Pegasus Spyware Used To Target British Prime Minister

Uploaded on 2022-04-20 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

A notorious spyware variant linked to multiple state-backed campaigns was used to target the UK Prime Minister’s Office over the past two years, researchers have revealed. Canada's Citizen Lab research institute at Toronto University, has engaged in tracking the use of the Pegasus spyware produced by Israel’s NSO Group.

Researchers at Citizen Lab have found evidence of surveillance software being present on devices associated with the British Prime Minister’s Office and at 10 Downing Street.

Their investigation found instances of surveillance software on devices linked to the British Foreign and Commonwealth Office (FCDO) in its former incarnation as the Foreign Commonwealth Office (FCO). The spyware was deployed over the last two years

NSO Group, an Israeli company behind the creation of the malware, is being sued by WhatsApp and Apple after customers of the pair were targeted. 

Pegasus was also used to compromise the phones of US State Department officials and NSOGroup and fellow spyware producer Candiru have since been placed on a trade blacklist due to the widespread use of the malicious tools. Pegasus has reportedly been widely used to target government officials, journalists, human rights activists, businesspeople, and embassy workers. 

Citizen Lab stated that it notified the UK government of the suspected breaches after detected instances of infection within official UK networks.

The United Arab Emirates (UAE) is suspected of attempting to spy on officials working in the UK Prime Minister’s Office, 10 Downing Street. Citizen Lab also claimed that employees at the Foreign Commonwealth and Development office (FCDO) were targeted over the period, with Pegasus used by the UAE, India, Cyprus and Jordan. “Because the UK Foreign and Commonwealth Office and its successor office, the Foreign Commonwealth and Development office (FCDO), have personnel in many countries, the suspected FCO infections we observed could have related to FCO devices located abroad and using foreign SIM cards, similar to the hacking of foreign phone numbers used by US State Department employees in Uganda in 2021,” commenteded Citizen Lab director, Ron Deibert.

During their investigations, Citizen Lab also identified more than sixty people with links to Catalan civil society groups in Spain, who had been targeted or infected by the spyware. Others had been targeted with Windows surveillance software from Candiru, which has been developed by another Israeli spyware maker. While they couldn't attribute the attacks to a specific group the researchers found circumstantial evidence that suggested the involvement of Spanish authorities.

Britain is currently busy with legislative efforts to regulate its cyber policy, as well as redress for spyware victims.

In a statement, Citizen Lab said: “We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks. These included: the prime minister’s office (10 Downing Street) and the Foreign and Commonwealth Office… The suspected infections relating to the FCO were associated with Pegasus operators that we link to the UAE, India, Cyprus and Jordan."

"The suspected infection at the UK prime minister’s office was associated with a Pegasus operator we link to the UAE.”

“Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK Government was aware of the ongoing spyware threat, and took appropriate action to mitigate it.” says the Citizen Lab.

Citizen Lab:     Euronews:    Oodaloop:   Infosecurity Magazine:    ITProPortal:    Guardian:   The Register

You Might Also Read: 

Heads Of State On NSO Spyware List:
 

« Software Industry Mergers and Acquisitions 2022
Hackers Plan Attacks On Key US Industrial Control Systems »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Materna Radar Cyber Security

Materna Radar Cyber Security

Radar Cyber Security is the only European supplier of Managed Detection & Response who provides its services based on inhouse developed technology.

Red Balloon Security (RBS)

Red Balloon Security (RBS)

Red Balloon Security is a leading embedded device security company, delivering deep host-based defense for all devices.

WetStone Technologies

WetStone Technologies

WetStone develops software solutions that support investigators and analysts engaged in eCrime Investigation, eForensics and incident response activities.

Centurion Information Security

Centurion Information Security

Centurion Information Security is a consulting firm based in Singapore that specialises in penetration testing and security assessment services.

MedCrypt

MedCrypt

MedCrypt are a team of medical device experts focused on bringing modern cybersecurity features to the next generation of healthcare technology.

Codeproof Technologies

Codeproof Technologies

The Codeproof enterprise mobility solution empowers your business to secure, deploy and manage mobile applications and data on smartphones, tablets, IoT devices and more.

Scythe

Scythe

SCYTHE is a next generation red team platform for continuous and realistic enterprise risk assessments.

Sunartek Labs

Sunartek Labs

Sunartek are equipped with expert resources and advanced technology to identify cyber threats and prevent any breach, bypassing the security network of your organization.

Stripe OLT

Stripe OLT

At Stripe OLT, we provide complete business technology solutions - Our team has an unrivalled reputation as a Microsoft Gold Partner, specialising in secure, cloud-first technology.

Advantio

Advantio

Advantio offers a unique combination of technologies and managed, advisory and testing services to increase your cyber resilience and compliance.

Stratus Technologies

Stratus Technologies

Edge Computing solves the inherent challenges of bandwidth, latency, and security at edge locations to enable IIoT devices and data acquisition.

Execweb

Execweb

Execweb are a cybersecurity executive network, comprised of 400+ security practitioners who work at Fortune 500 and SME companies.

SMARTEST

SMARTEST

SMARTEST is a world-class IT solutions provider active in the most challenging and demanding industries such as the oil and gas industries.

First Focus

First Focus

First Focus is a managed service provider for medium-sized organisations.

MadWolf Technologies

MadWolf Technologies

MadWolf’s mission is to deliver enterprise-quality managed services and focused applications to organizations operating in the non-profit, association and international development sectors.

GrabDefence

GrabDefence

GrabDefence enables digital businesses to thrive by safeguarding their ecosystem against fraud risk, digital identity threats and compliance challenges.