 in Israel and Cyprus by Al Jazeera journalists, as well as other Qatari, Mexican and Saudi journalists and activists who say the company’s spyware was used to hack their devices.

What has NSO said?

NSO has denied wrongdoing and said it does not identify its clients.

It maintains that its products are intended to be used against criminals and “terrorists”, and that it sells its products only to state security agencies upon approval of Israel’s defence ministry.

It described the report by media organisations as “full of wrong assumptions and uncorroborated theories”.

Source: Al Jazeera and news agencies