Polish Gov't Finally Admits It Deployed NSO Malware, Pretends Targeting Of Opposition Leaders Isn't Abusive
from the don't-be-shitty,-Poland dept
Poland — like far too many countries — has a Pegasus problem. The highly intrusive (and highly effective) phone malware sold by Israel’s NSO Group for the ostensible purpose of tracking down terrorists and other deadly criminals has been observed (yet again) being deployed to track government critics and political opponents.
When Apple announced its lawsuit against NSO Group for targeting iPhone users, it also announced plans to notify users who had been targeted by NSO spyware. The first beneficiary of this notification program was a Polish prosecutor who was apparently targeted for trying to investigate election irregularities.
That initial notification opened the floodgates. The Polish government had access to the spyware and was deploying it for reasons entirely unrelated for the reasons it stated when purchasing it.
Several members of political opposition groups in Poland have produced evidence that they were hacked by Pegasus spyware, raising alarming questions about the Polish government’s use of the software.
The compromises were discovered by Citizen Lab, a spyware research group based at the University of Toronto, which has done extensive work on Pegasus.
In the Polish case, Citizen Lab also found evidence of spyware compromises targeting a lawyer representing Polish opposition groups and a prosecutor involved in a case against the ruling Law and Justice party. In both cases, traces of Pegasus spyware were found on the targets’ devices.
“Tip of the iceberg,” as AFP reported (via MSN News):
Evidence of the hacking, which has become a major scandal in Poland, was reported by the Canada-based cyber-security watchdog Citizen Lab.
“We think this is just the tip of the iceberg and there’ll be more discoveries to come,” John Scott-Railton, a senior researcher with the group, told AFP.
“It’s shocking and it looks very bad,” he said. “Pegasus is a tool of dictators. Its use in these cases point to an authoritarian slide” in Poland.
Throughout this stream of revelations, the Polish government remained silent, apparently hoping the steady stream of news involving misuse by NSO customers would wash away interest in its misdeeds. Waiting it out didn’t work. When the plan to ignore it failed, the government started lying.
When asked by the AP in December if Poland had purchased Pegasus, state security spokesman Stanislaw Zaryn would neither confirm nor deny it. However, many Kaczynski allies publicly cast doubt on suggestions of government Pegasus use.
Polish Prime Minister Mateusz Morawiecki called the Citizen Lab-AP findings “fake news” and suggested a foreign intelligence service could have done the spying — an idea dismissed by critics who said no other government would have any interest in the three Polish targets.
Deputy Defense Minister Wojciech Skurkiewicz in late December said “the Pegasus system is not in the possession of the Polish services. It is not used to track or surveil anyone in our country.”
All lies. And all exposed by non-government entities like Citizen Lab and Amnesty International — both of which have uncovered plenty of device infections by NSO malware. Faced with undeniable evidence, the Polish government has finally admitted its possession of these hacking tools.
Poland’s most powerful politician has acknowledged that the country bought advanced spyware from the Israeli surveillance software maker NSO Group, but denied that it was being used to target his political opponents.
Jaroslaw Kaczynski, the leader of Poland’s ruling conservative party, Law and Justice, said in an interview that the secret services in many countries are using the Pegasus software to combat crime and corruption.
But this admission is accompanied by even more lies. Evidence shows the Polish government targeted opposition figures and investigators looking into a highly irregular, and completely botched election. The evidence is overwhelming but the ruling party is still trying to pretend this is all above-board.
“There is nothing here, no fact, except the hysteria of the opposition. There is no Pegasus case, no surveillance,” Kaczynski said. “No Pegasus, no services, no secretly obtained information played any role in the 2019 election campaign. They lost because they lost. They shouldn’t look for such excuses today.”
Maybe in this particular case the spying did not directly affect election results. But the software is not being used to target terrorists and criminals. It’s being used to track opposition officials and investigators who are definitely the sort of people the malware was purchased to target. This is abuse and the government is taking a decidedly totalitarian tack by refusing to admit it engaged in, at the very least, highly questionable use of these hacking tools.