Pegasus: what is spyware, who are NSO Group, and were Downing Street networks infected by a UAE operator?

The Prime Minister’s office at Number 10 Downing Street and the Foreign and Commonwealth Development Office (FCDO) networks may have been the target of surveillance by spyware, a global security laboratory has warned.

Professor Ron Deibert, founder and director of Toronto University’s Citizen Lab, released a statement saying that in 2020 and 2021 they “observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks”.

In the statement Prof Diebert says that the data infiltration at Boris Johnson’s office was associated with a Pegasus operator linked to the United Arab Emirates, and the infection in the FCDO’s network is linked to operators in the UAE, India, Cyprus and Jordan.

The academic researchers, who are experts in studying digital threats, suspect that because the FCDO have representatives in so many countries, the infections could have been related to their devices located abroad and using foreign SIM cards.

Citizen Lab were compelled to ensure that the UK government was aware of the ongoing spyware threat and hoped to “reduce harm” by notifying the government of the Pegasus spyware infections.

A UK government spokesperson said: “We do not routinely comment on security matters”.

What is spyware?

Spyware is a category of software which steals data from personal or organisational devices without the user’s knowledge or permission.

It secretly monitors activity and gathers information from devices in order to share it to other parties.

What is Pegasus spyware?

Pegasus is a powerful and highly advanced piece of spyware which can turn your phone into a 24-hour surveillance device.

It can record through the device’s camera and microphone against your knowledge and gather information such as emails, locations and bank details.

Pegasus can infect both iOS and Android operating systems.

Who are the NSO Group?

The hacking software is owned by an Israeli technology firm called NSO Group who sell Pegasus to governments so that they can carry out surveillance through infecting phones with malicious software.

NSO group claim that their technology “helps government agencies prevent and investigate terrorism and crime to save thousands of lives around the globe”.

The governments of UAE, India, Cyprus and Jordan have yet to comment on Citizen Lab’s statement.

What have NSO said?

NSO have denied the Citizen Lab’s findings, with a spokesperson saying: “NSO continues to be targeted by a number of politically motivated advocacy organisations like Citizen Lab and Amnesty to produce inaccurate and unsubstantiated reports based on vague and incomplete information.

“We have repeatedly cooperated with governmental investigations, where credible allegations merit. However, information raised regarding these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons.”

Last November, the US government placed NSO on a US blacklist after the Biden administration found evidence that the company had sold surveillance spyware to foreign governments that used it to “conduct transnational repression”.

The Israeli technology company does not identify its clients and says it has no knowledge of who is targeted. Although NSO says it has safeguards in place to prevent abuse, it notes it ultimately does not control how its clients use the software.