Skip to main content

NSO has carried out 'unlawful' surveillance to target Amnesty staff members, HRDs


Counterview Desk
Following the exposure that Israeli spyware Pegasus, manufactured by NSO Group, has been used as a surveillance tool on smartphones used by about 1,500 human rights defenders (HRDs), journalists and activists, including in India, the top rights body, Amnesty International India, has appealed to those who have received a notification immediately to get in touch with Amnesty Tech at share@amnesty.tech for support.
An Amnesty release on November 2 said that the rights body could also be contacted “on Signal or WhatsApp at +44 7492 882216”, adding, “We would be keen to provide support to HRDs, who have been targeted, to ensure they take defensive security measures immediately, as well as to understand more about the attacks and investigate possible infections.”
Meanwhile, Amnesty has put out questions and answers for HRDs, activist, or journalist based in India to understand NSO Group’s spyware Pegasus especially the WhatsApp targeting.

Text:

Q: What do we know about the NSO Group and its ‘Pegasus’ Spyware?
A: ‘NSO Group’ is an Israeli spyware manufacturer that claims to sell its surveillance tools – the most well-known being its Pegasus spyware – exclusively to governments and government agencies ‘to combat terror and crime’.
Its products have been misused multiple times to conduct unlawful surveillance against human rights defenders. In the past, it has been used to target an Amnesty International staff member, HRDs, activists, and journalists from Saudi Arabia, UAE, Mexico, Morocco, and Rwanda.
Q: How does Pegasus work?
A: If infected by the Pegasus spyware, the user’s Smartphone is compromised. It can track keystrokes, take control of the phone’s camera and microphone, and access contact lists and encrypted messages.
Until now, Pegasus is known to be delivered through SMS messages carrying malicious links and through exploiting a zero-day vulnerability on WhatsApp. In the latter, intrusive spyware could be delivered on to the target’s mobile device without the targeted person having to click on a malicious link. The targeted person would simply see a missed call on WhatsApp.
In addition to this, Amnesty International has also found evidence of network injection attacks that could also be attributed to NSO Group. Network injection attacks are generally called “man-in-the-middle” attacks. Through this, an attacker with access to a target’s mobile network connection can monitor and opportunistically hijack web traffic and silently re-route the web browser to malicious exploit pages.
Q: How did the targeting via WhatsApp work?
A: NSO Group exploited a security vulnerability in WhatsApp until May 2019. In order to exploit this, the digital attack initiated WhatsApp calls to the target’s device. Attackers may have tried to exploit this issue by making calls multiple times during the night when the target was likely to be asleep and not notice these calls. Successful infection of the target’s device may result in the app crashing. There is a possibility that the attacker may also remotely erase evidence of these calls from the device’s call logs. Evidence of failed attacks may appear as missed calls from unknown numbers in your WhatsApp call log.
Q: If I didn’t receive a notification from WhatsApp, does this mean I wasn’t targeted by NSO Group’s tools?
A: NSO Group’s Pegasus tool is used for targeted attacks and by design, is not meant for mass surveillance. This means that only select individuals would have been targeted. However, if you are a high risk user, i.e., an activist, journalist, or HRD involved in politically sensitive activism, you cannot presume that you have not been targeted simply because you haven’t received a notification from WhatsApp.
The attack was delivered by exploiting a vulnerability in WhatsApp. However, NSO Pegasus infections can also be delivered through other means. Based on information revealed by our own investigations, an Amnesty International staffer was targeted using SMS messages. One HRD in Morocco was targeted both before and after the attacks using the WhatsApp exploit, but not with the WhatsApp exploit itself. Both of them were targeted using SMS messages containing malicious links and network injection attacks that could also be attributed to NSO Group’s tools. This indicates that NSO Group has the documented capability to deliver infections through means other than WhatsApp.
Q: If WhatsApp was targeted, can’t I just switch to another encrypted platform?
A: No. A vulnerability in the WhatsApp software was exploited to deliver the spyware. All complex software can have these types of vulnerabilities. This vulnerability was not a flaw in WhatsApp’s end-to-end encryption protocol.
This also does not mean that only the Whatsapp data of the target was compromised. If the attack attempt was successful, the spyware would gain full access to the device. Any other data on the device including encrypted platforms such as Signal or Telegram could then also have been accessed.
Q: Can Pegasus plant data into my devices?
A: Based on publicly available information, planting data is not a feature of NSO Group’s Pegasus spyware.
Q: What steps can I take to protect myself?
A: None of the security best practices offer complete and foolproof protection. However, it is a good practice to install the latest software updates of operating systems and encrypted messaging applications on your mobile device.
Pegasus remains a relatively uncommon threat and standard digital hygiene steps are still important. Keep your devices software up-to-date. Use a unique password for each service that you use and store these passwords in a secure password manager. Enable two-factor authentication on all accounts where it is available.

Comments

TRENDING

Corporate-political party nexus? Rise and rise of Gautam Adani under Modi regime

By Sandeep Pandey*  In last five years Rs 10,09,510 crore taken as loans by various companies from banks in India have been declared as Non Performing Assets, an euphemism for writing them off. Out of this State Bank of India alone wrote off Rs 2,04,486 crore. Only about 13% of the total written off amount was recovered. Identity of the defaulting borrowers, most of whom are influential corporates, is not revealed. Compare this to the loans taken by farmers. The names of defaulting farmers is displayed on walls in tehsil offices to shame them and some unlucky ones also land up in lock-ups there. On the contrary, a few corporate defaulters have fled the country and quite curiously the authorities didn’t seize their passports like they do with some dissenting intellectuals or activists booked under mostly false cases. Now consider the donations received by political parties in the form of electoral bonds. The identity of the donor need not be revealed even to the Election Commission or i

'Extremist' US Hindu global group funding hate against Indian Churches: NGO groups

Counterview Desk  As many as 14 civil rights and faith-based organizations in co-signing a letter to the US Senators, Representatives, State Governor, and other elected officials have demanded the FBI, Internal Revenue Service (IRS), and Department of Justice should investigate into Texas-based organization Global Hindu Heritage Foundation (GHHF) a fundraiser campaign for demolishing churches in India. Co-signed by Federation of Indian American Christian Organization in North America (FIACONA), North American Church of God, Southern Methodist University (SMU) Human Rights Program, Amnesty International - Dallas, World Without Genocide, Center for Pluralism, Genocide Watch, The Indian American Muslim Council (IAMC), Limitless Church, Justice for All, Hindu for Human Rights, North Texas Peace Advocates, Good Citizens of DFW, and the North Texas Islamic Council, the letter has been sent to Senators John Cornyn and Ted Cruz; Representatives Michael C Burgess, Pat Fallon, Van Taylor, Terr

Carbon abatement to tackle climate change: India's failure has 'outpaced' its success

By Satorupa Karmakar*  On November 01, 2021, India took a pledge of reaching a carbon-zero stage by 2070, at the COP-26 held in Glasgow, UK. As ‘ambitious’ and dubious it may sound to some, with a short-term delay in renewable energy generation (which gained the pace post-September 2020) and drastic fall in greenhouse gas (GHG) emission level as COVID-19 emerged as a ‘necessary evil’ , the path of India’s clean energy mission could be seen being paved throughout this time. Currently ranked as the third largest GHG emitter in the world, India is projected to demand more energy in coming years due to a large population base (1.3 billion as per 2011 Census data) and primarily coal-based fast-growing economy. Rapid industrialisation in post-colonial developing countries like India, stimulated by a larger and cheaper pool of fossil fuels and labour-force depicted a continuous upsurge in temperature, heavy precipitation in some places with an overall declining rainfall and a burgeoning soc

BJP-RSS trap opposition in 'futile row' around Savarkar, freedom movement

By Prem Singh*  Everything in this article is just a repetition. I have been saying all this since 1991-92. It is obvious that the Congress and the RSS/BJP do not like my ideas. But most socialists, advocates of social justice and communists also dislike my thoughts. I watch their measures and efforts to deal with the present crisis with interest. I respect them and also participate. Yet, the fact it, we fall behind again and again, and the crisis goes ahead. Instead of being a solution-providers, we are seen to be a part of the crisis. How long will this last? Perhaps, if the new generation thinks differently, things may turn for better! 1 To say that modern Indian society and politics are passing through the deepest crisis ever will surely be a repetition. The crisis is deeper than the spreading of communal hatred we witness around us. In fact, the business of communal hatred is flourishing by taking its manure and water from the deep crisis. The crisis of neo-colonial slavery is pro

Demand to withdraw 'anti-environment, anti-adivasi' forest conservation rules 2022

By Gopinath Majhi*  The Campaign for Survival and Dignity (CSD), Odisha, a coalition of adivasis and forest dwellers’ organisations, has sent a memorandum to the Ministry of Environment, Forest and Climate Change (MoEFCC) raising serious concerns over Forest (Conservation) Rules, 2022, notified by the Centre on June 29.  Contending that recent amendments and a host of executive orders/guidelines issued by the ministry undermine and dilute the FRA and threaten the rights of adivasis and forest dwellers, CSD demands that the 2022 FC Rules should be rescinded forthwith. Demanding withdrawal of such anti-people and anti-environment rules CSD Odisha organised a protest Dharana in front of State Assembly today on 25th November 2022 and submitted memorandums to the Hon’ble Governor of Odisha, Chief Secretary and Commissioner-cum-Secretary, ST & SC Development Department for conveying our concerns against the FC Rules 2022 to the Central Government for its withdrawal. The memorandums w

GM mustard not swadeshi, it's a patent of MNC Bayer, GoI 'misleading' SC: Modi told

Counterview Desk  In a representation to Prime Minister Narendra Modi, as many as 42 farmers’ organisations though their representatives , backed by senior scientists and experts, have said that the Government of India (GoI) should stop misleading the Supreme Court “with untrue and incorrect” statements on GM mustard. Insisting that India does not need unsafe GM mustard, in their representation, they urged the Supreme Court to order immediate uprooting of GM mustard crop in various locations. The representation comes even as a penal of experts, coming down heavily on the GoI for refusing to see how in less than a week’s time the pollen from GM mustard will “start contaminating” non-GM mustard fields with transgenes, including male sterility and herbicide tolerant traits. Alleging that the GoI is actively misleading the Supreme Court with untrue and incorrect statements on GM mustard, Kavitha Kuruganti of the Coalition for a GM-Free India said, “We can list at least five areas where Gov

'Unprecedented rise' of attacks on students of Delhi university by ABVP condemned

Counterview Desk  A statement, sent as an email alert by "concerned teachers and students of Delhi University", referring to a protest organised against the Akhil Bharatiya Vidyarthi Parishad's (ABVP's), has alleged “brutal” attack on students and teachers demanding the release of civil rights leader Prof GN Saibaba and others from “unjust incarceration.” “We are seeing an unprecedented rise of attacks on the students of our university by the fascist ABVP goons. Almost every week we see our fellow students and activists getting attacked physically by the lackeys of this current Brahmanical Hindutva fascist regime”, the statement claimed. Text : A joint protest was organised by the students and teachers of Delhi University on 2nd of December against the brutal attack by ABVP goons. On 1st of December, activists of Bhagat Singh Chatra Ekta Manch (bsCEM), Lawyers Against Atrocities (LAA) and many other organisations as a part of Campaign Against State Repression (CASR),

Never-ending saga of sin tax: What if murder is taxed at Rs 1 crore, rape at Rs 5 crore?

By Moses Raj GS, Sangeetha Thomas*  What should have ended by June 30, 2022 as a 5 year experiment has resurfaced. The government has extended the levy of GST compensation cess by another 4 years till March 31, 2026. This cess, dubbed as the sin tax imposed on sin(ful) goods, is double the highest slab on indirect taxes. But only a few pay for it and the majority benefit, unendingly. The year 2017 is a landmark year for indirect taxes. With the grand idea of ‘One Nation, One Tax’ as a fiscal slogan subsuming all State based taxes such as octroi /entry tax, Value Added Tax (VAT), sales tax, taxes on lottery, betting and gambling, luxury tax, purchase tax, entertainment tax, property tax, professional tax and central sales tax into a single framework of Goods and Services Tax (GST) changed the contours of revenue collection. Complicating it further, India, with each State having its own size and revenue problems, has the most complex and highly centralised indirect tax structure in the w

Muslims, Dalits off Bangladesh border 'don't have acess to' water, power, farmland

Counterview Desk  Kirity Roy, secretary, civil rights group Banglar Manabadhikar Suraksha Mancha (MASUM), in a letter to the chairman, National Human Rights Commission, has revealed how, even after 75 years of Independence, Muslims and Dalits living next to the India-Bangladesh border do not have access to electricity, drinking water, even to their own land. Stating that the “horrible situation” has due to “illegal restriction on the agricultural activities” imposed by the Border Security Force (BSF), plunging “farmers and their families into deeper poverty”, the letter, referring to the plight of 1,200 people reside in the Changmari village, states, There are about 200 acres of cultivable lands out of 3,500 acres is situated beyond the border fence. “The ingress and egress of the farmers to their own agricultural land through the fencing gates are regulated by the BSF. The soil and climate of this region is very suitable for jute and maize cultivation”, it adds. Text: This letter is

Economist-editor's allegations on Narmada defamatory, baseless: Medha Patkar

Counterview Desk  In a reply directly addressed to well-known economist, journalist and columnist Swaminathan S Anklesaria Aiyar’s two articles in the Times of India (republished here and here ), calling them defamatory and wondering whether they were borne out of “ignorance or a conspiracy through political alliance”, Narmada Bachao Andolan leader Medha Pakar has said that the Narmada Sardar Saravar Project and the people's movement by adivasis, farmers, labourers, fish workers, potters and all the generations’ old communities from the river valley have suddenly come to be focused on, since the Gujarat elections are in the doorstep. She believes that while the “defamatory accusations with baseless conceptions such as ‘urban naxals’ are to be laughed at as the electoral strategic moves, one gets shocked to read the articles by a known old columnist like Swaminathan Ankalesaria Aiyar, published in a reputed daily like the Times of India." According to her, Aiyar’s two articl