by Bidisha Saha: The infamous Pegasus spyware from the NSO Group, which has previously been in the news for its misuse against political and civil rights figures, has found its use in the war zone.
A Reports by several independent digital rights organizations Military conflict situations released on Thursday found substantial evidence of Pegasus’ use as a weapon. They found that journalists, human rights advocates, a United Nations official and members of civil society in Armenia had been hacked during the conflict over the disputed land in the Nagorno-Karabakh region.
Global intelligence and cyber warfare in the digital age changed forever when an Israeli company, NSO Group, introduced its military-grade spyware Pegasus to the global market in 2011.
The software can understand the communication of the smartphone without the knowledge of the user and without the association of manufacturers such as AT&T, Apple or any other company. This can turn a phone into a surveillance device, with microphones and cameras being activated without the user knowing.
Read this also | Group accused of selling ‘Pegasus-alternative’ spyware gets FDI nod from UPA government
Often referred to as the ‘world’s most infamous’ spyware, Pegasus has often found its mark in journalists, opposition and critic circles.
It came into the limelight when the murder of journalist Jamal Khashoggi had links to the resulting attacks of spyware installed on the phones of his fiancée and friends before and after his death. NSO Group denied that its government clients had used its hacking malware to target the journalist or his family.
Last year, the United States government took a public stand against the misuse of spyware in targeting human rights activists, dissidents and journalists. It blacklisted the NSO Group, the makers of most of the hacking tools.
But, the use of spyware continues to spread around the world, with new firms that employ Israel’s former cyberintelligence veterans, some of whom used to work for the NSO – stepping in to fill the void left by their ban. are increasing.
It was found to have been used in another dozen countries since 2021, indicating a lack of sustained demand among governments and concerted international efforts to limit the use of such devices.
Technology that was once in the hands of a few countries is now ubiquitous, changing the landscape of government spying.
What is happening in Armenia and Azerbaijan?
The conflict between Armenia and Azerbaijan over the disputed Nagorno-Karabakh region has been going on for years. While it is internationally recognized as part of Azerbaijan, many of its residents are Armenian citizens.
Both sides have been accused of war crimes, including alleged mass executions of Armenian prisoners of war by Azerbaijanis and mutilation of dead soldiers.
Despite attempts to mediate between them over the years, the two countries have yet to reach a peace agreement that would settle outstanding issues such as the demarcation of borders and the return of prisoners.
A recent attempt at talks to normalize ties was made in Washington, DC, last month amid rising tensions.
In mid-2021, Anna Nagdalyan, a spokeswoman for Armenia’s foreign affairs agency, was alerted by Apple that her iPhone had been attacked by a foreign government.
Read this also | Can ChatGPT really replace Jobs or is it another spyware like Pegasus?
He recently learned on Thursday that his phone had been hacked at least 27 times between October 2020 and July 2021, with injections of malicious malware occurring almost every month, according to forensic analysis of his phone.
But she was not alone. She was one of at least 13 other individuals, including a United Nations official in Armenia, whose phones were targeted by the iPhone spyware—NSO Group’s Pegasus.
Access Now, CyberHub-AM (Armenian Digital Emergencies Group), the Citizen Lab of the Munk School of Global Affairs at the University of Toronto, the Security Lab of Amnesty International, and Ruben Muradyan collaborated to conduct a technical investigation of the breaches and consider the attacks . As the first example of NSO’s software being used in an active battlefield.
Access Now, a New York-based nonprofit that works to protect human rights in the digital age, did not ‘conclusively link this Pegasus hacking to a specific government operator.’ The report calls for an “immediate halt” to the sale and transfer of spyware technology.
probe and target
The targets were Anna Nagdalyan, Karlen Aslanian and Astaghik Bedevyan (Radio Azatutyun journalists), Ruben Melikyan (Armenian civil society member), Dr. Varuzhan Geghamyan (Yerevan State University professor), Samvel Firmanian (co-founder of Armanews TV). Kristin Grigoryan (human rights defender) and five others who wished to remain anonymous.
Target operations took place from October 2020 to late 2021 which overlapped with the Azerbaijan–Armenia conflict. But the occupation of the spyware victims and the timing of the targeting ‘strongly’ suggest conflict was the reason for the hacking operations.
Citizen Lab, a Toronto-based research organization, identified at least two suspected Pegasus operators in Azerbaijan, which they call “Bozbash” and “Yanar”, by their ongoing Internet scanning and DNS cache checks.
According to them, the YANAR Pegasus operator appears to have exclusively domestic-focused targeting within Azerbaijan, while the BOZBASH operator has targets including a wide range of entities within Armenia. Therefore, it is concluded that there is sufficient evidence to suggest that Azerbaijan is a Pegasus customer, and that the targets would be of intense interest to Azerbaijan.
Read this also | Spyware like Pegasus used to target journalists and politicians
In 2018, another Citizen Lab Report Decoded that NSO operators link India with alias ‘GANGES’. Similarly, he added activities in Middle Eastern countries such as Qatar, Oman and the United Arab Emirates as ‘middle’.
According to Citizen Lab, the operation of ‘Ganga’ was connected to some of the popular telecom providers in India such as Bharti Airtel, Mahanagar Telephone Nigam Limited (MTNL), Hathway Cable Internet etc.
It was also connected to Pakistan Telecom Company Limited, Bangladesh Telecom Company Limited and Star Hub Internet Exchange in Singapore.
In a collaborative investigation by 17 media agencies including Forbidden Stories, the Pegasus Project initiative investigated the use of spyware by governments on journalists, opposition politicians, activists and businessmen.
The group cracked a target list containing fifty thousand phone numbers and three hundred of them were from India.
Later, the Supreme Court appointed a technical committee and requested that the phones of individuals suspected of government spying be submitted for examination.
Read this also | Attack on Indian democracy, Pegasus used to spy on me: Rahul Gandhi in Cambridge
WhatsApp, which is owned by Meta, is one of several tech companies to have taken legal action against the NSO Group since 2019. He has alleged that the NSO group surveyed over 1,400 people through the messaging platform. The lawsuit seeks to block NSO Group from the Meta platform and servers and to recover unspecified damages.
Meta’s December 2021 report threats Identified an Armenia-based client of the mercenary spyware firm, Citrox. Cytrox’s Predator spyware has been used in abuses around the world and was also the subject of an investigation by the EU’s PEGA committee.
The Committee to Protect Journalists also issued a statement saying that “Armenian and Azerbaijani authorities should allow a transparent investigation into the targeting of Armenian journalists with Pegasus, and give the NSO group a concrete response to the report’s findings”. States should stop providing their technology or other actors who target journalists” while also highlighting that the report is ‘deeply disturbing’ as a reminder of the threat posed by Pegasus and other spyware, which Used to target journalists.