Originally published on www.childrenshealthdefense.org by Amy Goodman and Denis Moynihan
Citizen Lab, a cybersecurity research organization based at the University of Toronto, this week revealed the existence of a "zero-click" exploit that exposed 1.65 billion Apple iPhone and other Apple devices to a complete and almost undetectable takeover by Pegasus spyware
Is the phone in your pocket spying on you?
As cell phones have become ubiquitous, government intelligence agencies have poured vast resources into hacking them, remotely stripping people of their privacy in the name of national security.
Now, a burgeoning industry has emerged, generating huge profits for shadowy corporations that specialize in developing ever-more innovative ways to secretly infect digital devices with spyware.
Activists, journalists, human rights defenders and dissidents the world over have been surveilled and in a number of cases arrested, tortured or killed.
This week, Citizen Lab, a cybersecurity research organization based at the University of Toronto, revealed the existence of a "zero-click" exploit that exposed 1.65 billion Apple iPhone and other Apple devices to a complete and almost undetectable takeover by the spyware known as Pegasus, produced by NSO Group, a private company.
Pegasus spyware grants unlimited access to all of an infected device's content, from chat messages to emails to phone calls, allows control of the phone's microphone and camera, and shares the phone's location in real time.
"NSO Group is a mercenary surveillance company based in Israel," Ronald Deibert, director of Citizen Lab, said on the Democracy Now! news hour. "NSO Group first came on our radar back in 2016, when we discovered it was being used by the United Arab Emirates to target a human rights defender named Ahmed Mansoor. Since then, we and others have documented extensive abuses of this company's technology."
If you believe NSO Group's founders, the software is only legally deployed to catch criminals, terrorists, pedophiles and the like.
Not convinced, Amnesty International and 155 other civil society organizations and technology experts issued a joint letter calling for an immediate moratorium on the sale, transfer and use of surveillance technology.
The letter stated:
"NSO Group's spyware has been used to facilitate human rights violations around the world on a massive scale. It has become clear that its technology facilitates systemic abuse … if the recent allegations about the use of Pegasus are even partly true, then that red line has been crossed again and again with total impunity."
Among the cases cited by Amnesty is that of Cecilio Pineda Birto, a Mexican journalist shot dead on Mar. 2, 2017. He had been receiving death threats, and just that morning announced a forthcoming report on corrupt local officials colluding with organized crime figures.
In 2021, Pineda's phone number appeared on a leaked list of about 50,000 cell phone numbers from all over the world, said to be targets of the Pegasus software. Scores of journalists from the Forbidden Stories collaboration and Citizen Lab reported on the leaked list, which included hundreds of journalists and activists as well as many world leaders.
"If you don't do anything to stop the sale of this technology, it's not just going to be 50,000 targets. It's going to be 50 million targets," NSA whistleblower Edward Snowden told the Guardian last month. "And it's going to happen much more quickly than any of us expect. The way we do that is to halt the trade of this technology."
Pegasus was used to target phones owned by family members of Jamal Kashoggi, the Saudi dissident and Washington Post journalist, both before and after his brutal murder by a Saudi kill team inside the Saudi consulate in Istanbul on Oct. 2, 2018.
Another victim of the NSO Group's spyware is Omar Radi, an independent journalist in Morocco who has long reported on corruption, land expropriation and human rights abuses by the Moroccan government. In 2020, Amnesty International issued a report with proof that Radi's iPhone had been infected by Pegasus spyware.
"Pegasus is a silent program. You don't feel it," Omar Radi told us on Democracy Now! in July, 2020, just two weeks before he was arrested by Moroccan police. "It can use your microphone, it can use your keyboard, it can use your screen, and get any information that is stored in your phone. I don't know the amount of information they've stolen from my phone." Omar Radi was recently sentenced to six years in prison.
"NSO Group is merely one among many mercenary spyware companies that exist globally," Citizen Lab's Ron Deibert said. "Governments that have deep pockets can simply go and purchase this type of despotism as a service off the shelf. We've never seen anything like that historically, the privatization of this type of digital espionage."
Apple issued a software update that supposedly fixed this problem. But hackers will certainly find more holes in these digital device operating systems. Without a ban on Pegasus and spyware like it, human rights defenders, journalists and others will continue to be targeted, spied on, beaten, arrested and killed.
Listen to the podcast here: