Stay up to date with notifications from The Independent

Notifications can be managed in browser preferences.

Watchdog warns Boris Johnson of suspected spyware attack on No 10

An operator of the powerful Pegasus spyware linked to the United Arab Emirates is suspected of being behind the infection.

Sophie Wingate
Monday 18 April 2022 18:56 EDT
Boris Johnson was warned of a Pegasus spyware infection inside 10 Downing Street, a watchdog has said (Yui Mok/PA)
Boris Johnson was warned of a Pegasus spyware infection inside 10 Downing Street, a watchdog has said (Yui Mok/PA) (PA Wire)

Your support helps us to tell the story

From reproductive rights to climate change to Big Tech, The Independent is on the ground when the story is developing. Whether it's investigating the financials of Elon Musk's pro-Trump PAC or producing our latest documentary, 'The A Word', which shines a light on the American women fighting for reproductive rights, we know how important it is to parse out the facts from the messaging.

At such a critical moment in US history, we need reporters on the ground. Your donation allows us to keep sending journalists to speak to both sides of the story.

The Independent is trusted by Americans across the entire political spectrum. And unlike many other quality news outlets, we choose not to lock Americans out of our reporting and analysis with paywalls. We believe quality journalism should be available to everyone, paid for by those who can afford it.

Your support makes all the difference.

The Prime Minister’s Downing Street office may have been the target of surveillance by powerful spyware made by the Israel-based NSO Group, according to a cyber watchdog group.

Citizen Lab at the University of Toronto on Monday said it “observed and notified” the Government of “multiple suspected instances of Pegasus spyware infections” within 10 Downing Street and the Foreign Office in 2020 and 2021.

A Pegasus operator linked to the United Arab Emirates is suspected of being behind the infection at Boris Johnson’s office, Citizen Lab said.

We felt compelled to ensure that the UK Government was aware of the ongoing spyware threat

Citizen Lab director Ron Deibert

The group also associated the suspected Foreign Office hacking with NSO clients linked to the UAE, as well as to India, Cyprus and Jordan.

Pegasus is a powerful tool that allows its operator to infiltrate a target’s phone and sweep up its contents, including messages, contacts and location history.

Ron Deibert, Citizen Lab’s director, said in a statement that most cases in which his group suspect that governments are using spyware to carry out international espionage are “outside of our scope and mission”.

However, he said the suspected attacks on official UK networks were some of the rare cases in which they decided to notify the affected governments, “especially if we believe that our actions can reduce harm”.

Prof Deibert said: “The United Kingdom is currently in the midst of several ongoing legislative and judicial efforts relating to regulatory questions surrounding cyber policy, as well as redress for spyware victims.

“We believe that it is critically important that such efforts are allowed to unfold free from the undue influence of spyware.

“Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK Government was aware of the ongoing spyware threat and took appropriate action to mitigate it”.

The watchdog said Pegasus was suspected of having infected Foreign Office phones.

“Because the UK Foreign and Commonwealth Office and its successor office, the Foreign Commonwealth and Development office (FCDO), have personnel in many countries, the suspected FCO infections we observed could have related to FCO devices located abroad and using foreign SIM cards,” the statement read.

A Government spokesperson said: “We do not routinely comment on security matters”.

The Foreign Office is understood to be working with allies to tackle cyber threats, build resilience and raise concerns where they arise.

The Israeli tech company NSO has been linked to snooping on politicians, human rights activists and journalists in countries ranging from Saudi Arabia to Poland and Mexico to the United Arab Emirates.

Last November, the US Commerce Department blacklisted the company, saying its tools had been used to “conduct transnational repression”.

NSO has said it sells the product only to government entities to fight crime and terrorism, with all sales regulated by the Israeli government.

The company does not identify its clients and says it has no knowledge of who is targeted.

Although it says it has safeguards in place to prevent abuse, it notes it ultimately does not control how its clients use the software.

Thank you for registering

Please refresh the page or navigate to another page on the site to be automatically logged inPlease refresh your browser to be logged in