Cybersecurity researchers have warned UK government officials working in 10 Downing Street that their devices have been targeted by spyware that can turn smartphones into remote listening devices.
Digital rights watchdog Citizen Lab said it has discovered evidence pointing to spy software known as Pegasus, made by Israeli company NSO Group, being used in the Prime Minister’s Office and the Foreign Commonwealth and Development office.
In a blog post published on Monday, Citizen lab said it “observed and notified” the government of “multiple suspected instances of Pegasus spyware infections within official UK networks” in 2020 and 2021.
Citizen Lab said the suspected Pegasus infection at the Prime Minister’s Office is believed to have come from a “Pegasus operator” that has linked to the UAE.
The research group said the Foreign Commonwealth and Development office infection came from devices abroad and using foreign SIM cards, hailing from NSO clients connected to the UAE, India, Cyprus, and Jordan.
“The United Kingdom is currently in the midst of several ongoing legislative and judicial efforts relating to regulatory questions surrounding cyber policy, as well as redress for spyware victims,” said Ron Deibert, director, Citizen Lab.
“We believe that it is critically important that such efforts are allowed to unfold free from the undue influence of spyware. Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK government was aware of the ongoing spyware threat, and took appropriate action to mitigate it.”
UK not the first government target of Pegasus spyware
Pegasus spyware can be installed on a target’s phone without their knowledge and can be used to read texts, emails, media, share location and turn the device’s microphone into a listening device.
NSO Group has consistently insisted it only sells its spyware software to authorised governments to tackle terrorism and other serious crimes.
However, previous research conducted by Citizen Lab has found evidence of the spyware being used to target human rights activists, lawyers and politicians across the world.
Recently, the research group claimed that a French minister, François de Rugy, showed traces of his device being infected with Pegasus spyware. NSO Group denied the minister was a Pegasus target.
An NSO Group spokesperson told The Guardian: “NSO continues to be targeted by a number of politically motivated advocacy organisations like Citizen Lab and Amnesty to produce inaccurate and unsubstantiated reports based on vague and incomplete information.
“We have repeatedly cooperated with governmental investigations, where credible allegations merit. However, information raised regarding these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons.”
UKTN has contacted the Home Office for comment.
The Citizen Lab, regarded as one of the leading spyware research groups, is based at the Munk School of Global Affairs & Public Policy at the University of Toronto.
In 2020, the United Nations called for an investigation after mobile spyware such as Pegasus was likely used to hack into the phone of Amazon founder Jeff Bezos. NSO Group denied that its technology was used “in this instance”.
Experts say that for the majority of businesses, spyware such as Pegasus is an unlikely threat because it is highly tailored and expensive to use.
Businesses instead face a far more likely threat from high-volume cyberattacks such as ransomware, with recent research showing that attacks on UK firms doubled in 2021.