HideTechdirt is off for the long weekend! We'll be back with our regular posts tomorrow.
HideTechdirt is off for the long weekend! We'll be back with our regular posts tomorrow.

Polish Gov't Finally Admits It Deployed NSO Malware, Pretends Targeting Of Opposition Leaders Isn't Abusive

from the don't-be-shitty,-Poland dept

Poland -- like far too many countries -- has a Pegasus problem. The highly intrusive (and highly effective) phone malware sold by Israel's NSO Group for the ostensible purpose of tracking down terrorists and other deadly criminals has been observed (yet again) being deployed to track government critics and political opponents.

When Apple announced its lawsuit against NSO Group for targeting iPhone users, it also announced plans to notify users who had been targeted by NSO spyware. The first beneficiary of this notification program was a Polish prosecutor who was apparently targeted for trying to investigate election irregularities.

That initial notification opened the floodgates. The Polish government had access to the spyware and was deploying it for reasons entirely unrelated for the reasons it stated when purchasing it.

Several members of political opposition groups in Poland have produced evidence that they were hacked by Pegasus spyware, raising alarming questions about the Polish government’s use of the software.

[...]

The compromises were discovered by Citizen Lab, a spyware research group based at the University of Toronto, which has done extensive work on Pegasus.

[...]

In the Polish case, Citizen Lab also found evidence of spyware compromises targeting a lawyer representing Polish opposition groups and a prosecutor involved in a case against the ruling Law and Justice party. In both cases, traces of Pegasus spyware were found on the targets’ devices.

"Tip of the iceberg," as AFP reported (via MSN News):

Evidence of the hacking, which has become a major scandal in Poland, was reported by the Canada-based cyber-security watchdog Citizen Lab.

"We think this is just the tip of the iceberg and there'll be more discoveries to come," John Scott-Railton, a senior researcher with the group, told AFP.

"It's shocking and it looks very bad," he said. "Pegasus is a tool of dictators. Its use in these cases point to an authoritarian slide" in Poland.

Throughout this stream of revelations, the Polish government remained silent, apparently hoping the steady stream of news involving misuse by NSO customers would wash away interest in its misdeeds. Waiting it out didn't work. When the plan to ignore it failed, the government started lying.

When asked by the AP in December if Poland had purchased Pegasus, state security spokesman Stanislaw Zaryn would neither confirm nor deny it. However, many Kaczynski allies publicly cast doubt on suggestions of government Pegasus use.

Polish Prime Minister Mateusz Morawiecki called the Citizen Lab-AP findings “fake news” and suggested a foreign intelligence service could have done the spying — an idea dismissed by critics who said no other government would have any interest in the three Polish targets.

Deputy Defense Minister Wojciech Skurkiewicz in late December said “the Pegasus system is not in the possession of the Polish services. It is not used to track or surveil anyone in our country.”

All lies. And all exposed by non-government entities like Citizen Lab and Amnesty International -- both of which have uncovered plenty of device infections by NSO malware. Faced with undeniable evidence, the Polish government has finally admitted its possession of these hacking tools.

Poland’s most powerful politician has acknowledged that the country bought advanced spyware from the Israeli surveillance software maker NSO Group, but denied that it was being used to target his political opponents.

Jaroslaw Kaczynski, the leader of Poland’s ruling conservative party, Law and Justice, said in an interview that the secret services in many countries are using the Pegasus software to combat crime and corruption.

But this admission is accompanied by even more lies. Evidence shows the Polish government targeted opposition figures and investigators looking into a highly irregular, and completely botched election. The evidence is overwhelming but the ruling party is still trying to pretend this is all above-board.

“There is nothing here, no fact, except the hysteria of the opposition. There is no Pegasus case, no surveillance,” Kaczynski said. “No Pegasus, no services, no secretly obtained information played any role in the 2019 election campaign. They lost because they lost. They shouldn’t look for such excuses today.

Maybe in this particular case the spying did not directly affect election results. But the software is not being used to target terrorists and criminals. It's being used to track opposition officials and investigators who are definitely the sort of people the malware was purchased to target. This is abuse and the government is taking a decidedly totalitarian tack by refusing to admit it engaged in, at the very least, highly questionable use of these hacking tools.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: malware, pegasus, poland, politics, spyware, surveillance
Companies: nso group


Reader Comments

Subscribe: RSS

View by: Time | Thread


  • icon
    That One Guy (profile), 12 Jan 2022 @ 3:58am

    'Fake news! We never did X! Even if we did that's fine!'

    Polish Government: Pegasus? Never heard of it.
    Evidence: The polish government bought Pegasus, software explicitly designed to spy on people.
    Polish Government: Okay maybe we've heard of it, but any investigations were purely anti-terrorism and/or anti-corruption related.
    Evidence: It was used against political opponents and those looking into questionable elections.
    Polish Government: Fake news! Nothing happened and anyone who says otherwise is lying, something we have demonstrably not done during this debacle so you can trust us over those filthy liars!

    reply to this | link to this | view in chronology ]

  • icon
    That Anonymous Coward (profile), 12 Jan 2022 @ 6:49am

    "the secret services in many countries are using the Pegasus software to combat crime and corruption."

    And yet somehow we keep finding out they used it in criminal and corrupt ways to protect the Corrupt Criminals in power.

    reply to this | link to this | view in chronology ]

    • identicon
      mousward, 12 Jan 2022 @ 8:36am

      Re: Corrupt Criminals in power.

      tsk, tsk -- the Constitutional Republic of Poland is obviously a unique case.
      Corrupt government is virtually impossible in democracies, where the citizens exercise total control over all persons with any government power.

      Can you even imagine anyone in the American government ever spying on citizens, political critics, or political opponents?
      It's unthinkable.

      reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Coward, 12 Jan 2022 @ 7:11am

    It’s ironic that this is the same government that tried to stop Article 17.

    reply to this | link to this | view in chronology ]

  • icon
    James Burkhardt (profile), 12 Jan 2022 @ 8:59am

    "No Pegasus, no services, no secretly obtained information played any role in the 2019 election campaign. They lost because they lost. They shouldn’t look for such excuses today.”

    I think this might be a serious unforced error that is exposing much more than they wanted to. At first I was thinking:

    Nice job moving the goalposts Poland. Like this is masterful spin. The issue is not that surveilance was used to affect the election - as this quote claims. The issue is that after the election, while the opposition was doing investigations into election irregularities, the government was shown to have engaged in an ongoing use of malware to perform "oversight" of the investigation. at least that appears to be the obvious motive.

    But I keep rereading this and I don't recall there ever being a claim the spyware predated the election investigation. But according to this quote, they had that spyware on the prosecutor's phone during the election, and simply didn't use the information gleaned from the illicit surveillance.

    Its been a pattern in government scandals in the modern age, with PM Johnson, Guilliani, Trump, and the Cuomos all going through this cycle.Minor scandal breaks, deny. More info comes out, deny. uncontestable proof comes out, simultaneously deny it happened and claim is was all legal. Finally, confess to the wrongdoing, still denying it was wrong, and accidentally admit the scandal was much bigger. Its a very weird spin to use, one that just asks a bunch of questions that weren't in the public eye and only brings more eyes to the problem.

    reply to this | link to this | view in chronology ]

  • identicon
    Anonymous Hero, 12 Jan 2022 @ 10:46am

    How many Polacks does it take to screw in a light bulb? Three.
    One to deny the light bulb exists.
    One to admit the light bulb exists once evidence comes out.
    One to make talking about the light bulb punishable by 3 years in prison.

    reply to this | link to this | view in chronology ]

  • identicon
    Pixelation, 12 Jan 2022 @ 2:34pm

    Seems like NSO would be in violation of CFAA, if they could be brought to court in the US.

    reply to this | link to this | view in chronology ]

  • icon
    BG (profile), 13 Jan 2022 @ 6:44am

    FTFY

    "...the secret services in many countries are using the Pegasus software to combat crime and corruption."

    Strange the spellchecker got it so wrong, please use:
    "... the secret services in many countries are using the Pegasus software to commit crime and facilitate corruption."

    reply to this | link to this | view in chronology ]


Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Close

Add A Reply

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Make this the First Word or Last Word. No thanks. (get credits or sign in to see balance)    
  • Remember name/email/url (set a cookie)

Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.