Polish Gov't Finally Admits It Deployed NSO Malware, Pretends Targeting Of Opposition Leaders Isn't Abusive
from the don't-be-shitty,-Poland dept
Poland — like far too many countries — has a Pegasus problem. The highly intrusive (and highly effective) phone malware sold by Israel’s NSO Group for the ostensible purpose of tracking down terrorists and other deadly criminals has been observed (yet again) being deployed to track government critics and political opponents.
When Apple announced its lawsuit against NSO Group for targeting iPhone users, it also announced plans to notify users who had been targeted by NSO spyware. The first beneficiary of this notification program was a Polish prosecutor who was apparently targeted for trying to investigate election irregularities.
That initial notification opened the floodgates. The Polish government had access to the spyware and was deploying it for reasons entirely unrelated for the reasons it stated when purchasing it.
Several members of political opposition groups in Poland have produced evidence that they were hacked by Pegasus spyware, raising alarming questions about the Polish government’s use of the software.
[…]
The compromises were discovered by Citizen Lab, a spyware research group based at the University of Toronto, which has done extensive work on Pegasus.
[…]
In the Polish case, Citizen Lab also found evidence of spyware compromises targeting a lawyer representing Polish opposition groups and a prosecutor involved in a case against the ruling Law and Justice party. In both cases, traces of Pegasus spyware were found on the targets’ devices.
“Tip of the iceberg,” as AFP reported (via MSN News):
Evidence of the hacking, which has become a major scandal in Poland, was reported by the Canada-based cyber-security watchdog Citizen Lab.
“We think this is just the tip of the iceberg and there’ll be more discoveries to come,” John Scott-Railton, a senior researcher with the group, told AFP.
“It’s shocking and it looks very bad,” he said. “Pegasus is a tool of dictators. Its use in these cases point to an authoritarian slide” in Poland.
Throughout this stream of revelations, the Polish government remained silent, apparently hoping the steady stream of news involving misuse by NSO customers would wash away interest in its misdeeds. Waiting it out didn’t work. When the plan to ignore it failed, the government started lying.
When asked by the AP in December if Poland had purchased Pegasus, state security spokesman Stanislaw Zaryn would neither confirm nor deny it. However, many Kaczynski allies publicly cast doubt on suggestions of government Pegasus use.
Polish Prime Minister Mateusz Morawiecki called the Citizen Lab-AP findings “fake news” and suggested a foreign intelligence service could have done the spying — an idea dismissed by critics who said no other government would have any interest in the three Polish targets.
Deputy Defense Minister Wojciech Skurkiewicz in late December said “the Pegasus system is not in the possession of the Polish services. It is not used to track or surveil anyone in our country.”
All lies. And all exposed by non-government entities like Citizen Lab and Amnesty International — both of which have uncovered plenty of device infections by NSO malware. Faced with undeniable evidence, the Polish government has finally admitted its possession of these hacking tools.
Poland’s most powerful politician has acknowledged that the country bought advanced spyware from the Israeli surveillance software maker NSO Group, but denied that it was being used to target his political opponents.
Jaroslaw Kaczynski, the leader of Poland’s ruling conservative party, Law and Justice, said in an interview that the secret services in many countries are using the Pegasus software to combat crime and corruption.
But this admission is accompanied by even more lies. Evidence shows the Polish government targeted opposition figures and investigators looking into a highly irregular, and completely botched election. The evidence is overwhelming but the ruling party is still trying to pretend this is all above-board.
“There is nothing here, no fact, except the hysteria of the opposition. There is no Pegasus case, no surveillance,” Kaczynski said. “No Pegasus, no services, no secretly obtained information played any role in the 2019 election campaign. They lost because they lost. They shouldn’t look for such excuses today.”
Maybe in this particular case the spying did not directly affect election results. But the software is not being used to target terrorists and criminals. It’s being used to track opposition officials and investigators who are definitely the sort of people the malware was purchased to target. This is abuse and the government is taking a decidedly totalitarian tack by refusing to admit it engaged in, at the very least, highly questionable use of these hacking tools.
Filed Under: malware, pegasus, poland, politics, spyware, surveillance
Companies: nso group
Comments on “Polish Gov't Finally Admits It Deployed NSO Malware, Pretends Targeting Of Opposition Leaders Isn't Abusive”
'Fake news! We never did X! Even if we did that's fine!'
Polish Government: Pegasus? Never heard of it.
Evidence: The polish government bought Pegasus, software explicitly designed to spy on people.
Polish Government: Okay maybe we’ve heard of it, but any investigations were purely anti-terrorism and/or anti-corruption related.
Evidence: It was used against political opponents and those looking into questionable elections.
Polish Government: Fake news! Nothing happened and anyone who says otherwise is lying, something we have demonstrably not done during this debacle so you can trust us over those filthy liars!
"the secret services in many countries are using the Pegasus software to combat crime and corruption."
And yet somehow we keep finding out they used it in criminal and corrupt ways to protect the Corrupt Criminals in power.
Re: Corrupt Criminals in power.
tsk, tsk — the Constitutional Republic of Poland is obviously a unique case.
Corrupt government is virtually impossible in democracies, where the citizens exercise total control over all persons with any government power.
Can you even imagine anyone in the American government ever spying on citizens, political critics, or political opponents?
It’s unthinkable.
Re: Re: Corrupt Criminals in power.
I am not a fan of emojis or other explicit marks of sarcasm either. Let them cringe.
Re: Re: Corrupt Criminals in power.
Tu quoque, the masterful response to anything.
It’s ironic that this is the same government that tried to stop Article 17.
Re: ironic
I assume you’re referring to Article 17 of the Directive on Copyright in the Digital Single Market, in which case I agree.
I think this might be a serious unforced error that is exposing much more than they wanted to. At first I was thinking:
Nice job moving the goalposts Poland. Like this is masterful spin. The issue is not that surveilance was used to affect the election – as this quote claims. The issue is that after the election, while the opposition was doing investigations into election irregularities, the government was shown to have engaged in an ongoing use of malware to perform "oversight" of the investigation. at least that appears to be the obvious motive.
But I keep rereading this and I don’t recall there ever being a claim the spyware predated the election investigation. But according to this quote, they had that spyware on the prosecutor’s phone during the election, and simply didn’t use the information gleaned from the illicit surveillance.
Its been a pattern in government scandals in the modern age, with PM Johnson, Guilliani, Trump, and the Cuomos all going through this cycle.Minor scandal breaks, deny. More info comes out, deny. uncontestable proof comes out, simultaneously deny it happened and claim is was all legal. Finally, confess to the wrongdoing, still denying it was wrong, and accidentally admit the scandal was much bigger. Its a very weird spin to use, one that just asks a bunch of questions that weren’t in the public eye and only brings more eyes to the problem.
How many Polacks does it take to screw in a light bulb? Three.
One to deny the light bulb exists.
One to admit the light bulb exists once evidence comes out.
One to make talking about the light bulb punishable by 3 years in prison.
Seems like NSO would be in violation of CFAA, if they could be brought to court in the US.
FTFY
"…the secret services in many countries are using the Pegasus software to combat crime and corruption."
Strange the spellchecker got it so wrong, please use:
"… the secret services in many countries are using the Pegasus software to commit crime and facilitate corruption."