UK official networks, PMO infiltrated using Pegasus, says research centre report

Operators in India, Cyprus, UAE and Jordan used the Pegasus spyware to hack the official networks of senior government officials in the United Kingdom, including those with Prime Minister Boris Johnson's office, according to a report by a Canadian research centre.

Citizen Lab said it believed the targeting connected to the prime minister's office was done by NSO clients in the United Arab Emirates while the British foreign ministry hacking came from other countries, including Cyprus, Jordan and India.

The breaches are believed to have taken place in 2020 and 2021. The report, published by Citizen Labs, said that there were several instances of infiltration detected. "These included the Prime Minister’s Office (10 Downing Street) and the Foreign and Commonwealth Office (FCO) … the suspected infections relating to the FCO were associated with Pegasus operators that we link to the UAE, India, Cyprus, and Jordan. The suspected infection at the UK Prime Minister’s Office was associated with a Pegasus operator we link to the UAE," the report said.

Also Read: 'Pegasus was offered at Rs 25 cr, we refused it', claims Mamata

The report likened the infiltrations to the US State Department efforts in Uganda in 2021. "... the suspected FCO infections we observed could have related to FCO devices located abroad and using foreign SIM cards, similar to the hacking of foreign phone numbers used by US State Department employees in Uganda in 2021," the report said.

The Canada-based Citizen Labs was the first to report the Pegasus software attacks in 2018, which garnered widespread attention in India due to allegations of the government using it to monitor rival politicians, senior bureaucrats and journalists.

An NSO spokesperson said the allegations are "false and could not be related to NSO products for technological and contractual reasons".

A British government spokesperson said "we do not routinely comment on security matters".

Cyprus authorities "categorically deny" any involvement in the matter, government spokesperson Marios Pelekanos told Reuters.

"However, to avoid any further speculations on a Cyprus link, we note that the Government of the Republic of Cyprus, which enjoys excellent relations with the British Government in all fields, has never been approached with any sort of inquiry on the subject at large by the relevant British authorities," he said in an emailed statement.

Pegasus can be used to remotely break into iPhones, giving clients deep access into a targeted phone's memory or turning them into recording devices.

Citizen Lab found evidence of the compromised UK devices by monitoring internet traffic and other digital signals to spy servers that control Pegasus for various NSO clients.

"We identified infections emanating from those UK networks based on a variety of network scanning methods we use, and notified the relevant UK authorities of our suspicions at the time for them to follow up," Citizen Lab Director Ron Deibert wrote in the blog post. "We did not have access to any devices, and do not have any information on specific victims."

(With inputs from Reuters)

Watch the latest DH Videos here: