Who hacked Downing Street?

Boris Johnson’s mobile phone was tested by cybersecurity experts after Downing Street was targeted by an infamous spying software used by hackers and authoritarian regimes.

Researchers at the University of Toronto’s The Citizen Lab found that a Downing Street device was infected with the notorious “Trojan Horse”-style snooping software, with the breach “likely to have led to the exfiltration of potentially highly sensitive data”, said The Times.

According to the New Yorker, tests were carried out on “several” phones, including one belonging to the prime minister, with Citizen Lab analysts concluding that the Pegasus spying software “was used to infect a device connected to the network at 10 Downing Street” on 7 July 2020.

Subscribe to The Week

Escape your echo chamber. Get the facts behind the news, plus analysis from multiple perspectives.

SUBSCRIBE & SAVE

Sign up for The Week's Free Newsletters

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

From our morning news briefing to a weekly Good News Newsletter, get the best of The Week delivered directly to your inbox.

Sign up

The National Cyber Security Centre, a branch of the UK’s intelligence services, carried out testing on the phones, and was ultimately “unable to locate the infected device” nor was it able to determine the nature of any stolen data, according to the magazine.

Who hacked No. 10?

The Citizen Lab said that “based on the servers to which the data were transmitted” the United Arab Emirates, or an organisation linked to the country, was most likely behind the cyber attack.

The Canadian research body also said that at least five phones connected to the Foreign Office were hacked between July 2020 and June 2021, with a government official confirming “indications of hacking had been uncovered”. The attacks were likely to have been carried out by “Pegasus operators connected to the UAE, India, Cyprus and Jordan”, said The Times.

John Scott-Railton, a senior researcher at the Citizen Lab, said that the UK was “underestimating the threat from Pegasus” despite having been “spectacularly burned”. But government sources stressed to The Times this week that the cyber attacks had not been “serious or widespread” and was no longer considered a threat.

The UAE did not respond to requests for comment, said the New Yorker, while employees of NSO, the Israeli company that designed Pegasus, claimed they were unaware of the hack.

In a statement, the company said: “Information raised in the inquiry indicates that these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons.”

What is Pegasus?

Pegasus was created by NSO Group, an Israeli technology firm that was “blacklisted” by the United States last year for selling the spyware to “governments that ‘maliciously target’ dissidents, human rights activists and journalists”, said The Times.

It is a piece of spyware that covertly allows access to the target’s mobile phone, according to The Guardian. It gains access through small software flaws, and can extract emails, photos and contact details, as well as secretly activate the phone’s microphone and camera.

NSO claims that it sells its software only to vetted government clients, to help them prevent “terrorism and serious crime”, but an investigation co-ordinated by the NGO Forbidden Stories, Amnesty and 17 news organisations, including The Guardian, suggested that Pegasus has been used by many authoritarian regimes and right-wing populist governments to target journalists, human rights activists, dissidents and opposition politicians.

The investigation found that 10 countries in particular had many instances of Pegasus being used: Azerbaijan, Bahrain, Hungary, India, Kazakhstan, Mexico, Morocco, Rwanda, Saudi Arabia and UAE, the BBC reported.