Israeli company NSO’s Pegasus spyware used to infect Downing Street network – Report

On Apr 18, 2022 Last updated Apr 18, 2022

News reports say the notorious Israeli tech company, NSO’s spyware, Pegasus has been used to infect Downing Street and the Foreign and Commonwealth offices.

According to the reports, researchers at the Canadian Internet security watchdog, Citizen Lab has drawn the conclusion that the network of 10 Downing Street, which serves as the residence and office of the British Prime Minister has been infected with Pegasus.

Some eight years ago, it was Citizen Lab, a group focused on the intersection of technology and information security which found that Pegasus has been used to target journalists and activists.

According to Citizen Lab, Pegasus is able to jailbreak devices and spy on victims. It is described as the most sophisticated attack seen on any endpoint because it takes advantage of how integrated mobile devices are in people’s lives and the combination of features only available on mobile such as always connected (Wi-Fi, 3G/4G), voice communications, camera, email, messaging, GPS, passwords, and contact lists.

The Pegasus spyware uses the principle of ‘zero click’ to infect the devices of targets and can use a simple missed call to take over a target’s phone.

Pegasus can thoroughly take over any device by exploiting the security vulnerabilities in a device or app. It is able to take over Android, iPhone or Blackberry. Once it takes over a phone, it turns it into a secret camera and microphone and operate remotely, providing live feeds to the operator, and the owner of the phone would never know.

Pegasus then takes over the target’s emails, messages and GPS coordinates.

The reports indicate that a device connected to the Downing Street network was infected using the spyware on July 7, 2020, but noted that the National Cyber Security Centre tested several phones at Downing Street including that of the Prime Minister – but was unable to locate the infected device. It said further that the nature of any data taken couldn’t be determined.

A senior researcher at Citizen Lab, Bill Marczak cited by The New Yorker said: “We suspect this included the exfiltration of data.”

Ron Deibert, the Director of Citizen Lab, reportedly confirmed in a statement that in 2020 and 2021 it had “observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks”.

These included 10 Downing Street and the Foreign and Commonwealth Office (FCO).

Mr Deibert said the suspected infections relating to the FCO “were associated with Pegasus operators that we link to the UAE, India, Cyprus and Jordan”.

The suspected infection at 10 Downing Street “was associated with a Pegasus operator we link to the UAE,” he added.

The Ghana government has obtained the Pegasus spyware and there is evidence it has been used on opposition figures.

By Emmanuel K. Dogbevi