Pegasus – A threat to privacy
The right to privacy is one of the most fundamental features of our constitution. Article 21 of the Indian constitution states that “No person shall be deprived of his life or personal liberty except according to the procedure established by law”. Not only in India, which is the largest democratic power in the world, but the right to privacy also serves as a sole feature in all democratic forms of government.
Being confined to a smaller private space either towards our inner self or to a group of acquaintances has been a basic idea of life, and any threat to our personal privacy disrupts this basic ideology as a whole. Pegasus is one such threat that intrudes into our private space and denies our privacy rights.
What is Pegasus Spyware?
Pegasus is a spyware developed by Israeli-based tech giant NSO. NSO has been established as a surveillance company that develops surveillance spyware for helping governments around the globe track terrorist movements and thereby helping them to tackle terrorist attacks to assure the safety of its citizens.
Pegasus spyware can drain all important data including audio recordings, contacts, call history, passwords, images, video files, and almost all important personal files. It can also have continuous access over the mic and camera of the host mobile phone, and thus it can easily get into the private space of the host and can access all private information. Data dumping is a serious concern in the modern world, where mobile phones have become very delicate data storing devices.
Mobiles of diplomats, bureaucrats, and politicians may contain very sensitive information regarding their countries and phishing can lead to a very serious threat and can eventually act as a window for planned terrorist attacks. Phishing affects the integrity of a nation and can affect its diplomatic norms with other nations as well.
How Pegasus becomes Dangerous
Pegasus is a kind of highly sophisticated software that can execute phishing without the acknowledgment of the host, and this makes it more outrageous as it’s not easy to map its presence in a device. In earlier times this spyware could only infect its target through any actions made from the host mobile phone, this could happen either by tapping any malicious links or through accepting calls from unknown or suspicious numbers, but now they have improved their software so that no actions are required from the part of the host.
Malware can enter and infect devices secretly through a message or phone call and can easily start dumping data from the host to the server of the hacker. A mobile infected by this spyware won’t show any peculiarities or heating issues. The mobile would appear normal in usage. This spyware can invade both android and IOS devices easily. Recently Jeff Bezos was reported to be attacked by this malware on his iPhone X. It is quite impossible to track its presence, but he spotted an unusual hike in his data usage and progressive battery-draining. This intuition made him doubtful, and later his phone was ratified and confirmed to be infected by cyber experts.
Mostly the victims of this spyware attack are those who hold higher offices, national leaders, top-notch business magnets, MNC heads, politicians, journalists, and even court judges, in the spotlight of recent events that took place in India. Internationally several allegations are there against Pegasus, and recently allegations were raised by amnesty international along with a list of vulnerable Asian countries that might be using Pegasus as a secret spying tool on its citizens, and unfortunately, India was one among those.
NSO uses a highly confidential and impeccable firewall system to protect the databases of their customers. According to a treaty signed by NSO in the UN, they only provide their services to governmental organizations as part of security concerns. The spyware as itself is harmless, but the hands to which they reach determine its fate. This wholly criticized spyware can also be a powerful tool to tackle terrorism as well as various other crimes. But more often it has been witnessed that the government itself uses it for spying on those who are not in favor of their decisions, like journalists, higher officials, and political rivals. This turns Pegasus, the peaceful winged white horse as per the Greek myths, into a dangerous privacy breach.
How is it used?
Pegasus was first brought into the spotlight when Mexico used it for capturing the drug lord El Chappo. This was a completely legitimate way of using this spyware to reduce crime rates, but allegedly it had been reported that Mexico used this very same spyware to spy on a Mexican journalist — Cecilo Pineda, who uncovered some financial scandals by the Mexican government and was unfortunately killed by a group of people. The role of the Mexican government in his death is still discussed as there are no shreds of evidence available to prove these allegations.
Saudi Arabia has been also a client of the NSO group but it is alleged that Saudi used this spyware illegitimately to track journalists and businessmen, including Jeff Bezos, CEO of Amazon group. Kamaal Khashoggi, a renowned journalist of the Washington post, was murdered recently and pieces of evidence are available that exposes the role of Pegasus spyware which was infiltrated into the phone of his wife just a few days before his murder. Saudi is reported to be behind this as Kamaal had been criticizing the new reformatory policies by king Muhammed Bin Salman through his monthly column in the Washington Post.
Several heads of state, including the French President Emmanuel Macron, were also targeted, and this list continues.
What all are the allegations related to Pegasus in India?
Till date, the Modi government had not taken any steps for a proper and reliable investigation. They keep rejecting these allegations by pointing out their lack of faith in Amnesty International who along with The Forbidden stories published the list of countries that are believed to be clients of the NSO group. Recently the list of people in India who were being spied on or those who are potential targets to be spied on was released, and this includes a supreme court judge, many journalists, opposition leaders, and two cabinet ministers.
Most of the victims were those who stood against the government or were involved in the decision-making systems which were crucial for the government, and the meeting between Israel PM Benjamin Netanyahu and Modi has also carved a sort of suspicion regarding the role of government in this scandal.
In India, the list of vulnerable targets includes opposition leader Rahul Gandhi, former supreme court judge Arun Mishra, former election commissioner Ashok Lavasa — notably he was the one who accused Narendra Modi and Amit Shah of breaking the model code of conduct during the 2019 Lok Sabha elections, Abhishek Banerjee, the nephew of Mamata Banerjee, and even Ashwini Vaishnav, who himself is the IT minister who is liable to answer to the people regarding this cyber attack, was also in the list.
Among journalists, Rohini Singh, a freelance journalist who demanded a probe onto the suspicious 16000 fold increase in turnover in the firm owned by Jay Shah, son of Amit Shah who is the current central Home affairs minister, Swati Chaturvedi who wrote the book “I am a troll” against the cyber wing of the ruling party, Sushant Singh of the Indian Express along with Sandeep Unnithan of India Today who briefed about the Rafael scam, and last but not the least, Vijaita Singh of The Hindu who reported a ten-fold hike in the budget allocated to National security council (NSC) without any reasonable explanations. Prashant Bushan accused the government with the allegation that this amount was utilized to purchase Pegasus from NSO.
Countries affected
Among the list of countries that utilized the Pegasus spyware, a majority of them were democratic countries and the usage of such spyware puts the basic etiquette of democracy under question. Countries involved in this according to The Forbidden Stories report are Togo, Rwanda, Morocco, Saudi Arabia, Bahrain, UAE, Azerbaijan, Kazakhstan, Mexico, Hungary, and India. A spying tool meant to be used against terrorism and crimes is being utilized to breach the privacy of its citizens who contribute to the wealth of nation. This has been seen in most of the countries, despite the large amount of money that is to be paid to the NSO to avail this service.
Safety steps
Any actions at the individual level to secure ourselves from this data breach is nearly impossible. But we can procure some steps from the experience of previous targets.
Recently Amnesty has come up with some forensic methodologies that can check for the presence of this spyware and can ensure a considerable amount of safety but these are highly technical and are not easy for a common man to follow.
Let us discuss some simple hacks to make our mobile devices safer and less prone to such cyber attacks:
- Always try to keep your mobile phones and laptops updated by using the latest available version of the corresponding operating systems. Spywares make use of tiny flaws and loopholes to jailbreak into our device and each update we receive makes them more and more impeccable.
- Using strong and unpredictable passwords — try to mix up uppercase letters, lower case letters, numbers, and characters. Try and use two-factor authentication that utilizes a secondary pin code for enhanced protection.
- Avoid tapping suspicious links as they can be malicious.
- Avoid circulating your mobile number to the public and try to keep your mobile number confined within your acquaintances as far as possible.
- Use VPN as VPNs have a lot of servers located in different countries and can spoof your location.
- Avoid using public wifi as they provide a medium for hackers or Spywares to infiltrate into our device
- Keep an eye over your battery usage and data usage — any unusual increase marks the presence of spyware in your device.
All these steps are safety measures, but these can’t guarantee us 100% security from any spyware or even a mere 25% from advanced Spywares like Pegasus, but they can be a stepping stone, however small, toward better and more secure cyber practices in the future.
Read More!
We are now on LinkedIn! Do follow us there!
Follow us on Medium for more for International events, news, MUN tips and tricks, and detailed analysis. Get in touch with us on Social media to stay in the loop -
Facebook| Instagram|Telegram Channel |YouTube|Twitter|LinkedIn.
We also invite guest writers to publish their material via this blog!
Interested in writing for MUNner’s Daily? Go right ahead and fill out this form. We will get back to you soon!
