CYSE495 Pegasus Blog Assignment
John Cover
According to Tidy, the NSO Group Technology is an Israeli firm that created the Pegasus spyware. The company’s website states they are “developing technology to prevent and investigate terror and crime”. It’s website also states that “NSO products are used exclusively by government intelligence and law enforcement agencies to fight crime and terror”. The NSO Group states that it vets all potential customers to ensure they meet the standards they have set up. If they find out their software is being used illegally, it will shut down that software.
According to The Guardian, “Pegasus is a hacking software that can infect a phone through zero click attacks”, and doesn’t need the phone owner’s interaction to infect a phone. The hacking software can infect a phone by exploiting any vulnerabilities in applications that it may download or that it finds in the phones operating system. Your phone can also become infected if you click on malicious malware in emails or messages. Some of the software applications that maybe the front door to the Pegasus to get into your device are: your SMS apps, WhatsApp, and iMessage are the most popular for this infection.
According to The Guardian, once Pegasus has installed itself on your device, it can make copies of your emails and messages. It can make recordings and it also can turn on your camera. It is also able to look at your browsing history and even make a copy of your address book. All of your personal messages, the websites you look at, the personal emails are all available to other people wanting your information. The devices itself can be either an android or an iPhone device. If it can find a vulnerability in the device it can install itself. According to The Conversation.coms Dowland and Musotto, the best way to combat this infection is to keep your device up to date, don’t open unknown links, avoid free wi-fi areas are some of the standard recommendations.
Despite the NSO Group touting that the Pegasus software is to be used by vetted law enforcement agencies and legitimate governments, I fear that this software is going to wind up in the hands of people its supposed to protect us from. The insinuation from Tidy’s article seems to say that some of the names on the list are now dead. Could this software be used to track down potential targets and get rid of them in a terrorist attack a vigilante attack? What are NSO’s credentials that they can determine who its safe to sell the software to and who it is not safe to sell to? I wonder who is monitoring the usage of this software and what information are they really collecting and for what reason. Privacy issues and rights come into place with civilian individuals that may be targeted. Is it legal without a warrant to infect a person’s phone to gather information on them?
How does the Pegasus spyware work, and is my phone at risk? (theconversation.com)Dowland & Musotto.
What is Pegasus spyware and how does it hack phones? | Surveillance | The Guardian
https://www.bbc.com/news/technology-57881364 Tidy, Joe.