Amidst calls for reform in Togo, NSO Group’s spyware was used to target voices for change including a bishop, priest, and opposition politicians.

Targets were sent emails disguised as important communications, such as official summonses, bearing links to malicious software disguised as important documents. If opened, targets’ computers would have been infected with NetWire, a piece of commodity malware.

In what follows, I first provide a summary of the Citizen Lab’s recent investigation into the security of Zoom’s video conferencing application, and the company’s responses. I then discuss a broader range of digital security risks that are relevant to the work-from-home routines that MPs and their staff are following. Finally, I conclude with six recommendations.

The May 2019 WhatsApp Incident As reported in May 2019, WhatsApp identified and shortly thereafter fixed a vulnerability that allowed attackers to inject commercial spyware on to phones simply by ringing the number of a target’s device. Today Oct 29th, WhatsApp is publicly attributing the attack to NSO Group, an Israeli spyware developer that also… Read more »

English العربية Español   ¿Qué es esto? Esta página está destinada ÚNICAMENTE para los usuarios de Android que han recibido una notificación oficial sobre la posibilidad de haber sido objetivo de un ataque en un incidente relacionado con el software espía desarrollado por NSO Group ocurrido en la primavera del 2019. Si no has recibido… Read more »

English العربية Español ما هذا؟ هذه الصفحة مخصصة فقط لمستخدمي Android الذين تلقوا اتصالًا رسميًا باستهداف محتمل في حادثة تتعلق ببرامج التجسس الخاصة بـ NSO Group والتي حدثت في ربيع عام 2019. في حال لم يتم التواصل معك، فمن المرجح ألا تكون هذه النصيحة مناسبة لك. إذا كنت تبحث عن نصائح عامة حول كيفية رفع… Read more »

In recent days, United Nations Special Rapporteurs have released two revelatory reports that demonstrate the dangerous effects of unchecked technology in the hands of autocrats: one relating to the proliferation and abuse of surveillance software and one that investigates the murder of Washington Post journalist Jamal Khashoggi. Both reports highlight the danger of unaccountable and unregulated surveillance technology sold to countries with egregious human rights records.

18 June 2019 Dear Yana and Stephen Peel, We write to you in light of recent reporting indicating that you both own a stake in Novalpina Capital LLP. As Yana Peel has recently expressed that she believes criticism of NSO Group is “misinformed,” we thought it appropriate to specifically draw Ms. Peel’s attention to the… Read more »

Given Novalpina Capital’s recent acquisition of NSO Group and the obvious human rights concerns raised by NSO Group’s business practices, Citizen Lab’s Ronald Deibert seeks a response from the South Yorkshire Pensions Authority regarding how its investment in Novalpina is consistent with the Authority’s Policy and what measures were taken by the Authority to inform and educate pension fund contributors and members regarding NSO Group.

Spyware developer NSO Group is usually quick to dismiss the evidence that its customers have abused its Pegasus mobile phone spyware. This pattern of denials was repeated in a recent 60 Minutes investigation, which gives a rare look into NSO Group’s management.