NSO Pegasus spyware has been used by at least five EU countries, admits the company. The admission was made as part of a European Union investigation into the impact of Pegasus, with an interim report now published.
It’s likely that the true number is higher, with the company promising to provide a ‘more concrete number’ …
What you need to know about NSO Pegasus spyware
NSO Group makes spyware called Pegasus, which is sold to government and law enforcement agencies. The company purchases so-called zero-day security vulnerabilities (ones that are unknown to Apple) from hackers, and its software is capable of mounting zero-click exploits – where no user interaction is required by the target.
In particular, simply receiving a particular iMessage – without opening it or interacting with it in any way – can allow an iPhone to be compromised, with personal data exposed.
The US government banned the import and use of Pegasus, depriving the company of its most lucrative customer base: US law enforcement agencies. Apple added to the pressure, suing the company, and alerting owners of infected iPhones.
NSO claims to exercise care in approving customers, but few believe it, and the company’s CEO wanted to tear up even the claimed rules under which it operated.
Used by at least five EU countries
Politico reports on the latest admission.
The Israeli spyware firm NSO Group on Tuesday told European lawmakers at least five EU countries have used its software and the firm has terminated at least one contract with an EU member country following abuse of its Pegasus surveillance software.
Speaking to the European Parliament’s committee looking into the use of spyware in Europe, NSO Group’s General Counsel Chaim Gelfand said the company had “made mistakes,” but that it had also passed up a huge amount of revenue, canceling contracts since misuse had come to light […]
At least five EU countries had used NSO’s tool, Gelfand said, adding he would come back to MEPs with a “more concrete number.”
NSO claims that it wants an international standard to be agreed on government use of spyware.
Year-long investigation into Pegasus
We’re three months into an EU investigation into Pegasus, which is expected to take a year. An interim report has been published, explaining how the spyware works, and outlining the main concerns.
Pegasus is only supplied to governments, but there are concerns that governments are misusing the software to spy on their political opponents. It recently emerged that the Belgian European Commissioner for Justice Didier Reynders was the target of the software.
In addition to an investigation by the Council of Europe, the European Parliament is also investigating Pegasus. MEP Peter Omtzigt has made the first results of the investigation under his leadership public, so that citizens and politicians can view them. Omtzigt does not have many powers to compel governments to answer, but that is not a problem, according to him. “Just exposing what happened, getting the facts straight, is of great value for the public and political debate in Europe.” (source: rtlnieuws.nl).
The report provides a technical description of the Pegasus spyware and analyses the impact it may have on human rights and fundamental freedoms, in particular the right to privacy and freedom of expression. Furthermore, the report underlines the chilling effect that Pegasus spyware has or potentially could have on other human rights and fundamental freedoms, including the right to dignity, freedom of assembly, freedom of religion, and even the physical and psychological integrity of an individual.
9to5Mac’s Take on NSO Pegasus spyware
NSO has zero credibility. It doesn’t much matter what the company does or doesn’t admit to: it has prevaricated and outright lied enough times that nothing it says can be believed.
Governments, too, cannot be trusted to be truthful about the covert surveillance methods they employ. The smart money would be on Pegasus having been used by pretty much every country on the planet.
So while the interim report is a useful document to help politicians understand just how nasty NSO Pegasus spyware is, the only way anything will change is if the use of the spyware is banned internationally, and the company put out of business.
FTC: We use income earning auto affiliate links. More.