Human rights activists, journalists and lawyers across the world have been targeted by authoritarian governments using hacking software sold by the Israeli surveillance company NSO Group, according to an investigation into a massive data leak.
<p>Attack attribution in the reported cases is highly complex and unreliable. First, some legitimate end-customers could have shared the cyber warfare with their foreign partners in exchange for valuable data, 0day exploits or sophisticated spyware – this is a widespread practice. Security teams in charge of such data and intelligence sharing – are not necessarily experts in human rights protection and may negligently or unknowingly share the software with some grey or even black-listed jurisdictions. Moreover, individual security analysts, employed by the trusted countries, may occasionally break internal rules and unlawfully share the cyber-warfare with unauthorized third parties, as anti-insider security controls have low technical efficiency in such environments. Finally, the legitimate end-customers could have been hacked and compromised, eventually exposing access to the software to unauthorized threat actors. In any case, legal action against NSO is likely futile, and the media hype around the alleged incident – rather brings publicity to the NSO.</p>
<p>Pegasus has been around for some time now and there have been a number of stories related to abuses of its design purpose. Unfortunately, this kind of activity is nothing new in the world of Tech. Bitcoin was developed as an alternative to Fiat banking systems and micro-payments but now it underpins the global criminal economy. Whilst the proprietary Pegasus software belongs to NSO Group and they do their best to control its deployment contractually there will always be consumers who will seek to re-purpose its functionality to their own ends. This story is still developing but it is already apparent that the numbers of potential victims quoted do not accurately reflect the amount of malicious activity currently facilitated by this software. It is an unfortunate reality that talented developers can never totally understand the full spectrum of uses their ideas may fulfill in the future.</p>
<p>Spyware can be a powerful tool in the ammunition used to attack cybercrime and terrorism, but any tool used for good also opens itself up to be exploited by malicious actors. Spyware such as Pegasus is powerful enough to run on a device without even a click or a tap from the victim, making it difficult for potential targets to protect against. This zero-click technology makes it extremely dangerous, and until a patch is developed, potential victims must err on the side of caution – protecting their privacy wherever possible, such as having private conversations away from their devices. Keeping phones clean with limited apps and updating to the latest operating system also reduces the chance of being infected. WhatsApp and other communication tools are thought to have been used to infect devices so if possible, it may be a good idea to have such apps on a separate phone.</p>
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics