Cyberattack on rights

Published July 24, 2021

A COLLABORATIVE investigation into a data leak of software sold by the Israeli surveillance company NSO Group has led to some hair-raising revelations. The company has sold Pegasus, malware that is used to conduct cyber surveillance, to authoritarian governments who want to spy on journalists, activists, politicians and government officials.

The software can infiltrate iPhones and Androids, enabling the operator to record calls, retrieve photos, messages, and emails without the knowledge of the phone user. Though the company claims it only sells its software to those who want to use it against terrorists and criminals, a massive data leak from its records shows its clients may have used it against targets who fall into neither of those categories. The leak contains the phone numbers of 50,000 individuals, and a forensic analysis of some devices has shown traces of the Pegasus malware.

Pegasus spyware: how does it work?

At least 10 governments are believed to be NSO clients, including Saudi Arabia, India and the UAE. The phone numbers in the leak span 45 countries — including Pakistan, where a number once used by Prime Minister Imran Khan was targeted for potential surveillance. The government is now investigating whether Mr Khan’s device was in fact infiltrated.

Read: PM Imran's number among those targeted for surveillance by India using Israeli spyware

Spyware like Pegasus facilitates human rights violations, especially when in the hands of authoritarian regimes. A government or intelligence agency can use the software to spy on dissidents and critics — a dangerous and worrying reality in countries where privacy and human rights are routinely flouted. It can also be used by hostile countries to spy on rivals in a new era of cyberespionage. The fact that the list of phone numbers in the data leak is linked to individuals who evidently do not have criminal or terror links speaks volumes for how this spyware is being abused. It is also a test for phone manufacturers and app developers to come up with improved protection. Although it is virtually impossible for any device to be totally bug-free or hacker-proof, both iOS and Android developers should invest in research to improve security.

It is important that the international community come together to regulate the use of such tools and curb the violation of human rights. Governments must pressure global rights bodies to monitor countries that develop and sell this software. The export of such surveillance technology should either be stopped or heavily regulated to prevent abuse. One step towards this is the consortium itself. Much like the Panama Papers investigation, a group of journalists shed light on Pegasus’ clients and their requests. This story gives hope that countries can work together on the basis of a similar template to stop the abuse of fundamental rights when it comes to digital surveillance and cyberespionage. Until such companies can demonstrate that they can respect human rights and limit abuse of their software, their widespread sale should be restricted.

Published in Dawn, July 24th, 2021

Opinion

Editorial

Judiciary’s SOS
Updated 28 Mar, 2024

Judiciary’s SOS

The ball is now in CJP Isa’s court, and he will feel pressure to take action.
Data protection
28 Mar, 2024

Data protection

WHAT do we want? Data protection laws. When do we want them? Immediately. Without delay, if we are to prevent ...
Selling humans
28 Mar, 2024

Selling humans

HUMAN traders feed off economic distress; they peddle promises of a better life to the impoverished who, mired in...
New terror wave
Updated 27 Mar, 2024

New terror wave

The time has come for decisive government action against militancy.
Development costs
27 Mar, 2024

Development costs

A HEFTY escalation of 30pc in the cost of ongoing federal development schemes is one of the many decisions where the...
Aitchison controversy
Updated 27 Mar, 2024

Aitchison controversy

It is hoped that higher authorities realise that politics and nepotism have no place in schools.