Analysis
Israel's Pegasus spyware: Tested in Palestine, sold to the world
In-depth
04 August, 2021
In-depth: Findings from the Pegasus Project have sent shockwaves worldwide, raising privacy and surveillance concerns in autocratic countries where human rights violations and threats to independent media already
In July, private Israeli firm NSO Group's Pegasus spyware was found to have hacked into 50,000 phone numbers belonging to activists, journalists, and world leaders.
Once installed on phones, the software enables an attacker to have complete access to the device's contacts, messages, emails, photos, microphone, and camera.
Pegasus spyware has been used in 40 countries, but so far only 11 countries have been identified as customers of NSO Group, including Mexico, Morocco, Saudi Arabia, the United Arab Emirates (UAE), Rwanda, India, Hungary, Kazakhstan, Azerbaijan, Bahrain, and Togo.
The leaked list of numbers was connected to many high-profile names where the spyware was used both within and outside of countries, including French President Emmanuel Macron, Pakistan’s Imran Khan, Morocco’s PM Saad-Eddine El Othmani, as well as family members and close connections of murdered Saudi dissident Jamal Khashoggi.
"Private Israeli firm NSO Group's Pegasus spyware was found to have hacked into 50,000 phone numbers belonging to activists, journalists, and world leaders"
The investigation was led by a Paris-based non-profit media group, Forbidden Stories, along with 16 media organisations in 10 countries, and technical support from Amnesty International’s Security Lab who provided forensic testing on mobile phones to detect traces of the spyware.
The organisations are accusing NSO Group of creating and distributing a tool that impedes on rights to privacy by design and violates international human rights law.
NSO Group issued a statement to The Guardian and other media organisations stating that the company “firmly denies false claims” made in the investigation and that “many of which are uncorroborated theories that raise serious doubts about the reliability of sources”.
NSO Group suggests that the list of numbers has nothing to do with them and could have come from their clients or retrieved from a basic Home Location Register (HLR) Lookup service - a way to check a mobile numbers’ home network and where they are currently roaming.
Amnesty has subsequently published their methodology on the investigation and stands by their allegations against NSO Group. Although the technology firm is technically operating within the boundaries of Israeli law as the export of its products requires a license from the Ministry of Defence, there appears no direct mention of upholding human rights in the Defense Export Control Law.
The focus now is on the surveillance technology being sold to abusive regimes and the Israeli government licensing these sales. Israeli Defence Minister Benny Gantz mentioned that they “are studying the information published on the matter”, after calls for a moratorium on the export, sale, and use of Pegasus spyware.
Threats to democracy and human rights
This is not the first time NSO Group has been under fire for the misuse of its technology, as Israeli Cyberlaw attorney Jonathan J. Klinger tells The New Arab. Between 2016 and 2018, Citizen Lab, a laboratory that researches information and communication technologies, human rights, and global security, have tracked Pegasus spyware operating in 45 countries.
The group investigated a zero-day exploit chain, which they named Trident, that showed how spyware was installed on mobile phones. The case was bought to them by award-winning human rights activist, Ahmed Mansoor, based in the UAE, who received an SMS message in 2016 which said he could access “new secrets” regarding detainees tortured in UAE jails if he clicked an attached link.
RELATEDIn-depthSahar Amer07 July, 2021
UAE authorities are considered to be behind the assault, considering they detained Mansoor in 2011, added him to a travel ban list, and monitored him using other malicious spyware. Mansoor was imprisoned in 2017 and is currently still in jail.
Recent findings show that the UAE listed 400 UK phone numbers as targets, including contact details of a member of the House of Lords and Princess Latifa, daughter of Sheikh Mohammed bin Rashid Al-Maktoum, Vice President and Prime Minister of the UAE. Latifa had reportedly been a target of UAE authorities after her attempted and unsuccessful escape in early 2018.
Similarly, Saudi Arabia was also accused of using the software to spy on human rights activists and journalists. Most notably, phones of people close to Khashoggi including his fiancée, Hatice Cengiz and the journalist’s son, Abdullah Khashoggi, both before and after his death.
The UAE and Saudi Arabia have been found through the report to have attempted to use Pegasus to monitor the Turkish murder investigation as well as the phone of Istanbul’s chief prosecutor for potential surveillance.
These findings further confirm stronger ties between the Gulf and Israel, considering the Abraham Accords - the UAE and Bahrain’s normalisation agreement with Israel in 2020. Where human rights issues and digital repression are already rife within the region, the impact of this all-seeing technology in the wrong hands is detrimental.
“This creates a place where we have nowhere safe to be ourselves, to discuss things with loved ones or to create freely,” said Klinger.
NPR reported that NSO Group has since announced that they have blocked governments over the misuse of its spyware but would not disclose who or how many as prohibited by Israeli defence regulations.
"The abuses of the Israeli state against Palestinians have consequences around the world"
The role of the Israeli state
Although the focus has been on placing pressure on Israel to stop the licensing of surveillance tools like Pegasus, the state has probably had more influence than is being told. Yousef Munayyer, a political analyst for the Arab Centre Washington DC, says, "rather, it [Israel] plays a central role in the development, testing, and perfecting of this technology".
NSO Group founders Omri Lavie, Shalev Hulio, and Niv Carmi are alumni of the Israel Defence Force Unit 8200 - the intelligence and cyber surveillance arm of the IDF. It comes as no coincidence that Israel is a major player in the high-tech surveillance industry.
Neve Gordon, Israeli professor and academic, told The Intercept that there are little to no legal limits on veterans “taking certain research ideas they worked on in the military and developing them”.
Prior to marketing the technology, Unit 8200 have been known to spy on Palestinians living in the West Bank following an open letter in 2014 from 43 soldiers who confessed to conducting invasive surveillance operations and subsequently refused assignment in a “moral duty to act”.
RELATEDPerspectivesMarc Owen Jones23 July, 2021
They also wrote that “a large part of their work was unrelated to Israel’s security or defence, but appeared designed to perpetuate the occupation by “infiltrating” and “controlling” all aspects of Palestinian life”.
Other invasive technologies are also used on Palestinians in Israel including AnyVision’s biometric data collection through checkpoints, facial recognition drone technology, and excessive social media and internet monitoring.
Although it has been reported that Israel has even spied on its own citizens, Palestinians are unique in that they are not protected by basic right laws and recourse to justice, which make them prime candidates to experiment new technology on.
“Israel has great benefit from testing these tools and later offering them outside of the country,” Klinger says. The Pegasus Project is not the first time Israel has profited from dictatorships and authoritarian regimes around the world.
Last year, Israeli firm Cellebrite sold its phone-hacking product to Nicolás Maduro's regime in Venezuela, where over 9,000 people have been subject to extrajudicial killings under his presidency, as well as increasing arbitrary arrests, torture, and brutal repression.
Cellebrite also faced accusations from human rights activists that it sold its technology to Belarus during the 2020 - 2021 protests against the government, and to China during its pro-democracy crackdown in Hong Kong.
Until Israel ceases its occupation in Palestine, the sophistication and expansion of these surveillance technologies will continue to develop. As Munayyer stresses, “the abuses of the Israeli state against Palestinians...have consequences around the world”.
Sahar Amer is a freelance journalist based in London. She holds a master's degree in Human Rights, Culture & Social Justice from Goldsmiths, University of London and her research interests include technology and digital rights
Nefarious use of Pegasus spyware exposes governments
The extensive use of Pegasus spyware by governments to spy on other heads of state has sent shockwaves round the world, but it has also lifted a lid on what governments like Rwanda are doing covertly.
While Rwanda has denied using Pegasus spyware, the Pegasus Project - a consortium of international media and NGOs - investigated how Pegasus spyware of the Israeli company NSO Group was abused by governments to spy on their perceived enemies.
Pegasus spyware allows the client to record phone calls, read texts and emails, access photographs and passwords, and secretly activate microphones and cameras to make audio and video recordings.
According to The Chronicles, an investigative reporting site in Rwanda, the Rwandan government had identified more than 3 500 phone numbers as targets of such spying, including activists, journalists, exiles, foreign politicians, and diplomats. The site has published a sampling of who the 3 500 phone numbers belong to.
According to The Guardian newspaper, which was part of the Pegasus investigation project, President Cyril Ramaphosa's personal mobile phone seemed to have been selected by Rwanda in 2019.
Given the existence of Rwandan dissidents on South African soil, the use of spyware against our President is hardly surprising, but also outrageous. It has been suggested Kagame may have been seeking more leverage in pursuit of other regime defectors in South Africa.
Relations between Rwanda and South Africa broke down in 2013, when exiled former Rwandan Intelligence Chief Patrick Karegeya, a critic of President Kagame, was assassinated on 31 December in the Michelangelo hotel in Johannesburg. Karegeya had been the Rwandan external spy chief, and a close friend of Kagame, but he fell out with Kagame in 2006, and was imprisoned twice and stripped of his military rank after he had criticised Kagame’s regime.
Evidence cited by the magistrate at the 2019 inquest into Karegeya’s death, stated that the South African Director of Public Prosecutions believed that “close links exist between the suspects and the current Rwandan government.”
There have also been three or four assassination attempts in Johannesburg on the life of Kagame’s former military chief of staff General Kayumba Nyamwasa, who had also fallen out with Kagame. Both Karegeya and Nyamwasa helped found the Rwandan opposition party the Rwandan National Congress (RNC).
Those who had tried to assassinate Nyamwasa in 2010 were positively identified and linked to the government of Rwanda by the South African courts. On the list of those allegedly targeted by Rwanda using Pegasus spyware, Nyamwasa’s brother in-law Frank Ntwali, who is exiled in South Africa, is included, as well as a number of other Rwandan exiles based in South Africa.
In June 2019 was the death of another Rwandan dissident Camir Nkurunziza under mysterious circumstances, who had been Kagame’s bodyguard, but later became one of his critics. Then five months ago, Seif Bamporiki, who was the Chairperson of the RNC, was assassinated in Gugulethu in Cape Town.
According to the Pegasus Project, one of the other phone numbers Rwanda targeted through the Pegasus spyware was that of Carine Kanimba, the daughter of the hero in the movie Hotel Rwanda - Paul Rusesabagina.
He was the former manager of the Hotel des Mille Collines in Kigali, who saved the lives of an estimated 1,200 Tutsis and moderate Hutus during the 1994 genocide, by harbouring them in the hotel. Rusesabagina had also fallen out with Kagame in 1996, and went into exile in the US and formed an opposition party.
Last year he was lured back to Rwanda under the impression he was flying to Burundi, and he is now in a sham trial in Kigali for “terrrorism, murder, and financing rebellion.” In an interview with CNN’s Richard Quest, Kagame had admitted that Rusesabagina was “abducted from Dubai, having been lured by his friend directed by the government of Rwanda.”
This is not the only time Kagame has boasted about extraordinary renditions.
Dr David Himbara, the former private secretary and economic adviser to Kagame for six years, who fell out with Kagame and is now exiled in Canada, is also targeted on the Pegasus spy list.
Himbara says during the Rwandan elections of 2010, the regime became increasingly paranoid and violent, and after criticising Kagame in private, he was fired and later hunted by the regime. Others on the Pegasus list include the current Prime Minister of Burundi and the Ugandan external intelligence chief.
Whether there are consequences for Rwanda’s violations of international law and violations of the privacy of foreign leaders, politicians and dissidents, remains to be seen. But the time for giving Rwanda a free pass must surely come to an end.
* Ebrahim is Independent Media Group Foreign Editor.
IOL ZA
No comments:
Post a Comment