Citizen Lab senior researcher John Scott-Railton discusses why WhatsApp is suing NSO Group after discovering their spyware was used to target 1,400 users—100 of whom were members of civil society—and why this is a significant bellwether.
In the Media
Citizen Lab staff and research in the news.
As part of our investigation into the incident, Citizen Lab has identified over 100 cases of abusive targeting of human rights defenders and journalists in at least 20 countries across the globe, ranging from Africa, Asia, Europe, the Middle East, and North America that took place after Novalpina Capital acquired NSO Group and began an ongoing public relations campaign to promote the narrative that the new ownership would curb abuses.
Between November 2018 and May 2019, we observed intrusion attempts against individuals from the Private Office of His Holiness the Dalai Lama, the Central Tibetan Administration, the Tibetan Parliament, and Tibetan human rights groups.
Dubbed Endless Mayfly, the operators spoofed legitimate news outlets and disseminated fake stories through social media accounts. Once the articles had gained traction, they were deleted and the links were redirected to the domain being impersonated. This “ephemeral disinformation” technique provided the veneer of legitimacy while obscuring the origins of the fake narratives.
A recently discovered security vulnerability on WhatsApp, currently used by over 1.5 billion people worldwide, has been found to have been exploited by NSO Group developed spyware.
Spyware developer NSO Group is usually quick to dismiss the evidence that its customers have abused its Pegasus mobile phone spyware. This pattern of denials was repeated in a recent 60 Minutes investigation, which gives a rare look into NSO Group’s management.
A recent New York Times article investigates how authoritarian states target citizens and dissidents with sophisticated spyware, developed within a secretive, multi-billion dollar industry.
The window of a murdered Mexican journalist was targeted with Pegasus, a spyware product which can secretly access the contents of a phone and turn on its camera and microphone.
Citizen Lab research associate Christopher Parsons, in conversation with CBC Radio Spark, comments on the security concerns associated with Huawei technology should it be used in Canada’s 5G infrastructure.