Downing Street and Foreign Office infected with spyware, experts claim

Citizen Lab, which researches digital threats, said that it occasionally observes cases where it suspects that governments are using spyware to undertake international espionage.

While it said the vast majority of these cases are outside of its “scope and mission”, it sometimes contacts governments if it believes they can reduce harm through their actions.

It found that Pegasus infections were present on electronic devices connected to UK government networks in 2020 and 2021.

Pegasus is spyware developed by the Israeli cyber-arms company NSO Group that can be covertly installed on mobile phones and other devices running most versions of iOS and Android.

While it may have been built in Israel, the suspected infections relating to the FCO were associated with operators linked to the UAE, India, Cyprus, and Jordan, Citizen Lab said.

The suspected infection at the UK Prime Minister’s Office was particularly associated with a Pegasus operator in the UAE.

An NSO spokesperson said the allegations are “false and could not be related to NSO products for technological and contractual reasons.”

A British government spokesperson said: “We do not routinely comment on security matters.”

As the FCO has personnel in many countries, the suspected infections could be related to devices located abroad and using foreign SIM cards, similar to the hacking of foreign phone numbers used by US State Department employees in Uganda in 2021.

The UK is currently in the midst of several ongoing legislative and judicial efforts relating to regulatory questions surrounding cyber policy, as well as redress for spyware victims. 

“Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK government was aware of the ongoing spyware threat, and took appropriate action to mitigate it,” Citizen Lab said.

Last year, the UN Human Rights Office of the High Commissioner called on governments to pause the sale and transfer of surveillance technology, including spyware, until rules can be agreed upon to govern their use and prevent human rights infringements.