Israeli spyware used to target journalists, activists: Report

Activists, politicians and journalists from around the world – including from Al Jazeera – were targeted in a surveillance operation using software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak by The Guardian, the Washington Post and 15 other media outlets.

The reports released on Sunday said “authoritarian governments” abused the Pegasus software, “hacking 37 smartphones,” according to a report by the Washington Post.

According to forensic analysis by Amnesty’s Security Lab, two women close to slain Saudi columnist Jamal Khashoggi were targeted with Pegasus spyware, according to the Washington Post newspaper. The phone of Khashoggi’s fiancée, Hatice Cengiz, was infected with the malware days after his murder in the Saudi consulate in Istanbul in October 2018, the paper, for whom Khashoggi wrote, reported.

A sophisticated surveillance

Pegasus, a sophisticated surveillance tool developed by the Israel company, infects the user’s smartphone and steals all the phone’s information, including every contact name and phone number, text message, email, Facebook message, everything from Skype, WhatsApp, Viber, WeChat and Telegram.

“The scale is staggering compared with anything we have seen before,” Bill Marczak, a research fellow at cyberspace research group Citizen Lab, told Al Jazeera. He noted that a previous expose had uncovered the hacking of about 1,400 numbers.

The latest list did not identify the clients but the reports said many were clustered in 10 countries – Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.

“Yet we ask ourselves, ‘how could something like this happen?’ Spyware companies simply cannot be trusted to hold themselves accountable. This story, along with the recent revelations of abuses by Cellebrite and Candiru, is another example of why we urgently need to hold these surveillance companies and the governments that use them up to the light.

“The industry has shown that it is incapable of policing itself and governments are hiding behind national security to excuse these surveillance abuses. We need regulation, transparency, and accountability and we need them now,” she told Al Jazeera.

‘False claims’

Amnesty International and Forbidden Stories, a Paris-based media non-profit organisation, initially had access to the leak, which they then shared with media organisations from around the world.

According to forensic analysis by Amnesty’s Security Lab, two women close to slain Saudi columnist Jamal Khashoggi were targeted with Pegasus spyware, according to the Washington Post newspaper. The phone of Khashoggi’s fiancée, Hatice Cengiz, was infected with the malware days after his murder in the Saudi consulate in Istanbul in October 2018, the paper, for whom Khashoggi wrote, reported.

A sophisticated surveillance

Pegasus, a sophisticated surveillance tool developed by the Israel company, infects the user’s smartphone and steals all the phone’s information, including every contact name and phone number, text message, email, Facebook message, everything from Skype, WhatsApp, Viber, WeChat and Telegram.

“The scale is staggering compared with anything we have seen before,” Bill Marczak, a research fellow at cyberspace research group Citizen Lab, told Al Jazeera. He noted that a previous expose had uncovered the hacking of about 1,400 numbers.

The latest list did not identify the clients but the reports said many were clustered in 10 countries – Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.

“The surveillance industry works under a cloud of darkness – its products are designed to deceive and skirt culpability,” Natalia Krapiva, Tech Legal Counsel at Access Now, told Al Jazeera.

“Yet we ask ourselves, ‘how could something like this happen?’ Spyware companies simply cannot be trusted to hold themselves accountable. This story, along with the recent revelations of abuses by Cellebrite and Candiru, is another example of why we urgently need to hold these surveillance companies and the governments that use them up to the light.

“The industry has shown that it is incapable of policing itself and governments are hiding behind national security to excuse these surveillance abuses. We need regulation, transparency, and accountability and we need them now,” she told Al Jazeera.

‘False claims’

Amnesty International and Forbidden Stories, a Paris-based media non-profit organisation, initially had access to the leak, which they then shared with media organisations from around the world.

Related Articles

Back to top button