Header image

Emergency update for all Apple users: Everything you need to know about Pegasus Spyware

Updating your phone’s software can sometimes be the last thing on your mind, particularly when updating means losing access to our phone, something no one wants during a lockdown.

However, this recent update is an important security update to ensure your phone isn’t at risk of being exploited by spyware. While it may seem like international spyware is not something you will ever need to worry about, it’s important to know what you can about how surveillance systems can impact you, and why they’re central to human rights.

Here’s everything you need to know about targeted surveillance and why updating your devices is an important first step in managing your privacy.

What is targeted surveillance?

Targeted surveillance occurs when a group, authority or government gains access to users’ phones and computers through a cyberattack. Once in, they can find out a range of information, including contact lists, passwords, social media habits and texts. They can also record conversations, tap into networks and destroy any ongoing work. Since 2017, Amnesty’s own research has uncovered attacks like these in Egypt, India, Morocco, Pakistan, Saudi Arabia, UAE, Qatar and Uzbekistan.

The people targeted are often journalists, bloggers and activists who are working to challenge injustice. They may be exposing corrupt deals, demanding electoral reform, or promoting the right to privacy. Their defence of human rights puts them at odds with their governments. When governments attack the people who are defending our rights, then we’re all at risk.

The recent update offered by Apple is a direct response to Pegasus software – a software that has been in use since 2016. After a 2021 investigation, called the Pegasus Project, it was revealed that the software was being abused by a number of governments to target human rights defenders.

What is Pegasus spyware?

Pegasus spyware is surveillance software developed by NSO Group, an Israeli-based surveillance company. Pegasus is a spyware which uses zero-day vulnerabilities to enter and remain undetectable on mobile phones. The spyware can be used to track anything on a mobile phone without being detected – including turning on GPS, recording audio, turning on the camera and tracking communications.

While NSO Group claims this spyware is only sold to governments as an anti-terrorism measure and “law enforcement tool”, an investigation called the Pegasus Project – coordinated by Forbidden Stories with technical support from Amnesty International – revealed that the spyware was being abused by governments to target and monitor a number of journalists, heads of state, activists and human rights defenders.

What did the Pegasus Project reveal?

The Pegasus Project is a ground-breaking collaboration by more than 80 journalists from 17 media organizations in 10 countries using cutting-edge forensic tests on mobile phones to identify traces of spyware created by NSO Group. The list of targets contained phone numbers for more than 600 government officials and politicians from 34 countries.

The Pegasus Project lays bare how NSO’s spyware is a weapon of choice for repressive governments seeking to silence journalists, attack activists and crush dissent, placing countless lives in peril.

Agnès Callamard, Secretary General of Amnesty International

“These revelations blow apart any claims by NSO that such attacks are rare and down to rogue use of their technology. While the company claims its spyware is only used for legitimate criminal and terror investigations, it’s clear its technology facilitates systemic abuse. They paint a picture of legitimacy, while profiting from widespread human rights violations.”

Attacks on journalists

During the investigation, evidence emerged that a number of journalists whose phones had been infected with Pegasus software were later found murdered.

The investigation found that family members of Saudi journalist Jamal Khashoggi were targeted with Pegasus software before and after his murder in Istanbul on 2 October 2018 by Saudi operatives, despite repeated denials from NSO Group.

Amnesty International’s Security Lab also established that Pegasus spyware was successfully installed on the phone of Khashoggi’s fiancée Hatice Cengiz just four days after his murder. His wife, Hanan Elatr was also repeatedly targeted with the spyware between September 2017 and April 2018 as well as his son, Abdullah, who was also selected as a target along with other family members in Saudi Arabia and the UAE.

In a statement, the NSO Group responded to the Pegasus Project allegations saying that its “technology was not associated in any way with the heinous murder of Jamal Khashoggi”. The company said that it “previously investigated this claim, immediately after the heinous murder, which again, is being made without validation”.

The investigation has so far identified at least 180 journalists in 20 countries who were selected for potential targeting with NSO spyware between 2016 to June 2021, including in Azerbaijan, Hungary, India and Morocco, countries where crackdowns against independent media have intensified.

The revelations show the real-world harm caused by unlawful surveillance.

“The number of journalists identified as targets vividly illustrates how Pegasus is used as a tool to intimidate critical media. It is about controlling public narrative, resisting scrutiny, and suppressing any dissenting voice.”

Agnes Callamard

“These revelations must act as a catalyst for change. The surveillance industry must no longer be afforded a laissez-faire approach from governments with a vested interest in using this technology to commit human rights violations.”

But why should I update my phone?

Pegasus works by exploiting ‘zero-day vulnerabilities’, that is, a software security risk that is unknown to the software company and so doesn’t yet have a patch designed to stop users exploiting it.

The recent update rolled out across all Apple products is a fix to the zero day vulnerability used by Pegasus to enter any Apple device. Around the world, all phones run on similar software, meaning that any exploitation of this software can be used on any other phone using the same software. By updating your phone, you stop targeted surveillance being able to access your phone.

What else can you do?

The risk of targeted surveillance goes beyond just updating your phone – while this is the first step in reducing the risk for yourself as a potential target, it is important that we also stand up against surveillance companies and governments being able to use this software to target journalists, human rights defenders and activists. By standing against targeted surveillance we protect those who are working to protect us.

To take action to support press freedom and the safety of journalists worldwide you can act now by signing petitions for their release and by following the Amnesty International Australia Media Awards 2021 and its work to support a free press in Australia.