On Monday, Canada-based digital rights watchdog Citizen Lab released a report confirming several cyberattacks on the residence of British Prime Minister (PM) Boris Johnson and the United Kingdom’s (UK) Foreign and Commonwealth Office (FCO) in 2020 and 2021 by a United Arab Emirates (UAE)-based user.
The organization has reportedly informed British authorities about which government networks could have been compromised using the Israeli NSO Group’s Pegasus spyware.
We also confirm that in 2020 and 2021 we observed and notified the UK Gov 🇬🇧 of multiple suspected instances of #Pegasus spyware infections within official UK networks, including @10DowningStreet & @FCDOGovUK https://t.co/5ixResVBfd pic.twitter.com/qNgWKofluJ
— profdeibert (@RonDeibert) April 18, 2022
The report claimed that the UK’s FCO has been targeted by users of the spyware in India, Cyprus, and Jordan. It asserts that the infections could have targetted the devices of British foreign service workers who were using foreign SIM cards. In fact, Citizen Lab drew parallels with a similar spyware attack in Uganda last year, wherein United States (US) State Department employees’ foreign phone numbers were targeted in what is considered to be the biggest cyberattack against American officials.
The report appreciated the British government’s “legislative and judicial efforts” to reform its cyber policy, which includes providing compensation to the victims of spyware attacks. However, it remarked that the government must ensure that the process is “allowed to unfold free from the undue influence of spyware.” The rights group mentioned a case from 2019 when a British lawyer spearheading a legal case against the NSO Group was targeted by the Pegasus spyware. Keeping this in mind, Citizen Lab urged the British government to take “appropriate action to mitigate” the possibility of a similar incident from taking place again.
Pegasus Coverage:
- Report: Israeli Police Targeted Activists, Govt Officials With Pegasus Spyware
- Report: India Purchased Pegasus Spyware as Part of $2 Billion Weapons Deal With Israel
- UAE Agency Placed Pegasus Spyware on Phone of Khashoggi’s Wife Before his Murder
- Indian Government Says Pegasus Report Attempt to Malign India
- Indian Politicians, Activists, Journalists Bugged By Israeli Spy Software Pegasus
Meanwhile, on the same day, the New Yorker cited John Scott-Railton, a senior researcher at the Citizen Law, alleging that the attack on Downing Street “included the exfiltration of data.” He confirmed that the British National Cyber Security Centre had investigated several phones on Downing Street, including PM Johnson’s. However, the investigation was deemed inconclusive, as the infected device could not be located and the nature of the leaked data was never identified.
Responding to these allegations, a spokesperson for the Israeli NSO Group stated that the claims made in the report were “false and could not be related to NSO products for technological and contractual reasons.” Furthermore, it accused “politically motivated advocacy organisations, like Citizens Labs and Amnesty” of producing “inaccurate and unsubstantiated reports based on vague and incomplete information.”
Meanwhile, a British government spokesperson refused to answer questions about the attack, saying that the UK officials “do not routinely comment on security matters.” Likewise, there has been no response from the UAE government or its embassy in London.
Pegasus is a spy software that uses malware links to target a user’s device. Once the link is opened, the surveillance spyware is installed on the phone. The spyware then sends private data, including passwords, contact lists, text messages, and live voice calls to the operator’s command and control. It can also provide clients with access to data in the phone’s memory and turn them into recording devices.
It was first identified in 2016 after a failed installation that aimed to target a UAE-based human rights activist. Many Gulf countries, including Saudi Arabia, the UAE, Bahrain and Oman, are reportedly major clients of NSO, whose spyware has also been used in India, Azerbaijan, Palestine, Kazakhstan, Mexico, Poland, Spain, and the United States (US). Furthermore, it has been reportedly used against the European Parliament, Catalan presidents, legislators, jurists, and members of civil society organisations.
However, the NSO Group has maintained that its software is only sold to governments to help fight crime and terrorism after being approved by the Israeli Defence Ministry. Nevertheless, critics argue that the safeguards to avoid exploitation are insufficient.
Monday’s report is not the first allegation against the UAE for orchestrating a cyberattack in the UK using the Israeli spyware. Previously, a British court confirmed that Dubai’s Sheikh Mohammed bin Rashid Al Maktoum had ordered the hacking of his ex-wife Princess Haya and her attorneys’ phones during a $730 million divorce settlement and custody battle. After the allegations were confirmed, the NSO Group declared that the software would be prevented from targeting British residents.