Tech News : Pernicious Pegasus Plagues (Another) Prime-Minister  

Written by Pronetic

Pronetic is a leading provider of core IT support for ISO 27001, Cyber Essentials and Cyber Essentials Plus compliance.

May 4, 2022

With many governments (including the UK Government) being targeted with Pegasus phone-spying software, there’s now news that Spain’s PM’s has also been hit. 

What Is Pegasus? 

Pegasus spyware is sold by Israeli-based NSO Group to governments to carry out surveillance by infecting phones with surveillance software. The software is sold to nation states, for millions of (US) dollars as a complete surveillance toolkit. 

What Can It Do? 

Pegasus can extract the contents of a phone, give the operator access to any texts, photographs, the camera, and the microphone. This gives the Pegasus operator the ability to conduct real-time surveillance and extract sensitive data. Pegasus is typically used by law enforcement for tracking criminals, or for authoritarians / governments listening-in on people of interest such as journalists and activists as a way of quashing dissent.  

What Happened In Spain? 

Spain’s minister for the presidency, Félix Bolaños, recently announced at a press conference that the mobile phones of both Spain’s prime minister Pedro Sánchez, and defence minister Margarita Robles had been infected by Pegasus in May and June 2021.

Data Extracted 

It was announced that the phones belonging to Spain’s PM Pedro Sánchez phone had been infected twice, resulting in a large amount of data being extracted. 

Who Was Responsible? 

No country has been specifically identified but, based on that claim that the data extraction couldn’t be traced to any Spanish state agency, the perpetrators have been described as an “external” force. 

Previous Infections – Catalan’s Politicians & More 

Earlier this month, the University of Toronto’s Citizen Lab revealed that at least 65 Catalan politicians and activists had been targeted by Pegasus and Candiru spyware. These included the president of the Catalan government, Pere Aragonès, European Parliament members, Catalan legislators, jurists, activists, and some of their family members. It has been reported that suspicion over these hacks have been focused on the Spanish government in Madrid given its opposition to and the crushing of Catalonia’s attempt at independence. 

Inquiry To Meet 

Following the spyware attack and the potentially serious consequences, the European Parliament’s Pegasus inquiry will meet this week in Strasbourg to find a way to stop spyware being used in Europe. 

What Does This Mean For Your Business? 

Many countries are reported to be using Pegasus and similar solutions, mostly as a constructive way to fight crime and get the heads-up on any possible national security threats. It was perhaps not a surprise that the finger was pointed at Madrid over the use of spyware on Catalan politicians but the discoveries of spying on the heart of the UK and Spain’s government has caused real concern. Although European governments probably recognise the importance of their own use of perhaps Pegasus or similar, these recent incidents could galvanize efforts in the EU to provide better protection and find a way to stop spyware being used across Europe. Ways to avoid phone infection by Pegasus includes rebooting the device daily (to clean it), disabling iMessage and Facetime (exploitation vectors), keeping the device up to date with the latest patches, and never clicking on unsolicited links in SMS or email messages.

You May Also Like…

0 Comments

Why Choose Pronetic

We Are ISO 27001 & Cyber Essentials Plus Certified

Be reassured that we have been externally audited. You can have complete peace of mind that the team managing your IT systems and safeguarding your data are independently vetted annually.

Seamless & Comprehensive IT Support

Our investment in people, tools and processes, continuously improved, ensures that we don’t just deliver exceptional I.T. support but include your compliance to Cyber Essentials or ISO 27001 “baked-in”. Yes, that means no more annual headaches and stress when your certification comes round.

Expert Support Money Back Guarantee

We're confident in the value we deliver. That's why we offer a 90-day, no-quibble money-back guarantee. If, for any reason, you're not completely satisfied with our IT support services, we'll provide a full refund and cancel your contract without any hassle.

Book Your Free IT Strategy Call Now!

Simply Fill In The Form Below To Receive Your Free IT Strategy Call:

By submitting this form, you consent to us using your personal information to contact you. For more information please see our privacy policy.