By Yanis Iqbal
We live in a dystopian world. On July 18, 2021, Forbidden Stories, a Paris-based media nonprofit, and the human rights group Amnesty International – in coordination with a media consortium of more than 80 journalists from 17 news outlets in 10 countries – published an investigative report detailing the ruthlessness of techno-tyranny. Since 2016, governments across the world have been using Israeli NSO group-owned Pegasus spyware to snoop on a long catalog of more than 50,000 people in 50 countries. The identified targets include politicians, human rights activists, dissidents, journalists, business executives, religious leaders, and academics.
Among the clients of NSO are governments notorious for the brazen infringements of democratic norms. Pegasus was used to track journalist Jamal Khashoggi prior to his assassination by Saudi Arabian crown prince Mohammed bin Salman. Several members of Khashoggi’s family, as well as close associates and Turkish officials investigating the murder, were targets for NSO’s spyware. Khashoggi’s fiancée, Hatice Cengiz, was allegedly hacked with Pegasus spyware just four days after his murder.
Mexico, with multiple agencies purchasing Pegasus and a suspected 15,000 targets, is the most dangerous country for journalists in the world outside of active war zones. Since 2010, 86 journalists have been killed. In the words of a Guardian report, “cybersurveillance is unregulated and out of control in Mexico – a country where federal and state governments have long used informants, infiltrators and listening devices to monitor and repress dissent.” The notoriety of Pegasus in Mexico’s dirty war of repression was openly repealed when Mexican investigative journalist Javier Valdez Cárdenas was butchered in broad daylight on a street in Culiacan, the capital of the Mexican state of Sinaloa.
The killing on May 15, 2017, had been declared a cartel affair, a prima facie credible explanation considering Valdez’s unrelenting examinations of organized crime in Sinaloa. But there was more to this than met the eye. In June 2017, Mexican media outlets loudly mentioned the shady fact that the government of former president Enrique Peña Nieto had purchased the good merchandise of Pegasus. Three Mexican agencies had purchased spyware to the tune of $80 million since 2011. Canadian research group Citizen Lab, in collaboration with Mexican digital rights outfits, made the case that the widow of the slain journalist, Griselda Triana, became a target of Pegasus spyware within 10 days of her husband’s death in 2017.
The pervasive presence of Pegasus software is built upon its sheer powerfulness. It is capable of monitoring all information stored on a smartphone, including texts, emails, and images, as well as encrypted data and list of contacts. It is even capable of accessing the victim’s GPS, as well as activating a microphone or camera to record conversations. Pegasus derives these dangerous capacities from the deployment of a potent mix of “spear phishing” and “zero-click attacks”. While the former involves the fraudulent practice of sending ostensibly legitimate links to attack devices, the latter bypasses the need for user interactions.
With its insidious combination of dynamic techniques, Pegasus becomes effectively omnipotent. The software is virtually undetectable, living in the temporary memory of a device and leaving no trace once the device is shut down. Moreover, once infected, the spyware is capable of enabling administrative privileges for itself. The question is: who is responsible for the creation and continuous consolidation of this toxicity? In 2019, The New York Times reported that Pegasus was largely developed by veterans of Unit 8200 – the Israeli military’s cyberwarfare division directing the digital strangulation of Palestinians.
In response to the present-day happenings, The Washington Post has noted that “Pegasus was engineered a decade ago by Israeli ex-cyberspies with government-honed skills.” “The Israeli defense ministry must approve any license to a government that wants to buy it, according to previous NSO statements.” According to Ali Abunimah, “The Israeli government’s role in licensing NSO Group’s sales does not appear to be merely a passive process of issuing approvals. Rather, Israel sees these firms as extensions of its reach as it fosters ties with governments across the region.”
Indeed, on July 13, 2020, an Israeli court rejected a petition to revoke the export license of the NSO Group. The judge said that the petitioners have failed to provide enough evidence that an attempt was made to hack into the phone of a human rights activist. The petition was filed by Amnesty International and 30 other human rights activists in January 2020 on many allegations, including the targeting of one of its employees. Reacting to Pegasus’ intimate links with the Israeli security apparatus, the whistleblower and former National Security Agency (NSA) contractor Edward Snowden said: “the NSO group…should bear direct, criminal liability for the deaths and detentions of those targeted by the digital infection vectors it sells, which have no legitimate use.”
Israel’s role in mixing the putrid cocktail of technological subjugation is conjunctural; the structural source of these ills – wretched oligarchies controlling democratic institutions and sordid campaigns against the media – is to be found in contemporary capitalism. In 2014, John Bellamy Foster and Robert W. McChesney wrote: “Financialization – or the long-term growth of speculation on financial assets relative to GDP – meant the intrusion of finance into all aspects of life, requiring new extensions of surveillance and information control as forms of financial risk management. As the economy became more financialized, it became increasingly vulnerable to financial meltdowns, increasing risk perceptions on the part of investors and the perceived need for risk management, encryption of data, and security.”
Gradually, a strong imperative of control emerged, represented in the extractive surveillance systems that help corporations govern people, regulate access, and modify behaviors. The drive toward micromanagement embedded sensors everywhere, connected everything to internet, and expanded and enhanced social control over populations via algorithmic analysis. It took no time for this financial- digital complex of gigantic proportions to transform into a technological tool for repression of dissident groups. As unknown entities harvested our data – our identities, beliefs, behaviors, and other personal information – for unknown purposes, increasingly invasive systems were born, dedicated to probing, tracking, and analyzing people. Thus, data mining and authoritarianism went hand in hand. Pegasus is a product of this ugly monster enveloped over humanity, violently extending its bloody tentacles into anything that resembles money.