Technology
Pegasus: The Origin and Beyond
Putting the ‘Sus’ in Pegasus
If you hopped a few months back and asked people about their thoughts on Pegasus, the mythology fandom would have sprung up, ecstatically sharing tales of how the fabled winged-horse rose from the ashes upon Medusa’s death and guided Bellerophon to his glorious exploits. Come July 2021, the story sees a slight change in scenery. Yes, Pegasus has risen out of nowhere. Yes, Pegasus is out there on its exploits, but these exploits don’t seem to be something we should be boasting about. Instead of soaring out there and capturing the evils of society, it has instead decided to take over our phones! (which sounds the same if you ask my parents).
But where has this situation popped up from? And how did this sorcery come to be? With the spike in controversy surrounding it, the word on the street and on the feed are getting tough to segregate. Let’s make things easier for you.
What Exactly is Pegasus?
Pegasus has been classified as a spyware, i.e. it is a software that gathers information of an individual or organisation and transfers it to other entities to possibly hurt them. This is usually carried out by unethical means such as violating the user’s privacy and causing harm to the user’s device.
Unlike regular spywares, it isn’t even that difficult for Pegasus to access your device! One link is all it takes. It doesn’t even matter what medium is being used to provide access to that link! Any action of you coming close to the link and you are done for. Scrolling through SMS on your phone? Pegasus! Opening those annoying good morning messages on the family WhatsApp group? Pegasus! Reading this article? PEGASUS! (It’s just a joke, please don’t leave).
However, the true power of Pegasus is not in how it reaches its prey but in what the program is capable of pulling off once it has achieved access.
You can munch on your favourite snack as the online classes go on, thinking no one is bothered with you muted and your video off. However, in reality, your camera might actually be capturing each and every fine detail of your bites and sending them elsewhere while your device shows that the camera is off. You might be relievingly grumbling about your annoying visiting neighbours thinking that no one can hear you from your room. Your ‘supposedly’ idly-charging phone though, might be recording every curse of yours in HD quality.
Your device practically turns into a 24x7 surveillance device while not showing a glimpse of misbehaviour. Pegasus can basically drag out any and every information from your device without any warnings, giving it the title, “The World’s Most Invasive Spyware”, (basically a digital version of a desi aunty).
However, no villain can attain such might unless there’s a backstory, can they? So what went down with our cheeky imposter? Time to scroll through the archives!
Origin of Pegasus
Pegasus was the love child of Poseidon, the god of the seas and Medusa…… ok hold up! Wrong Pegasus, my bad.
The Pegasus software is the brainchild of an Israeli cyber arms firm, NSO Group, named after the first letters of their founders, Niv Carmi, Shalev Hulio and Omri Lavie. The three were in fact ex-members of Unit 8200, a division of the Israeli Intelligence Corps that specialised in signal collection and code decryption.
Beginning operations in 2010, it didn’t take long for the company to start making inroads, setting up the Among Us lobby with their first product, Pegasus. Pegasus was designed with the intention to counter terrorism (more of a law enforcement tool really). Hence, it was agreed that Pegasus would be sold only to foreign governments and not to private entities, but only with the consent of the Israeli government. It’s needless to say that these dealings would happen in complete secrecy.
And with this, our lobby settings had been finalised. The lobby was now open for play as players started to join in steadily.
The game starts. First person to kickstart the tasks? Mexico! The Mexican government struck a USD 20 million deal with the NSO firm in 2012, with the purpose of targeting the nation’s journalists and prominent politicians who worked closely with the President. The deal with Mexico didn’t end there though. A private firm by the name Grupo Bull Tech, in the act with the country’s attorney general, purchased the software yet again in 2014, this time with a deal worth USD 32 million.
However, it would seem that the game settings for the lobby were too difficult for new people to get involved into. To improve on this, veterans in the lobby took over the lobby to try out a few tweaks. Well-established American private equity firm, Francisco Partners in 2014 bought NSO at a sum of USD 130 million. With the new ownership providing a better play experience by modifying the deal settings, the Pegasus lobby had now started to flourish. Panama would show up next in the queue with a deal worth USD 13.4 million to spy on 150 devices.
Several countries chimed in henceforth into the lobby, with details unknown to date.
Good times for the NSO group, ain’t it? Customers pooling in, money flowing in, the profits soaring, while the employees laid back enjoying the raise. The typical dream story.
“Life has never been this smooth before, what do you say, Jack? Our profits are over the roof!”
“What?” Jack had a tough time grasping what was being said for he was lost in his own worries, “Uhh….. yeah, it sure is!”
“Is something worrying you?”
“Well, it’s just……”
“Mmhm?”
“Everything around is so peaceful right now, so much so that……. that……”
“Get to the point boy!”
“That something doesn’t seem right.”
“Eh?”, Sam chuckled, “Of course it isn’t dummy! We are literally making spywares! You sober?”
“It isn’t that! I don’t know! It’s just a bad feeling I got. I don’t really know how to explain it.”
Busted! Pegasus is the Imposter!
Turns out, Jack’s intuition would turn out to be true. Come 2016, the cover would be blown when UAE’s social activist Ahmed Mansoor Al Shehhi, well-known for writing against the government, especially on human rights, received a text message assuring secrets regarding prison tortures in the country, followed by a link. Feeling ‘sus’, Mansoor asked Canada’s Citizen Lab to have a check, who concluded that tapping on the link would have jailbroken Mansoor’s phone and got Pegasus installed in it.
This event led to one of many revelations of governments using the software to not simply snoop on the threats of democracy but on what ‘they deemed’ to be as a threat to democracy.
Journalists, lawyers, activists all fell under the radar of Pegasus. Consequently, Pegasus would see itself in and out of the media’s spotlight, with the company affirming its stand to the cause of aiding governments in need and taking measures to avoid such instances.
However, it would all be in vain when the Central Intelligence Agency would announce in November 2018 that the Saudi Arabian government had indeed made use of Pegasus in the assassination of the dissident journalist, Jamal Khashoggi. A statement that the Saudi government denies to this day.
Several accusations followed with Facebook India in 2019 stating that Pegasus was being involved in WhatsApp chats of high profile bureaucrats, journalists and activists. Chaos has stirred up once again as recently, a leaked list of the NSO database was released, with the names of 40 Indian journalists in it, marked as potential targets for surveillance. No concrete evidence or action plan has popped up since then as discussions on the topic go on.
How big of an issue has it turned out to be?
Pegasus as it stands now isn’t a major threat to the general public directly. Given how expensive the software is, it would cost a fortune to snoop on so many devices. That said, we are nowhere clear of it as accusations of the government using Pegasus to silence the voices against them affects the whole concept of democracy.
Speaking of the Indian background, journalism was already in jeopardy as French NGO, ‘Reporters without Borders’ ranked India a lowly 142nd in a list of 180 this year in the Press Freedom Index. To see the fourth pillar of the Constitution to be ‘possibly’ coerced in such a fashion is indeed concerning for a country addressed as the ‘World’s Largest Democracy’.
Journalist associations are yet to take action as they deem that it is too early to arrive at a conclusion and are looking forward to how the situation unravels further while they lend their condolences and support to the targeted journalists. The Government of India has affirmed its stand over the clause that the leaked list is fake, putting the matter up for debate.
So what’s next?
It is scary to comprehend the existence of such a software and questions are being raised if Pegasus can truly adhere to its purpose. NSO has stood tall, stating it has prevented dealings with independent private and black market organisations. However, even with that taken into account, the case of misuse by the government is still far more sensitive and concerning. Several journalists, opposition parties and Amnesty International themselves have put forth their opinions to ban the spyware.
Again, the validity behind the leaked contacts is yet to be proven. However, that doesn’t translate into the people taking their eyes off of the ruling governments.
Currently, Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Togo and the United Arab Emirates are either suspected or confirmed of using Pegasus. There could be several other customers that we are unaware of. NSO has remained tight-lipped on the matter stating that it is against the policies of their company to reveal such information.
“However, with privacy and personal security on the line, is it really excusable to allow this act to proceed any further?”
You be the judge.
