Spyware Pegasus

In News

Recently, an online database about the use of the spyware Pegasus was launched.

About

• It is launched by Forensic Architecture, Amnesty International and the Citizen Lab to document attacks against human rights defenders.
• It showed the connections between ‘digital violence’ of Pegasus spyware and the real-world harms lawyers, activists, and other civil society figures face.

Significance of Database

• The online platform is one of the most comprehensive databases on NSO-related activities, with information about-
  • export licenses, 
  • alleged purchases, 
  • digital infections, and
  • the physical targeting of activists after being targeted with spyware, including intimidation, harassment, and detention. 
• The platform also sheds light on the complex corporate structure of NSO Group, based on new research by Amnesty International and partners.

Spyware Pegasus

• Pegasus is spyware that can be installed on devices running some versions of iOS, Apple’s mobile operating system, as well on devices running on Android. 
• It was developed by the Israeli cyberarms firm NSO Group.
• Functioning: It mainly uses Exploit Links for its working. Clicking on such links automatically installs Pegasus on the user’s phone. The method of Social Engineering is used.
  • In the context of information security, social engineering is the psychological manipulation of people into performing actions or divulging confidential information. 
  • This differs from social engineering within the social sciences, which does not concern the divulging of confidential information.

Challenges with Pegasus

• Unlimited access to target’s mobile devices: It collects information remotely and covertly about target’s relationships, location, phone calls, plans, and activities whenever and wherever they are. It tracks targets and gets accurate positioning information using GPS.
• Intelligence gaps: Collects unique and new types of information (e.g., contacts, files, environmental wiretap, passwords, etc.) to deliver the most accurate and complete intelligence.
• Intercepting calls: It transparently monitors voice and VoIP calls in real-time.
• Decoding encrypted content: It overcomes encryption, SSL, proprietary protocols and any hurdle introduced by the complex communications world.
• Application monitoring: Monitors a multitude of applications including Skype, WhatsApp, Viber, Facebook and Blackberry Messenger (BBM).
• Bypassing Service provider: No cooperation with local Mobile Network Operators (MNO) is needed to attack. It constantly monitors the device without worrying about frequent switching of virtual identities and replacement of SIM cards
• Avoids unnecessary risks: The spyware eliminates the need for physical proximity to the target or device at any phase.
• Terrorist activities: Terrorists and other anti-social elements have started using more cyberspace which provides them with more getaways.
• Digital Attacks: Pegasus had been used in some of the “most insidious digital attacks” on human rights activists in the world. 

Ways to Secure Devices from Pegasus

• Regular Updates: Always update the operating system to the latest version. Apple and Google regularly release updates which include security patches for vulnerabilities and malware. Both Apple and Google have released fixes for Pegasus. 
• Remain Careful & Vigilant: Pegasus spyware (as well as all sorts of other malware) infiltrates phones by way of the phone user clicking a link in a text message, email, Twitter post, or any other means. When receiving any message with a link, make sure one is familiar with the person sending the link and actually verify that the message along with the link is coming from the authorized person.
• Secure Communications: It is critical to maintain secure communications including calls and messages that are not vulnerable to Pegasus and other malware. Secure calls and messages will ensure secure communication even when spyware infiltrates phones and one is “under mobile surveillance.”

Source: TH