Palestinian Activists Phones Hacked by NSO Spyware

The mobile phones of six human rights activists from Palestine, some of whom work for organisations that were controversially accused by Israel of being terrorist groups, were recently hacked by Israel's NSO Group using sophisticated spyware known as Pegasus. One of these cases of hacking was found to have taken place as far back as July 2020. This is the first known instance of Palestinian activists being targeted by military-grade spyware. It is not known who placed the spyware, but the threat actors have surreptitiously gained access to everything stored on the hacked phones including real time communications. 

Pegasus spyware is one of the most powerful cyber surveillance tools available today. Threat actors have the ability to take full control of a target’s device, download all of a victim's data and even activate the device's camera and microphone without the user's knowledge. Older versions of Pegasus required the owner of a device to download the malicious payload themselves, whether it was a file or by clicking on a link, to give the operator access to the device, but newer versions have become more sophisticated, giving away control of a device without the user needing to do anything. 

One of the victims possesses both an American and Palestinian passport and stated that the incident just goes to prove that  no Palestinian is immune to these kinds of violations, even the ones who hold foreign passports. He strongly believes that as long as you’re Palestinian you will always be a target. Sadly that would seem to be the case. With the Palestinian population under military occupation, people are exposed to espionage and surveillance by Israeli intelligence. Any evidence found can be used for political persecution and the chances of victims getting a fair trial in a military court are null and void. Whatever might be found while surveying the population's personal devices could lead to much more serious ramifications than just a case of cyber security breaches, it could potentially endanger someone's life. 

The scope of NSO Group’s activities was revealed thanks to joint reports and investigations by Citizen Lab and Amnesty International. They found that the NSO’s software had been used in many countries with poor standards of human rights to hack the phones of activists, journalists, and politicians.  

Earlier this week the United States blacklisted the NSO Group for deploying and supplying spyware tools to maliciously target activists, government officials, and journalists.  

An incident such as this is a prime example of the real world applications that cyber breaches can cause; the victims have no reason not to believe that it wasn’t the Israelis that were responsible for this extreme violation of their privacy and possible endangerment of their already scarce safety.