Skip to main content

NSO has carried out 'unlawful' surveillance to target Amnesty staff members, HRDs


Counterview Desk
Following the exposure that Israeli spyware Pegasus, manufactured by NSO Group, has been used as a surveillance tool on smartphones used by about 1,500 human rights defenders (HRDs), journalists and activists, including in India, the top rights body, Amnesty International India, has appealed to those who have received a notification immediately to get in touch with Amnesty Tech at share@amnesty.tech for support.
An Amnesty release on November 2 said that the rights body could also be contacted “on Signal or WhatsApp at +44 7492 882216”, adding, “We would be keen to provide support to HRDs, who have been targeted, to ensure they take defensive security measures immediately, as well as to understand more about the attacks and investigate possible infections.”
Meanwhile, Amnesty has put out questions and answers for HRDs, activist, or journalist based in India to understand NSO Group’s spyware Pegasus especially the WhatsApp targeting.

Text:

Q: What do we know about the NSO Group and its ‘Pegasus’ Spyware?
A: ‘NSO Group’ is an Israeli spyware manufacturer that claims to sell its surveillance tools – the most well-known being its Pegasus spyware – exclusively to governments and government agencies ‘to combat terror and crime’.
Its products have been misused multiple times to conduct unlawful surveillance against human rights defenders. In the past, it has been used to target an Amnesty International staff member, HRDs, activists, and journalists from Saudi Arabia, UAE, Mexico, Morocco, and Rwanda.
Q: How does Pegasus work?
A: If infected by the Pegasus spyware, the user’s Smartphone is compromised. It can track keystrokes, take control of the phone’s camera and microphone, and access contact lists and encrypted messages.
Until now, Pegasus is known to be delivered through SMS messages carrying malicious links and through exploiting a zero-day vulnerability on WhatsApp. In the latter, intrusive spyware could be delivered on to the target’s mobile device without the targeted person having to click on a malicious link. The targeted person would simply see a missed call on WhatsApp.
In addition to this, Amnesty International has also found evidence of network injection attacks that could also be attributed to NSO Group. Network injection attacks are generally called “man-in-the-middle” attacks. Through this, an attacker with access to a target’s mobile network connection can monitor and opportunistically hijack web traffic and silently re-route the web browser to malicious exploit pages.
Q: How did the targeting via WhatsApp work?
A: NSO Group exploited a security vulnerability in WhatsApp until May 2019. In order to exploit this, the digital attack initiated WhatsApp calls to the target’s device. Attackers may have tried to exploit this issue by making calls multiple times during the night when the target was likely to be asleep and not notice these calls. Successful infection of the target’s device may result in the app crashing. There is a possibility that the attacker may also remotely erase evidence of these calls from the device’s call logs. Evidence of failed attacks may appear as missed calls from unknown numbers in your WhatsApp call log.
Q: If I didn’t receive a notification from WhatsApp, does this mean I wasn’t targeted by NSO Group’s tools?
A: NSO Group’s Pegasus tool is used for targeted attacks and by design, is not meant for mass surveillance. This means that only select individuals would have been targeted. However, if you are a high risk user, i.e., an activist, journalist, or HRD involved in politically sensitive activism, you cannot presume that you have not been targeted simply because you haven’t received a notification from WhatsApp.
The attack was delivered by exploiting a vulnerability in WhatsApp. However, NSO Pegasus infections can also be delivered through other means. Based on information revealed by our own investigations, an Amnesty International staffer was targeted using SMS messages. One HRD in Morocco was targeted both before and after the attacks using the WhatsApp exploit, but not with the WhatsApp exploit itself. Both of them were targeted using SMS messages containing malicious links and network injection attacks that could also be attributed to NSO Group’s tools. This indicates that NSO Group has the documented capability to deliver infections through means other than WhatsApp.
Q: If WhatsApp was targeted, can’t I just switch to another encrypted platform?
A: No. A vulnerability in the WhatsApp software was exploited to deliver the spyware. All complex software can have these types of vulnerabilities. This vulnerability was not a flaw in WhatsApp’s end-to-end encryption protocol.
This also does not mean that only the Whatsapp data of the target was compromised. If the attack attempt was successful, the spyware would gain full access to the device. Any other data on the device including encrypted platforms such as Signal or Telegram could then also have been accessed.
Q: Can Pegasus plant data into my devices?
A: Based on publicly available information, planting data is not a feature of NSO Group’s Pegasus spyware.
Q: What steps can I take to protect myself?
A: None of the security best practices offer complete and foolproof protection. However, it is a good practice to install the latest software updates of operating systems and encrypted messaging applications on your mobile device.
Pegasus remains a relatively uncommon threat and standard digital hygiene steps are still important. Keep your devices software up-to-date. Use a unique password for each service that you use and store these passwords in a secure password manager. Enable two-factor authentication on all accounts where it is available.

Comments

TRENDING

India's GDP down by 50%, not 23%, job loss 200 million not 122 million: Top economist

By Our Representative  One of India’s topmost economists has estimated that India’s Gross Domestic Product (GDP) decline was around 50%, and not 23%, as claimed by the Government of India’s top data body, National Statistical Organization (NSO). Prof Arun Kumar, who is Malcolm S Adiseshiah chair professor, Institute of Social Sciences, New Delhi, said this was delivering a web policy speech, organised by the Impact and Policy Research Institute (IMPRI), New Delhi.

Youngest of 16 activists jailed for sedition, Mahesh Raut 'fought' mining on tribal land

By Surabhi Agarwal, Sandeep Pandey* A compassionate human being, always popular among his friends and colleagues because of his friendly nature and human sensitivity, 33-year-old Mahesh Raut, champion of the democratic rights of the marginalised Adivasi people of Gadchiroli, Maharashtra, has been in prison for over two years now.

#StandWithStan: It's about Constitution, democracy and freedom of expression

By Fr Cedric Prakash SJ*  It is more than three weeks now: On the night of October 8, 2020, the 83-year-old Jesuit Fr Stan Swamy was taken into custody by the National Intelligence Agency (NIA) from his residence in Ranchi to an undisclosed destination. According to his colleagues, the NIA did not serve a warrant on Fr. Stan and that their behaviour was absolutely arrogant and rude.

Stan Swamy vs Arnab Goswami: Are activists fighting a losing battle? Whither justice?

By Fr Sunil Macwan SJ* It is time one raised pertinent questions over the courts denying bail to Fr Stan Swamy, who was arrested under the Unlawful Activities (Prevention) Act (UAPA), and granting it to Arnab Goswami, editor-in-chief of the Republic TV, arrested under the charge of abetting suicide of Avay Naik, who ended his life in 2018. It is travesty of justice that a human rights activist is not only denied bail but is also made to wait for weeks to hear a response to his legitimate request for a straw to drink water, while Arnab Goswami walks free.

Human development index: India performs worse than G-20 developing countries

By Rajiv Shah A new book, “Sustainable Development in India: A Comparison with the G-20”, authored by Dr Keshab Chandra Mandal, has regretted that though India’s GDP has doubled over the last one decade, its human development indicators are worse than not just developed countries of the Group of 20 countries but also developing countries who its members.

India performs 'poorly' in Quality of Life Index, ranks 62nd out of 64 countries

Counterview Desk “Expat Insider”, which claims to be one of the world’s most extensive surveys about living and working abroad, in a survey of 20,259 participants from around the globe, has found that of the 64 destinations around the globe, has found that while Taiwan is the best destination for persons living outside their native country, closely by Vietnam and Portugal, India ranks 59th.

Buddhist shrines massively destroyed by Brahmanical rulers in "pre-Islamic" era: Historian DN Jha's survey

Nalanda mahavihara By Our Representative Prominent historian DN Jha, an expert in India's ancient and medieval past, in his new book , "Against the Grain: Notes on Identity, Intolerance and History", in a sharp critique of "Hindutva ideologues", who look at the ancient period of Indian history as "a golden age marked by social harmony, devoid of any religious violence", has said, "Demolition and desecration of rival religious establishments, and the appropriation of their idols, was not uncommon in India before the advent of Islam".

Namaz in Mathura temple: Haridwar, Ayodhya monks seek Faisal Khan's release

By Our Representative As many as 23 members of the Hindu Voices for Peace (HVP), including the founder president of the well-known Haridwar-based Matri Sadan Ashram, Swami Shivananda Saraswati, and a one of its top monks, Brahmachari Aatmabodhanand, have expressed their “dismay” over the arrest of Khudai Khidmatdar chief Faisal Khan and three others on charges of “promoting enmity between religions” and “defiling a place of worship” after they offered namaz in Mathura’s Nand Baba temple premises on October 29.

Government of India 'refuses' to admit: 52% of bird species show declining trend

Finn's Weaver  By Our Representative The Government of India has been pushing out “misleading” data on the country’s drastic wildlife decline, says a well-researched report, pointing towards how top ministers are hiding data on biodiversity losses, even as obfuscating its own data. It quotes “State of India’s Birds Report 2020” to note that of the 261 out of 867 bird species for which long-term trends could be determined, 52% have declined since the year 2000, with 22% declining strongly.

Dalit, Adivasi protest in Jharkhand against 'illegal' transfer of land for development

By Rishit Neogi Displacement and eviction are not new terms. It is surprising that they are still continuing and have become a tool in the hands of state backed corporates to forcibly occupy lands in the name of development.