Report: UN Official, Others in Armenia Hacked by Pegasus Spyware

Facts

• A group of researchers on Thursday published a report alleging that 12 individuals in Armenia, including journalists, human rights activists, and at least one UN official, were hacked by cyber-intelligence firm NSO Group's spyware Pegasus between October 2020 and December 2022.¹
• While the researchers didn't tie the hacking to a specific government or entity, they reportedly found some circumstantial evidence linking it to the long-running military conflict between Armenia and Azerbaijan over the contested Nagorno-Karabakh region.²
• In addition to the UN official, other individuals allegedly targeted include then-Armenian official ombudsman Kristinne Grigoryan, two Radio Free Europe journalists, and a former foreign ministry spokesperson, among others.³
• Israeli-made Pegasus is known for its ability to remotely control and monitor iPhones and Androids. NSO Group has previously prompted international outcry after its spyware was allegedly used on journalists, politicians, lawyers, and NGO workers in countries including Mexico, the UAE, and Saudi Arabia.⁴
• The investigation was led by Access Now, Citizen Lab, Amnesty Internationalʼs Security Lab, and independent Armenian mobile-security researcher Ruben Muradyan, with researchers saying this would be the first documented instance of the spyware being used during a military conflict.⁵
• Neither the NSO Group nor the Armenian or Azerbaijani governments have commented on the alleged hacks. However, an NSO spokesperson said the firm investigates any "improper use[s]" of its technologies and has broken off multiple contracts in the past.⁵

Sources: ¹Access Now, ²Guardian, ³Bloomberg, ⁴Forbes, and ⁵POLITICO.

Narratives

• Narrative A, as provided by Guardian. The NSO Group refuses to engage with or acknowledge the overwhelming forensic evidence tying Pegasus spyware to many cases of human rights abuses and oppressive regimes. This usage of spyware shows the risk of the technology being used to fuel geopolitical conflicts — this should alarm everyone.
• Narrative B, as provided by Haaretz. NSO follows all industry policies, religiously investigating credible allegations of misuse of its technologies and terminating when appropriate. The problem of abuse of surveillance technologies doesn't lie with the company, but rather the fact that there needs to be a global regulatory cyber intelligence framework to address the responsibility of governmental operators.