Giertych and Wrzosek under surveillance by Pegasus. What is this program and how could it be in the hands of the Polish services?

shows that the patron Roman Giertych, who represented leading opposition politicians and Ewa Wrzosek, a prosecutor who opposed the purges in the justice system were tracked using Pegasus spyware.

AP notes that it does not know who commissioned the wiretapping of Roman Giertych and Ewa Wrzosek. As he adds, it cannot be determined. “But both victims believe the increasingly illiberal Polish government is responsible,” the agency said.

The spokesman of the minister coordinator of secret services, Stanisław Żaryn, asked for a comment, neither confirmed nor denied the PA’s reports. In a statement sent to PAP, Żaryn informed that “in Poland, operational control is carried out in justified and legally described cases, after obtaining the consent of the Prosecutor General and issuing a decision by the court” – he wrote.

Pegasus is used by services all over the world

Experts from the company Citizen Lab, specializing in cybersecurity, warned then that it may be one of the most dangerous spyware in history, as it contains code that can handle even the best security built into smartphones.

One inattentive click on a crafted link is enough to infect a phone, although experts point out that “infection” with Pegasus is also possible without any interaction on the part of the victim. The infection takes place automatically when the victim receives a link in the messenger or SMS.

former head of the cybersecurity department at the Ministry of Digitization, Piotr Januszewicz, explained how Pegasus works. As he explained, the software takes advantage of vulnerabilities in phone systems. These allow you to use your smartphone for purposes other than intended.

Pegasus enables, among others getting to know the call list, contact book, location, SMS messages, e-mails, information from Facebook, Gmail, WhatsApp and other applications. It also gives you access to photos, microphone, browser history and phone settings.

The software was developed by an Israeli company NSO Group and is to be offered to departments around the world. The Citizen Lab company determined that in 2016 the cost of using the Pegasus was estimated at $ 25,000 per device. One of the first (but would-be) victims of Pegasus was to be Ahmed Mansoor, the international human rights defender of the United Arab Emirates.

On August 10, 2016, he received an SMS with a link to allegedly secret documents about people tortured by the UAE authorities. Mansoor, instead of clicking on a link, sent a message to Citizen Labs, who took a close look at the linked page. It turned out that it contained malicious code that allowed them to take control of the device.

How could Pegasus find its way to the CBA?

In 2018, Citizen Lab published a report which showed that Pegasus is already being used by the services in at least 45 countries around the world, incl. USA, Canada, France and Singapore. Poland is also in this group. The software is used by 5 operators on the Old Continent, including “ORZELBIALY” operating on the Vistula River.

Pegasus detected in 45 countries around the world, including Poland fot. Citizen Lab

Citizen Lab did not then establish who exactly uses Poland with Pegasus. The organization only said that the program has been in operation since 2017 and it was not used for political purposes.

Pegasus detected in 45 countries around the world, including Poland fot. Citizen Lab

from NSO Group Pegasus appeared in September 2018. TVN24 then announced that The Supreme Audit Office, while examining the CBA’s finances, discovered a mysterious invoice amounting to PLN 33 million.

The document was signed by Ernest Bajda, the former head of the CBA. The list of items indicated that it was an invoice for the purchase of very expensive software. PLN 11.6 million was allocated for hardware and software, PLN 5 million for tests, and PLN 3.4 million for training. The invoice also included PLN 13.6 million of prepayment.

The Ministry of Finance could not verify what is the subject of the invoice, because the documents are secret. We only know that the invoices were issued in September 2017, and the first traces of the use of Pegasus in Poland – as previously determined by Citizen Lab – fall in November 2017.

How to check if we are under surveillance?

Due to the high cost, Pegasus is not used by the services mass surveillance. The goals are in this case specific people “from the candlestick” who, for specific reasons, could become the object of interest of the services.

It is virtually impossible to verify whether we have fallen victim to an attack on our own. In the event that such suspicions arise, it may be necessary to contact experts and companies specializing in cybersecurity issues.

Polish services have extensive competences that allow them to verify the activity of each and every one of us to an almost unlimited degree. They establish wiretaps with only the illusory control of the court, and access to telecommunications data allows them to recreate the habits and social network of every citizen and woman. This can be made a bit more difficult for them by using encrypted communication channels, such as the Belarusian opposition, using the Telegram messenger.

– he explained in an interview with Next.gazeta.pl Wojciech Klicki, lawyer and activist associated with the “Panoptykon Foundation”

Interestingly, Apple has been around for some time warns iPhone userswho may have fallen victim to Pegasus software attacks. This is the aftermath of a lawsuit Apple brought to the NSO Group. The American company informed about the case in November this year. He is demanding damages from the NSO Group and a judicial ban on the company’s development of software for iPhones.

State-sponsored entities such as the NSO Group spend millions of dollars on sophisticated surveillance technologies without incurring any liability. This has to change

Said Craig Federighi, Apple’s senior vice president of software engineering, in the release.

One of the people who received a warning from Apple about a possible attack using Pegasus was prosecutor Ewa Wrzosek. Even before the case was publicized by the AP agency, Wrzosek revealed that she might have been a victim of surveillance by the services.

I just received an @AppleSupport alert about a possible cyberattack on my phone by government services. With the indication that I may be targeted for what I am doing or who I am. I will take the warning seriously because it was preceded by other incidents

– Wrzosek wrote on Twitter at the end of November.

The findings of the Reuters agency show that at the same time notifications from Apple about possible attacks using Pegasus were also received, among others, by activists and journalists from Thailand, El Salvador and Armenia.

When you wake up and see a notification from Apple that your iPhone is being targeted, you know that cyber terrorism by state-backed terrorists is real

– Norbert Mao, head of the Democratic Party in Uganda, wrote on Twitter

In July this year. There were also reports that an Israeli company’s spyware was to become a surveillance tool in Hungary. The aim of the government of Viktor Orban was supposedly to be journalists, lawyers and one of the leading politicians of the opposition.

The CBA may lose access to Pegasus

Soon, the Central Anticorruption Bureau, which has never confirmed that it uses Pegasus or other surveillance software, may lose access to the tool developed by the NSO Group.

At the end of November, Israeli media reported that the country’s authorities “reduced the list of countries to which small businesses can sell surveillance tools or cyber attacks. “

The Israeli authorities were to decide not to release the tool to states ruled by “totalitarian regimes or where there are suspicions of violations of civil rights.” Poland and Hungary are mentioned among the countries that will not be able to use Pegasus.