A new ‘digital violence’ platform maps dozens of victims of NSO Group’s spyware
For the first time, researchers have mapped all the known
targets, including journalists, activists, and human rights defenders, whose
phones were hacked by Pegasus, a spyware developed by NSO Group.
Forensic Architecture, an academic unit at Goldsmiths,
University of London that investigates human rights abuses, scoured dozens of
reports from human rights groups, carried out open-source research and
interviewed dozens of the victims themselves to reveal over a thousand data
points, including device infections, which show relations and patterns between
digital surveillance carried out by NSO’s government customers, and the
real-world intimidation, harassment and violence that the victims are also
subject to.
By mapping out these data points on a bespoke platform, the
researchers can show how nation-states, which use Pegasus to spy on their
victims, also often target other victims in their networks and are entangled
with assaults, arrests, and disinformation campaigns against the targets but
also their families, friends, and colleagues.
Although the thousand-plus data points only present a
portion of the overall use of Pegasus by governments, the project aims to
provide researchers and investigators the tools and data of NSO’s activities
worldwide, which the spyware maker goes to great lengths to keep out of the
public eye.
Israel-based NSO Group develops Pegasus, a spyware that
allows its government customers near-unfettered access to a victim’s device,
including their personal data and their location. NSO has repeatedly declined
to name its customers but reportedly has government contracts in at least 45
countries, said to include Rwanda, Israel, Bahrain, Saudi Arabia, Mexico, and
the United Arab Emirates — all of which have been accused of human rights
abuses — as well as Western nations, like Spain.
Forensic Architecture’s researcher-in-charge Shourideh
Molavi said the new findings reveal “the extent to which the digital domain we
inhabit has become the new frontier of human rights violations, a site of state
surveillance and intimidation that enables physical violations in real space.”
The platform presents visual timelines of how victims are
targeted by both spyware and physical violence as part of government campaigns
to target their most outspoken critics.
Omar Abdulaziz, a Saudi video blogger and activist living in
exile in Montreal, had his phone hacked in 2018 by the Pegasus malware. Shortly
after Saudi emissaries tried to convince Abdulaziz to return to the kingdom, his phone was hacked. Weeks
later, two of his brothers in Saudi Arabia were arrested and his friends
detained.
Abdulaziz, a confidant of Washington Post journalist Jamal
Khashoggi whose murder was approved by Saudi’s de facto ruler Crown Prince
Mohammed bin Salman, also had information about his Twitter account obtained by
a “state-sponsored” actor, which later transpired to be a Saudi spy employed by
Twitter. It was this stolen data, which included Abdulaziz’s phone number, that
helped the Saudis penetrate his phone and read his messages with Khashoggi in
real-time, Yahoo News reported this week.
Mexican journalist Carmen Aristegui is another known victim,
whose phone was hacked several times over 2015 and 2016 by a government
customer of Pegasus, likely Mexico. The University of Toronto’s Citizen Lab
found that her son, Emilio, a minor at the time, also had his phone targeted
while he lived in the United States. The timeline of the digital intrusions
against Aristegui, her son, and her colleagues show that the hacking efforts
intensified following their exposure of corruption by Mexico’s then-president
Enrique Peña Nieto.
“It’s a malware that activates your camera, your microphone,
all that which forms an integral part of your life,” said Aristegui in an
interview with journalist and filmmaker Laura Poitras, who contributed to the
project. Speaking of her son whose phone was targeted, Aristegui said: “To know
that a kid who is simply going about his life, and going to school tells us
about the kinds of abuse that a state can exert without counterweight.” (NSO
has repeatedly claimed it does not target phones in the United States, but
offers a similar technology to Pegasus, dubbed Phantom, through U.S.-based
subsidiary, Westbridge Technologies.)
“A phenomenal damage is caused to the journalistic
responsibility when the state — or whoever — uses these systems of ‘digital
violence’,” said Aristegui. “It ends up being a very damaging element for
journalists, which affects the right of a society to keep itself informed.”
The platform also draws on recent findings from an Amnesty
International investigation into NSO Group’s corporate structure, which shows
how NSO’s spyware has proliferated to states and governments using a complex
network of companies to hide its customers and activities. Forensic
Architecture’s platform follows the trail of private investment since NSO’s
founding in 2015, which “likely enabled” the sale of the spyware to governments
that NSO would not ordinarily have access to because of Israeli export
restrictions.
“NSO Group’s Pegasus spyware needs to be thought of and
treated as a weapon developed, like other products of Israel’s military
industrial complex, in the context of the ongoing Israeli occupation. It is
disheartening to see it exported to enable human rights violations worldwide,”
said Eyal Weizman, director of Forensic Architecture.
The platform launched shortly after NSO published its first
so-called transparency report this week, which human rights defenders and
security researchers panned as devoid of any meaningful detail. Amnesty
International said the report reads “more like a sales brochure.”
In a statement, NSO Group said it cannot comment on research
it has not seen, but claimed it “investigates all credible claims of misuse,
and NSO takes appropriate action based on the results of its investigations.”
NSO Group maintained that its technology “cannot be used to
conduct cybersurveillance within the United States, and no customer has ever
been granted technology that would enable them to access phones with U.S.
numbers,” and declined to name any of its government customers.
Comments
Post a Comment