Project Pegasus: WhatsApp head says governments need to hold NSO Group accountable

Terming the latest revelations on the widespread use of Israeli-firm NSO Group’s Pegasus spyware as a wakeup call for security on the internet, WhatsApp head Will Cathcart said that there is a growing need for “more companies, and, critically, governments, to take steps to hold NSO Group accountable.” He urged for a “global moratorium on the use of unaccountable surveillance technology now,” adding that it was past time.

He also added that the latest Pegasus revelations underline why the company continues to defend end-to-end encryption (E2E) so tirelessly, adding that “deliberately weakening security will have terrifying consequences for us all.” In May, WhatsApp had moved the Delhi High Court against the government’s new IT rules, arguing that the traceability clause was a violation of privacy.

A global collaborative investigative project has revealed that nearly over 1000s of mobile phones were targeted globally using the sophisticated spyware. Around 300 mobile phone numbers in India were likely targeted with Pegasus. According to reports, two serving Ministers in the Narendra Modi government, three Opposition leaders, one constitutional authority, several journalists and business persons were likely targeted.

In a Twitter thread, Cathcart says that the latest revelations by the Guardian and Washington Post confirm what the company and others have been saying for many years. “NSO’s dangerous spyware is used to commit horrible human rights abuses all around the world and it must be stopped. Human rights defenders, tech companies and governments must work together to increase security and hold the abusers of spyware accountable,” he wrote.

He also praised Microsoft, and stated that the company “bold in their actions last week,” referring to the company’s revelations around Israeli firm Candiru and its tools being used to hack into Windows.

Cathcart also highlighted how NSO used vulnerabilities in WhatsApp to target users, which was first revealed in 2019.

“They rely on unknown vulnerabilities in mobile OSes, which is one of the reasons why we felt it was so important to raise awareness of what we’d found. At the time, we worked with @CitizenLab, who identified 100+ cases of abusive targeting of human rights defenders and journalists in 20+ countries. But today’s reporting shows that the true scale of abuse is even larger, and with terrifying national security implications,” he wrote.

He also thanked Microsoft, Google, Cisco, VMWare, the Internet Association and others for speaking up against the perils of giving spyware firms like NSO immunity.

He also responded to a tweet about on backdoor entry, which intelligence authorities in many countries keep insisting on. He tweeted, “There is no such thing as an encryption backdoor for just the good guys. A backdoor would be abused. And a backdoor would be a gift to hackers, criminals, spyware companies, and hostile governments, with dangerous consequences for safety and security.”

Leave a Reply

Your email address will not be published. Required fields are marked *