Pegasus spyware: UK prime minister’s office smartphones targeted by cyberattacks
Researchers claim to have uncovered cyberattacks using Pegasus software against 10 Downing Street and the Foreign and Commonwealth Office
Technology
19 April 2022
The UK prime minister’s office was targeted multiple times by spyware sold legally to states around the world, claim security experts. The Pegasus software, created by the Israeli firm NSO Group, allows security services to listen in to the microphone on a compromised smartphone, read messages and access sensitive data.
The Citizen Lab, a research group at the University of Toronto in Canada that has worked for years to examine the use of spyware such as Pegasus, claims that it warned the UK government of attacks in 2020 and 2021.
The group says it has found evidence for multiple suspected Pegasus infections of devices used by the prime minister’s office and what was then the Foreign and Commonwealth Office (FCO), now the Foreign, Commonwealth and Development Office (FCDO). It claims that the spyware was being deployed against the FCO from the United Arab Emirates, India, Cyprus and Jordan, while the attacks against 10 Downing Street originated in the UAE.
Ron Deibert at the Citizen Lab said in a blog post that the group’s main goal is to watch for spyware use against non-governmental organisations, such as charities and aid groups, but that it sometimes finds evidence of state-on-state espionage and would occasionally inform the targeted nation if it believed it could reduce harm to do so.
A report by The New Yorker claims that the UK National Cyber Security Centre scanned numerous devices used by Downing Street staff, including a smartphone used by Prime Minister Boris Johnson, once it had been informed of the attacks, but was unable to locate evidence of an intrusion. The report quotes a Citizen Lab member who believes data was probably stolen, and says that the UK has been “spectacularly burned”.
NSO, which was founded by former Israeli state surveillance operators, says it licenses customers to use its software “only for their lawful and necessary purposes of preventing and investigating terrorism and serious crime”. However, previous reports from the Citizen Lab revealed that Pegasus is being misused to watch journalists, academics and politicians.
Researchers have claimed that Pegasus has been used to hack the phones of journalists at Al Jazeera and Al Araby TV, as well as people at human rights organisation Amnesty International. In 2017, it emerged that Mexico had been using the software to target journalists and their families. It was also suspected in attacks targeting Amazon founder Jeff Bezos and associates of journalist Jamal Khashoggi, who was murdered in a Saudi Arabian consulate.
Jake Moore at internet security company ESET says that Pegasus and similar tools are often used by governments to carry out espionage against other states. It can infect users remotely, without their knowledge.
“Once the software is placed on a device, it can copy messages, view photos, record phone calls and even secretly view the user via the phone’s camera, and both Android and Apple phones are vulnerable,” he says. “Pegasus can be installed on phones via a simple text message or through exploiting vulnerabilities on devices that can even deploy without requiring the user to click anything. High-profile people must be aware of the ease at which this can occur and must take precautions such as using a second device for official business and hold private meetings away from any device where possible.”
The FCDO and the prime minister’s press office told New Scientist that they wouldn’t comment on matters relating to security. NSO Group didn’t respond to a request for comment.
More on these topics: