UK Prime Minister's Office was infected with spyware, says cybersecurity group

Access to the comments Comments
By Joshua Askew  with AP
British Prime Minister Boris Johnson delivers a speech at Lydd Airport, south east England, Thursday, April 14, 2022.
British Prime Minister Boris Johnson delivers a speech at Lydd Airport, south east England, Thursday, April 14, 2022.   -  Copyright  Matt Dunham/Copyright 2022 The Associated Press. All rights reserved

Computer systems at the UK Prime Minister's Office were infected with spyware, a cyber security group has said.

Citizen Lab found that between 2020 and 2021 there were "multiple suspected" instances of Pegasus spyware infections at No. 10 Downing Street, alongside the UK Foreign and Commonwealth Office (FCO).

The suspected infections of spyware at the FCO were linked to Pegasus operators in UAE, India, Cyprus and Jordan, while the hack at the Prime Minister's Office was linked to the UAE.

Pegasus, which is sold by two Israeli companies NSO Group and Candiru, has been called a "mercenary spyware" by Citizen Lab.

It has been used to break into the phones and computers of human rights activists, lawyers, journalists and faith groups, although the NSO group claims it only sells Pegasus to government agencies to target criminals and terrorists.

Citizen Lab, which normally investigates digital threats against civil society, said it had informed the British government of its findings.

In a separate report, Citizen Lab found that Pegasus spyware has been used "extensively" on dozens of pro-independence supporters in Spain's Catalonia.

The phones of at least 65 people -- including the regional chief and other elected officials -- had been hacked with controversial spyware, the report found.

But the Toronto-based non-profit said it could not find conclusive evidence to attribute the hacking of Catalan phones to a specific entity.

Spain’s Interior Ministry said no ministry department, nor the National Police or the Civil Guard, “have ever had any relation with NSO and have therefore never contracted any of its services.”

NSO Group denied these allegations, saying they are false and could not have taken place.

They claimed NSO Group was being targeted by Citizen Lab with “inaccurate and unsubstantiated reports” and “false" allegations that "could not be related to NSO products for technological and contractual reasons.”

"We have repeatedly cooperated with governmental investigations, where credible allegations merit,” an NSO spokesperson said in a statement.

Since the UK FCO has personnel across the world, Citizen Lab said the infections "could have related to FCO devices located abroad and using foreign sim cards."

The UK is currently in the midst of several ongoing legislative and judicial efforts to regulate its cyber policy, as well as redress for spyware victims.

"We believe that it is critically important that such efforts are allowed to unfold free from the undue influence of spyware," said Citizen Lab.

"Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK Government was aware of the ongoing spyware threat, and took appropriate action to mitigate it," they added.