Activists, politicians and journalists – including from Al Jazeera – around the world have been targeted in a surveillance operation with software sold by Israeli surveillance company NSO Group, according to an investigation into a massive data leak by The Guardian , the Washington Post and 15 other media outlets.
Reports released Sunday say “authoritarian governments” have abused Pegasus software, “hacking 37 smartphones,” according to a report from the Washington Post.
According to the Guardian, the leak contains a list of more than 50,000 numbers believed to be of interest to NSO customers since 2016.
However, the mention of phone numbers in the filtered data does not mean that their devices have been hacked.
The Washington Post said the numbers on the list also include heads of state and prime ministers, members of Arab royal families, diplomats and politicians, and activists and business leaders.
The list also included journalists for media organizations around the world including Agence France-Presse, The Wall Street Journal, CNN, The New York Times, Al Jazeera, France 24, Radio Free Europe, Mediapart, El País, Associated Press, Le Monde , Bloomberg, the Economist, Reuters and Voice of America, the Guardian said.
Pegasus, a sophisticated surveillance tool developed by the Israeli company, infects the user’s smartphone and steals all phone information, including any contact name and phone number, text message, email, Facebook message, everything from Skype, WhatsApp, Viber , WeChat and Telegram.
The list did not identify customers, but reports say several were grouped into 10 countries – Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the United Arab Emirates.
“The surveillance industry operates under a cloud of darkness – its products are designed to deceive and exploit guilt,” Natal Now Krapiva, Tech Legal Counsel of Access Now, told Al Jazeera.
“So we ask ourselves,‘ how could something similar happen? Spyware companies cannot be trusted simply to hold themselves accountable. This story, along with recent revelations of abuse by Cellebrite and Candide, is another example of why we urgently need to keep these surveillance companies and governments using them to light.
“The industry has shown that it is unable to control itself and governments are hiding behind national security to excuse these abuses of surveillance. We need regulation, transparency and accountability and we need them now,” he told Al Jazeera.
Amnesty International and Forbidden Stories, a Paris-based non-profit organization, initially had access to the escape, which they later shared with media organizations around the world.
– Suchitra Vijayan (@suchitrav) July 18, 2021
NSO, which has vowed to abuse the police of its software, has firmly denied what it called “false claims.”
“The NSO Group strongly denies false claims made in your report,” it said in a statement released by the Guardian. “Many of which are uncorroborated theories that raise serious doubts about the reliability of your sources, as well as the basis of your history.”
According to the company, it has good reason to “believe … the claims … are based on a misleading interpretation of data filtered from accessible and obvious basic information.”
Citizen Lab reported in December that dozens of journalists on Al Jazeera Media Network in Qatar had their mobile intercepted communications by sophisticated electronic surveillance.
Amnesty International reported in June last year that Moroccan authorities had used Pegasus software to insert spyware into the phone of Omar Radi, a journalist convicted of a post on social media.
Bilal Kuchay contributed to the New Delhi report