Indian Activists Targeted in Alleged WhatsApp Attack Demand Answers

NEW DELHI—Early last month, Shalini Gera, a human-rights activist and lawyer in India received a jarring phone call from a cybersecurity lab at the University of Toronto.
Indian Activists Targeted in Alleged WhatsApp Attack Demand Answers
Whatsapp news alert 

The caller said her phone had likely been targeted by a sophisticated hacking and surveillance tool installed without her knowledge via Facebook Inc. ’s WhatsApp messaging service.
WhatsApp followed up with a notification telling her that the tool that may have been used to break into her phone was designed by NSO Group, an Israeli firm that says it sells its software only to governments.
Ms. Gera, a critic of some of India’s government’s policies, said the episode was unnerving. “We are all searching for answers,” she said. “It’s not the first time that people like us are being targeted for raising questions with the administration and the state.”
Lawyer and activist Shalini Gera at a 2017 protest. She believes she was targeted with a spyware attack because of her activism. Photo: Ravi Choudhary/Hindustan Times/Getty Images
NSO Group says it sells its software to governments on the condition they use it only to target spies, criminals and terrorists, not to monitor critics. Israeli national security regulations don’t allow NSO to divulge who is and who isn’t a customer, an NSO Group spokeswoman said.
Facebook sued NSO Group in a California court on Tuesday for designing and selling the software, known as Pegasus, to exploit vulnerabilities on the messaging app to spy on users with their own phones. NSO Group disputes Facebook’s allegations.
WhatsApp said about 1,400 people around the world were targeted earlier this year during a cyberattack that leveraged a flaw in its software.
Targets have come forward in the U.K., India, South Africa, Belgium, France, Uganda and Morocco, said John Scott-Railton, a researcher with Citizen Lab, the University of Toronto’s digital research group, which worked with WhatsApp to study the Pegasus software.
According to WhatsApp, NSO’s engineers developed a sophisticated manner of delivering a cyberattack over the network of servers that WhatsApp uses to deliver voice calls. Even unanswered calls could leave NSO’s spyware installed on the target’s phone, where it could intercept messages, capture screenshots or peek into browsing history, WhatsApp said.
Ms. Gera, after discussions with Citizen Lab, believes the malicious software was installed via a WhatsApp call with a Swedish country code that she didn’t answer because she didn’t recognize the number.
“It makes me wonder whether our very own government was behind it,” said Degree Prasad Chauhan, an activist who has worked alongside Ms Gera and was also informed that he was targeted.
Indian officials declined to comment on whether the government uses Pegasus or other similar software, and denied the government had any role in inappropriately targeting citizens or critics.
“These attempts to malign the government of India for the reported breach are completely misleading. We will take strict action against any intermediary responsible for breach of privacy,” the Home Ministry said.
The Indian government blamed WhatsApp, which has its biggest user base in India, where the app has been downloaded by more than 400 million users.
WhatsApp has clashed with the Indian government, which wants access to encrypted messages sent over WhatsApp. The U.S. company has pushed back on attempts to weaken the encryption technology it uses.
“We have asked WhatsApp to explain the kind of breach and what it is doing to safeguard the privacy of millions of Indian citizens,” India’s information technology minister, Ravi Shankar Prasad, said in a Twitter post on Thursday. The government statements didn’t mention NSO Group’s role.
“Blaming WhatsApp rather than NSO Group is a bold move,” said Eva Galperin, director of cybersecurity at the Electronic Frontier Foundation, a U.S. digital-rights advocacy group.
WhatsApp blamed NSO Group for the attacks on its users. “We agree with the government of India’s strong statement about the need to safeguard user privacy,” a WhatsApp spokesman said. “That is why we’ve taken this strong action,” he said, in reference to the litigation in the U.S.
Citizen The lab said that more than 100 activists, human rights defenders and journalists have been targeted with NSO Group’s hacking tools in more than 20 countries this year.
WhatsApp uses end-to-end encryption software, which makes it nearly impossible for government agencies to eavesdrop on private messages without gaining access to the phone. 
In the lawsuit, Facebook alleges that NSO Group broke U.S. law by hacking into its messaging software, effectively acting as a middleman between clients who want information and the targets of the attack.
By suing NSO Group, Facebook brought the Israeli company’s tactics into the public eye, Ms Galperin said.
Three years ago NSO Group’s tools were allegedly used in a similarly sophisticated the attack against an activist in the United Arab Emirates, according to Citizen Lab and mobile security firm Lookout Inc.
That the malware exploited a bug in Apple Inc. ’s iPhone, Citizen Lab said. Apple promptly fixed the vulnerability, the company said at the time.
Prashant Bhushan, an Indian activist and lawyer in New Delhi, said he was seeking a detailed investigation of the phone hack.
“Government should come clean on who ordered this snooping and who were the people targeted,” he said.
Corrections & Amplifications The target in an alleged 2016 NSO Group attack was from the United Arab Emirates. An earlier version of this article misidentified the country like Saudi Arabia. (Nov. 2, 2019)
Write to Robert McMillan at
Copyright ©2019 Dow Jones & Company, Inc. All Rights Reserved.

Post a Comment