Word Notes 4.12.22
Ep 95 | 4.12.22

Pegasus (noun)

Transcript

Rick Howard: The word is: Pegasus 

Rick Howard: Spelled: P as in Program, E as in Espionage, G as in Glean, A as in Ace, S as in Spyware, U as in Unseen, and S as in Sophisticated 

Rick Howard: Definition: The flagship product of the controversial Israeli spyware vendor, the NSO Group, use for remotely hacking mobile devices, most notably iPhones, via zero-click exploits. 

Rick Howard: Example sentence: The Pegasus spyware was silently deployed on the target's iPhone. 

Rick Howard: Origin and context: Pegasus is a spyware tool, first released in 2011 by the Israel-based company NSO Group designed for use against iOS and Android phones. 

Rick Howard: NSO Group sells Pegasus exclusively to government customers with a stated intention of combating terrorism and crime. While Pegasus has been successfully used in these contexts, NSO Group has also been heavily criticized for selling it to authoritarian governments who have abused Pegasus to target activists, journalists, political dissidents, and others. 

Rick Howard: In one high-profile incident, the Saudi Arabian government allegedly used Pegasus to monitor Washington Post columnist, Jamal Khashoggi, before his assassination by Saudi operatives in 2018. In November, 2021, the Biden administration banned the NSO Group from doing business in the United States, stating that the company had "developed and supplied spyware to foreign governments that use these tools to maliciously, target government officials, journalists, business people, activists, academics, and embassy workers." 

Rick Howard: In December, 2021, Al-Jazeera reported that the NSO Group was considering shutting down the Pegasus unit and selling the company.

Rick Howard: Pegasus allows an operator to gain complete control over a targeted phone via a zero-click exploit, an exploit that requires no user interaction in order to trigger the malicious code. This is often achieved by exploiting vulnerabilities in messaging services. Since unsolicited messages can be sent to the targeted devices using only their phone number 

Rick Howard: Google's Project Zero has published in-depth blog post explaining the functionality of a Pegasus exploit that targeted iOS's messaging service iMessage. The researchers found that the spyware exploited the way iMessage processes GIF files in order to gain access to a vulnerability in iOS's Core Graphics PDF parser. 

Rick Howard: According to Google, a decades-old compression algorithm called JBIG2, "doesn't have scripting capabilities, but when combined with a vulnerability, it does have the ability to emulate circuits of arbitrary logic gates operating on arbitrary memory using over 70,000 segment commands, defining logical bit operators, they defined a small computer architecture with features such as registers and a full 64-bit adder and comparitor, which they use to search memory and perform arithmetic operations. It's not as fast as JavaScript, but it's fundamentally computationally equivalent." 

Rick Howard: Nerd reference: In a February 2022 interview, Kristen Eichensehr, From the University of Virginia School of Law Interviewed Nicole Perlroth, NYT journalist and author of the book, “This Is How They Tell Me the World Ends: The Cyberweapons Arms Race” published in 2021. Perlroth covered many things but touched on the Pegasus product.

Nicole Perlroth: Companies like NSO, sell, click, and shoot spyware to government agencies. You would not need to have really any technical or hacking skills, but if you buy this product, it's sort of like a push a button and you're in, kind of thing, and for a long time, victims knew that they were getting targeted with NSO and would call me because they were getting strange SMS text messages that says, you know, your child's in danger, you know, or did you see your mention in this news headline? And people would click and it would take them to Guyana, which is a Mexican funeral website. Clearly. Include onto something is weird here. Then there was this disturbing turn where NSO started selling a zero click capability, which means that there's no SMS text message, there's no warning. Governments don't have to do anything. They just click the button and they're inside your phone. They use zero day exploits to get inside your phone, and these are really, intelligence tools, that in the hands of governments, that don't have a process to protect from the abuse of human rights, I should say, the very powerful tools for corruption and abuse and, to suppress dissent and to clamp down on, on a free press. And then what happened is in the Biden administration, um, there was just some great reporting for my friends at the times, mark Massetti and Ronan Birdman that said actually the FBI was considering buying Pegasus zero clicks spyware last summer, and then didn't, um, because of, um, the questions around ethics and human rights abuses and some of the reporting, and then late last year and in November, Something happened that I never thought I would see, which was the Biden administration and really a remarkable breach with Israel are our Israeli allies, blacklisted NSO Group, and basically destroyed their chances of. Profitable exit. They had been planning a $2 billion IPO, I think, and this destroyed any chance of that, and also sent a really powerful message to governments elsewhere that, Hey, you know, we will act if you're caught selling spyware or someone in your country selling spyware, that's being used to abuse human rights. 

Rick Howard: Word Notes is written by Tim Nodar, executive produced by Peter Kilpe, and edited by John Petrik and me, Rick Howard. The mix sound design and original music have all been crafted by the ridiculously talented Elliott Peltzman. Thanks for listening.