Ron Deibert (centre), Director of Citizen Lab, with Professor James Der Derian (left) and Dr Aim Sinpeng (right) at the Global Forum 2019: Future Insecurity hosted by the Centre for International Security Studies, The University of Sydney.
This week brought another Project Q event to the headlines—Our 2019 Q Forum, where Ron Deibert presented on the Geopolitics of the Quantum Race. Deibert is the Director of Citizen Lab—an interdisciplinary research and development group working at the intersection of the Internet, global security, and human rights. Yesterday, Citizen Lab released a new report as part of their ongoing investigation into Israeli cybersecurity firm NSO’s Pegasus software.
The report, “FORCEDENTRY: An NSO Group iMessage Zero-Click Exploit captured In-The-Wild,” was authored by Deibert and Citizen Lab colleagues Bill Marczak, John Scott-Railton, Bahr Abdul-Razzak, Noura Al-Jizawi, Siena Anstis, and Kristin Berdan. FORCEDENTRY details Citizen Lab’s findings from an analysis the group performed on the phone of a Saudi activist targeted by the NSO Group’s Pegasus spyware.
The report reveals a “zero-day zero-click” exploit against Apple’s iMessage—a name given to the attack that gives companies “zero days” to roll out a fix and doesn’t require the target to click on anything in order to infect their phone.
The investigation exposed how the spyware took advantage of a vulnerability in Apple’s image rendering library to give Pegasus clients near-complete access to their target’s device—including personal files, photos, messages and location—as well as control of the device’s camera and recording function.
These findings are only the most recent in a string of revelations about NSO’s invasive spyware uncovered by Citizen Lab. The NSO Group first entered the spotlight in 2016 with the release of Citizen Lab’s Million Dollar Dissident report, which revealed the iPhone of internationally recognized human rights defender, Ahmed Mansoor, had been targeted by their Pegasus spyware.
An ongoing global investigation by media outlets including the Washington Post and The Guardian, known as the Pegasus Project, has ensued. In July of this year, Amnesty International found evidence that 37 phones belonging to politicians, journalists, human rights activists, and business executives had been targeted by Pegasus software. Their findings also revealed the phones of two women closest to the murdered Saudi journalist, Jamal Khashoggi, had been infected by the spyware.
Citizen Lab’s most recent revelation led to collaboration with Apple to ensure that the vulnerability on their iPhones, iPads, Macs and Watches exploited by Pegasus was quickly fixed. On September 13th, Apple released an update that patches the vulnerability identified by the Citizen Lab report.
Hear Ron Deibert’s insights as he presents at Q5’s Q Forum: The Geopolitics of the Quantum Race.
You can access prior Citizen Lab reports on Pegasus and NSO Group here.