Daily News Analysis

How government agencies use commercial spyware to target opponents

stylish_lining

How government agencies use commercial spyware to target opponents

 

Why in the News?

Recently, former Egyptian MP Ahmed Eltantawy was targeted with Cytrox’s Predator spyware sent via links on SMS and WhatsApp.

  • This attack came after Mr. Eltantawy stated plans publicly to run for President in the 2024 Egyptian elections.
  • This is concerning as Egypt is a known customer of Cytrox’s Predator spyware

Use of spyware by governments to target political opponents and dissidents:

  1. Investigations under the Pegasus Project in 2021, revealed that more than 50,000 phone numbers in 50 countries were potential targets of spyware.
  2. The victims of the spyware attacks were in India, Azerbaijan, Bahrain, Hungary, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and the UAE.
  3. The Pegasus spyware was reportedly used by Saudi Arabia to target journalist Jamal Khashoggi’s wife months before his death. Mr. Khashoggi, a U.S. resident and a known critic of the Saudi Arabian Crown Prince Mohammed Bin Salman was murdered at the Saudi consulate in Istanbul.

What is Spyware?

  1. It is defined as a malicious software designed to enter a device, gather sensitive data, and forward it to a third party without the user’s consent. 
  2. They are used for commercial purposes like advertising while, malicious spyware is used to profit from data stolen from a victim’s device. 
  3. Spyware is broadly categorised as:
    1. Trojan spyware
    2. Adware
    3. Tracking cookie
    4. System monitors
  4. All spywares gather data for the author, but system monitors and adware make modifications to a device’s software and expose the device to further threats, making it more harmful.

Commercial Spywares:

  1. Criminals use spyware to steal passwords or financial information. 
  2. However, governments and law enforcement agencies use spyware as part of legal investigations which has led to the development of commercial spyware.
  3. Commercial spyware mainly targets mobile platforms and can be legitimately used against criminals and terrorists. 
  4. However, authoritarian governments have used it to spy on political opponents as there is lack of global regulations for companies developing spyware.

How are the devices targeted?

  1. Citizen Lab and Google’s Threat Analysis Group have revealed that spyware on the former Egyptian MP’s device was delivered via network injection from a device located physically inside Egypt. 
    1. When he visited the sites without ‘HTTPS’ website, the device was redirected to a website, that matches the Cytrox’s Predator spyware.
  2. The Pegasus spyware became a part of $2-billion “package of between India and Israel for sophisticated weapons and intelligence gear transaction between the two countries.
    1. As per The Washington Post, Pegasus spyware was used in India against at least 40 journalists, Cabinet Ministers, and holders of constitutional positions.
    2. The spyware was inserted into the victim’s phones exploiting zero-day vulnerabilities, which means even the device manufacturer was unaware of these exploits.
    3. The spyware was capable of zero-click attacks i.e., they can infect a device without requiring users to click on a malicious attachment or link.

Is the use of spyware increasing?

  1. An Independent international affairs think tank has revealed that at least 74 governments contracted with commercial firms to obtain spyware or digital forensics technology between 2011 and 2023.
  2. Autocratic regimes (44 such regimes have procured targeted surveillance technologies) are more likely to purchase commercial spyware or digital forensics than democracies.
  3. Allegation has been pitched that Indian defence agency was reportedly purchasing equipment from an Israeli spyware firm that is a potential Pegasus alternative.
  4. A report of The New York Times has stated that the FBI in the U.S. had bought a version of the Pegasus spyware.
  5. Mexican authorities have been alleged to have deployed NSO products against journalists and political dissidents.
  6. NSO Group have established subsidiaries in Bulgaria and Cyprus to facilitate selling their products, which indicates the lack of regulatory framework that act as enablers in spyware use by authorities.

Do spyware firms face backlash?

  1. The U.S. blacklisted the NSO Group in 2021, after it gained access to a 50,000 phone numbers targeted by the NSO group’s clients.
  2. However, patrons of the surveillance industry turned to other companies leaving the spyware industry alive.
  3. Israel is the leading exporter of spyware and digital forensics but have low prioritised human rights considerations in its export licensing regime.
  4. Tech giants including Meta, Google, and Apple have taken steps to tackle the problem of commercial spyware firms exploiting bugs in their software.
    1. Updating their software to fix the bugs exploited by spywares.
    2. Apple with its iOS 16 has a ‘Lockdown Mode’, an “extreme protection” mode designed for high-risk individuals. 
    3. Meta-owned WhatsApp has filed a lawsuit filed in 2019 against Israel’s NSO Group of exploiting a bug in its software.

The Great Nicobar Project

The Great Nicobar Project is a massive infrastructure overhaul that has emerged as a focal point for India’s strategic and developmental ambitions. Piloted by NITI Aayog, the project is valu
Share It

Global and National Developments on Gender Recognition

Global Context: United States: The Trump administration recognized only two genders—male and female—excluding transgender individuals. This approach raised questions about the
Share It

Voting Rights for Internal Migrants in India

Universal Adult Suffrage (Article 326 of the Indian Constitution) ensures that every citizen aged 18 and above has the right to vote in Lok Sabha (Parliament) and State Legislative Assembly
Share It

Urban Governance

As India’s urban population continues to grow rapidly, achieving gender equity in urban governance is essential for building inclusive, sustainable, and resilient cities. The exclusion of wo
Share It

Maternity rights

The recent Supreme Court judgment in the case of K. Uma Devi vs State of Tamil Nadu marks a landmark shift in recognizing maternity rights as a Fundamental Right under Article 21 of the Indian Con
Share It

India's Criminal Justice System

The recent acquittal of the 12 men convicted in the Mumbai Train Blast Case (2006) by the Bombay High Court has reignited debate over the effectiveness and integrity of India's criminal justic
Share It

India's Aviation Safety

The preliminary report of the Air India Boeing 787 crash in Ahmedabad by the Aircraft Accident Investigation Bureau (AAIB) remains inconclusive, raising troubling questions about the pilot's i
Share It

Antimicrobial Resistance

India’s steps to regulate the use of antibiotics in food animal production reflect a growing global consensus on the need to address Antimicrobial Resistance (AMR). The potential consequence
Share It

solar energy potential

India’s push toward leveraging its vast solar energy potential represents a critical strategy for accelerating the transition to net-zero emissions by 2070, as part of its long-term climate
Share It

submarine cables

The issue of securing submarine cables is increasingly being recognized as a sovereign imperative in today's data-driven world. Subsea cables are crucial infrastructure for global communicatio
Share It

Newsletter Subscription


ACQ IAS
ACQ IAS