Government Spyware Hacks: Why You're at Risk

The Widely Misunderstood Reality of Government Spyware

For over ten years, developers of governmental surveillance technology have consistently maintained that their products are designed solely for use against serious criminals and terrorists, and only under strictly limited circumstances.

However, accumulated evidence – drawn from numerous, potentially hundreds, of documented instances of spyware misuse globally – demonstrates that these claims are inaccurate.

Targeting Beyond Criminals and Terrorists

Journalists, human rights advocates, and political figures have been repeatedly identified as targets, not only within authoritarian regimes but also in established democracies.

A recent case involves a political strategist working with left-leaning politicians in Italy, who has been newly confirmed as a victim of Paragon spyware within the nation.

This incident underscores the fact that the deployment of spyware extends far beyond the traditionally perceived “rare” or “limited” attacks focused on a small number of individuals.

The Ease of Targeting Fuels Abuse

Eva Galperin, Director of Cybersecurity at the Electronic Frontier Foundation and a long-time spyware researcher, explained to TechCrunch, “There’s a common misconception regarding who is targeted by government spyware; the assumption is that targets are major threats.”

Galperin continued, “The reality is that, due to the simplicity of targeting, governments utilize surveillance malware to monitor a wide spectrum of individuals, including relatively minor political adversaries, activists, and members of the press.”

Several factors contribute to the frequent targeting of individuals who, ostensibly, should not be subject to surveillance.

How Spyware Systems Operate

Typically, when a government agency acquires spyware from a vendor – such as NSO Group or Paragon – they pay an initial fee for the technology itself, followed by recurring fees for updates and technical support.

The initial cost is generally determined by the number of targets the agency can monitor simultaneously; a greater number of targets results in a higher price.

Leaked documents from the now-defunct Hacking Team revealed that some clients, including police forces and government entities, could target anywhere from a few individuals to an unlimited number of devices.

While some democratic nations typically maintained a lower limit on concurrent surveillance targets, countries with questionable human rights records often had significantly higher allowances.

Providing such extensive targeting capabilities to nations with a strong inclination towards surveillance virtually guaranteed that governments would monitor a far broader range of individuals than just criminals and terrorists.

Examples of Abusive Targeting

Countries including Morocco, the United Arab Emirates (on multiple occasions), and Saudi Arabia (several times) have all been implicated in targeting journalists and activists over the years.

Runa Sandvik, a security researcher who supports at-risk activists and journalists, maintains a continually updated list of documented spyware abuse cases worldwide.

The Simplicity of Deployment

Furthermore, modern spyware – like Pegasus from NSO Group or Graphite from Paragon – simplifies the targeting process for government clients.

These systems function as user-friendly interfaces where officials simply enter a phone number, and the surveillance operation proceeds automatically.

John Scott-Railton, a senior researcher at The Citizen Lab with a decade of experience investigating spyware companies and their abuses, described government spyware as presenting a “huge abuse temptation” to its customers.

Scott-Railton emphasized that spyware “needs to be treated like the threat to democracy and elections that it is.”

Lack of Accountability and Transparency

The prevailing lack of transparency and accountability has emboldened governments to utilize this advanced surveillance technology without significant fear of repercussions.

Galperin noted to TechCrunch, “The targeting of relatively minor figures is particularly concerning, as it reflects the perceived impunity governments feel when deploying this exceptionally invasive spyware against opponents.”

Steps Towards Accountability

Despite the widespread abuse, some positive developments are emerging.

Paragon publicly severed ties with the Italian government earlier this year, citing the authorities’ refusal to cooperate with investigations into alleged abuses involving its spyware.

NSO Group previously disclosed in court that it had disconnected 10 government customers due to misuse of its technology, although it declined to identify the specific countries involved.

It remains uncertain whether these disconnections included governments in Mexico or Saudi Arabia, where numerous documented cases of abuse have occurred.

Investigations and Sanctions

Several countries, including Greece and Poland, have initiated investigations into spyware abuses.

The United States, under the Biden administration, has imposed sanctions on spyware manufacturers – including Cytrox, Intellexa, and NSO Group – and their executives, adding them to economic blocklists.

Additionally, a coalition of primarily Western nations, led by the U.K. and France, is attempting to use diplomatic pressure to curtail the spyware market.

Whether these efforts will effectively limit the global multibillion-dollar spyware market – where companies readily supply advanced surveillance tools to governments with a seemingly insatiable desire to monitor their citizens – remains to be seen.