CIO News Hubb
Advertisement
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact
No Result
View All Result
CIO News Hubb
No Result
View All Result
Home Information Security

NSO Pegasus Spyware Developments | Avast

admin by admin
August 2, 2022
in Information Security


At a recent hearing held by the House Intelligence Committee, witnesses emphasized the threat of spyware to various democracies around the world.

Last summer, we wrote about a major international investigation of the NSO Group and its Pegasus spyware. We described how it works and what you can do to protect your phone. NSO has gone through some difficult times as a result of that analysis. NSO was almost purchased by an American company that is closely linked to intelligence operations until the US Government put them, along with another Israeli spyware vendor Candiru, on a special block list that prevents both from obtaining government contracts. Candiru, you might recall, was discovered to be doing its own zero-day spying by Avast researchers.

In late July 2022, the House Intelligence Committee held a hearing to discuss Pegasus and its implications for national policy. The House is set to vote on sweeping legislation to regulate the spyware industry that has been written into the latest version of the Intelligence Authorization Act. The House and Senate bills differ on the spyware provisions, however. This is in addition to the National Defense Authorization Act that was passed last December that directs the State Department to prepare an annual list of spyware vendors. This research has found that numerous American citizens and public officials have been targeted by Pegasus over the years, despite denials by NSO that they have never done this. 

 “Powerful spying tools are being sold on the open market, essentially offering sophisticated signals intelligence capabilities as an end-to-end service,” said Intelligence Committee Chair Adam Schiff. Three witnesses testified at the hearing:

  • Shane Huntley, the senior director of the Threat Analysis Group at Alphabet
  • Carine Kanimba, the daughter of Paul Rusesabagina, who was the model for the main character of the film, Hotel Rwanda
  • John Scott-Railton, a senior researcher at the CitizenLab at the University of Toronto who has extensively analyzed Pegasus incursions of dozens of phones across the world

If you don’t want to watch the entire hearing, you can skim through the opening remarks of the three witnesses.

Carine Kanimba testifying before the House committee in July. (Image credit: House Intelligence)

Shane Huntley mentioned his group’s activities in rooting out state-sponsored spyware and mentioned how Android was the first platform in 2017 (and then again in 2019) to warn users about Pegasus. His testimony is filled with numerous research links to other spyware they have detected over the years. “We believe commercial spyware use is growing, fueled by demand from governments,” he said. “It is targeting dissidents, journalists, human rights workers and opposition party politicians. Taking these threats on has to be a team sport, and there is very good cooperation between private industry and the intelligence community.”

Rusesabagina was lured from his Texas home by an operative of the Rwanda intelligence agencies and kidnapped and taken to Rwanda, where he was imprisoned by their government. Kanimba is a US citizen and both her and her father were targeted by agents of the Rwanda government using Pegasus spyware. Kanimba’s phone was subsequently tracked during various meetings and phone calls she had with foreign officials as she tried to secure her father’s release. “I am frightened by what the Rwandan government will do to me and my family next. It is horrifying to me that they knew everything I was doing, precisely where I was, who I was speaking with, my private thoughts and actions, at any moment they desired,” she said. She is concerned about her father’s care since he suffered a stroke while in prison, as well as afraid for her own welfare given what can be gleaned from her phone thanks to Pegasus. “Americans need to feel safe in our country and when we travel,” she said.  

Growth of the global mercenary spyware ecosystem

Scott-Railton agreed with Huntley that the growth of what he called the global mercenary spyware ecosystem has grown. Pegasus, and other zero-click spyware, is insidious. “One moment the device is clean. The next? Your data is silently streaming to an adversary,” he testified, describing Pegasus’ actions and the depth of information it can access on a targeted phone. “It is highly sophisticated, invasive, and difficult to detect at scale, even by well-resourced governments. This industry has become a threat to U.S. national security and counterintelligence.”

He cites the research that at least 10 prime ministers, three presidents, and a king may have been selected for Pegasus targeting. Since that report, the CitizenLab has found evidence of Pegasus on politicians’ phones in Thailand, Catalan, Poland and El Salvador. “Tools like Pegasus make political spying easier, much more invasive, and very difficult to uncover.” Scott-Railton anticipates ransomware actors will incorporate this technology as part of their exploit tool kits.

How to combat the threat of spyware

Google is constantly scouring the internet, looking for evidence that state-sponsored hacking (including spyware) is happening. Huntley mentioned they notify users when they detect this situation, which is a good start. But as Scott-Railton mentioned, the industry needs to provide more specifics, such as who is doing the snooping and how and when it happened, “so that victims know who to look for and who is responsible.”

Placing NSO and Candiru on the block list sends a signal to investors. “NSO’s valuation is in a tailspin,” said Scott-Railton at the hearing. He had other suggestions on government actions that could prevent these spyware companies from operating, such as preventing public retirement funds and venture capitalists who hold major corporate investment positions in NSO, for example. Kanimba’s story especially pointed out the threat of spyware to various democracies around the world.



Source link

Previous Post

5 Steps to Communicate Important Pivots in Volatile Digital Transformations

Next Post

New ‘ParseThru’ Parameter Smuggling Vulnerability Affects Golang-based Applications

Related Posts

Information Security

Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer

by admin
August 14, 2022
Information Security

Fake Elon Musk TeslaCoin investment scam costs victims at least $250

by admin
August 14, 2022
Information Security

Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users

by admin
August 13, 2022
Information Security

Pay with just your palm at Whole Foods

by admin
August 13, 2022
Information Security

Xiaomi Phones with MediaTek Chips Found Vulnerable to Forged Payments

by admin
August 12, 2022
Next Post

New 'ParseThru' Parameter Smuggling Vulnerability Affects Golang-based Applications

Recommended

Tornado Cash Developer Arrested After U.S. Sanctions the Cryptocurrency Mixer

August 14, 2022

Fake Elon Musk TeslaCoin investment scam costs victims at least $250

August 14, 2022

Q&A with CIO Dustin Hufford, Part 2: How Engagement, Flexibility & Transparency Can Help Retain Talent

August 14, 2022

Initiateinnovativeleadership ~ Future of CIO

August 14, 2022

Chinese Hackers Backdoored MiMi Chat App to Target Windows, Linux, macOS Users

August 13, 2022

Pay with just your palm at Whole Foods

August 13, 2022

© 2022 CIO News Hubb All rights reserved.

Use of these names, logos, and brands does not imply endorsement unless specified. By using this site, you agree to the Privacy Policy.

Navigate Site

  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

Newsletter Sign Up

No Result
View All Result
  • Home
  • News
  • Operations CIO
  • Visionary CIO
  • IT Management
  • Information Security
  • Contact

© 2022 JNews - Premium WordPress news & magazine theme by Jegtheme.