Spying and espionage are practices as old as human history itself. The need to know the enemy’s strengths/weaknesses and the secret shadow weapons it wields has driven nations to think of ever more innovative methods.
The cold war that had lasted for nearly 50 years ended with the Soviet Union disappearing from the face of the earth due to the American CIA’s clandestine operations with its final drop scene in Afghanistan enacted with the active help from our own Inter-Services Intelligence (ISI) Directorate.
Israel’s NSO Group draws its strength from artificial intelligence (AI), a product of the 4th industrial revolution. The Group claims that its mobile phone surveillance software, Pegasus, is meant to help its clients combat crime and terrorism; but journalists, activists, opposition politicians, and dissidents are also known to have been abused by the software.
That’s why more than 80 journalists, representing 17 media organizations around the world, have come together to investigate the Pegasus project. It began when journalism nonprofit Forbidden Stories and human rights group Amnesty International gained access to a set of more than 50,000 leaked phone numbers believed to be a list of targets of the Pegasus. Forbid- den Stories then invited OCCRP, the Washington Post, the Guardian, and 13 other partners to help investigate.
Sixty-seven of these phones were subjected to forensic analysis to determine whether they had been infected, and 37 showed signs of Pegasus activity. Reporters identi- fied potential NSO Group clients from more than 10 countries: Mexico, Azerbai- jan, Kazakhstan, Hungary, India, United Arab Emirates, Saudi Arabia, Bahrain, Morocco, Rwanda, and Togo.
Of over 1,000 telephone numbers whose owners were identified, at least 188 were journalists. Many others were human rights activists, diplomats, politicians, and government officials. At least 10 heads of state were on the list, including Pakistan Prime Minister Imran Khan.
The Pegasus gains entry to a target’s mobile phone quietly, without alerting the owner in any way. Once installed, Pegasus can extract data, conversations, contacts, and call logs from the victim’s phone. It can even switch on microphones and cameras to silently record live audio and video.
Pegasus in the wrong hands poses a direct threat to civil society at large. Until its antidote is developed the owners of phones suspected of being infected could avert being harassed by following the RSF (Reporters Without Borders) recommended steps:
Stop using your smartphone at once and buy a new one to continue communicating. Keep the potentially infected device far away from yourself and your work environment; Disconnect all accounts from the potentially infected phone and change all the passwords from another device; Contact Forbidden Stories or IT experts such as those at Amnesty International’s Security Lab to see if your number is on the leaked list of 50,000. The Amnesty International expert group has also developed a tool, the Mobile Verification Toolkit (MVT), which can be used to find out if a smartphone has been infected with Pegasus. Note that its use requires good IT skills. Journalists can also send their phone number to Share@amnes- ty. tech to be checked.
If you cannot replace your phone:
Restart the phone. Amnesty’s experts have established that, on an iPhone, a restart can temporarily stop Pegasus from functioning on iOS; Perform a factory reset of the smartphone even if this does not guarantee Pegasus’s removal. Note that this may also destroy evidence of an infection; Update the system software and all of the apps on the phone; Remove all unknown devices connected to the various messaging and online account apps (Signal, WhatsApp, Twitter, Facebook, etc.); Compile a list all
the passwords that have been entered and stored in the smartphone. Then change them and never reuse the old ones; Protect your smartphone with a PIN. Use a six-dig- it PIN at least or, even better, a strong and unique sentence (different from your other passwords). Using an easy PIN such as “0000” or “1234” or your date of birth provides absolutely no security.
Update the smartphone’s system software frequently:
Install a VPN. (But be aware that a VPN does not protect against certain types of attack.); Install antivirus software (Avast, McAfee or Kaspersky); Delete apps that are not used; Turn your smartphone off at least once a day. This simple measure may be enough to thwart the operation of many spyware apps; Enable two-factor authentica- tion on your most important accounts (Twit- ter, Google, Facebook, etc.); Disable iMessage and FaceTime (which are known to be Pegasus points of entry); Avoid using Google Home or any other voice assistant; On an iPhone, uninstall such Apple apps as Apple Music, FaceTime, iMessage and Mail. Note that you must disable iMessage before uninstalling it; Whenever possible, use a VPN when browsing the Internet; Never click on links in a message from an unknown number; Do not use Wi-Fi in unreliable places, or use it only after previously activating your VPN; Only install apps from the App Store (on an iPhone) or Google Play (on an Android phone); Block notifications and requests for permission to access the address book; Do not allow your smartphone to save passwords. Use a secure password manager such as LastPass; Use Signal to communicate with your sources; For journalists dealing with very sensitive information, it may be a good idea to use a phone that is not connected to the Internet – an old mobile phone or a smartphone with no access to data; The Access Now digital security helpline can diagnose your problems and provide helpful technical advice in nine languages; The Digital First Aid Kit gives advice about a device that is behaving suspiciously, as does Surveillance Self-Defence.