What Pegasus Means for Cyber Weapons

What Pegasus Means for Cyber Weapons

By Ellie Patton '24; Photo illustration by Cristiana Couceiro for the New York Times 

Earlier this year, The New York Times described Pegasus, a spyware technology developed by the Israeli security company NSO, as the world’s most powerful cyberweapon. Pegasus, which was developed in 2011, is able to hack smartphones without the users knowing. Hackers are able to access phone data, location services, and control of the camera and microphone. The technology has been used to capture El Chapo, break up human trafficking rings, and target dissidents. The technology has been purchased by numerous countries including Poland, Hungary, India, Mexico, and even the U.S. government, though the U.S. insists it has never used the software. Although the software has proliferated to a wide range of countries, its use and diplomatic consequences have been hotly debated.

NSO was founded in 2010, and the group introduced Pegasus in 2011. The company has a close relationship with the Israeli government, with most of their top executives being former Israeli intelligence officers. This has allowed Pegasus to arm Israel’s already powerful diplomatic arsenal. While the export of military technology from Israel is not a new concept, the nature of cyberweapons may make the export of Pegasus an even more useful tool for Israeli diplomacy. Cyber Weapons are often more affordable and easier to distribute than conventional weapons. They also have less regulations around them than conventional weapons. This may mean that the proliferation of cyber weapons is easier than the proliferation of conventional weapons. This could have major implications for the states buying and selling these technologies.

While there is no clear confirmation, there is a correlation between countries’ policy shifts towards Israel and NSO selling Pegasus to these countries. For example, after the sale of Pegasus to Mexico’s government, Mexico began abstaining from U.N. votes regarding Israel (instead of their typical “no” votes). In Mexico, as well as the UAE, Poland, Hungary, India, and Saudi Arabia, Pegasus has been used to target political opponents, protestors, and dissidents.  

Late last year, NSO was blacklisted by the U.S. government, despite the U.S. government having purchased the technology. This “blacklisting” prevents American companies from selling technology to the groups. The company has also faced widespread criticism for the use of its technology and is currently in an ongoing lawsuit with Apple.

While the fate of NSO and Pegasus is not certain, this situation shows the increasing demand for cyberweapons. The technology also shows how hard preventing the proliferation and restricting the use of this technology is for states. Cyberweapons are different from conventional weapons. You cannot “see” a state’s cyberweapon arsenal, you cannot “see” when a state is alerting cyber weapons, and it is hard to know when they were used. There is also an aspect of deniability with cyber weapons that rarely exists with conventional weapons. Pegasus should be disturbing for many reasons. First, it exposes the vulnerabilities in our everyday technology. Second, it demonstrates how easy the proliferation of cyberweapons is, and in other words how easy it is for these technologies to get in the “wrong hands.” Third, it exposes a level of secrecy and deniability that is confined to very few domains of military technology. This software exemplifies the growing use and development of cyber weapons, and should prompt a major restructuring of the use of these technologies, at least for domestic use.

Leave a Reply

Your email address will not be published.