ISLAMABAD: Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
The Indian government's intelligence tentacles used the phone malware to spy on 50,000 phones including those of Prime Minister Imran Khan, cabinet ministers, top officials and diplomats besides against their own dissidents, activists, journalists, lawyers and politicians in several countries.
Besides, the subcontinent, the NSO Group and its Pegasus malware -- capable of switching on a phone´s camera or microphone and harvesting its data -- have been in the headlines since 2016, when researchers accused it of helping spy on a dissident in the United Arab Emirates. They include one linked to a murdered Mexican journalist and family members of murdered Saudi journalist Jamal Khashoggi besides, more than 1,000 people in more than 50 countries. They included several members of Arab royal families, at least 65 business executives, 85 human rights activists, 189 journalists and more than 600 politicians and government officials -- including heads of state, prime ministers and cabinet ministers in ten countries.
The report a collaborative investigation by The Washington Post, The Guardian, Le Monde and other media outlets, based on a leaked list of 50,000 phone numbers, also highlights how New Delhi's Modi government and its intelligence agencies hacked the into two of the cell phones earlier used by Prime Minister Imran Khan, his cabinet ministers, several top ranking Pakistani officials, Pakistani diplomats, Kashmiri freedom fighters, Chinese journalists. Analysis of the more than 1,000 mostly Indian phone numbers selected for potential targeting by the NSO client strongly indicate intelligence agencies within the Indian government were behind the selection including Indian Congress leader Rahul Gandhi, and even an Indian supreme court judge were targetted, the publication said.
According to Israeli daily Haaretz, India targeted a phone which was earlier in Prime Minister Imran Khan's use through an Israeli firm's malware, besides trying to tap the federal cabinet members' calls and messages, several senior top ranking officials, Following the development, a high-level meeting of the civil and military leadership was called which will decide a future course of action against India's spying attempt.
According to the Washington Post, The Guardian, Le Monde and other media outlets, more than 1,000 people in more than 50 countries were focussed including several members of Arab royal families, at least 65 business executives, 85 human rights activists, 189 journalists and more than 600 politicians and government officials -- including heads of state, prime ministers and cabinet ministers in ten countries. Many numbers on the list were clustered in 10 countries: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.
On the list were 15,000 numbers in Mexico -- among them reportedly a number linked to a murdered reporter -- and 300 in India, including politicians and prominent journalists. The Post said a forensic analysis of 37 of the smartphones on the list showed there had been "attempted and successful" hacks of the devices, including those of two women close to Saudi journalist Jamal Khashoggi, who was murdered in 2018 by a Saudi hit squad. Among the numbers on the list are those of journalists for Agence France-Presse, The Wall Street Journal, CNN, The New York Times, Al Jazeera, El Pais, the Associated Press, Le Monde, Bloomberg, The Economist, and Reuters, The Guardian said. Roughly three dozen journalists at Qatar´s Al-Jazeera network had their phones targeted by Pegasus malware, Citizen Lab reported in December, while Amnesty said in June the software was used by Moroccan authorities on the cellphone of Omar Radi, a journalist convicted over a social media post. Founded in 2010 by Israelis Shalev Hulio and Omri Lavie, NSO Group is based in the Israeli hi-tech hub of Herzliya, near Tel Aviv.
NSO issued a denial on Sunday that focused on the report by Forbidden Stories, calling it "full of wrong assumptions and uncorroborated theories," and threatening a defamation lawsuit. It said it was "not associated in any way" with the Khashoggi murder, adding that it sells "solely to law enforcement and intelligence agencies of vetted governments".
In fact, Indian prime minister Narendra Modi used the malware to monitor two numbers belonging to his most prominent political rival, Congress leader Rahul Gandhi during India’s 2019 national elections, five of Gandhi’s close friends and other Congress party officials were selected as candidates for possible surveillance in the year before the 2019 vote and coincided with the identification of the numbers of two staff members, Sachin Rao and Alankar Sawai, who at the time were working on forthcoming state election campaigns against Modi’s party in Haryana and Maharashtra, other included those of known priorities of the country’s security agencies, including Kashmiri separatist leaders, Sikh activists and business people known to be the subject of police investigations.
Gandhi, who changes his device every few months to avoid surveillance, was not able to provide the phone he used at the time for examination. The consortium confirmed Pegasus infections, or signs of potential targeting, on phones linked to 10 Indian numbers and on an additional 27 phones around the world. NSO markets Pegasus as a tool for fighting terrorism and crime, but the inclusion of a major Indian opposition leader in the records – alongside political staffers, labour unionists, Tibetan Buddhist clerics, social justice campaigners and a woman who accused India’s most senior judge of sexual harassment – raises troubling questions about the way the hacking software may have been used in India.
“Targeted surveillance of the type you describe whether in regard to me, other leaders of the opposition or indeed any law-abiding citizen of India is illegal and deplorable,” Gandhi said. “If your information is correct, the scale and nature of surveillance you describe goes beyond an attack on the privacy of individuals. It is an attack on the democratic foundations of our country. It must be thoroughly investigated and those responsible be identified and punished.” The data was accessed by the nonprofit journalism organisation Forbidden Stories and Amnesty International and shared with the Guardian and other media outlets as part of the Pegasus project.
The identities behind around 300 of the Indian phone numbers were verified by the media outlets. It also reinforces concerns about the health of the world’s largest democracy under Modi. The selection of Indian numbers largely commenced around the time of Modi’s 2017 trip to Israel, the first visit to the country by an Indian prime minister and a marker of the burgeoning relationship between the two states, including billions of dollars in deals between Delhi and Israeli defence industries. Modi and the then Israeli prime minister, Benjamin Netanyahu, were pictured during the trip walking barefoot together on a beach. Days before, Indian targets had started being selected. The Indian candidates for surveillance went beyond opposition politicians. The phone number of a woman who accused India’s then chief justice of sexual harassment was selected shortly after her claims became public, along with 10 other numbers linked to her including those used by her husband and two other family members.
At least two employees of the US Centers for Disease Control and Prevention based in India, including a US citizen, were also identified, along with Gagandeep Kang, a virologist and the first Indian woman to be accepted into the UK’s Royal Society. M Hari Menon, the director of the Bill and Melinda Gates Foundation’s Indian operations, was also selected as a target, alongside several researchers and campaigners working for anti-tobacco NGOs. The motive for the scrutiny is unclear, though the Modi government has expressed suspicion of foreign funding for charities, research institutes and NGOs and has sought to tighten restrictions for bringing in money from overseas.
More than a dozen people associated with an Indian cabinet minister, Prahlad Singh Patel, are listed in the data including the elected official himself, his family members, advisers and personal staff including a cook and gardener in 2019, the records show. A second cabinet minister for electronics and information technology, Ashwini Vaishnaw – whose portfolio includes the regulation of the use of digital surveillance – was also selected as a potential surveillance target in 2017.
Journalists emerge as a major focus in the records, including several covering defence and politics at major newspapers, such as the Indian Express and the Hindu, and others associated with the Wire, a media partner of the Pegasus project. Forensic analysis detected Pegasus activity as recently as this month on a phone used by Sushant Singh, a journalist who investigated a controversial billion-dollar contract awarded to one of Modi’s close allies in business to build a fleet of fighter jets with the French manufacturer Dassault. The Wire reporter Rohini Singh is facing civil and criminal defamation charges over an investigation she produced into the finances of the son of India’s home minister, Amit Shah. She was selected as a target over the two years that followed the publication of the story, along with one of the Wire’s columnists, Prem Shankar Jha, and its diplomatic editor, Devirupa Mitra. Ashok Lavasa was appointed by the government to the Election Commission of India, which regulates campaigning and polling, and which has for decades enjoyed a near-sacrosanct status as a symbol of the integrity of Indian democracy.
An Amnesty International investigation into Pegasus says the tool compromised targets’ phones and routed data through commercial services like AWS and Amazon CloudFront, a move that it said “protects NSO Group from some internet scanning techniques.” (Vice notes that a 2020 report previously described NSO using Amazon services.) Amnesty International wrote that it had contacted Amazon about NSO and Amazon had responded by banning NSO-related accounts. The Amnesty International report links it with several other companies, including DigitalOcean and Linode. NSO allegedly favored servers in Europe and the United States, particularly “the European data centers run by American hosting companies.” As the report describes it, NSO would deploy Pegasus malware through a series of malicious subdomains, exploiting security weaknesses on services like iMessage. Once Pegasus compromised a phone, it could collect data from the phone or activate its camera and microphone for surveillance.
NSO describes Pegasus as a tool for surveilling terrorists and cybercriminals. But the reporting from Amnesty International, Forbidden Stories, and 17 news outlets — says governments deployed it indiscriminately against political figures, dissidents, and journalists. NSO has always maintained it “does not operate the systems that it sells to vetted government customers, and does not have access to the data of its customers’ targets”. Following the launch of the Pegasus project, Shalev Hulio, the founder and chief executive of NSO, said he continued to dispute the leaked data “has any relevance to NSO”, but added he was “very concerned” about the reports and promised to investigate them all. “We understand that in some circumstances our customers might misuse the system,” he said. — AFP
Our correspondent adds: The Ministry of Information Technology has prepared a special and secure application, “Beep” and all government officers and employees have been directed to use it.
Federal Minister Information Technology Amin ul Haq has said that the application is on an in-house trial and will be launched after a few months. Initially, the App will have chat and audio call features only. Later, a video call option will also be added.
Amin ul Haq said efforts have been made to make the App secure so the important conversation of the government officers could not be leaked.