Context:
The Supreme Court will be hearing the case pertaining to the alleged use of the Pegasus spyware software later this month.
Relevance:
GS-III: Internal Security Challenges (Basics of Cyber Security; Role of media and social-networking sites in internal security challenges; Internal security challenges through communication networks), GS-II: Polity and Constitution (Constitutional Provisions, Fundamental Rights, Important Judgements)
Dimensions of the Article:
- About the Pegasus Project
- How dangerously compromising is Pegasus?
- What is a spyware and what are other similar types of Cyber Attacks?
- Pegasus in the news in the past
- About the Pegasus Attacks in India
About the Pegasus Project
- Pegasus is a type of malicious software or malware classified as a spyware that enables law enforcement and intelligence agencies to remotely and covertly extract” data “from virtually any mobile devices”
- Pegasus is designed to gain access to devices, without the knowledge of users, and gather personal information and relay it back to whoever it is that is using the software to spy.
- A zero-click attack helps spyware like Pegasus gain control over a device without human interaction or human error. Pegasus can infect a device without the target’s engagement or knowledge. So, all awareness about how to avoid a phishing attack or which links not to click are pointless.
- Pegasus was developed by the Israeli firm NSO Group that was set up in 2010 and since then NSO’s attack capabilities have become more advanced.
How dangerously compromising is Pegasus?
- Upon installation, Pegasus contacts the attacker’s command and control (C&C) servers to receive and execute instructions and send back the target’s private data, including passwords, contact lists, calendar events, text messages, and live voice calls (even those via end-to-end-encrypted messaging apps).
- The attacker can control the phone’s camera and microphone, and use the GPS function to track a target.
- To avoid extensive bandwidth consumption that may alert a target, Pegasus sends only scheduled updates to a C&C server.
- The spyware is designed to evade forensic analysis, avoid detection by anti-virus software, and can be deactivated and removed by the attacker, when and if necessary.
What is a spyware and what are other similar types of Cyber Attacks?
What is Malware?
- Malware is short for malicious software and it is a catch-all term for various malicious software, including viruses, adware, spyware, browser hijacking software, and fake security software.
- Ransomware, Spyware, Worms, viruses, and Trojans are all varieties of malware.
Types of Malware
- Viruses which are the most commonly-known form of malware and potentially the most destructive. They can do anything from erasing the data on your computer to hijacking your computer to attack other systems, send spam, or host and share illegal content.
- Worm is a type of malware that spreads copies of itself from computer to computer which can replicate itself without any human interaction, and it does not need to attach itself to a software program in order to cause damage.
- Trojan is a type of malware that is often disguised as legitimate software which can be employed by cyber-thieves and hackers trying to gain access to users’ systems.
- Spyware collects your personal information and passes it on to interested third parties without your knowledge or consent. Spyware is also known for installing Trojan viruses.
- Ransomware is malware that employs encryption to hold a victim’s information at ransom.
- Adware displays pop-up advertisements when you are online.
- Fake security software poses as legitimate software to trick you into opening your system to further infection, providing personal information, or paying for unnecessary or even damaging “clean ups”.
- Browser hijacking software changes your browser settings (such as your home page and toolbars), displays pop-up ads and creates new desktop shortcuts. It can also relay your personal preferences to interested third parties.
Pegasus in the news in the past
- The earliest version of Pegasus discovered, which was captured by researchers in 2016, infected phones through what is called spear-phishing – text messages or emails that trick a target into clicking on a malicious link.
- In 2019, WhatsApp blamed the NSO Group for exploiting a vulnerability in its video-calling feature which secretly transmitted malicious code in an effort to infect the victim’s phone with spyware without the person even having to answer the call.
- In 2020, a Citizen Lab report flagged how government operatives used Pegasus to hack 37 phones belonging to journalists, producers, anchors, and executives at Al Jazeera and London-based Al Araby TV
About the Pegasus Attacks in India
- Human Rights activists, journalists and lawyers around the world have been targeted with phone malware sold to authoritarian governments by an Israeli surveillance firm.
- Indian ministers, government officials and opposition leaders also figure in the list of people whose phones may have been compromised by the spyware.
- Indian politicians and journalists, several Delhi-based diplomats, employees of international NGOs like the Bill and Melinda Gates Foundation etc., have been reported to be present in the list of those targeted by the Pegasus Spyware.
- The Indian government has denied any wrong doing or carrying out any unauthorised surveillance, but has not confirmed or denied whether it has purchased or deployed Pegasus spyware.
-Source: The Hindu