Cyber surveillance weapon used to target journalists, activists
Monday, July 19, 2021
It strongly denied “false claims” made about the activities of its clients, but said it would “continue to investigate all credible claims of misuse and take appropriate action”. It also said the list could not be a list of numbers “targeted by governments using Pegasus”, and called the 50 000 figure “exaggerated”.
Ilia Kolochenko, founder of ImmuniWeb, and a member of Europol Data Protection Experts Network, says attack attribution in the cases reported is incredibly complex and unreliable.
Firstly, legitimate end-customers could have shared the cyber tool with their foreign partners in exchange for valuable data, zero-day exploits or sophisticated spyware, which is a widespread practice.
“Security teams in charge of such data and intelligence sharing are not necessarily experts in human rights protection and may negligently or unknowingly share the software with some grey- or even black-listed jurisdictions,” he adds.
In addition, Kolochenko says individual security analysts, who are employed by the trusted countries, may occasionally break internal rules and unlawfully share the spyware with unauthorised third-parties, as anti-insider security controls have low technical efficiency in such environments.
“Finally, legitimate end-customers could have been hacked and compromised, eventually exposing access to the software to unauthorised threat actors.”
Either way, he says legal action against NSO is more than likely futile, and any media hype around the alleged incident gives the company publicity. Read Full Article
ITWeb: Kaseya was warned of security flaws years before attack
CPO Magazine: European Union Proposes a Joint Cyber Response Unit To Coordinate Reaction to Security Incidents