How government agencies use commercial spyware to target opponents

How government agencies use commercial spyware to target opponents

Why in the News?

Recently, former Egyptian MP Ahmed Eltantawy was targeted with Cytrox’s Predator spyware sent via links on SMS and WhatsApp.

• This attack came after Mr. Eltantawy stated plans publicly to run for President in the 2024 Egyptian elections.
• This is concerning as Egypt is a known customer of Cytrox’s Predator spyware

Use of spyware by governments to target political opponents and dissidents:

1. Investigations under the Pegasus Project in 2021, revealed that more than 50,000 phone numbers in 50 countries were potential targets of spyware.
2. The victims of the spyware attacks were in India, Azerbaijan, Bahrain, Hungary, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the UAE.
3. The Pegasus spyware was reportedly used by Saudi Arabia to target journalist Jamal Khashoggi’s wife months before his death. Mr. Khashoggi, a U.S. resident and a known critic of the Saudi Arabian Crown Prince Mohammed Bin Salman was murdered at the Saudi consulate in Istanbul.

What is Spyware?

1. It is defined as a malicious software designed to enter a device, gather sensitive data, and forward it to a third party without the user’s consent. 
2. They are used for commercial purposes like advertising while, malicious spyware is used to profit from data stolen from a victim’s device. 
3. Spyware is broadly categorised as:
   1. Trojan spyware
   2. Adware
   3. Tracking cookie
   4. System monitors
4. All spywares gather data for the author, but system monitors and adware make modifications to a device’s software and expose the device to further threats, making it more harmful.

Commercial Spywares:

1. Criminals use spyware to steal passwords or financial information. 
2. However, governments and law enforcement agencies use spyware as part of legal investigations which has led to the development of commercial spyware.
3. Commercial spyware mainly targets mobile platforms and can be legitimately used against criminals and terrorists. 
4. However, authoritarian governments have used it to spy on political opponents as there is lack of global regulations for companies developing spyware.

How are the devices targeted?

1. Citizen Lab and Google’s Threat Analysis Group have revealed that spyware on the former Egyptian MP’s device was delivered via network injection from a device located physically inside Egypt. 
   1. When he visited the sites without ‘HTTPS’ website, the device was redirected to a website, that matches the Cytrox’s Predator spyware.
2. The Pegasus spyware became a part of $2-billion “package of between India and Israel for sophisticated weapons and intelligence gear transaction between the two countries.
   1. As per The Washington Post, Pegasus spyware was used in India against at least 40 journalists, Cabinet Ministers, and holders of constitutional positions.
   2. The spyware was inserted into the victim’s phones exploiting zero-day vulnerabilities, which means even the device manufacturer was unaware of these exploits.
   3. The spyware was capable of zero-click attacks i.e., they can infect a device without requiring users to click on a malicious attachment or link.

Is the use of spyware increasing?

1. An Independent international affairs think tank has revealed that at least 74 governments contracted with commercial firms to obtain spyware or digital forensics technology between 2011 and 2023.
2. Autocratic regimes (44 such regimes have procured targeted surveillance technologies) are more likely to purchase commercial spyware or digital forensics than democracies.
3. Allegation has been pitched that Indian defence agency was reportedly purchasing equipment from an Israeli spyware firm that is a potential Pegasus alternative.
4. A report of The New York Times has stated that the FBI in the U.S. had bought a version of the Pegasus spyware.
5. Mexican authorities have been alleged to have deployed NSO products against journalists and political dissidents.
6. NSO Group have established subsidiaries in Bulgaria and Cyprus to facilitate selling their products, which indicates the lack of regulatory framework that act as enablers in spyware use by authorities.

Do spyware firms face backlash?

1. The U.S. blacklisted the NSO Group in 2021, after it gained access to a 50,000 phone numbers targeted by the NSO group’s clients.
2. However, patrons of the surveillance industry turned to other companies leaving the spyware industry alive.
3. Israel is the leading exporter of spyware and digital forensics but have low prioritised human rights considerations in its export licensing regime.
4. Tech giants including Meta, Google, and Apple have taken steps to tackle the problem of commercial spyware firms exploiting bugs in their software.
   1. Updating their software to fix the bugs exploited by spywares.
   2. Apple with its iOS 16 has a ‘Lockdown Mode’, an “extreme protection” mode designed for high-risk individuals. 
   3. Meta-owned WhatsApp has filed a lawsuit filed in 2019 against Israel’s NSO Group of exploiting a bug in its software.