UK government said to be latest Pegasus spyware victim


10 Downing Street and the Foreign Commonwealth and Development Office are suspected to have been infected with Pegasus spyware, developed by Israeli firm NSO Group.

The Citizen Lab, a Canadian organisation which conducts research on digital threats, discovered  suspected instances of Pegasus spyware infections in the government offices in 2020 and 2021.

The suspected Foreign Office infections were apparently associated with Pegasus operators linked to the UAE, India, Cyprus, and Jordan, while the infections in the Prime Minister’s Office was linked to an operator in the UAE. The government was informed about the suspicions.

The Citizen Lab says infections could have been related to Foreign Office devices being used abroad with foreign SIM cards.

An open letter by Ron Deibert, Director of the Citizen Lab, reads: “The United Kingdom is currently in the midst of several ongoing legislative and judicial efforts relating to regulatory questions surrounding cyber policy, as well as redress for spyware victims. We believe that it is critically important that such efforts are allowed to unfold free from the undue influence of spyware. Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK Government was aware of the ongoing spyware threat, and took appropriate action to mitigate it.”

The BBC has published a response by NSO Group which says: “The information raised regarding these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons. NSO continues to be targeted by a number of politically motivated advocacy organizations, like Citizens Labs and Amnesty, to produce inaccurate and unsubstantiated reports based on vague and incomplete information. We have repeatedly co-operated with governmental investigations, where credible allegations merit.”

There doesn’t seem to be any info on exactly for what purposes the spyware may have been deployed to the upper echelons of UK government, or what data may have been compromised – though perhaps details like that were left to the private notifications to the relevant authorities.

Pegasus spyware hit the headlines last year when a set of reports by a media alliance called Forbidden Stories, alongside Amnesty International, alleged that some countries are using Pegasus malware to spy on political opponents, activists and journalists.

Obviously NSO Group does not market its products to be used for these purposes, instead claiming: “Our products help government intelligence and law-enforcement agencies use technology to meet the challenges of encryption to prevent and investigate terror and crime.” However if the assertions made by The Citizen Lab, Forbidden stories and Amnesty International are true, it would appear to imply that once armed with the ability to essentially hack into phones at will, governments are not limited to targeting criminals, at least not by anything technological.

Hacking, malware, and viruses – whether state sponsored or not – are nothing new of course, but this can be seen in the context of growing concern over how prepared businesses and government departments are in the face of ever evolving and increasingly sophisticated attacks. Last month US President Biden made a statement imploring US businesses to urgently improve their cyber defences, while earlier this month BT warned that thousands of small firms in the UK are vulnerable to attack due to insufficient protections.


Get the latest news straight to your inbox. Register for the newsletter here.

Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.