Pegasus Spyware Used To Target British Prime Minister

Uploaded on 2022-04-20 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

A notorious spyware variant linked to multiple state-backed campaigns was used to target the UK Prime Minister’s Office over the past two years, researchers have revealed. Canada's Citizen Lab research institute at Toronto University, has engaged in tracking the use of the Pegasus spyware produced by Israel’s NSO Group.

Researchers at Citizen Lab have found evidence of surveillance software being present on devices associated with the British Prime Minister’s Office and at 10 Downing Street.

Their investigation found instances of surveillance software on devices linked to the British Foreign and Commonwealth Office (FCDO) in its former incarnation as the Foreign Commonwealth Office (FCO). The spyware was deployed over the last two years

NSO Group, an Israeli company behind the creation of the malware, is being sued by WhatsApp and Apple after customers of the pair were targeted. 

Pegasus was also used to compromise the phones of US State Department officials and NSOGroup and fellow spyware producer Candiru have since been placed on a trade blacklist due to the widespread use of the malicious tools. Pegasus has reportedly been widely used to target government officials, journalists, human rights activists, businesspeople, and embassy workers. 

Citizen Lab stated that it notified the UK government of the suspected breaches after detected instances of infection within official UK networks.

The United Arab Emirates (UAE) is suspected of attempting to spy on officials working in the UK Prime Minister’s Office, 10 Downing Street. Citizen Lab also claimed that employees at the Foreign Commonwealth and Development office (FCDO) were targeted over the period, with Pegasus used by the UAE, India, Cyprus and Jordan. “Because the UK Foreign and Commonwealth Office and its successor office, the Foreign Commonwealth and Development office (FCDO), have personnel in many countries, the suspected FCO infections we observed could have related to FCO devices located abroad and using foreign SIM cards, similar to the hacking of foreign phone numbers used by US State Department employees in Uganda in 2021,” commenteded Citizen Lab director, Ron Deibert.

During their investigations, Citizen Lab also identified more than sixty people with links to Catalan civil society groups in Spain, who had been targeted or infected by the spyware. Others had been targeted with Windows surveillance software from Candiru, which has been developed by another Israeli spyware maker. While they couldn't attribute the attacks to a specific group the researchers found circumstantial evidence that suggested the involvement of Spanish authorities.

Britain is currently busy with legislative efforts to regulate its cyber policy, as well as redress for spyware victims.

In a statement, Citizen Lab said: “We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks. These included: the prime minister’s office (10 Downing Street) and the Foreign and Commonwealth Office… The suspected infections relating to the FCO were associated with Pegasus operators that we link to the UAE, India, Cyprus and Jordan."

"The suspected infection at the UK prime minister’s office was associated with a Pegasus operator we link to the UAE.”

“Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK Government was aware of the ongoing spyware threat, and took appropriate action to mitigate it.” says the Citizen Lab.

Citizen Lab:     Euronews:    Oodaloop:   Infosecurity Magazine:    ITProPortal:    Guardian:   The Register

You Might Also Read: 

Heads Of State On NSO Spyware List:
 

« Software Industry Mergers and Acquisitions 2022
Hackers Plan Attacks On Key US Industrial Control Systems »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

Cyber Security Supplier Directory

Cyber Security Supplier Directory

Our Supplier Directory lists 6,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Black Hat Briefings

Black Hat Briefings

The Black Hat Briefings are a series of highly technical information security conferences that bring together thought leaders from all facets of the infosec world.

CloudDNA

CloudDNA

CloudDNA deliver solutions that enable users and devices to connect over high performance, secure, efficient, scalable cloud networks.

CFC Underwriting

CFC Underwriting

CFC is a specialist insurance provider and a pioneer in emerging risk, including cyber insurance.

General Dynamics Information Technology (GDIT)

General Dynamics Information Technology (GDIT)

General Dynamics IT delivers cyber security services to defend critical information and infrastructure.

Bit4id

Bit4id

Bit4id provides software and systems for security and identification based on PKI technology.

Oznet Cyber Security

Oznet Cyber Security

Oznet Cyber Security is dedicated to offering integral solutions oriented to the support and security of information.

NSO Group

NSO Group

NSO Group develops technology that enables government intelligence and law enforcement agencies to prevent and investigate terrorism and crime.

SEEK

SEEK

SEEK create world-class technology solutions to address the needs of job seekers and hirers across multiple sectors including cybersecurity.

Australian Cyber Collaboration Centre (Aus3C)

Australian Cyber Collaboration Centre (Aus3C)

The Australian Cyber Collaboration Centre (Aus3C) is committed to building cyber capacity and securing Australia's digital landscape.

C2SEC

C2SEC

C2Sec provides an innovative analytics platform that assesses and quantifies cyber risks in financial terms based on combining patented big data, AI, and cybersecurity technologies.

Trace3

Trace3

Trace3 is a pioneer in business transformation solutions, empowering organizations to keep pace with the rapid changes in IT innovations and maximize organizational health.

Questex Asia Total Security Conference

Questex Asia Total Security Conference

Questex Asia’s Total Security Conferences is one of the industry’s most prestigious and engaging forums for the region's top information security leaders and business decision-makers.

Gotham Security

Gotham Security

Gotham Security delivers high-quality penetration testing, malicious adversary simulation, compliance program development, and threat intelligence services.

Prescott

Prescott

Prescott acts as your guiding light in the preparation for your CMMC assessment and long after by governing your cybersecurity practice.

Bridgenet Solutions

Bridgenet Solutions

Bridgenet specialises as a top-notch Information and Technology Solutions Provider for businesses.

Arcfield

Arcfield

Arcfield protects the nation and its allies through innovations in systems engineering and integration, space and mission launch assurance, cybersecurity, and missile support.