High-ranking government officials around the world were targeted by governments using spyware from NSO Group, according to WhatsApp head Will Cathcart.
Speaking to The Guardian, Cathcart discussed the spyware attacks that were revealed by the Project Pegasus investigation, saying they had parallels with a 2019 attack against 1,400 WhatsApp users.
“The reporting matches what we saw in the attack we defeated two years ago, it is very consistent with what we were loud about then,” Cathcart said. "This should be a wake-up call for security on the internet … mobile phones are either safe for everyone or they are not safe for everyone.”
The military-grade spyware from NSO Group is believed to have been used against heads of state, government ministers, activists and journalists.
The leak at the center of the Pegasus project contains over 50,000 phone numbers. However, The Guardian reports that the presence of a person's phone number on the list does not necessarily mean that they were successfully targeted.
For example, French President Emmanuel MacronEmmanuel Jean-Michel MacronEU 'denounces' Russian malicious cyber activity aimed at member states French diplomat says 'time and actions' needed to restore ties with US France to bill Australia over canceled submarine deal MORE is believed to have been part of the leak, but NSO has said that none of its clients targeted Macron. The technology firm also claimed the 50,000 reported numbers were an exaggeration.
However, Cathcart shot back at this characterization, saying his company had recorded an attack that affected 1,400 users in 2019 over a period of two weeks.
“That tells us that over a longer period of time, over a multi-year period of time, the numbers of people being attacked are very high,” Cathcart said. “That’s why we felt it was so important to raise the concern around this.”
WhatsApp filed a lawsuit against NSO in 2019, alleging that the company had sent malware to its users' phones, The Guardian noted. NSO, an Israeli company, has argued that the blame should be placed on its customers who are foreign governments.
“NSO Group claims that a large number of governments are buying their software, that means those governments, even if their use of it is more controlled, those governments are funding this," Cathcart said. "Should they stop? Should there be a discussion about which governments were paying for this software?”
"We are doing our best to help creating a safer world. Does Mr. Cathcart have other alternatives that enable law enforcement and intelligence agencies to legally detect and prevent malicious acts of pedophiles, terrorists and criminals using end-to-end encryption platforms? If so, we would be happy to hear," an NSO spokesperson told The Guardian.