Pegasus: NSO Group to exhibit at UK government-supported security expo
The NSO Group, whose Pegasus spyware has allegedly been used to hack politicians, rights activists and journalists, including potentially hundreds of British citizens, is listed as an exhibitor at a security show to be held next month, with organisers claiming "overwhelming" UK government support.
The Israeli surveillance company has been at the centre of controversy in recent months, after a consortium of media outlets published an investigation based on leaks of more than 50,000 phone numbers believed to belong to people potentially targeted by NSO’s government clients.
Among the phone numbers were around 400 British citizens’ phone numbers, including lawyers, academics, the head of a leading think tank and a baroness who sits in the UK parliament’s upper chamber, the House of Lords.
The NSO Group has repeatedly denied wrongdoing and said that it vets all its government clients before selling spyware to them.
The British government had already complained to the Israeli government “several times” about the NSO Group’s operations before the leaks came to light, a Cabinet Office minister told the House of Lords in July.
Despite these concerns, the company is listed as an exhibitor at the International Security Expo 2021, which says it has the “overwhelming and continued support of the UK government”. The company’s participation was first reported by Top10VPN.
Offering “game-changing security solutions”, the event is also advertised as “the only flagship event bringing government, industry, academic and the entire end-user community in charge of regulation and procurement together”.
Counter Terrorism Policing, British Transport Police, the Civil Aviation Authority, Border Force, the Defence and Security Accelerator and UK Defence and Security Exports are among the UK government agencies listed as event participants.
The expo’s advisory council is chaired by a former UK security minister and includes representatives from the Metropolitan Police, the Ministry of Defence, British Transport Police, HM Prison and Probation Service and Nato.
'Shocked and concerned'
MEE has approached the Foreign, Commonwealth and Development Office and the expo's organisers for comment. A request for comment to three different NSO Group email accounts listed on the company's website bounced back.
MEE asked the Home Office if it was concerned about NSO Group's participation in the event given the allegations of widespread hacking using the company's spyware.
"The annual International Security Expo provides a useful opportunity for the security and resilience sector to gather and discuss the latest trends, technologies and opportunities for collaboration," a government spokesman said.
"The Home Office engagement with the International Security Expo is limited to exhibiting in the central Government Zone. The Home Office does not organise this event and is not responsible for deciding on attendees or exhibitors."
London law firm Bindmans has been exploring legal proceedings on behalf of more than a dozen British citizens allegedly targeted by the NSO Group’s Pegasus spyware, including Manzila Pola Uddin, a member of the House of Lords, and Madawi al-Rasheed, a professor at the London School of Economics and MEE columnist.
Monika Sobiecki, a partner with the firm, said on Thursday that she was “shocked and concerned that the NSO Group continues to advertise, despite being under intense international scrutiny regarding their Pegasus spyware, including facing potential litigation”.
“We would hope that industry leaders exercise better discretion and scrutinise companies which exhibit in the UK, presumably to attract investment and support,” she said.
Pegasus has been used by governments, including Morocco, Hungary, India and Rwanda, to illegally access the phone data of targets worldwide.
The spyware can be delivered to a mobile phone through a missed call or WhatsApp message. It has the ability to access all contacts, photos and messages stored on the phone, as well as the internet browser and call history. Pegasus can activate cameras and microphones at will, and record from them. It can send its users' current location data.
Notable victims of the Pegasus software breach include associates of MEE columnist and Washington Post contributor Jamal Khashoggi, who was murdered inside the Saudi consulate in Istanbul in October 2018.
Forensic analysis has confirmed that the device of MEE's Turkey bureau chief, Ragip Soylu, was also hacked by Pegasus software.
MEE revealed earlier this month that Rached Ghannouchi, speaker of the Tunisian parliament, had his phone targeted by Saudi Arabia.