Numerous journalists from seventeen news agencies worked together to uncover evidence of industrial-scale espionage targeting journalists, activists, politicians and executives.
And the revelations are just beginning.
The consortium began publishing its results on Sunday. The stories suggest that numerous media outlets were “possible candidates for surveillance,” as The Guardian put it. Forensic tests confirmed the presence of spyware on some phones.
More will come out in the next few days. The participating news agencies call this the “Pegasus Project”, based on the name of the spyware Pegasus, which is supposedly licensed by the NSO Group to track down terrorists and major criminals. How was the spyware used? Has it been abused? These are two of the central questions.
The important things first…
How did this investigation begin? The Washington Post editor-in-chief Sally Buzbee stated this in a letter from the editor on Sunday afternoon. “The project was conceived by Forbidden Stories, a not-for-profit journalism organization based in Paris, which, together with Amnesty International, a human rights group, had access to the records that formed the basis of our reporting: a list of more than 50,000 cell phone numbers concentrated in countries, who are known to monitor their citizens and were also customers of the NSO Group, “wrote Buzbee.
“Although the purpose of the list could not be conclusively determined, it is a fascinating document,” wrote Buzbee. “Of the more than 1,000 identities that could be verified, there were at least 85 human rights activists, 65 business people, several members of Arab royal families, 189 journalists and 600 government officials and politicians in more than 50 countries.”
Amnesty’s Security Lab was able to examine 67 smartphones. “Of these, 23 were successfully infected and 14 showed signs of a penetration attempt,” reported WaPo. “The remaining 30 tests were unsuccessful, in several cases because the phones were replaced.”
WaPo interviewed some of the individuals involved, including Siddharth Varadarajan, co-founder of The Wire, a not-for-profit news agency in India. “This is an incredible procedure and journalists shouldn’t have to deal with it,” he said after learning that his phone was infected. “Nobody should have to deal with it.”
Who is on the list?
Here’s what WaPo reported: “Among the journalists whose numbers appear on the list dating to 2016 are reporters who work for several leading news organizations overseas, including a small number from CNN, Associated Press, Voice of America, The New York Times, the Wall Street Journal, Bloomberg News, Le Monde in France, the Financial Times in London and Al Jazeera in Qatar. “
There’s a lot of uncertainty associated with that, as Devan Cole noted in a story for CNN.com. But Amnesty’s general secretary, Agnes Callamard, came out peppy. “The number of journalists identified as target persons clearly shows how Pegasus is used as an instrument to intimidate critical media. It’s about controlling public narratives, resisting scrutiny and suppressing any dissenting voice, “Callamard said on Sunday.
This line in the WaPo story also caught my eye: “After the investigation began, several reporters from the consortium learned that they or their family members had been successfully attacked with Pegasus spyware.”
“Out in the open…”
CNN has not independently verified the results of the Pegasus project investigation. The seventeen participating media are Forbidden Stories, The Washington Post, Le Monde, Süddeutsche Zeitung, Die Zeit, The Guardian, Daraj, Direkt36, Le Soir, Knack, Radio France, The Wire, Proceso, Aristegui Noticias, Organized Crime and Corruption Reporting Project , Haaretz and PBS “Frontline”.
In order to get an overview of the results so far, “Frontline” operates a live blog that links to important stories from the other partners. Here is the key quote from Dana Priest, one of the bylines of the WaPo report, which is also in a “Frontline” report. “For the first time,” said Priest, “we can give readers a sense of how huge the private and unregulated espionage business has become. It has been a unique and truly exciting experience to work with so many foreigners.” Journalists to pool our sources and resources to get this difficult story to the public where it should be. “
Answer from the NSO Group
Quoted from Devan Cole’s story: “In a long statement to CNN on Sunday, the NSO Group strongly denied the results of the investigation, saying in part that it ‘s only selling its technology to law enforcement and intelligence agencies to save lives” by law enforcement and intelligence agencies the prevention of crime and acts of terrorism. ‘”
The NSO Group also said it “does not operate the system and has no view of the data”. It said it would continue to “investigate all credible allegations of abuse and take appropriate action based on the results of those investigations …