On Pegasus and other cyberattacks – Richard Norton-Taylor in TLS:

‘NSO was named after the forename initials of the three people who set it up – Niv Carmi, Shalev Hulio and Omri Lavie. The three enjoyed a close relationship with the Israeli intelligence and defence establishment which appeared to trust the company to keep its mouth shut about the identities of those who bought their software. Hulio said they called their cyber-surveillance project Pegasus, “because what we built was actually a Trojan horse we sent flying through the air to devices”. In their book, Laurent Richard and Sandrine Rigaud call Pegasus a “military-grade offensive weapon”.
The authors are, respectively, the founder and editor-in-chief of Forbidden Stories, a consortium of journalists whose mission is to publish information governments and private corporations try to suppress. The organization co-ordinated, among other projects, an investigation into the assassination of the journalist Daphne Caruana Galizia in Malta in 2017.
Their slow-burning, captivating detective story describes how, with the support of Amnesty International’s Security Lab, which is based in Berlin, and Citizen Lab, at the University of Toronto, they began a painstaking, nerve-wracking, forensic operation after an unidentified whistleblower leaked data suggesting that 50,000 mobile phone numbers had been selected as potential targets by NSO’s worldwide clients. These clients included security and intelligence services in Mexico, Morocco, Azerbaijan, Saudi Arabia, Hungary, India and the United Arab Emirates. Governments of those countries subsequently denied they used Pegasus spyware to target the phones of their critics.’

(…)
‘Among the more than 1,000 individuals the authors verified as potential Pegasus targets were three presidents, including Emanuel Macron and members of his cabinet (targeted by NSO clients in Morocco), more than 600 politicians, including ten prime ministers, two Emirati princesses (Pegasus was used in 2021 to spy on Princess Haya and her divorce lawyer, Baroness Shackleton), businessmen, human rights defenders and nearly 200 journalists investigating corruption and political scandals.
Saudi agents had allegedly used Pegasus to try to track the dissident Saudi journalist Jamal Khashoggi. He was assassinated in October 2018 in an operation, according to a US intelligence investigation, approved by the Saudi Crown Prince, Muhammad bin Salman, a conclusion the Saudi government has rejected. One of the numbers on the leaked list was identified as the mobile of Khashoggi’s fiancée, Hatice Cengiz. Richard and Rigaud say her phone was “successfully compromised” by Pegasus spyware days after Khashoggi’s murder. Attempts had also been made to infect the mobile of his Egyptian wife, Hanan Elatr, whom he married in June 2018 (despite also being engaged to Cengiz), four months before his murder.’ (…)
‘It is unclear precisely how successful NSO’s clients have been in their use of Pegasus. The US responded to the revelations by blacklisting the company, accusing it of indulging in “maliciously” targeting individuals and acting “contrary to the national security interests of the United States”. NSO was shaken but survives.
The authors warn that the dangers posed by sophisticated surveillance and technology will not go away. Increasingly intrusive computer software is developing so fast that laws designed to regulate spyware can be ineffective and out-of-date as soon as they are enacted. And that’s just for democracies. The technology will get more aggressive, more difficult to discover and combat.’

(…)

‘While the authors of Pegasus highlight the threats to targeted individuals, Kello concentrates on the failure of Western governments to respond to cyberattacks, notably by Russia, North Korea and China.
The author singles out China as the greatest threat to democratic countries in its development of “new modes of strategic competition that have allowed it to undermine Western power and its supporting institutions without resorting to the violent methods of war and thereby avoiding its repercussions”. He adds: “The tendencies of Chinese foreign policy reflect not only a desire for security and wealth, but also an ideological drive”. He quotes Xi Jinping’s call for a “new type of international relations”.’

(…)

‘These two books alert us to two distinct, albeit related, challenges. One, embraced by Kello, is how best to defend state institutions and a nation’s critical infrastructure from cyberattacks. The other, highlighted by Richard and Rigaud, is how to defend innocent individuals from cyber-surveillance. Pegasus warns of a “dystopian future” if citizens do not understand the nature of this threat. Readers of Striking Back might conclude that Western governments risk suffering a similar fate.’

Read the article here.

It’s interesting why Putin hasn’t started a cyber war against the West. Maybe he is too weak, but it is also possible that he is aware of the red lines of Biden, and Biden probably is very much aware of Putin's red lines. There must be a quid pro quo there.

Yes, the spyware will become more aggressive, more subtle, more widespread, and it is probably more difficult to stop than the spread of mustard gas.

The are many many dystopian futures on the horizon. The total control of the own citizenry is fairly close, but there will always be options to escape the all-seeing eye, perfection is only for the gods.

And at least some politicians might understand that the total control is the end of liberalism and for that reason the end of the West.