Former European Parliamentarian Allegedly Hacked by Pegasus Spyware
A former member of the European Parliament, Stelios Kouloglou, was reportedly subjected to Pegasus spyware attacks while actively participating in a committee tasked with investigating surveillance activities by the tool's Israeli developer. This information comes from a recent analysis by Citizen Lab, a research group based in Canada.
Kouloglou, an investigative journalist from Greece who served as an MEP from 2015 to 2024, had his iPhone compromised by Pegasus spyware on at least three separate occasions during 2022 and 2023. Citizen Lab's report, released on Friday, details these intrusions.
These incidents, which occurred while Kouloglou was in Athens and Brussels, coincided with his tenure on a committee specifically established to scrutinize the illicit deployment of Pegasus and other surveillance tools within the European Union. The PEGA Committee was formed by European lawmakers in 2022, following widespread revelations that various governments within the bloc had utilized Pegasus to monitor journalists, activists, politicians, and other citizens.
Kouloglou received notifications from Apple regarding potential Pegasus breaches, though these alerts arrived several months after each intrusion. He subsequently requested Citizen Lab to conduct a forensic examination of his device in May.
Implications for Democratic Processes
Citizen Lab's report underscores the significant threat posed by mercenary spyware to the integrity of democratic processes. The report highlights that regardless of the specific entity responsible for the hacking, such an intrusion could have exposed highly confidential communications among PEGA Committee members, their staff, and other sensitive parliamentary proceedings. This includes information pertinent to the very parties under investigation by the committee itself.
While Citizen Lab did not attribute the hacking to a particular government, it stated that its investigation found no evidence suggesting the Greek government was responsible for these specific incidents.
Understanding Pegasus Spyware
Pegasus, developed and sold by the Israeli cyber firm NSO Group, headquartered in Herzliya, is a sophisticated spyware designed to covertly seize control of a target's mobile phone. This allows its operator remote access to a device's messages, photographs, contacts, camera, and microphone. NSO Group markets Pegasus as a legitimate instrument for law enforcement and intelligence agencies to combat criminal organizations and terrorism. However, the software has also been documented as being used to surveil journalists, lawyers, dissidents, and government officials globally.
In 2021, the NSO Group was placed on a blacklist by the United States government under President Joe Biden's administration, citing its activities as being 'contrary to the foreign policy and national security interests of the US.' Last year, a US judge also issued an injunction against NSO Group, prohibiting it from targeting the encrypted messaging application WhatsApp, asserting that its software inflicts 'direct harm.' NSO Group has previously stated that it rigorously vets its clients and has terminated contracts with users found to have misused the software.
Concerns for European Democracy
Rand Hammoud, director of the security, surveillance, and human rights program at the Center for Democracy and Technology Europe, emphasized that this case should be a matter of concern for anyone invested in democracy, fundamental rights, and the rule of law across Europe. Hammoud conveyed to Al Jazeera that the alleged targeting of an MEP serving on the PEGA Committee, which was specifically established to investigate spyware abuse, raises serious questions about the integrity of democratic oversight itself. She characterized these cyberattacks as indicative of a broader systemic failure to effectively regulate the commercial spyware market.
German MEP Hannah Neumann, who also served on the PEGA Committee, urged for an immediate investigation into these breaches by the European Parliament. Neumann stated in a post on X that spyware does not enhance the safety of democracies; rather, it undermines democratic oversight, parliamentary independence, and the rule of law.
Source: Al Jazeera