PEGASUS —WHAT HOW WHO?

What exactly is ‘Pegasus’?

Pegasus is a spyware developed and marketed by the NSO group. It’s an Israeli company that is named after its founders; Niv, Shalev, and Omri(NSO). In simple terms, it’s a malicious software that enters your device, collects your data, and dispenses the data to a third party; in this case, to “thoroughly screened foreign governments’’ all over the world, at least it’s what they claim.

Devices that are connected to the internet are prone to be infected but some experts claim that the updated versions of this spyware may even infect devices that are not connected to the internet. Politicians, journalists, activists, and influential individuals are commonly targeted.

Why not use anti-virus software?

Pegasus and similar other spyware disguise themselves as useful applications and are often missed by the anti-virus software while scanning for potential threats like malware and viruses. Most of these spywares often disguise themselves as anti-theft applications that are used in tracking lost and stolen devices.

Pegasus first came into the limelight in the year 2016 after an Arab human rights activist named Ahmed Mansoor received a message enticing him to follow a link that contained classified information about the tortures taking place in prisons in the United Arab Emirates. Fortunately, Mansoor forwarded the link to Citizens lab which further collaborated with Lookout and after investigation, they concluded that if Mansoor had followed that link his device would have been infected by the spyware exposing all the data to a third party.

According to a New York Times and The Times of Israel news report, the United Arab Emirates was using this spyware as early as 2013. It is also said that the use of this spyware by its clients has also violated human rights in various cases.

What was its impact on India?

Pegasus is said to have targeted hundreds of phones in India. In 2019, the Indian government was accused of being involved after Facebook, in a suit against NSO claimed that Pegasus had been used to intercept the Whatsapp communications and data of numerous journalists, bureaucrats, and activists.

Phone numbers of various politicians, ex-election commissioners, and journalists were also allegedly found on the database of NSO under project Pegasus in 2021.

It was also reported that the Indian government used Pegasus to spy on diplomats from Pakistan, Nepal, Afghanistan, China, etc.

In order to justify the operation of the spyware, the government of Israel stated that it “approves the export of cyber products exclusively to governmental entities, for lawful use, and only for the purpose of preventing and investigating crime and counter-terrorism.”

Who are the clients of NSO?

Many governments and nations are on the client’s list of the NSO group. Countries like Mexico, Saudi Arabia, France, Azerbaijan, Pakistan, Kazakhstan, Morocco, and Rwanda with most of the potential targets being in the Middle East. The NSO strictly denies that it ever maintained any such lists of potential targets claiming that it only dealt with verified government agencies to curb the crime rates and thwart terrorist attacks.

Can we avoid or prevent such infections?

People who are privy to top-level classified information and tend to store sensitive data in their devices are primarily targeted. People who are not involved in such information or data can relax and need not worry much. However, it will be really difficult to avoid infection if any particular individual is targeted because the process of the infection usually does not require the user’s interaction as it has a ‘zero click’ infection where the user typically gets a video call and the spyware is installed irrespective of whether the user picks up, rejects or simply ignores the call. The user does not have much of a choice in such a situation.

However, one may be able to avoid being infected by frequently changing their device because the spyware needs to be installed in every device you change as it is generally embedded in the hardware. Another way to avoid Pegasus from infecting a device is by using a VPN when you happen to use public WiFi services so that the sensitive information you may access will not be compromised. And lastly, make sure your device is updated with the latest versions and patches.

There is no definitive or flawless method to avoid getting infected by the spyware but it is necessary to take precautions that will lower the risk of infection. So let us not descend to the idea of security nihilism that nothing can be done to prevent such attacks.