Pro-democracy activists flash a three-fingered symbol or resistance during a rally in Bangkok, Thailand, on March 24, 2021
Cybersecurity researchers reported details yesterday of cases where Thai activists involved in the country’s pro-democracy protests had their cell phones or other devices infected and attacked with government-sponsored spyware.
Investigators of the internet watchdog groups Citizen Lab, Thailand’s Internet Law Reform Dialogue, or iLaw, and Digital Reach said at least 30 individuals — including activists, scholars and people working with civil society groups — were targeted by an unnamed government entity or entities for surveillance with Pegasus, a spyware produced by the Israeli-based cybersecurity company NSO Group.
The reports from the two groups named many of those targeted, confirming earlier reports of the surveillance, which John Scott-Railton of Citizen Lab said shows that governments are exploiting their ability to buy technologies designed to fight crime and terrorism to spy on critics and other private citizens.
“Citizen Lab believes there is a fundamental challenge for civil society,” John Scott-Railton of Citizen Lab said in an online presentation at a briefing in Bangkok.
The attacks on the individuals’ devices spanned from Oct. 2020 to Nov. 2021, a timing “highly relevant to specific Thai political events” since they took place over the period of time when pro-democracy protests erupted across the country.
But Scott-Railton said Citizen Lab, which exposes digital espionage campaigns and insecure software, believed there was still an active Pegasus operator in Thailand.
Those whose devices were attacked were either involved in the protests in 2020-2021, or were publicly critical of the Thai monarchy. Lawyers who defended the activists also were under such digital surveillance, the researchers said.
The Pegasus spyware is known for “zero-click exploits,” which means it can be installed remotely onto a target’s phone without the target having to click any links or download software.
The spyware can obtain any data on the devices, including contact lists and group chats, making it highly effective against political groups and movements, Scott-Railton said.
NSO Group’s products, including the Pegasus software, are typically licensed only to government intelligence and law enforcement agencies to investigate terrorism and serious crime, according to the company’s website. Citizen Lab and other cyber security researchers have tracked the spyware to 45 countries.
In a separate report Monday, the human rights group Amnesty International reiterated its call for a global moratorium on the sale of spyware.
“The unlawful targeted surveillance of human rights defenders and civil society is a tool of repression. It is time to clamp down on this industry that continues to operate in the shadows,” Amnesty Tech’s deputy director Danna Ingleton said in a statement.
The company has rejected accusations that its snooping software helped lead to the killing of Saudi journalist Jamal Khashoggi, perhaps the highest-profile case so far.
It maintains that its sales undergo a rigorous ethical vetting process and that Pegasus spyware is sold to governments only for security purposes.
ELAINE KURTENBACH & ZEN SOO, Bangkok, MDT/AP
