This article is part of The Pegasus Project, a collaborative investigation coordinated by the Paris-based media institution Forbidden Stories and Amnesty International’s technical laboratory. The project investigates data linked to the Israeli digital intelligence group NSO, which sells advanced surveillance systems to governments around the world.
80 journalists representing 17 media organizations from around the world, including Daraj, worked to produce this series of investigations.
You nod, with your eyes or hands, you move your mouth without making a sound, you write on paper and then tear it up to rely solely on your memory. Simply put, you try to go back to more primitive communication techniques and abandon all progress mankind has made in the field of smartphone technology.
This was a major challenge for everyone participating in the Pegasus Project. How can you work on files related to the hacking of phones of thousands of people, and not fall into the same trap and end up being monitored?
As a result of the wiretapping, some have paid with their lives. Others were imprisoned or deported. Yet, despite the repeated exposure of human right violations in recent years, the cyber surveillance industry continues to besiege journalists, human rights defenders and political activists in the region.
Many of them were targeted by the Pegasus software developed by the Israeli company NSO, which sold the program to numerous governments in the region and across the world. Though marketed as a means to fight terrorism, Pegasus was mainly used to target journalists, activists, academics, trade unionists and government officials, many of whom saw their lives turned upside down.
Work on this series began months ago, when the Paris-based non-profit organization Forbidden Stories in cooperation with Amnesty International, gained access to nearly 50,000 leaked phone numbers, which had been targeted by about a dozen countries using NSO spyware since 2016.
They then invited organizations such as the Organized Crime and Corruption Reporting Project (OCCRP), newspapers such as The Washington Post and Guardian and other media, such as Daraj, to participate in producing this journalistic work.
All leaked phone numbers subjected to a forensic analysis by Amnesty International’s technical lab were verified to ascertain whether they had been hacked. It should thereby be noted that there are still many numbers of which the user’s identity and reason for targeting remain unknown.
This research, in addition to data, internal documents, interviews and other sources of information, formed the backbone of the Pegasus Project – an unprecedented effort to understand who was targeted by the NSO spyware and what happened next to them.
It is impossible to ascertain the exact number of hacked phones on the list. Many of those targeted in the past reported receiving text messages that tried to trick them into clicking on a link. However, with time, Pegasus became much more sophisticated and its latest software can breach a person’s phone, record audio and video, and obtain data without sending any link. The targeted person, literally, does not have a clue …
50,000 Phone Numbers
The 50,000 numbers belong to the fifty countries targeted by NSO clients.
The information reviewed by the participating media, including Daraj, included hundreds of numbers. However, that does not mean that every concerned number and person were hacked. It means a particular number and person were targeted by the Pegasus technology, which allows for hacking and monitoring.
Reporters were able to identify about a dozen countries that had contracted NSO and requested cyber espionage services.
The countries that purchased its services are: Mexico – Azerbaijan – Kazakhstan – Hungary – India – United Arab Emirates – Saudi Arabia – Bahrain – Morocco – Rwanda – Togo.
In order to fully understand the extent of targeting journalists and human rights defenders by countries that spent millions to purchase spyware technology, the Pegasus Project has managed to verify the identity of some 1,400 targeted phone numbers. Among them were some 180 journalists and 250 human rights activists. Note that these figures are not final. They include only what has been verified.
Normally, it is not possible to know if a phone mentioned in the leaks has been successfully hacked without analyzing the device itself. However, Amnesty International’s technical lab was able to perform forensic analysis on the phones of some journalists, revealing that they indeed were hacked.
The phone records analyzed for months for the first time reveal the staggering scope of monitoring of journalists, activists and others, despite NSO’s repeated claims that its tools are exclusively meant for target criminals and terrorists.
Many of the journalists who appear in these records have received legal threats. Others have been arrested and defamed. Some had to flee their home countries for fear of persecution – only to find themselves still under surveillance abroad. In a few cases, journalists were killed after being targeted.
The information disclosed by the Pegasus Project shows that technology is evolving into a key control and surveillance tool in the hands of repressive governments and the intelligence agencies working on their behalf.
The analyses by Amnesty International’s technical laboratory as part of the Pegasus Project are consistent with previous research. For example, Citizen Lab in December 2020 showed that dozens of people, including many journalists, were being monitored by the UAE and Saudi Arabia with the help of NSO spyware.
UAE: More Than 10,000 Numbers
Israel’s NSO insists its software is exclusively used by governments to “fight crime and terrorism.” Its website even claims its work adheres to human rights standards. However, the latest disclosures reveal a very different reality.
The leaked information has revealed the UAE’s continuous targeting of political opponents’ phones, including Alaa Al-Siddiq, who recently died in a traffic accident while in exile in London, and Ahmed Mansour, as well as those of dozens of Emirati, Arab and Western journalists and academics, and even political leaders in the region. In the coming weeks, as part of Project Pegasus, Daraj will publish its findings in a series of investigative reports.
The Emirati operation, with the help of NSO, included targets within the UAE and various other countries, including Qatar, Egypt, Lebanon, Iraq, Yemen and Saudi Arabia. It even extended to tracking people in European and Asian countries. The phone numbers targeted by the UAE exceed 10,000.
The biggest dilemma we faced when going through the list of numbers and names is that the follow-up verification requires first checking the number and secondly checking the phone itself. Seeing the wide geographical area of targeted people and the unsafety of telephone communication with them, hindered the process of verifying names.
Featuring most prominently on the list of UAE targets were some 3,000 Qatari numbers and the names of senior Qatari officials, including Emir of Hamad bin Tamim Al Thani himself. However, it was not possible to verify the number or conduct a criminal examination. Al-Jazeera journalists have been targeted for years. One name often repeated is that of Jordanian journalist Yasser Abu Hilala, Al Jazeera’s director general from 2014 to 2018. In an interview with Daraj, Abu Hilala said he has known about being targeted, since receiving a suspicious message in 2017. He posted about the matter on his Twitter account.
“The hackings are a crime we are exposed to as both journalists and citizens,” said Abu Hilala, who was close to Khashoggi and fellow Al Jazeera journalist Wadah Khanfar, who were both also targeted by the spyware. “We need to pursue those who violated our privacy. This crime will not stop unless we introduce serious accountability.”
According to Hilala, these intrusions do not only target him in his profession, but also in his personal life, as he uses his phone for WhatsApp groups with family members and friends, which makes them vulnerable to abuse as well.
The UAE Cyber Security Model
Having developed a very advanced cyber infrastructure, the UAE boasts that it ranks fifth in the world in terms of digital security. The Gulf state likes to market this as its glamorous image as a center for a comfortable and luxurious life.
But behind the image lurk some shocking facts. Especially when it comes to freedom of expression and political activities, they convey a very closed world. The tendency to control freedom of speech, whether in the public or virtual sphere, has sharply increased following the 2011 Arab uprisings.
The UAE has issued a series of anti-terrorism laws banning certain comments on social media as well as gatherings and protests. This “iron fist” approach saw many activists, human rights defenders and opponents arrested.
In 2008, the UAE set up a cyber surveillance unit headquartered in both the UAE and the US, where it worked closely with the Cyber Point company, which employs numerous former US intelligence officers. Due to restrictions that prevent spying on US citizens, the effort in 2015 became DarkMatter, an Emirati firm not bound by US laws and directly affiliated with the UAE government.
According to Mohamed Negm, Executive Director of SMEX, a Lebanese organization for advancing digital rights, DarkMatter is one of the largest surveillance companies in the world. It is essentially the government’s security arm
“Its presence and dependence on a system that does not value human rights lead to these technologies becoming a dangerous political tool used both at home and abroad,” Negm told Daraj. “They are expandable. And here lies the danger.”
The latest Pegasus leaks confirms previous research, such as the 2018 Amnesty International investigation, and shows how the UAE is working to become one of the world’s leading players in the field of cybersecurity with the help of technologies developed by DarkMatter within the Emirates and through deals with for example the Israeli firm NSO. Below we will focus on some of the most prominent journalists and activists proven to be targeted by the UAE with the help of Israeli technology.
Alaa Al Siddik
On June 19, Emirati human rights activist Alaa Al-Siddiq was sitting in a car listening to music with some friends on a British highway. As it was a holiday, as well as her 33rd birthday, and so her friends insisted on celebrating.
Sitting in the back seat Alaa did not survive the car crash. She died instantly. The accident triggered a lot of speculation. Was her death an accident? Or premeditated murder?
A British investigation concluded her death was due to an accident. Yahya Asiri, the Saudi dissident and director of the AlQST human rights organization, for whom Alaa was working, came to the same conclusion.
Alaa’s name appeared in the Pegasus documents as one of the many targeted by the Emirati wiretapping operation between 2018 and mid-2019, which is the period in which she moved from Qatar to Britain.
To understand why the UAE would target such a young activist, a 2018 speech by Qatari Foreign Minister Mohammed Abdulrahman Al Thani comes to mind.
“Two months before the crisis, we monitored attacks from the Emirati media, and we communicated with them to solve the problems bilaterally,” he said. “Abu Dhabi requested the extradition of the wife of an Emirati dissident residing in Doha. Abu Dhabi Crown Prince, Sheikh Mohammed bin Zayed, sent envoys to the Emir to demand the extradition of the woman.”
According to the Qatari official, the Emir refused to hand over the woman, who later turned out to be Alaa Al-Siddiq. This was confirmed by ALQST director Yahya Asiri.
The uproar surrounding Alaa’s death and the emergence of her name as a hacking target is related to her work, identity and family. She was an executive director of ALQST, as well as the daughter of Muhammad Al-Siddiq who is imprisoned in the Emirates.
He was sentenced to 10 years in the infamous 2014 UAE-94 trial, which saw dozens of critics and activists being imprisoned. Prior to that, in 2011, he had already been stripped of his Emirati citizenship for signing a petition calling for democratic reform. Alaa passed away not having talked to her dad for years.
In 2012, Alaa fled to Qatar. In 2016, the UAE authorities also stripped Alaa and her nine siblings of their citizenship. Three years later she moved to the UK. In 2013, at the height of the counter-revolutions in the Arab world, as the UAE hardened its stance against any critical opinion or opposition.
Alaa’s passion for human rights emerged. Despite her relatively young age, she soon demonstrated a strong presence and vitality in defending freedom of expression and political activism.
According to Asiri, Alaa’s passion for human rights work was overwhelming. She volunteered to work for ALQST, although the institution deals with human rights violations in Saudi Arabia, not the UAE. “Alaa was one of the main motivators working at ALQST,” he said. “She showed such seriousness and vitality, that she soon became an executive director.”
Ahmed Mansour is the UAE’s most famous human rights activist.
He is currently imprisoned there. He is known for his courage and organizing virtual debates calling for political reform. His phone was previously hacked, as was verified by Citizen Lab. The Pegasus Project shows his phone was again targeted prior to his arrest in 2017.
Mansour’s case is the most prominent in the UAE. Not only was his phone hacked, he was stalked, repeatedly arrested and subjected to ill-treatment and torture.He was first arrested with five others in 2011 and sentenced to three years in prison, yet pardoned soon after. In 2012, Mansour first discovered that he was spied on, as was revealed by Citizen Lab. It prompted Apple to try modify its phones’ features to avoid future breaches.
Yet, the hacking continued. Mansour was arrested again in 2017 for “spreading lies” on social media, and he has been in prison ever since. The leaked Pegasus data show how he was targeted at certain intervals, including in the period preceding his arrest. This arguably would not have happened, were it not for NSO operating alongside DarkMatter.
Spying on Saudis
NSO provided the possibility to track the same people using different operators. And the tracking occurred in more than one country. For example, the hacking of phones belonging to Saudi activists was not limited to the Saudi authorities. The UAE too kept a close watch. Again, its monitoring included opposition figures, journalists, writers and even those considered allies.
According to the Pegasus leaks, the UAE targeted well-known Saudi women’s rights activist Loujain Al-Hathloul and Canadian-based political activist Omar Abdulaziz, whose story will be part of the file on Saudi violations. The Emirati operation furthermore targeted dissidents Saad Al-Faqih and Abdullah Al-Ghamdi and political satirist Ghanem Al-Masari Al-Dosari.
AlQST director Yahya Asiri was also monitored by both Saudis and Emiratis. He was not surprised to hear his phone was a frequent target.
“We live in the wrong time in the wrong circumstances,” he told Daraj. “Yet, our efforts must continue despite the threats. Sometimes I want to get away from it all. But when I see the guys who have been assaulted, I cannot be afraid or stop.”
Asiri used to work in logistics for the Royal Saudi Air Force. He always had a critical view on the social and political situation in the Kingdom. Internet forums in 2008 offered him a space for discussion and debate. He always avoided using his real name. However, afraid that his political activism on the Internet might be discovered, he and his wife in 2014 applied for political asylum in Britain, where he founded ALQST.
“If we take all technical precautions to have full security, we will have to stop working,” he replied when asked how he could continue to work and talk on a phone that could be hacked, and thus pose a threat, while he has already lost numerous friends and colleagues in an ugly way. “We try to reduce the risks, as we still live in a state of repression. But any release from prison or any other achievement, however small, is progress. And that is what encourages us to continue, despite all the fears. We must continue for the sake of justice.”
Several Emirati activists have filed lawsuits against Israel and NSO in Israel and Cyprus, calling for the company to be held accountable. “It requires time and money and I have neither,” said Asiri, asked if he filed charges like Omar Abdulaziz and many others did. “But seeing the recent developments, there is a big chance I will.”
Western Journalists and Activists
Bradley Hope is a well-known American journalist covering money and finance for the Wall Street Journal. Among his books are Blood and Oil (2020), which deals with the rise of Saudi Crown Prince Mohammed bin Salman, and The Billion Dollar Whale (2015) about a massive corruption scandal in Malaysia with links to the UAE.
Bradley’s name occurs repeatedly in the leaked data. He believes his targeting is related to the quality of information published in his books and his overall coverage of the Middle East and Gulf region.
The data furthermore included Financial Times UAE correspondent Simon Kerr, English journalist Greg Carstorm, who works for the Economist, Caroline Tause, director of operations at CNN Dubai, and Turkish journalist Turan Kiselaki, a close friend of assassinated Saudi journalist Jamal Khashoggi.
The Pegasus data also named British academic Matthew Hedges, who was arrested in 2018 upon leaving the UAE following a research visit. He was sentenced to life imprisonment, but pardoned a few days later. The Pegasus Project shows how Hedges was on a watch list in the days prior to his arrest.
Cyber Dark Forces
The British NGO Privacy International estimates there are at least 27 Israeli companies active in the field of spyware software and mobile phones, which makes Israel, with a population of 8 million, a leading pioneer.
NSO is arguably the most well-known and controversial among these companies specializing in hacking phones. NSO claims it only develops the technology and cannot be held responsible for what its clients, governments only, do with it.Yet, the question is: did the Israeli company know they would also be pursuing journalists and human rights activists?
The obvious answer is: of course, they knew.
Since the announcement of the Abraham Peace Accords in the fall of 2020 and the start of official relations between Israel and the UAE, technology has emerged as one of the main points of interest. Yet, in fact, technology preceded the peace agreement.
In an interview with Israeli newspaper Calcalist, Muhammad Hamad al-Kuwaiti, head of cyber security in the UAE government, confirmed his country had worked with Israeli cyber companies, even before the signing of the treaty. “Israel is a strategic partner for us,” he said. “It’s well advanced in the field of cyber defense and building electronic immunity, so we want to learn from it. ” In the interview he furthermore hinted at the UAE’s use of Pegasus spyware.
“What I know is that NSO provides a tool that helps national security bodies in the fight against terrorism,” he said. “Terrorism has harmed us and harmed Israel. If NSO can provide tools that help, without violating anyone’s privacy and in accordance with the rules regulating law enforcement, then sure. This will help prevent terrorism and save lives.” Thanks to the Pegasus Project, we know now this is absolute nonsense.
Media organizations involved in the Pegasus Leaks:
Forbidden Stories – Le Monde- Suddeutsche Zeitung -Die Zeit – Washington Post – The Guardian -Dara – Direkt36 – Le Soir – Knack-Radio France – The Wire – Proceso – Aristeui Noticias – OCCRP- Haaretz – PBS Frontline