NY Times: Modi Bought Israeli Pegasus Spyware as Part of $2 Billion Deal
In a long investigative report titled "The Battle for the World’s Most Powerful Cyberweapon" published today, the New York Times has revealed that the Indian Prime Minister Narendra Modi bought the Pegasus spyware as part of a 2017 $2 billion deal he signed with then Israeli Prime Minister Benjamin Netanyahu.
|Israeli NSO Pegasus Spyware|
Here's the relevant excerpt of the New York Times report on Modi-Netanyahu deal:
"In July 2017, Narendra Modi, who won office on a platform of Hindu nationalism, became the first Indian prime minister to visit Israel. For decades, India had maintained a policy of what it called “commitment to the Palestinian cause,” and relations with Israel were frosty. The Modi visit, however, was notably cordial, complete with a carefully staged moment of him and Prime Minister Netanyahu walking together barefoot on a local beach. They had reason for the warm feelings. Their countries had agreed on the sale of a package of sophisticated weapons and intelligence gear worth roughly $2 billion — with Pegasus and a missile system as the centerpieces. Months later, Netanyahu made a rare state visit to India. And in June 2019, India voted in support of Israel at the U.N.’s Economic and Social Council to deny observer status to a Palestinian human rights organization, a first for the nation".
Mr. Modi has used the Israeli spyware to not only spy on his critics at home but also his perceived enemies abroad. Pakistani Prime Minister Imran Khan is among the most prominent targets of the Modi government's cyber attacks, according to a recently released Project Pegasus report. The Indian government has neither confirmed nor denied the report. The focus of the report is the use of the Israeli-made spyware by about a dozen governments to target politicians, journalists and activists. The users of the Pegasus software include governments of Bahrain, Morocco, Saudi Arabia, India, Mexico, Hungary, Azerbaijan, Togo and Rwanda.
|Indian Prime Minister Modi with National Security Advisor Ajit Doval|
Modi's National Security Advisor (NSA) Ajit Doval is the man behind India's acquisition of cyberweapons like the Israeli Pegasus spyware. Indian National Security Council Secretariat (NSCS), which reports to National Security Adviser (NSA) Ajit Doval, has seen a tenfold increase in budgetary allocation, according to a Hindu newspaper story published in 2017. Prior to becoming Modi's NSA, Doval openly advocated using the Taliban terrorists against Pakistan. Recently, Doval has talked about weaponizing "the civil society" . “The new frontiers of war, what you call the fourth-generation warfare, is the civil society,” he said in November 2021. Elaborating further, he said wars have ceased to become an effective instrument for achieving political or military objectives. They are too expensive or unaffordable and, at the same time, there is uncertainty about their outcome. “But it is the civil society (NGOs) that can be subverted, suborned, divided, manipulated to hurt the interests of a nation. You are there to see they stand fully protected,” he said.
This is not the first time that Pakistan has figured prominently as India's favorite target for cyber hacks. Last year, a report in The Sunday Guardian of India said: "Mobile phones of around 30 Pakistani government servants, who include serving army generals, officials attached with the ISI and senior bureaucrats, were hacked into by using Pegasus spying software during April and May 2019".
In addition to the use of spyware, the Indian government has been engaged in a massive, long-running disinformation campaign targeting Pakistan. EU Disinfo Lab, an NGO that specializes in disinformation campaigns, has found that India is carrying out a massive 15-year-long disinformation campaign to hurt Pakistan. The key objective of the Indian campaign as reported in "Indian Chronicles" is as follows: "The creation of fake media in Brussels, Geneva and across the world and/or the repackaging and dissemination via ANI and obscure local media networks – at least in 97 countries – to multiply the repetition of online negative content about countries in conflict with India, in particular Pakistan". After the disclosure of India's anti-Pakistan propaganda campaign, Washington-based US analyst Michael Kugelman tweeted: "The scale and duration of the EU/UN-centered Indian disinformation campaign exposed by @DisinfoEU is staggering. Imagine how the world would be reacting if this were, say, a Russian or Chinese operation".
|Pegasus Spyware Explained. Source: The Guardian|
Pegasus is spying software made by NSO Group, an Israeli company whose exports are regulated and controlled by the Israeli government. It uses several different messaging apps to plant itself in mobile phones. Last year, Apple issued a warning to its customers of a "zero-click" version of the Pegasus software. It does not require the phone user to click on any links or messages for the spyware to take control of the device. Once installed, it can read and export any information or extract any file from SMS messages, address books, call history, calendars, emails and internet browsing histories.
The Israeli spyware will likely inspire other software developers elsewhere to copy and improve it, contributing to a proliferation of such hacking and spying tools around the world. The governments and officials who use it to target others will eventually become targets themselves, unless the nations of the world agree to some norms of internationally accepted cyber behavior. It's high time to think about it.
South Asia Investor Review
PTM: Lowdown on Manzoor Pashteen
East Pakistan "Genocide" Headline
Ex Indian Spy On RAW's Successes Against Pakistan
Free Speech: Myth or Reality?
Social Media Tribalism
Social Media: Blessing or Curse For Pakistan?
Planted Stories in Media
Indian BJP Troll Farm
Kulbhushan Jadhav Caught in Balochistan
The Story of Pakistan's M8 Motorway
Riaz Haq's Youtube Channel
A world where private sector companies manufacture and sell cyberweapons is more dangerous for consumers, businesses of all sizes and governments. We take this threat seriously and have disrupted the use of certain cyberweapons manufactured and sold by a group we call Sourgum. The weapons disabled were being used in precision attacks targeting more than 100 victims around the world including politicians, human rights activists, journalists, academics, embassy workers and political dissidents. To limit these attacks, we focused on two actions. First, we built protections into our products against the unique malware Sourgum created, and we shared those protections with the security community. Second, we issued a software update that will protect Windows customers from exploits Sourgum was using to help deliver its malware. We’ve undertaken this work in close collaboration with the Citizen Lab at the University of Toronto’s Munk School.
We believe Sourgum is an Israel-based private sector offensive actor or PSOA. Citizen Lab has identified the group as a company called Candiru. Sourgum generally sells cyberweapons that enable its customers, often government agencies around the world, to hack into their targets’ computers, phones, network infrastructure and internet-connected devices. These agencies then choose who to target and run the actual operations themselves.
We initially started this work after receiving a tip from Citizen Lab about malware used by Sourgum. The Microsoft Threat Intelligence Center (MSTIC) and Microsoft Security Response Center (MSRC) spent weeks examining the malware, documenting how it works and building protections that can detect and neutralize it. We named the malware DevilsTongue. We’ve built protections against DevilsTongue into our security products, and we’ve shared these protections with others in the security community so they can protect their customers. Technical information for customers and the security community is available here.
By examining how Sourgum’s customers were delivering DevilsTongue to victim computers, we saw they were doing so through a chain of exploits that impacted popular browsers and our Windows operating system. Earlier this week, we released updates that, when installed, protect Windows customers from two key Sourgum exploits.
These attacks have largely targeted consumer accounts, indicating Sourgum’s customers were pursuing particular individuals. The protections we issued this week will prevent Sourgum’s tools from working on computers that are already infected and prevent new infections on updated computers and those running Microsoft Defender Antivirus as well as those using Microsoft Defender for Endpoint.
This is part of broader legal, technical and advocacy work we’re undertaking to address the dangers caused when PSOAs build and sell weapons. As we’ve previously said, these companies increase the risk that weapons fall into the wrong hands and threaten human rights. That’s why, for example, we filed an amicus brief in a legal case brought by WhatsApp against another PSOA called NSO Group.
As we increase our work to identify PSOAs and disrupt the capabilities of their weapons, we will continue to identify them using the names given to trees and shrubs, as we’ve done with Sourgum. This is similar to how we use elements of the periodic table to name nation-state actor groups we have identified.
We’re grateful to Citizen Lab for sharing the malware that sparked this work and for its offer to work with potential victims of these attacks.
January 22, 2021 Fatima Ahmed and Tajjalla Munir* 0 Comments
By Fatima Ahmed and Tajjalla Munir*
After the advent of nuclear weapons, cyber weapons are the most destructive thing that we can imagine in this contemporary world. Nuclear weapons can lead to tangible damage. In the age when the world has become a global village, cyber weapons pose a threat to international peace. Cyberspace provided the fifth domain in the area of armed conflict. Previously, they were air, land, sea, and space. Nuclear weapons are generally used for deterrence purposes and they are mostly used or considered as last option weapons, cyber-attack on the other hand can be materialized when there is no apparent conflict between two states. Due to the deep enmity between Indian and Pakistan, it will always a threat that both countries can target each other in cyberspace. When a cyber-attack is launched against India and Pakistan, they will blame each other but the perpetrators of this attack could be the third party. That could be state-sponsored cyber-attack or even non-state actors and individuals could carry out such endeavors. This has already happened, when a cyber-attack targeted some websites in India. Initially, Pakistan was made responsible for these attacks but later it was revealed that the offensive was done by a third party. It was due to insecurity and doubt present in both states about each other’s intentions or capabilities. While initially cyber-attacks can be very limited in scope but there are fair chances that it could escalate which could result in a conflict with the use of conventional weapons. Therefore in modern times, cyber weapons pose a great threat to the peaceful relations between India and Pakistan. That will ultimately lead to regional instability.
In light of the latest NYT report that Pegasus was sold to India in 2017,same year PM Modi visited Israel....here is our February 2017 report on NSCS budget (Rs 333 crore) getting an inexplicable tenfold hike in 2017-18 budget.
Security council secretariat gets Rs.333 crore, a tenfold hike
The National Security Council Secretariat (NSCS), which reports to National Security Adviser (NSA) Ajit Doval, has seen a tenfold increase in budgetary allocation this year.
Last fiscal, though ₹33 crore was allotted to the NSCS, it ended up spending ₹81 crore; this year the allocation has shot up to ₹333 crore.
NSCS works as an advisory group, comprising various experts on security-related matters, and is headed by deputy NSA Arvind Gupta. The body is responsible for advising the Prime Minister on key strategic and security issues, both on domestic as well as international fronts, and consists of academics and eminent professionals.
Brainchild of Brajesh
Mr. Doval, who is said to be the final authority on all major security-related decisions, has had a deep interest in reviving the scope of NSCS, which was the brainchild of late former NSA Brajesh Mishra.
Mr. Mishra set up the NSCS in 1998 under the then Prime Minister Atal Bihari Vajpayee.
In 2011-12, only ₹ 17.43 crore was allocated for the body. In 2012-13, it was marginally increased to ₹20.33 crore, going up to ₹26.06 crore in 2013-14.
After NDA-II came to power in 2014-15, the allocation for NSCS was increased to ₹44.46 crore but it could spend only ₹25 crore.
The National Security Advisory Board (NSAB), which draws experts from all fields, is a subsidiary of NSCS and so is the Joint Intelligence Committee (JIC). The allocation for the office of the Principal Scientific Adviser to the Prime Minister has also increased substantially from ₹5.19 crore to ₹34.83 crore.
“The funds being allotted for NSCS were always insufficient and the increase in funds is a welcome step. It does security analysis, war-gaming etc. and advises the government on key security issues,” said a former member of NSCS, on condition of anonymity.
NSCS has about 100 staff of all scales. “The increase has got to do with activities. There is much more activity than ever in the past,” said a senior official.
Another official pointed out that NSCS has a limited ambit, so it was surprising to see such a dramatic budget hike.
"The government, on the floor of the House, always maintained that it had nothing to do with the Pegasus spyware and it never bought the spyware from the NSO Group... in light of the revelations… it appears that the Modi government has misled the parliament and the Supreme Court," Congress' leader in the Lok Sabha, Adhir Ranjan Chowdhury, wrote in a letter to the Speaker.
The allegations are expected to result in a heated debate as parliament assembles for a joint session of both houses. This comes ahead of the annual budget, which will be tabled on Tuesday, and days before five states go to the polls to elect a new government.
A fresh plea seeking a police investigation has been filed in the Supreme Court, which began an inquiry into the matter when allegations first emerged last year.
What are the allegations?
Last year, Indian media outlet The Wire reported that some 160 Indians, including prominent activists, lawyers and politicians, were spied on using the Pegasus malware.
Pegasus infects iPhones and Android devices, allowing operators to extract messages, photos and emails, record calls and secretly activate microphones.
An investigation by a global consortium of media outlets showed how the malware was used by governments around the world to hack phones of dissidents. The targets' phone numbers were on a database believed to be of interest to clients of Israeli firm NSO.
It's unclear where the list came from or how many phones were hacked - and NSO has denied any wrongdoing. It said the software was intended for tracking criminals and terrorists and was only sold to military, law enforcement and intelligence agencies from countries with good human rights records.
NSO was also accused of cyber attacks against Indian journalists and activists in 2019 - NSO Group denied the allegations.
But the New York Times reported on Friday that Pegasus and a missile system were the "centrepieces" of a roughly $2bn deal that took place between India and Israel in 2017 when Mr Modi made his first trip to the country. The visit - and a subsequent one by Mr Netanyahu the following year - marked a significant turn in India's relationship with Israel.
The fresh allegations sparked a political storm, with opposition leaders demanding answers from Mr Modi.
Congress party leader Rahul Gandhi accused the government of treason, and Congress MP Mallikarjun Kharge accused the government of acting "like the enemies of India".
What has Mr Modi 's government's said?
The government has denied that it ordered any unauthorised surveillance.
Last year, IT minister Ashwini Vaishnaw had called the allegations a "sensational" attempt "to malign Indian democracy and its well established institutions" - he told parliament in September that the government "has not had any transaction with NSO Group Technologies".
But there has been no statement from Mr Modi or his ministers since the latest allegations emerged. Opposition politicians have questioned the government's "silence" on the issue and demanded that Mr Modi address the country.
In September, the Supreme Court set up a panel to look into the allegations after the government repeatedly failed to respond to its questions, citing national security. The court had said the government had left it with "no option but to accept the prima facie case made out by the petitioners".
The Ministry of External Affairs today said it “does not comment on observations from private individuals” when asked to react to claims by leading Pakistani businessman Mian Muhammad Mansha that backchannels were working between Pakistan and India that would hopefully yield good results.
“If things improve between the two neighbours, Indian Prime Minister Narendra Modi could visit Pakistan in a month,” he told a gathering of businessmen at the Lahore Chambers of Commerce and Industry on Wednesday. But MEA spokesperson Arindam Bagchi neither confirmed nor denied the claim and instead said it was not the practice of South Block to comment on statements by private individuals.
The Chairman of the Lahore-based Nishat Group warned that there would be disastrous consequences if the Pakistan economy did not improve and advised Islamabad to improve trade relations with India. “Europe fought two great wars, but ultimately settled for peace and regional development. There is no permanent enmity,” he observed in this context. There were similar reports last year of backchannel talks brokered by the UAE, leading to a ceasefire on the Line of Control but further conversation was discontinued.
Trade relations between the two countries were suspended in August 2019 after India revoked Article 370 in Jammu and Kashmir.