With many governments (including the UK Government) being targeted with Pegasus phone-spying software, there’s now news that Spain’s PM’s has also been hit. 

What Is Pegasus? 

Pegasus spyware is sold by Israeli-based NSO Group to governments to carry out surveillance by infecting phones with surveillance software. The software is sold to nation states, for millions of (US) dollars as a complete surveillance toolkit. 

What Can It Do? 

Pegasus can extract the contents of a phone, give the operator access to any texts, photographs, the camera, and the microphone. This gives the Pegasus operator the ability to conduct real-time surveillance and extract sensitive data. Pegasus is typically used by law enforcement for tracking criminals, or for authoritarians / governments listening-in on people of interest such as journalists and activists as a way of quashing dissent.  

What Happened In Spain? 

Spain’s minister for the presidency, Félix Bolaños, recently announced at a press conference that the mobile phones of both Spain’s prime minister Pedro Sánchez, and defence minister Margarita Robles had been infected by Pegasus in May and June 2021.

Data Extracted 

It was announced that the phones belonging to Spain’s PM Pedro Sánchez phone had been infected twice, resulting in a large amount of data being extracted. 

Who Was Responsible? 

No country has been specifically identified but, based on that claim that the data extraction couldn’t be traced to any Spanish state agency, the perpetrators have been described as an “external” force. 

Previous Infections – Catalan’s Politicians & More 

Earlier this month, the University of Toronto’s Citizen Lab revealed that at least 65 Catalan politicians and activists had been targeted by Pegasus and Candiru spyware. These included the president of the Catalan government, Pere Aragonès, European Parliament members, Catalan legislators, jurists, activists, and some of their family members. It has been reported that suspicion over these hacks have been focused on the Spanish government in Madrid given its opposition to and the crushing of Catalonia’s attempt at independence. 

Inquiry To Meet 

Following the spyware attack and the potentially serious consequences, the European Parliament’s Pegasus inquiry will meet this week in Strasbourg to find a way to stop spyware being used in Europe. 

What Does This Mean For Your Business? 

Many countries are reported to be using Pegasus and similar solutions, mostly as a constructive way to fight crime and get the heads-up on any possible national security threats. It was perhaps not a surprise that the finger was pointed at Madrid over the use of spyware on Catalan politicians but the discoveries of spying on the heart of the UK and Spain’s government has caused real concern. Although European governments probably recognise the importance of their own use of perhaps Pegasus or similar, these recent incidents could galvanize efforts in the EU to provide better protection and find a way to stop spyware being used across Europe. Ways to avoid phone infection by Pegasus includes rebooting the device daily (to clean it), disabling iMessage and Facetime (exploitation vectors), keeping the device up to date with the latest patches, and never clicking on unsolicited links in SMS or email messages.