Most serious cyber espionage case in the world uncovered


We have all heard of the Edward Snowden Affair, which hit the headlines and made us deeply aware of the way our personal information is used on a daily basis. On the evening of July 18, more than a dozen different editors made a case of the same level, if not more serious, than the Snowden affair. We take stock of this issue.

Editors who raised a common alarm call in France

Seventeen editorial offices yesterday evening, July 18, 2021, issued a joint alarm call about the “Pegasus Affair”, which is already one of the (or) largest cyber espionage cases in the world. All of these newsrooms had access to just over 50,000 phone numbers given to them by Amnesty International and Forbidden Stories. All of these numbers were potential targets of a powerful spyware called “Pegasus” developed by the Israeli company NSO Group.

Among these potential targets, in which (mixed up, internationally) are a head of state, two European heads of government, princes, princesses, billionaires, ambassadors, generals, but also men and women in the upper levels of power of the former Soviet republic, as well as athletes and journalists, many of them were actually infected by Pegasus. To achieve this result, 80 journalists fought hard trying to find out who all these phone numbers correspond to. A gigantic job.

A perfectly oiled system

The company of the NSO group was founded in 2011 and offers Pegasus software for use “in the fight against terrorism and organized crime”. Even after these latest revelations, the company continues to claim that its solution is being designed to save many lives. So there is no reason for them to deny encumbered customers access to their tool. It is very unlikely, however, that the group is not aware that a very large part of their clients, thanks to this instrument, are conducting total surveillance of political opponents and the population.

It should also not be overlooked that this tool is currently used for large-scale industrial espionage. However, in a recent statement (published in particular by our colleagues at Le Monde), the group defends itself:

The NSO Group strongly denies the false allegations made in your investigation. These allegations are largely unsubstantiated theories that cast serious doubts as to the credibility of your sources, as well as the core of your investigation. Your sources have provided you with information that is not based on fact. The NSO Group will continue to investigate credible allegations of abuse [de son logiciel] and respond to the results of these investigations. This can consist in the fact that certain customers’ access to the system is interrupted in the event of confirmed abuses. He has done this in the past and will not hesitate to repeat it.

A quote that seems a bit questionable given the elements that have just been brought to light. It must be said that the Pegasus software is extremely precise and almost undetectable, which makes it a tool that is not in everyone’s hands. The software is invisible to the phone user and can be installed remotely without being detected. It’s extremely voracious as it literally soaks up all of your data: photos, videos, contacts, locations and even your encrypted messages (WhatsApp, Signal …). Nothing escapes him, or almost.

particularly targeted journalists

At the moment we know that the software has been sold to 55 different countries around the world including several European countries and democracies. Among the tens of thousands of published editions, we find, for example, the numbers of Edwy Plenel (founder of Mediapart and journalist) and Lénaïg Bredoux (journalist of Mediapart).

Photo by Edwy Plenel (2008) – AFP PHOTO / JOEL SAGET.

The editorial team of Mediapart therefore lodged a complaint with the Paris public prosecutor’s office. In fact, journalists are particularly targeted by this software before any other professional group. The software was not used by France, but on the other hand, Morocco, which was using Pegasus, targeted thousands of French people (recognizable by the index +33). Among them are diplomats, senior officials and some of our elected officials.

In addition to the two Mediapart journalists who were attacked, other journalists from different countries around the world were attacked:

Eric Zemmour Journalists from all over the world Journalists from Le Canard enchaîné Journalists from Le Figaro Journalists from AFP Journalists from France Télévisions

It should be noted that some of the journalists attacked only aimed to access their address book (to address other journalists). Internationally, we also record the number of Jamal Khashoggi, the Saudi columnist for the Washington Post, who was murdered in Turkey on October 2nd.

There are also several relatives of the Saudi opponent who were also murdered.

Serious consequences

This case, of course, mirrors the Snowden case, but goes even further in terms of the level of surveillance achieved. This is a very grave human rights violation that goes well beyond simply tapping the phone. It remains to be seen what answers the affected countries will give to see whether it is possible to fight against the software and thus also against the NSO Group.

And if you’re interested in how certain politicians, certain Hollywood stars, or even certain shootings are protected, we invite you to find out how security has been strengthened on the set of The Mandalorian to avoid a possible leak.