Suspected Pegasus spyware infections target UK Prime Minister’s Office

Multiple suspected instances of Pegasus spyware infections have been detected within official UK networks, according to research by Citizen Lab.

Experts at the Toronto-based research facility found evidence of surveillance software being present on devices associated with the UK Prime Minister’s Office and 10 Downing Street.

However, investigations also found instances of surveillance software on devices linked to the British Foreign and Commonwealth Office (FCDO) in its former incarnation as the Foreign Commonwealth Office (FCO).

“We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks,” wrote Citizen Lab’s director Ron Deibert on Monday.

Related: Best identity theft companies.

Surveillance spyware

Pegasus is spyware that has been developed by the Israeli cyber-arms company NSO Group. It can be used to target mobile phones running iOS and Android software and is frequently called upon by governments to tackle crime and terrorism activities.

The US has already sanctioned NSO Group and UK MPs have urged Prime Minister Boris Johnson to do the same. The spyware producer has previously been sued by Meta, the owner’s of WhatsApp in 2019 for enabling the monitoring of its Android users. Apple subsequently did the same thing some two years later.

The government departments have employees in numerous locations around the world and some of the suspected infections are thought to be related to SIM cards used overseas.  

Researchers suspected the spyware infection associated with 10 Downing Street was linked to a Pegasus operator linked to the United Arab Emirates (UAE). Meanwhile, the FCO spyware links were suspected to be associated with India, Cyprus and Jordan, as well as the UAE.

During their investigations, Citizen Lab also identified more than sixty people with links to Catalan civil society groups in Spain, who had been targeted or infected by the spyware. Others had been targeted with Windows surveillance software from Candiru, which has been developed by another Israeli spyware maker.

While they couldn't attribute the attacks to a specific group the researchers found circumstantial evidence that suggested the involvement of Spanish authorities.

Take a look at the best data recovery software.