An interactive online platform created by research agency Forensic Architecture, and supported by Amnesty International and the internet watchdog group Citizen Lab, has mapped the global spread of the spyware Pegasus, made by Israeli cybersecurity firm NSO Group.
Titled “Digital Violence: How the NSO Group Enables State Terror,” the website shows, for what is said to be the first time, geographic areas in which Pegasus spyware has been deployed worldwide, and interviews lawyers, activists and other civil society figures about their experiences.
Forensic Architecture, based in the University of London, investigates human rights violations by states, police forces and corporations.
“The company’s Pegasus spyware has been used in some of the most insidious digital attacks on human rights defenders,” Amnesty International said on its website. “When Pegasus is surreptitiously installed on a person’s phone, an attacker has complete access to a phone’s messages, emails, media, microphone, camera, calls and contacts.”
“The investigation reveals the extent to which the digital domain we inhabit has become the new frontier of human rights violations, a site of state surveillance and intimidation that enables physical violations in real space,” said Forensic Architecture researcher Shourideh Molavi in the Amnesty statement.
Tech giants Google, Microsoft, Cisco and Dell last year joined Facebook in a legal fight against the Israeli spyware firm, filing a brief in an American court accusing the NSO Group of having “powerful, and dangerous” technology.
In 2019, WhatsApp and its parent company, Facebook, filed an unprecedented lawsuit against the NSO Group, accusing the firm of targeting some 1,400 users of its encrypted messaging service with highly sophisticated spyware through missed calls. The accounts said to have been targeted included those of senior government officials, journalists, and human rights activists worldwide.
NSO’s spyware has repeatedly been found deployed to hack journalists, lawyers, human rights defenders and dissidents.
Most notably, the spyware was implicated in the gruesome killing of Saudi journalist Jamal Khashoggi, who was dismembered in the Saudi consulate in Istanbul in 2018, and whose body has never been found.
Several alleged targets of the spyware, including a close friend of Khashoggi and several Mexican civil society figures, have sued NSO in an Israeli court over the hacking.
In the newly set up NSO mapping website, Edward Snowden, the former computer intelligence consultant who leaked classified information from the US National Security Agency (NSA), narrates an accompanying series of videos that tell the stories of human rights activists and journalists targeted by Pegasus. The interactive platform also includes sound design by composer Brian Eno.
A film about the project by award-winning director Laura Poitras will premiere at the 2021 Cannes Film Festival later this month, Amnesty said in a separate statement. Later this month, Amnesty and its partners will also launch a campaign action on the surveillance industry, the group said in the statement.
Amnesty said that the online platform is “one of the most comprehensive databases on NSO-related activities,” including information about export licenses, alleged purchases, digital infections, and the physical targeting of activists after they were targeted with spyware, including intimidation, harassment, and detention.
The platform also sheds light on the complex corporate structure of NSO Group, based on new research by Amnesty International and partners. The research details changes to the NSO Group over the years, from its incorporation in Israel in 2010 to the purchase of a majority stake in the company by US private equity firm Francisco Partners in 2014 and the management buyout backed by UK private equity firm Novalpina Capital in 2019. The research flags the jurisdictions in which NSO group and its operating entities are located, including Israel, Virgin Islands, the Cayman Islands, Cyprus, the US and the UK, and the public funds that have invested in the company.
“For years, NSO Group has shrouded its operations in secrecy and profited from working in the shadows. This platform brings to light the important connections between the use of its spyware and the devastating human rights abuses inflicted upon activists and civil society,” said Danna Ingleton, deputy director of Amnesty Tech.
“Amnesty International’s Security Lab and Citizen Lab have repeatedly exposed the use of NSO Group’s Pegasus spyware to target hundreds of human rights defenders across the globe,” Amnesty said on its website. The organization called on the NSO Group “to urgently take steps to ensure that it does not cause or contribute to human rights abuses, and to respond when they do occur. The cyber-surveillance must carry out adequate human rights due diligence and take steps to ensure that human rights defenders and journalists do not continue to become targets of unlawful surveillance. ”
In October 2019, Amnesty International said that Moroccan academic and activist Maati Monjib’s phone had been infected with Pegasus spyware. “He continues to face harassment by the Moroccan authorities for his human rights work,” Amnesty said. In December 2020, Monjib was arbitrarily detained before being released on parole on March 23, 2021, Amnesty added.
On the website, Monjib tells his story in one of the short films, saying: “The authorities knew everything I said. I was in danger. Surveillance is very harming for the psychological wellbeing of the victim. My life has changed a lot because of all these pressures,” according to Amnesty.
Amnesty International has called for the dropping of all the charges against Monjib and for the harassment against him and his family by the Moroccan authorities to end.
In response to the claims, the NSO Group said in a statement:
“These are recycled claims, filled with inaccuracies and half-truths. The fact is, NSO Group investigates all credible claims of misuse, and takes appropriate action based on the results of its investigations. This includes shutting down a customer’s system — a step NSO has taken several times in the past, and will not hesitate to take again if a situation warrants.
“Recently, the Tel Aviv District Court denied Amnesty International’s petition to revoke NSO Group’s Israeli Export License, stating in its decision that Amnesty did not provide the evidential infrastructure to prove its claims that there was an attempt to trace a human rights activist through the use of NSO tools. Additionally, a similar lawsuit against NSO Group in Cyprus was not allowed to proceed through the court system there, showing that such claims have no basis.
“We stand by our previous statements that our products sold to foreign governments cannot be used to conduct cybersurveillance within the United States, and no customer has ever been granted technology that would enable them to access phones with US numbers.
“And, also as stated many times previously, NSO cannot confirm or deny who its government customers may or may not be, for contractual and national security reasons, nor on incorrect lists of countries, or misleading rumors about same.
“NSO is proud to be the first in the cyber intelligence industry to issue a Transparency and Responsibility report, and we are engaged with multinational institutions in an effort to bring further transparency to this sector. We look forward to continuing discussions about how to implement governance standards in this industry with organizations who understand the interplay between public safety and security, and the preservation and protection of human rights. This is a serious issue that requires a commitment to problem solving, not a focus on scoring public relations points.”