In a concerning revelation, a joint forensic investigation by Amnesty International and The Washington Post has unveiled the use of the notorious Israeli Pegasus spyware.
The target? High-profile Indian journalists, with a focus on Siddharth Varadarajan, the Founding Editor of The Wire, and Anand Mangnale, South Asia Editor at the Organized Crime and Corruption Report Project (OCCRP).
The report exposes a disturbing recurrence, indicating that Varadarajan, previously targeted in 2018, found himself in the crosshairs once again.
Despite a committee analysis initiated by the Indian Supreme Court in 2021, the findings were never publicized, and the Indian authorities reportedly failed to cooperate with the investigation.
Recent targets
The latest victims, Varadarajan and Mangnale, were attacked in October of this year. Notably, Mangnale's phone was compromised within 24 hours of reaching out to business tycoon Gautam Adani.
The attack on Varadarajan occurred on October 16, with the current status of successful infiltration yet to be confirmed.
Received text & email from Apple warning me Govt trying to hack into my phone & email. @HMOIndia - get a life. Adani & PMO bullies - your fear makes me pity you. @priyankac19 - you, I , & 3 other INDIAns have got it so far . pic.twitter.com/2dPgv14xC0
— Mahua Moitra (@MahuaMoitra) October 31, 2023
On October 31, Apple issued notifications globally to users who may have been subjected to "state-sponsored" attacks. Among those warned were over 20 Indian opposition leaders and journalists, raising concerns about the potential involvement of the Indian government.
Pegasus spyware: How It operates
Pegasus, developed by the Israeli NSO Group Technologies, surfaced in 2016, with NSO asserting its use exclusively by governments and law enforcement agencies for rescue operations and combating criminal or terrorist activities.
Infiltration techniques
Pegasus transforms the infected phone into a powerful surveillance device, accessing text messages, phone calls, photos, videos, camera, location, and microphone. Initially relying on phishing attacks, recent iterations employ "zero-click" attacks, exploiting undisclosed vulnerabilities in phone operating systems.
Encrypted applications like WhatsApp have become conduits for Pegasus, compromising devices without user interaction. WhatsApp confirmed in 2019 that it had been used to send malware to over 1,400 phones, including those of Indian journalists and human rights activists.
Advancements in Pegasus technology make detection increasingly challenging, especially for high-profile targets. With the ability to infect devices through encrypted applications and "zero-click" attacks, the spyware poses a significant threat to privacy.
Press freedom concerns in India
The revelation of Pegasus targeting journalists adds to growing concerns about press freedom in India. Several journalists have been arrested, and the country's ranking on the World Press Freedom Index has dropped to 161st, the lowest ever.
Government denials
While journalist bodies and rights groups decry the suppression of press freedom under the Modi government, Indian authorities reject these claims, questioning the credibility of the World Press Freedom Index and maintaining that India has a free press.
In October, Indian police conducted raids against dozens of reporters, leading to the arrest of Prabir Purkayastha, the editor of the independent NewsClick website. This move has intensified worries about the deteriorating state of media freedom in the country.
The use of Pegasus spyware against Indian journalists raises serious questions about the state of press freedom in the country. As technology evolves, the ability to target individuals without their knowledge or consent underscores the urgent need for robust protections to safeguard journalistic independence and freedom of speech.