Skip to main content

NSO has carried out 'unlawful' surveillance to target Amnesty staff members, HRDs


Counterview Desk
Following the exposure that Israeli spyware Pegasus, manufactured by NSO Group, has been used as a surveillance tool on smartphones used by about 1,500 human rights defenders (HRDs), journalists and activists, including in India, the top rights body, Amnesty International India, has appealed to those who have received a notification immediately to get in touch with Amnesty Tech at share@amnesty.tech for support.
An Amnesty release on November 2 said that the rights body could also be contacted “on Signal or WhatsApp at +44 7492 882216”, adding, “We would be keen to provide support to HRDs, who have been targeted, to ensure they take defensive security measures immediately, as well as to understand more about the attacks and investigate possible infections.”
Meanwhile, Amnesty has put out questions and answers for HRDs, activist, or journalist based in India to understand NSO Group’s spyware Pegasus especially the WhatsApp targeting.

Text:

Q: What do we know about the NSO Group and its ‘Pegasus’ Spyware?
A: ‘NSO Group’ is an Israeli spyware manufacturer that claims to sell its surveillance tools – the most well-known being its Pegasus spyware – exclusively to governments and government agencies ‘to combat terror and crime’.
Its products have been misused multiple times to conduct unlawful surveillance against human rights defenders. In the past, it has been used to target an Amnesty International staff member, HRDs, activists, and journalists from Saudi Arabia, UAE, Mexico, Morocco, and Rwanda.
Q: How does Pegasus work?
A: If infected by the Pegasus spyware, the user’s Smartphone is compromised. It can track keystrokes, take control of the phone’s camera and microphone, and access contact lists and encrypted messages.
Until now, Pegasus is known to be delivered through SMS messages carrying malicious links and through exploiting a zero-day vulnerability on WhatsApp. In the latter, intrusive spyware could be delivered on to the target’s mobile device without the targeted person having to click on a malicious link. The targeted person would simply see a missed call on WhatsApp.
In addition to this, Amnesty International has also found evidence of network injection attacks that could also be attributed to NSO Group. Network injection attacks are generally called “man-in-the-middle” attacks. Through this, an attacker with access to a target’s mobile network connection can monitor and opportunistically hijack web traffic and silently re-route the web browser to malicious exploit pages.
Q: How did the targeting via WhatsApp work?
A: NSO Group exploited a security vulnerability in WhatsApp until May 2019. In order to exploit this, the digital attack initiated WhatsApp calls to the target’s device. Attackers may have tried to exploit this issue by making calls multiple times during the night when the target was likely to be asleep and not notice these calls. Successful infection of the target’s device may result in the app crashing. There is a possibility that the attacker may also remotely erase evidence of these calls from the device’s call logs. Evidence of failed attacks may appear as missed calls from unknown numbers in your WhatsApp call log.
Q: If I didn’t receive a notification from WhatsApp, does this mean I wasn’t targeted by NSO Group’s tools?
A: NSO Group’s Pegasus tool is used for targeted attacks and by design, is not meant for mass surveillance. This means that only select individuals would have been targeted. However, if you are a high risk user, i.e., an activist, journalist, or HRD involved in politically sensitive activism, you cannot presume that you have not been targeted simply because you haven’t received a notification from WhatsApp.
The attack was delivered by exploiting a vulnerability in WhatsApp. However, NSO Pegasus infections can also be delivered through other means. Based on information revealed by our own investigations, an Amnesty International staffer was targeted using SMS messages. One HRD in Morocco was targeted both before and after the attacks using the WhatsApp exploit, but not with the WhatsApp exploit itself. Both of them were targeted using SMS messages containing malicious links and network injection attacks that could also be attributed to NSO Group’s tools. This indicates that NSO Group has the documented capability to deliver infections through means other than WhatsApp.
Q: If WhatsApp was targeted, can’t I just switch to another encrypted platform?
A: No. A vulnerability in the WhatsApp software was exploited to deliver the spyware. All complex software can have these types of vulnerabilities. This vulnerability was not a flaw in WhatsApp’s end-to-end encryption protocol.
This also does not mean that only the Whatsapp data of the target was compromised. If the attack attempt was successful, the spyware would gain full access to the device. Any other data on the device including encrypted platforms such as Signal or Telegram could then also have been accessed.
Q: Can Pegasus plant data into my devices?
A: Based on publicly available information, planting data is not a feature of NSO Group’s Pegasus spyware.
Q: What steps can I take to protect myself?
A: None of the security best practices offer complete and foolproof protection. However, it is a good practice to install the latest software updates of operating systems and encrypted messaging applications on your mobile device.
Pegasus remains a relatively uncommon threat and standard digital hygiene steps are still important. Keep your devices software up-to-date. Use a unique password for each service that you use and store these passwords in a secure password manager. Enable two-factor authentication on all accounts where it is available.

Comments

TRENDING

Astonishingly sycophantic: Ex-Gujarat topcop on 2002 Godhra riots probe panel report

By Rajiv Shah  In a scathing critique of the 2002 communal riots inquiry commission report, released by the Gujarat government in December 2019 five years after it was submitted, the State’s former topcop RB Sreekumar has said that it “unequivocally” and “meticulously” takes care “to refrain from probing and taking cognizance of any deviant action of omission and commission by the State administration, particularly those operating in the criminal justice system, who facilitated extensive mass violence and enabled brigands to perpetrate anti-minority crimes.”

Two of 12 top caste-based sexual violence cases from 'model' Gujarat: NGO report

By Rajiv Shah   The National Council of Women Leaders (NCWL), a civil rights group, has compiled what it has called “landmark cases of caste-based sexual violence” between 1985 and 2020 to mark the first anniversary of the notorious Hathras gangrape case, which led to the death of a young Dalit woman in September 2020.

Riddled with Brahmanical mindset, India's health care 'serving' corporate interests

By Vidya Bhushan Rawat*  In this second part of my conversation (click here for first part), Dr Manisha Bangar speaks about the health crisis in India how the government is trying to privatise things, and where our response during the Corona period was lacking. She also gives us an understanding of people opposing nutritious meals for children in the mid-day meal.

Buddhist shrines were 'massively destroyed' by Brahmanical rulers: Historian DN Jha

Nalanda mahavihara By Our Representative Prominent historian DN Jha, an expert in India's ancient and medieval past, in his new book , "Against the Grain: Notes on Identity, Intolerance and History", in a sharp critique of "Hindutva ideologues", who look at the ancient period of Indian history as "a golden age marked by social harmony, devoid of any religious violence", has said, "Demolition and desecration of rival religious establishments, and the appropriation of their idols, was not uncommon in India before the advent of Islam".

Swami Vivekananda's views on caste and sexuality were 'painfully' regressive

By Bhaskar Sur* Swami Vivekananda now belongs more to the modern Hindu mythology than reality. It makes a daunting job to discover the real human being who knew unemployment, humiliation of losing a teaching job for 'incompetence', longed in vain for the bliss of a happy conjugal life only to suffer the consequent frustration.

Inaccurate gender-relevant data 'spoiling' government policy on Covid social impact

By Simi Mehta*  The impact of the Covid-19 pandemic has been different across vulnerable groups. They were hit by the pandemic at various stages, whether it was accessibility to medical treatment or financial support. The second wave witnessed human suffering at a level where one can never forget the traumatized faces of people due to the inaccessibility and unavailability of essential medical services such as hospitals beds and oxygen. The probability of the third wave has also been one of the major upcoming challenges.

Anti-Dalit atrocities increase 9.4% despite pandemic, Uttar Pradesh tops the list: Report

By Rahul Singh* Data on crime against Dalits and Adivasis in the Crime In India Report, 2020 draws a distinct pattern of similarity between rural and urban spaces. Published by the National Crime Records Bureau (NCRB), they capture some anomalies and interesting trends. The report also shows that a large proportion of crimes against Dalits and Adivasis involves crime against women.

Vindictive raids? Centre 'retaliates' after Delhi govt child rights body's clean chit to ex-babu

By Our Representative  Over 700 academics, advocates, activists, civil servants, writers, film makers, journalists, musicians and artists have condemned the raids by the Enforcement Directorate (ED) on the offices and private home of top IAS bureaucrat-turned-human rights and peace activist Harsh Mander, stating, the aim is nothing but to “harass and intimidate” him.

Flamboyant 'demagogues' adjust politics, personality in shadow of democracy

Modi, Erdogan, Bolsonaro By Ajit Singh The terms dictators and demagogues are used interchangeably in various contexts, but there is a difference. The former rule over a totalitarian states where governments are able to exercise complete influence over every aspect of citizens’ life, whereas the latter are a "wannabe dictators" but due to the system of checks and balances they are are not fully capable to create police states.

Power supply lines in Thar 'pushing' Great Indian Bustard to extinction: Researchers

By Rosamma Thomas*  Electricity supply lines pose a huge risk to birds and affect biodiversity, but there is little research about the numbers of birds dying of such collision in the tropical nations. In August 2021, academic journal Biological Conservation carried the results of a survey conducted in 2017-18 on 4,200 sq km of the Thar Desert in Jaisalmer district of Rajasthan. This was the first comprehensive survey of this nature in the region.