Boris Johnson's office was the target of NSO spyware, report claims

Boris Johnson's office was the target of NSO spyware, report claims

Image:
Boris Johnson's office was the target of NSO spyware, report claims

A Pegasus operator linked to the UAE is thought to have carried out the attack

Israeli firm NSO Group's powerful Pegasus spyware was used to infect a mobile phone connected to the UK Prime Minister's Office in 2020 and 2021, a report released by Toronto-based Citizen Lab has claimed.

The report says that a Pegasus operator linked to the United Arab Emirates (UAE) carried out the suspected attack on No 10, which could have allowed for the monitoring of photos, messages and phone calls 24 hours a day, seven days a week.

The researchers also believe that the Pegasus tool was used to infect phones connected to the UK's Foreign Office on at least five occasions between July 2020 and June 2021. Pegasus operators in the UAE, India, Cyprus and Jordan are linked to these infections.

After detecting attacks, the researchers took the unusual step of alerting the PM's office of the infections, believing that their efforts would mitigate the threat. However, they were unable to identify the specific individuals suspected of being hacked within No 10 and the Foreign Office.

The New Yorker journalist Ronan Farrow reported that many phones, including the Prime Minister's, were examined at Downing Street, but experts from Britain's National Cyber Security Centre (NCSC) were unable to discover the infected device and to determine the nature of any data that could have been exfiltrated.

"When we found the No10 case, my jaw dropped," John Scott-Railton, a senior researcher at the Citizen Lab centre at the Univestity of Toronto, told the magazine.

He said that the UK government had underestimated the threat from Pegasus and had been "spectacularly burned" as a result.

Ron Deibert, Citizen Lab's director, revealed that the infections could have been related to staff serving abroad and using foreign SIM cards, similar to how the US diplomats were reportedly hacked in Uganda.

The claims were refuted by NSO, which stated that the attacks could not have occurred with NSO products.

"The information raised regarding these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons," a spokesperson for NSO Group told the BBC.

"NSO continues to be targeted by a number of politically motivated advocacy organisations, like Citizens Labs and Amnesty, to produce inaccurate and unsubstantiated reports based on vague and incomplete information."

Pegasus hacking software is used by multiple governments to conduct surveillance by infecting the victim's phone.

The spyware is capable of not only capturing photos, messages and other sensitive information from compromised devices, but also turning them into recording devices to monitor their surroundings.

Privacy advocates have long warned that NSO Group does not have enough controls in place to limit how its customers use the powerful cyber surveillance tools it sells.

An investigation by a group of journalists last year revealed that between 2017 and 2019, over 400 UK phone numbers surfaced in a leaked list of numbers related to NSO Group.

In November, Apple sued the firm for allegedly misusing its services and products to place a hacking tool on some users' iPhones. The company said that NSO Group and its parent company OSY Technologies should be held accountable for the surveillance and targeting of Apple users, and banned them from using any Apple devices, software or services "to prevent further abuse and harm" to its users.

Last year the US government placed NSO Group on a trade blacklist, stating that the company's software had "enabled foreign governments to conduct transnational repression, which is the practice of authoritarian governments targeting dissidents, journalists and activists".