At a glance.
- How Pegasus was used to spy on the Catalan government’s top officials.
- Spanish football federation vows to strengthen its (cyber) defense.
- Poll shows APAC consumers’ trust in digital services is falling.
How Pegasus was used to spy on the Catalan government’s top officials.
As we noted yesterday, an investigation conducted by Citizen Lab has revealed that at least sixty-five individuals, including some of Catalonia’s highest government officials, were targeted with NSO Group’s Pegasus spyware, just the latest in the growing list of victims hacked with the controversial surveillance software. The New Yorker offers an in-depth look at how Jordi Solé, a pro-independence member of the European Parliament, discovered his iPhone 8 was hacked via a fraudulent SMS message from the Spanish government’s social security agency. He enlisted the help of digital security researcher Elies Campo, a former employee at WhatsApp and Telegram in the US and now a fellow at Citizen Lab, who detected at least two confirmed infections on Solé’s phone from 2020. Solé is just one of the Catalan politicians, lawyers, and activists found to have been targeted in what is the largest group of infections to be forensically documented. Catalan politicians believe that Spanish officials are likely behind the surveillance operation, a notion backed by the fact that, according to a former NSO employee, Pegasus does in fact have an account in Spain.
Spanish football federation vows to strengthen its (cyber) defense.
The Royal Spanish Football Federation (RFEF) has disclosed it suffered a cyberattack that resulted in the theft of confidential documents, private texts, and audio conversations from top executives, including federation president Luis Rubiales. ESPN reports that the federation learned of the attack when an unnamed journalist told them his media outlet had been given access to the stolen data by an anonymous source. “It is likely that this private information obtained illegally and with clear criminal purposes has been offered to different media,” the RFEF stated last week. “If authentic, it would mean a crime of disclosure of secrets and a violation of the fundamental rights of the people attacked.” The federation has reported the incident to the necessary authorities and is working with a private company to bolster its security measures.
Poll shows APAC consumers’ trust in digital services is falling.
The results of a recent survey commissioned by security firm Imperva and conducted by YouGov indicate that consumers in Singapore and Australia currently share more personal information online now than they did two years ago, but 50% would stop using a company’s services if it experiences a security breach. Unfortunately, ZDNet reports, they would likely be unaware of such a breach, as more than half of respondents said they share their data with so many organizations every day that they can’t keep track of each company's data security policies. 37% of respondents said their trust that digital services providers are protecting their personal data has decreased over the past five years. The least trusted organizations were retailers and online game platforms, just barely beaten by social media platforms like Facebook and Twitter, while government and financial organizations were amongst the most trusted at around 40% each. Imperva's Asia-Pacific Japan regional vice president George Lee commented, "Consumers face a disheartening Catch-22 scenario: they need digital services to operate in modern life, but their trust in these services is deteriorating…Taking a data-centric security approach must be part of every organization's strategy as consumers grow increasingly cynical of the services they use."