Pegasus And The Increase In Cyberattacks On An International Scale
The latest surprise in cybersecurity has been the increase in cyberattacks on politicians, both pro-independence and the government with the Pegasus spyware. However, it has only been the straw that breaks the camel’s back, in a difficult time in terms of cybersecurity. Neither governments nor companies have experienced a quiet season when it comes to cyberattacks for a long time, but 2022 is an especially difficult year. In this post, we cover the rise in cyberattacks on organizations and businesses this year, and how to protect yourself against them.
If as a result of the pandemic the attacks on companies and organizations had been especially intense , due to the rise in teleworking activity and the increase in ransomware attacks , this year is not far behind. The nuance this year is that more and more public entities and personalities are being attacked.
Increase In Cyber Attacks With Pegasus
Among the most important cyberattacks, the Pegasus spyware from the Israeli company NSO Group, which seemed to be a resource intended for governments to prosecute illicit attacks, now appears to be being used for other purposes. In principle, the Israeli company sold its licenses to help governments fight pedophilia, sex or drug trafficking networks, locate missing persons or survivors of catastrophes or fight terrorism, but in practice its use has gone further.
As an example, the attacks on mobile phones of 63 personalities of the Catalan independence movement, the president of the Spanish Government (from whom they obtained 2.6GB and 130MB of data) and the Minister of Defense (both spied on between May and June 2021).
These are just a few cases among the many politicians targeted by Pegasus’ attack. In 2021, in fact, the Washington Post revealed that there were 50,000 phones that had potentially suffered Pegasus attacks. In December of that year, Reuters reported that the iPhones of nine US State Department employees fell victim to spyware, exploiting a vulnerability in iMessage.
Amistia International has denounced that Pegasus is being used to spy not only on politicians and governments, but also on journalists, activists and businessmen around the world.
How Does Pegasus Work?
The tricky part of all this is that Pegasus used, like other malware, spear phishing , that is, sending emails or SMS impersonating an identity so that a specific victim clicks to download the spyware. But it began to exploit Zero Day vulnerabilities in both WhatsApp (in 2019) and iMessage -the iPhone application- (in 2021). These vulnerabilities allowed the victim to not have to interact. Just a WhatsApp call or an invisible iMessage was enough to infect the phone. This, together with the fact that Pegasus disappears from the device without a trace when it is turned off, makes spyware especially dangerous.
How To Fight Pegasus?
Amnesty International itself has created a project, called MVT, to detect if a phone has been infected, using tracks that remain on the mobile, called IOC. However, advanced knowledge is required to use this tool. Luckily there is also another alternative, available for iPhone users (just like MVT). The application called iMazing can be used from the PC to, by connecting the terminal to it and following certain steps, find out if it has been infected with Pegasus.
The Rise Of Cyber Attacks In The Future
A month after the outbreak of the war in Ukraine due to the invasion of Russia, on February 20, with the stagnation of the advance of Russian troops, Joe Biden surprised the world with some worrying statements. Specifically, these were his words in a tweet:
“I have previously warned of the possibility that Russia could conduct malicious cyber activity against the US. Today, I am reiterating those intelligence-based warnings that the Russian government is exploring options for possible cyber attacks.”
Not only that, the Casablanca published a “Fact Sheet” to warn companies. In it, he not only indicated the increase in the activity of the US administration since November 2021, when Vladimir Putin escalated his aggression aimed at the invasion of Ukraine.
How To Protect Yourself From Cyber Attacks
We end with the recommendations of the US Government, set out in that same Fact Sheet, so that companies protect themselves in the future from cyber attacks, which have only just begun:
- Order the use of multifactor authentication in systems.
- Implement modern security tools on computers and devices for active surveillance and threat mitigation.
- Ensure with cybersecurity professionals that systems are protected against known vulnerabilities.
- Modify passwords used on company networks.
- Make backups, and make sure you have backups out of reach of attackers.
- Develop emergency plans to be prepared to respond quickly to minimize the impact of any
- Encrypt data so it cannot be used if stolen
- Train employees in the most common attacker tactics.
- Collaborate proactively with government security organizations.
As we can see, most of them coincide with the recommendations that any solvent cybersecurity company would make -including Extra Software-, so we end up recommending the application of these recommendations to our clients.