Pegasus Spyware Used To Target British Prime Minister

Uploaded on 2022-04-20 in NEWS-Cybersecurity News, GOVERNMENT-National, FREE TO VIEW

A notorious spyware variant linked to multiple state-backed campaigns was used to target the UK Prime Minister’s Office over the past two years, researchers have revealed. Canada's Citizen Lab research institute at Toronto University, has engaged in tracking the use of the Pegasus spyware produced by Israel’s NSO Group.

Researchers at Citizen Lab have found evidence of surveillance software being present on devices associated with the British Prime Minister’s Office and at 10 Downing Street.

Their investigation found instances of surveillance software on devices linked to the British Foreign and Commonwealth Office (FCDO) in its former incarnation as the Foreign Commonwealth Office (FCO). The spyware was deployed over the last two years

NSO Group, an Israeli company behind the creation of the malware, is being sued by WhatsApp and Apple after customers of the pair were targeted. 

Pegasus was also used to compromise the phones of US State Department officials and NSOGroup and fellow spyware producer Candiru have since been placed on a trade blacklist due to the widespread use of the malicious tools. Pegasus has reportedly been widely used to target government officials, journalists, human rights activists, businesspeople, and embassy workers. 

Citizen Lab stated that it notified the UK government of the suspected breaches after detected instances of infection within official UK networks.

The United Arab Emirates (UAE) is suspected of attempting to spy on officials working in the UK Prime Minister’s Office, 10 Downing Street. Citizen Lab also claimed that employees at the Foreign Commonwealth and Development office (FCDO) were targeted over the period, with Pegasus used by the UAE, India, Cyprus and Jordan. “Because the UK Foreign and Commonwealth Office and its successor office, the Foreign Commonwealth and Development office (FCDO), have personnel in many countries, the suspected FCO infections we observed could have related to FCO devices located abroad and using foreign SIM cards, similar to the hacking of foreign phone numbers used by US State Department employees in Uganda in 2021,” commenteded Citizen Lab director, Ron Deibert.

During their investigations, Citizen Lab also identified more than sixty people with links to Catalan civil society groups in Spain, who had been targeted or infected by the spyware. Others had been targeted with Windows surveillance software from Candiru, which has been developed by another Israeli spyware maker. While they couldn't attribute the attacks to a specific group the researchers found circumstantial evidence that suggested the involvement of Spanish authorities.

Britain is currently busy with legislative efforts to regulate its cyber policy, as well as redress for spyware victims.

In a statement, Citizen Lab said: “We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks. These included: the prime minister’s office (10 Downing Street) and the Foreign and Commonwealth Office… The suspected infections relating to the FCO were associated with Pegasus operators that we link to the UAE, India, Cyprus and Jordan."

"The suspected infection at the UK prime minister’s office was associated with a Pegasus operator we link to the UAE.”

“Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK Government was aware of the ongoing spyware threat, and took appropriate action to mitigate it.” says the Citizen Lab.

Citizen Lab:     Euronews:    Oodaloop:   Infosecurity Magazine:    ITProPortal:    Guardian:   The Register

You Might Also Read: 

Heads Of State On NSO Spyware List:
 

« Software Industry Mergers and Acquisitions 2022
Hackers Plan Attacks On Key US Industrial Control Systems »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 7,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

Social-Engineer

Social-Engineer

Social-Engineer is a team of outside–the–box thinkers that share a common focus on human-to-human social engineering.

CloudEndure

CloudEndure

CloudEndure offers Disaster Recovery and Continuous Replication for the Cloud.

Acunetix

Acunetix

Acunetix is a leading web vulnerability scanner, widely acclaimed to include the most advanced SQL injection and XSS black box scanning technology.

Security Onion Solutions

Security Onion Solutions

Security Onion Solutions is the creator and maintainer of Security Onion, a free and open platform for threat hunting, network security monitoring, and log management.

Cyber Exchange

Cyber Exchange

Cyber Exchange provides a focal point for UK organisations connected with, or with an interest in, cyber security to connect, engage and collaborate.

First National Technology Solutions (FNTS)

First National Technology Solutions (FNTS)

First National Technology Solutions is a leading provider of flexible, customized hosted and remote managed services including IT security and compliance.

SQNetworks

SQNetworks

SQNetworks provides a full range of cybersecurity consultancy, services and solutions.

Prolimax

Prolimax

Prolimax deliver innovative solutions to IT Manufacturers, Distributors, Resellers and End-users including Data Erasure and secure IT Asset Disposition (ITAD)

usecure

usecure

usecure is a global provider of computer-based cyber security awareness training, offering the market’s most time-efficient, cost-effective and admin-lite solution for reducing insider threats.

Larsen & Toubro Infotech (LTI)

Larsen & Toubro Infotech (LTI)

LTI is a global technology consulting and digital solutions company with operations in 33 countries.

ProCheckUp

ProCheckUp

ProCheckUp is a London-based independent provider of cyber security services, including IT Security, Assurance, Compliance and Incident Response.

SpeQtral

SpeQtral

SpeQtral offers commercial space-based Quantum Key Distribution (QKD) founded on technology developed at the National University of Singapore.

Private Client Cyber Security (PCCS)

Private Client Cyber Security (PCCS)

PCCS provides enterprise-grade cybersecurity consulting and services to professional practices, executives, athletes, and high net worth families.

mxHERO

mxHERO

mxHERO reduces the risks inherent with ransom and cyber-security threats specific to email.

NorthStar

NorthStar

NorthStar provide the visibility needed to track and reduce risk through risk-based vulnerability management and vulnerability exploit prediction.

Doherty Associates

Doherty Associates

Drawing on our deep industry knowledge and business insight, Doherty deliver intelligent IT solutions and services that help people work more securely, more productively and more creatively.