The UK prime minister’s office was targeted multiple times by spyware sold legally to states around the world, claim security experts. The Pegasus software, created by the Israeli firm NSO Group, allows security services to listen in to the microphone on a compromised smartphone, read messages, and access sensitive data.
The Citizen Lab, a research group at the University of Toronto in Canada that has worked for years to examine the use of spyware such as Pegasus, claims that it warned the UK government of attacks in 2020 and 2021.
The group says it has found evidence for multiple suspected Pegasus infections of devices used by the prime minister’s office and what was then the Foreign and Commonwealth Office (FCO), now the Foreign, Commonwealth and Development Office (FCDO). It claims that the spyware was being deployed against the FCO from the United Arab Emirates, India, Cyprus, and Jordan, while the attacks against 10 Downing Street originated in the UAE.
Ron Deibert at the Citizen Lab said in a blog post that the group’s main goal is to watch for spyware use against non-governmental organisations, such as charities and aid groups, but that it sometimes finds evidence of state-on-state espionage and would occasionally inform the targeted nation if it believed it could reduce harm to do so.
A report by The New Yorker claims that the UK National Cyber Security Centre scanned numerous devices used by Downing Street staff, including a smartphone used by Prime Minister Boris Johnson, once it had been informed of the attacks, but was unable to locate evidence of an intrusion. The report quotes a Citizen Lab member who believes data was probably stolen and says that the UK has been “spectacularly burned”.
NSO, which was founded by former Israeli state surveillance operators, says it licenses customers to use its software “only for their lawful and necessary purposes of preventing and investigating terrorism and serious crime”. However, previous reports from the Citizen Lab revealed that Pegasus is being misused to watch journalists, academics, and politicians.
Researchers have claimed that Pegasus has been used to hack the phones of journalists at Al Jazeera and Al Araby TV, as well as people at human rights organisation Amnesty International. In 2017, it emerged that Mexico had been using the software to target journalists and their families. It was also suspected of attacks targeting Amazon founder Jeff Bezos and associates of journalist Jamal Khashoggi, who was murdered in a Saudi Arabian consulate.
Pegasus is able to install itself on targeted telephones without requiring their users to click a link or download an application. The spyware is installed via a simple text message or through exploiting vulnerabilities on devices without needing the user to click on anything. Upon installation, the software provides the spying party with near-complete control of a targeted telephone. This includes the ability to browse through the device’s contents, such as photographs and videos, record conversations, as well as activate the telephone’s built-in microphone and camera at any time, without its user’s consent or knowledge. These types of tools are often used to carry out espionage against others. It is best practice to hold private meetings away from mobile devices where possible.