Connect with us

Technology

Emmanuel Macron ‘pushes for Israeli inquiry’ into NSO spyware concerns | France

Voice Of EU

Published

on

Emmanuel Macron has reportedly spoken to the Israeli prime minister, Naftali Bennett, to ensure that the Israeli government is “properly investigating” allegations that the French president could have been targeted with Israeli-made spyware by Morocco’s security services.

In a phone call, Macron expressed concern that his phone and those of most of his cabinet could have been infected with Pegasus, hacking software developed by the Israeli surveillance firm NSO Group, which enables operators of the tool to extract messages, photos and emails, record calls and secretly activate microphones from infected devices.

The leaked database at the heart of the Pegasus project includes Macron’s mobile phone number.

NSO has said Macron was not a “target” of any of its customers, meaning the company denies he was selected for surveillance using Pegasus. The company says that the fact that a number appeared on the list was in no way indicative of whether that number was selected for surveillance using Pegasus.

The Pegasus project could not examine the mobile phones of the leaders and diplomats, and could therefore not confirm whether there had been any attempt to install malware on their phones.

Quick Guide

What is in the Pegasus project data?

Show

What is in the data leak?

The data leak is a list of more than 50,000 phone numbers that, since 2016, are believed to have been selected as those of people of interest by government clients of NSO Group, which sells surveillance software. The data also contains the time and date that numbers were selected, or entered on to a system. Forbidden Stories, a Paris-based nonprofit journalism organisation, and Amnesty International initially had access to the list and shared access with 16 media organisations including the Guardian. More than 80 journalists have worked together over several months as part of the Pegasus project. Amnesty’s Security Lab, a technical partner on the project, did the forensic analyses.

What does the leak indicate?

The consortium believes the data indicates the potential targets NSO’s government clients identified in advance of possible surveillance. While the data is an indication of intent, the presence of a number in the data does not reveal whether there was an attempt to infect the phone with spyware such as Pegasus, the company’s signature surveillance tool, or whether any attempt succeeded. The presence in the data of a very small number of landlines and US numbers, which NSO says are “technically impossible” to access with its tools, reveals some targets were selected by NSO clients even though they could not be infected with Pegasus. However, forensic examinations of a small sample of mobile phones with numbers on the list found tight correlations between the time and date of a number in the data and the start of Pegasus activity – in some cases as little as a few seconds.

What did forensic analysis reveal?

Amnesty examined 67 smartphones where attacks were suspected. Of those, 23 were successfully infected and 14 showed signs of attempted penetration. For the remaining 30, the tests were inconclusive, in several cases because the handsets had been replaced. Fifteen of the phones were Android devices, none of which showed evidence of successful infection. However, unlike iPhones, phones that use Android do not log the kinds of information required for Amnesty’s detective work. Three Android phones showed signs of targeting, such as Pegasus-linked SMS messages.

Amnesty shared “backup copies” of four iPhones with Citizen Lab, a research group at the University of Toronto that specialises in studying Pegasus, which confirmed that they showed signs of Pegasus infection. Citizen Lab also conducted a peer review of Amnesty’s forensic methods, and found them to be sound.

Which NSO clients were selecting numbers?

While the data is organised into clusters, indicative of individual NSO clients, it does not say which NSO client was responsible for selecting any given number. NSO claims to sell its tools to 60 clients in 40 countries, but refuses to identify them. By closely examining the pattern of targeting by individual clients in the leaked data, media partners were able to identify 10 governments believed to be responsible for selecting the targets: Azerbaijan, Bahrain, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia, Hungary, India, and the United Arab Emirates. Citizen Lab has also found evidence of all 10 being clients of NSO.

What does NSO Group say?

You can read NSO Group’s full statement here. The company has always said it does not have access to the data of its customers’ targets. Through its lawyers, NSO said the consortium had made “incorrect assumptions” about which clients use the company’s technology. It said the 50,000 number was “exaggerated” and that the list could not be a list of numbers “targeted by governments using Pegasus”. The lawyers said NSO had reason to believe the list accessed by the consortium “is not a list of numbers targeted by governments using Pegasus, but instead, may be part of a larger list of numbers that might have been used by NSO Group customers for other purposes”. They said it was a list of numbers that anyone could search on an open source system. After further questions, the lawyers said the consortium was basing its findings “on misleading interpretation of leaked data from accessible and overt basic information, such as HLR Lookup services, which have no bearing on the list of the customers’ targets of Pegasus or any other NSO products … we still do not see any correlation of these lists to anything related to use of NSO Group technologies”. Following publication, they explained that they considered a “target” to be a phone that was the subject of a successful or attempted (but failed) infection by Pegasus, and reiterated that the list of 50,000 phones was too large for it to represent “targets” of Pegasus. They said that the fact that a number appeared on the list was in no way indicative of whether it had been selected for surveillance using Pegasus. 

What is HLR lookup data?

The term HLR, or home location register, refers to a database that is essential to operating mobile phone networks. Such registers keep records on the networks of phone users and their general locations, along with other identifying information that is used routinely in routing calls and texts. Telecoms and surveillance experts say HLR data can sometimes be used in the early phase of a surveillance attempt, when identifying whether it is possible to connect to a phone. The consortium understands NSO clients have the capability through an interface on the Pegasus system to conduct HLR lookup inquiries. It is unclear whether Pegasus operators are required to conduct HRL lookup inquiries via its interface to use its software; an NSO source stressed its clients may have different reasons – unrelated to Pegasus – for conducting HLR lookups via an NSO system.

Thank you for your feedback.

The Macron-Bennett phone call reportedly took place on Thursday, but was first reported by Israel’s Channel 12 News on Saturday evening after the end of Shabbat, the Jewish day of rest.

The prime minister’s office has declined to comment on the phone call or the two leaders’ conversation. According to Channel 12, an unnamed source said Bennett had stressed that the alleged events occurred before he took office in May, and that a commission was examining whether rules on Israel’s export of cyberweapons such as Pegasus should be tightened.

The Pegasus project – a consortium of 17 media outlets, including the Guardian – revealed last week that government clients around the world have used the hacking software sold by NSO to target human rights activists, journalists and lawyers.

The investigation has been based on forensic analysis of phones and analysis of a leaked database of 50,000 numbers, including that of Macron and those of heads of state and senior government, diplomatic and military officials, in 34 countries.

In multiple statements, NSO said the fact a number appeared on the leaked list was in no way indicative of whether it was selected for surveillance using Pegasus. “The list is not a list of Pegasus targets or potential targets,” the company said. “The numbers in the list are not related to NSO Group in any way.”

But the list is believed to provide insights into those identified as persons of interest by NSO’s clients. It includes people whose phones showed traces of NSO’s signature phone-hacking spyware, Pegasus, according to forensic analysis of their devices. The analysis was conducted by Amnesty International’s security lab, which discovered traces of Pegasus-related activity on 37 out of 67 phones that it analysed.

Q&A

What is the Pegasus project?

Show

The Pegasus project is a collaborative journalistic investigation into the NSO Group and its clients. The company sells surveillance technology to governments worldwide. Its flagship product is Pegasus, spying software – or spyware – that targets iPhones and Android devices. Once a phone is infected, a Pegasus operator can secretly extract chats, photos, emails and location data, or activate microphones and cameras without a user knowing.

Forbidden Stories, a Paris-based nonprofit journalism organisation, and Amnesty International had access to a leak of more than 50,000 phone numbers selected as targets by clients of NSO since 2016. Access to the data was then shared with the Guardian and 16 other news organisations, including the Washington Post, Le Monde, Die Zeit and Süddeutsche Zeitung. More than 80 journalists have worked collaboratively over several months on the investigation, which was coordinated by Forbidden Stories.

Thank you for your feedback.

While the rest of the world grapples with the seismic consequences of the revelations, in Israel reaction has been muted. Meretz, a leftwing party long in opposition but now part of the new government coalition, has asked the defence ministry for “clarification” on the issue, but no party is seeking a freeze of export licences or an inquiry into NSO’s close links to the Israeli state under the tenure of the former prime minister Benjamin Netanyahu.

The defence minister, Benny Gantz, has defended export licences for the hacking tools, claiming that “countries that purchase these systems must meet the terms of use”, which are solely for criminal and terrorism investigations.

But as the mammoth impact of the disclosures has become clearer, the diplomatic pressure on Israel is mounting. On Thursday, the senior Israeli MP Ram Ben-Barak – a former deputy head of the Mossad spy agency – confirmed that the Israeli defence establishment had “appointed a review commission made up of a number of groups” to examine whether policy changes were needed regarding sensitive cyber exports.

US defence officials have also asked their Israeli counterparts for more details on the “disturbing” disclosures stemming from the Pegasus project, the Israeli newspaper Haaretz reported on Saturday.

Source link

Technology

Irish payroll tech company BrightPay merges with UK’s Relate

Voice Of EU

Published

on

The two companies will get funding from investor Hg to hire more employees and innovate new technologies across Ireland and the UK.

Irish payroll management tech company BrightPay has announced a merger with London-based accounting software company Relate Software in a bid to integrate services for SMEs across the two islands.

Based in Co Meath, BrightPay has been operating in Ireland for more than 25 years and employs more than 70 people in the country. It provides payroll software services to more than 330,000 employers in Ireland and the UK.

Upon merging, BrightPay CEO Paul Byrne and Relate co-founder and CEO Ray Rogers will remain investors and become co-CEOs of the new entity. The other co-founders of each company will also continue to invest in the new business and develop products.

Byrne said that Relate’s track record in the sector will help them become the leading service for many businesses and accountancy firms.

Private equity investor Hg, which focuses on software and service businesses in Europe and North America, will become the majority investor in the combined business. “Their deep sector knowledge has proven invaluable to us and will be instrumental in fuelling the further growth of BrightPay/Relate,” Byrne added.

New hires and technologies

The merger will benefit from the combination of BrightPay’s expertise in payroll software with Relate’s experience in accountancy management tech. Together with Hg, the new business will invest in new technologies such as cloud and automation to improve their services.

Rogers, founder and CEO of Relate, said: “Combining products from both businesses will provide a compelling offering for our customers, with the scope and backing for further innovation and development.

“I’m looking forward to working with Paul and am also excited to welcome Hg, a leading software investor with a track record of supporting growth in Irish software businesses.”

While details of the transactions have not been disclosed, the combined business will have more than 190 employees with plans to hire more people across Ireland and the UK.

“Both BrightPay and Relate are very highly regarded businesses and champions in their field,” said Jonathan Boyes, Hector Guinness and Thomas Martin of Hg in a joint statement. “The two companies bring together core operational strengths whilst also unlocking a high-quality, complementary suite of products to a newly combined customer base.”

Don’t miss out on the knowledge you need to succeed. Sign up for the Daily Brief, Silicon Republic’s digest of need-to-know sci-tech news.

Source link

Continue Reading

Technology

New UK broadband rules will make it easier to switch supplier | Broadband

Voice Of EU

Published

on

The UK media regulator, Ofcom, has introduced a new service to make it easier for customers to switch broadband supplier to get a better deal.

Ofcom hopes the new process, One Touch Switch, will encourage people to seek out better deals after research found that more than two-fifths of people were put off switching broadband suppliers because of the hassle.

People can already switch between providers that use Openreach’s broadband network – such as BT, Sky and TalkTalk – through a process requiring a customer to only contact their new supplier.

However, until now customers looking to change networks or technologies – such as between Virgin Media’s network and a provider on Openreach or other smaller networks such as Hyperoptic or CityFibre – had to deal with both the new and old supplier simultaneously.

Ofcom research found that a quarter of customers making such a switch faced attempts by their provider to stop them. The One Touch Switch process aims to eliminate these issues, including customers having to sort out the end and start dates of their old and new services.

Sign up to the daily Business Today email or follow Guardian Business on Twitter at @BusinessDesk

“Household finances are strained at the moment, so switching broadband provider could help keep your bills down,” said Lindsey Fussell, the network and communications group director at Ofcom. “We’re making it as easy as possible for you to break up with your broadband provider and take advantage of the deals on offer.”

Ofcom said the new rules will also mean that suppliers will have to compensate customers if they are left without internet for more than one working day during a switch. All suppliers must introduce Ofcom’s new simplified switching process by April 2023.

The regulator has introduced a range of measures in recent years to make sure customers have access to the best deals. These include cracking down on the so-called “loyalty penalty” by which customers who stick with their broadband, mobile or pay-TV supplier are not offered the same discount deals as new customers.

Source link

Continue Reading

Technology

India, Japan flex cyber-defence muscles as China seethes • The Register

Voice Of EU

Published

on

India and Japan have each flexed their cyber-defence muscles in ways that China can’t miss.

Japan’s flex was the Monday launch of a national cyber-security policy that for the first time names China, Russia, and North Korea as sources of heightened threat. The policy also calls for Japan’s Self Defence Force to increase its digital capabilities.

The new plan was released as expected under Japan’s policy of refreshing its defensive plans every three years. The theme for the policy is “Cybersecurity for all” and chief cabinet secretary Katsunobu Kato said its aim is to ensure that no part of Japanese society goes without the protections it needs.

Kato said the plan was also developed because Japan’s government “recognised a threat” and therefore a need to strengthen its online defences. The policy documents list many recent infosec incidents – such as the attack on SolarWinds and Microsoft’s Exchange flaw – as the sort of thing Japan needs to counter.

India’s flex came from vice-president M. Venkaiah Naidu, who on Monday visited a military museum and remarked that India’s security forces should “prepare themselves to dominate not only in a conventional war but also establish their superiority in the new and emerging areas of conflict such as information and cyber warfare along with the increasing use of robotics and drones in the battlefield”.

“The nation is assured that any misadventure by an adversary will be given a befitting reply by the Indian Army,” Naidu said.

While the position of vice-president is largely ceremonial – the officeholder is backup to the head of state, but actual power resides with Parliament – Naidu’s words have weight. Doubly so as he stated India faces “both symmetric and asymmetric threats from outside and within” and then asserted India’s sovereignty over Jammu & Kashmir and argued that previous arrangements that gave the territory autonomy were temporary.

Mentioning Jammu & Kashmir is significant, as the disputed India/China border is in the territory. The territory is also the subject of a dispute with Pakistan.

Kashmiri separatists, which India labels Pakistan-supported terrorists, and China, will all have noticed the veep urging India to arm itself in the kinetic and digital realms.

China has certainly noticed last week’s meeting of “The Quad” – the grouping of Australia, the USA, Japan, and India – and its announcement of plans to develop infosec standards it hopes the world will follow.

China’s foreign ministry has labelled The Quad a “closed and exclusive clique” informed by “outdated Cold War zero-sum mentality and ideological bias”.

Spokesperson Hua Chunying addressed the issue at a press conference in response to a question from Russian news agency TASS. “For some time, these countries have been keen on insinuating China with the so-called ‘rules-based order’, playing up and inciting the so-called ‘China threat’ theory, and driving a wedge between regional countries and China.”

Te actions of Japan and India actions suggest the wedge is working. ®

Source link

Continue Reading

Trending

Subscribe To Our Newsletter

Join our mailing list to receive the latest news and updates 
directly on your inbox.

You have Successfully Subscribed!