The field of cybersecurity has resulted in the creation and blossoming of many tech companies that aim to secure and protect data, deterring and preventing attacks on the public. There is a question to be raised, however: what happens when the companies that are supposed to protect turn out to be the threat?
Recently, a scenario fitting this question has come into the limelight. The Israeli cybersecurity company, NSO Group Technologies, has been exposed for developing a spyware known as Pegasus, effectively turning mobile devices into surveillance tools. The NSO Group has stated that Pegasus is sold exclusively to a select number of countries, prospective buyers’ human rights histories are vetted prior to the sale, and that the technology is aimed to be used to fight against criminals (Schless). The modern-day version of Pegasus can infect devices independent of any victim’s action. The most notable version of this used by Pegasus is “a missed call on WhatsApp, and can even delete the record of the phone call, making it impossible for the phone’s owner to know anything is amiss” (Gurijala). This zero-click exploit will allow Pegasus to collect any type of data wanted from the device, such as browsing history and location records.
While the list of people that are targeted by Pegasus are “high-target individuals” such as heads of states and political dissidents (Estrin), that does not mean that the public should not be concerned about Pegasus. The software may claim to only be used to track criminals and potential security threats, but when will that turn towards the general public? The fact that it is not an impossibility still provides an ever-growing hole in everyone’s privacy.
Gurijala, Bhanukiran. “What is Pegasus? A cybersecurity expert explains how the spyware invades phones and what it does when it gets in.” The Conversation, https://theconversation.com/what-is-pegasus-a-cybersecurity-expert-explains-how-the-spyware-invades-phones-and-what-it-does-when-it-gets-in-165382. Accessed 29 August 2021.
Estrin, Daniel. “What to know about the spying scandal linked to Israeli tech firm NSO.” NPR, https://www.npr.org/2021/08/25/1027397544/nso-group-pegasus-spyware-mobile-israel. Accessed 29 August 2021.
Schless, Hank. “Protect Yourself from Powerful Pegasus Spyware.” Lookout, https://blog.lookout.com/protect-against-pegasus-spyware. Accessed 29 August 2021.
https://cdn.le-vpn.com/wp-content/uploads/2019/12/What-is-spyware-1200×628.png
Spyware like this will become more and more common, and I agree that it will be turned on the public eventually, if it has not already been. Yes, there are background checks done (Pegg and Cutler, 1) but is that really enough? Once the spyware has been given to a party they can use it as they please. Something like this is hardly able to be monitored, and even it’s public use is questionable. It’s targeted use of being used against political dissidents is already a moral gray area, but imagine the consequences of this being used on innocent civilians. Nobody but the spyware owners would be safe.
https://www.theguardian.com/news/2021/jul/18/what-is-pegasus-spyware-and-how-does-it-hack-phones?utm_source=digg
This issue has been arising along with technology and will not go away any time soon. The U.S is very lax with its cyber laws allowing companies to use applications on your own host device to pull data, cookies, and any other types of information that they could benefit from or sell. It is concerning to see “its meant to track criminals” but can just as easily be used on anyone for anything. I think a lot of the security is on the user and his/her ability to run diagnostics or stay away from obvious intrusion attempts. But for someone who is not technologically savvy this could result in major issues