Your Whatsapp Messages are not Safe: Mercenary Spyware in your Phone

There are dozens of cases in which Pegasus or other similar spyware technology has been found on the digital devices of prominent political opposition figures, journalists, and human rights activists in many countries. Providing the ability to clandestinely infiltrate even the most up-to-date smartphones—the latest “zero click” version of the spyware can penetrate a device without any action by the user.

Pegasus has become the digital surveillance tool of choice for repressive regimes around the world. It has been used against government critics in the United Arab Emirates (UAE) and pro-democracy protesters in Thailand. It has been deployed by Mohammed bin Salman’s Saudi Arabia and Viktor Orban’s Hungary.

One prominent case is when in the summer of 2020, a Rwandan plot to capture exiled opposition leader Paul Rusesabagina drew international headlines. Rusesabagina is best known as the human rights defender and U.S. Presidential Medal of Freedom recipient who sheltered more than 1,200 Hutus and Tutsis in a hotel during the 1994 Rwandan genocide. But in the decades after the genocide, he also became a prominent U.S.-based critic of Rwandan President Paul Kagame.

In August 2020, during a layover in Dubai, Rusesabagina was lured under false pretenses into boarding a plane bound for Kigali, the Rwandan capital, where government authorities immediately arrested him for his affiliation with an opposition group. The following year, a Rwandan court sentenced him to 25 years in prison, drawing the condemnation of international human rights groups, the European Parliament, and the U.S. Congress.

Less noted at the time, however, was that this brazen cross-border operation may also have employed highly sophisticated digital surveillance. After Rusesabagina’s sentencing, Amnesty International and the Citizen Lab at the University of Toronto, a digital security research group discovered that smartphones belonging to several of Rusesabagina’s family members who also lived abroad had been hacked by an advanced spyware program called Pegasus. Produced by the Israel-based NSO Group, Pegasus gives an operator near-total access to a target’s personal data.

Forensic analysis revealed that the phone belonging to Rusesabagina’s daughter Carine Kanimba had been infected by the spyware around the time her father was kidnapped and again when she was trying to secure his release and was meeting with high-level officials in Europe and the U.S. State Department, including the U.S. special envoy for hostage affairs. NSO Group does not publicly identify its government clients and the Rwandan government has denied using Pegasus, but strong circumstantial evidence points to the Kagame regime.

According to Ronald J. Deibert, the use of spyware is hardly limited to the world’s authoritarians. As researchers have revealed, over the past decade many democracies, including Spain and Mexico, have begun using spyware, as well, in ways that violate well-established norms of human rights and public accountability. U.S. government documents disclosed by The New York Times in November 2022 show that the FBI not only acquired spyware services from NSO, possibly for counterintelligence purposes, but also contemplated deploying them, including on U.S. targets. (An FBI spokesperson told the Times that “there has been no operational use of the NSO product to support any FBI investigation.”)

The advent of advanced spyware has transformed the world of espionage and surveillance. Bringing together a largely unregulated industry with an invasive-by-design digital ecosystem in which smartphones and other personal devices contain the most intimate details of people’s lives, the new technology can track almost anyone, anywhere in the world. Governments have taken notice. For Israel, which approves export licenses for NSO Group’s Pegasus, the sale of spyware to foreign governments has brought new diplomatic clout in countries as disparate as India and Panama; a New York Times investigation found that NSO deals helped Israeli Prime Minister Benjamin Netanyahu seal the Abraham Accords with Bahrain, Morocco, and the UAE. In turn, client states have used Pegasus against not only opposition groups, journalists, and nongovernmental organizations (NGOs) but also geopolitical rivals. In 2020 and 2021, the Citizen Lab discovered that several devices belonging to officials in the United Kingdom’s Foreign Commonwealth and Development Office had been hacked with Pegasus, and that a client of NSO Group in the UAE had used the spyware to infiltrate a device located at 10 Downing Street, the residence of the British prime minister. In November 2021, the tech giant Apple notified 11 staff members of the U.S. embassy in Uganda that their iPhones had been hacked with Pegasus.

In response to these revelations, spyware firms have generally denied responsibility for their clients’ abuses or have declined to comment. In a statement to The New Yorker in April 2022, NSO Group said, “We have repeatedly cooperated with governmental investigations, where credible allegations merit, and have learned from each of these findings and reports and improved the safeguards in our technologies.” The Israeli company has also said that its technology is designed to help governments investigate crime and terrorism. But advanced spyware has now been implicated in human rights violations and interstate espionage in dozens of countries, and spyware companies have few legal obligations or incentives for public transparency or accountability. NSO Group has not provided any specific information to counter the Citizen Lab’s detailed evidence of abuses.

The consequences of the spyware revolution are profound. In countries with few resources, security forces can now pursue high-tech operations using off-the-shelf technology that is almost as easy to acquire as headphones from Amazon. Among democracies, the technology has become an irresistible tool that can be deployed with little oversight; in the last year alone, security agencies in at least four European countries—Greece, Hungary, Poland, and Spain—have been implicated in scandals in which state agencies have been accused of deploying spyware against journalists and political opposition figures. A global market for spyware also means that forms of surveillance and espionage that were once limited to a few major powers are now available to almost any country, and potentially to even more private firms. Left unregulated, the proliferation of this technology threatens to erode many of the institutions, processes, and values on which the liberal international order depends.

WE WILL SPY FOR YOU
The spyware revolution has emerged as a byproduct of a remarkable convergence of technological, social, and political developments over the past decade. Smartphones and other digital devices are vulnerable to surveillance because their applications often contain flaws and because they continually transmit data through insecure cellular and Internet networks. Although manufacturers of these technology platforms employ engineers to find and patch vulnerabilities, they tend to prioritize product development over security. By discovering and weaponizing “zero days”—software flaws that are unknown to their designers—spyware firms exploit the inherent insecurity of the digital consumer world.

But the extraordinary growth of the spyware market has also been driven by several broader trends. First, spyware takes advantage of a global digital culture that is shaped around always-on, always-connected smartphones. By hacking a personal device, spyware can provide its operators with a user’s entire pattern of life in real time. Second, spyware offers security agencies an elegant way to circumvent end-to-end encryption, which has become a growing barrier to government mass surveillance programs that depend on the collection of telecommunications and Internet data. By getting inside a user’s device, spyware allows its operators to read messages or listen to calls before they have been encrypted or after they have been decrypted; if the user can see it on the screen, so can the spyware. A third factor driving the industry’s growth has been the rise of digitally enabled protest movements. Popular upheavals such as the color revolutions in former Soviet states in the first decade of this century and the Arab Spring in 2010–11 took many autocrats by surprise, and the organizers often used phones to mobilize protesters. By offering an almost godlike way to get inside activist networks, spyware has opened up a powerful new method for governments to monitor dissent and take steps to neutralize it before large protests occur.

Finally, the spyware industry has also been fueled by the growing privatization of national security. Just as governments have turned to private contractors for complicated or controversial military operations, they have discovered that they can outsource surveillance and espionage to better-equipped and less visible private actors. Like soldiers of fortune, advanced spyware companies tend to put revenues ahead of ethics, selling their products without regard to the politics of their clients—giving rise to the term “mercenary spyware”—and like military contractors, their dealings with government security agencies are often cloaked in secrecy to avoid public scrutiny. Moreover, just as military contractors have offered lucrative private-sector careers for veterans of military and intelligence agencies, spyware firms and government security services have been building similarly mutually beneficial partnerships, boosting the industry in the process. Many senior members of NSO Group, for example, are veterans of Israeli intelligence, including the elite Military Intelligence Directorate.

Read the complete article on Foreign Affairs

For Diaspora Digital Media Updates click on Whatsapp, or Telegram. For eyewitness accounts/ reports/ articles, write to: citizenreports@diasporadigitalmedia.com. Follow us on X (Fomerly Twitter) or Facebook