Blog

   GS Paper - 4

Why in the news?

Recent accusations suggest that Indian journalists were targeted by the Pegasus spyware.

The matter came to light following Apple's caution to specific iPhone users, including Members of Parliament, regarding potential state-sponsored cyber attacks.

What are the Allegations?

• Journalists Targeted: Reports indicate the utilization of Pegasus spyware to target journalists in India, raising concerns about potential infringements on journalistic privacy and freedom.
  
  
• Apple's Detection of Intrusion: In October 2023, Apple identified the intrusion, notifying specific iPhone users, including Members of Parliament, of potential 'state-sponsored attacks.'
  
  
• Amnesty International's Investigation: Researchers from Amnesty International's Security Lab scrutinized the purportedly infected devices, revealing evidence of Pegasus's activities.
  
  
• Zero-Click Exploit Technique: The report outlines the use of a 'zero-click exploit' method, allowing the installation of Pegasus on devices without the owner's knowledge or action.
  
  
• Specific Exploit Methodology: The identified exploit, named BLASTPAST, involved two stages: establishing a connection with Apple HomeKit and transmitting malicious content via iMessage.
  
  
• Accusations Against NSO Group: The NSO Group, responsible for creating Pegasus, faces allegations of facilitating these intrusions. However, NSO contends that their technologies are exclusively provided to vetted law enforcement and intelligence agencies, primarily for counterterrorism and major crime prevention.

What is Pegasus Spyware?

• Pegasus is a specific type of spyware designed to clandestinely infiltrate devices and gather personal data.
  
  
• Developed by the Israeli company NSO Group, established in 2010, Pegasus initially spread through spear-phishing, involving the deception of users to click malicious links in texts or emails.
  
  
• Pegasus has evolved to employ "zero-click" attacks, eliminating the need for any action from the device owner for successful infiltration.
  
  
• These attacks exploit "zero-day" vulnerabilities, unknown flaws in the operating system not yet identified and patched by manufacturers.
  
  
• Globally, Pegasus has targeted human rights activists, journalists, lawyers, and is reportedly sold to authoritarian regimes by the NSO Group.
  
  
• Allegations in India suggest that ministers, government officials, and opposition leaders' phones may have been potentially compromised by Pegasus spyware.

What is the Zero-Click Exploit Method?

• The term "zero-click exploit" denotes an advanced cyber-attack technique enabling a hacker to infiltrate a device, be it a smartphone or computer, without any user interaction. 
• This method is concerning as it eliminates the conventional reliance on user errors, such as clicking on malicious links or downloading compromised files.

Legal and Political Repercussions

• Appeal for Transparency and Accountability:

• Amnesty International is urging the Indian government to enhance transparency in its interactions with surveillance companies, including the NSO Group, developers of the Pegasus spyware.

• Concerns Regarding Press Freedom and Civil Liberties:

• The use of Pegasus spyware on journalists has prompted anxieties about press freedom and state surveillance in India, contributing to the country's decline in the World Press Freedom Index since 2014.

• Public Response and Legal Initiatives:

• Responding to these concerns, activists have filed petitions with the Supreme Court, alleging widespread surveillance intended to curb free speech and democratic dissent.

• Involvement of the Supreme Court:

• The Supreme Court has actively engaged in the issue, seeking a comprehensive affidavit from the Centre regarding the implementation and utilization of Pegasus spyware.

• Government's Limited Response:

• Despite these concerns and legal actions, the Indian government has refrained from openly acknowledging the use of Pegasus spyware. Furthermore, it has not fully cooperated with a Supreme Court-appointed committee investigating these matters, citing national security considerations.

Steps to Enhance Cyber Security

• National Cyber Security Policy:

• The focal point of this policy is to establish a secure and resilient digital environment for citizens, businesses, and the government. 
• It delineates objectives and strategies aimed at safeguarding online information and infrastructure. 
• Additionally, it seeks to enhance capabilities to prevent and respond to cyber threats while mitigating impact through the concerted efforts of organizational structures, people, processes, and technologies.

• Cyber Surakshit Bharat Initiative:

• Initiated to heighten awareness of cybercrimes, this initiative aims to institute protective measures for Chief Information Security Officers (CISOs) and IT staff within government sectors.

• Indian Cyber Crime Coordination Centre (I4C):

• Formed to provide a structured and cohesive framework, the I4C facilitates law enforcement in effectively addressing cyber crimes.

It encompasses seven key components:

• National Cyber Crime Threat Analytics Unit
• National Cyber Crime Reporting Portal
• National Cyber Crime Training Centre
• Cyber Crime Ecosystem Management Unit
• National Cyber Crime Research and Innovation Centre
• National Cyber Crime Forensic Laboratory Ecosystem
• Platform for Joint Cyber Crime Investigation Team
  
  
• Cyber Swachhta Kendra (Botnet Cleaning and Malware Analysis Center):

• Established in 2017, this center has the objective of preserving a secure digital space by detecting botnet infections in India. 
• It assists users in cleaning and fortifying their systems to prevent further infections.

• Computer Emergency Response Team - India (CERT-In):

• Operating under the Ministry of Electronics and Information Technology (MeitY), CERT-In is responsible for aggregating and analyzing data on cyber incidents, issuing cybersecurity alerts.

• Critical Information Infrastructure (CII):

• Characterized as a computer resource whose compromise could significantly impact national security, economy, public health, or safety.

• National Critical Information Infrastructure Protection Centre (NCIIPC):

• Tasked with safeguarding CIIs across vital sectors such as power, banking, telecommunications, transportation, government, and strategic industries.

• Defence Cyber Agency (DCyA):

• A tri-service command within the Indian Armed Forces, the DCyA is committed to countering cybersecurity threats. 
• Its capabilities include conducting diverse cyber operations like hacking, surveillance, data recovery, encryption, and deploying countermeasures against cyber threats.

Conclusion

The grave accusations surrounding the deployment of Pegasus spyware against Indian journalists bring to the forefront concerns regarding privacy, surveillance, and the freedom of the press. This incident highlights the delicate balance between national security imperatives and individual rights, initiating discussions on the implications of surveillance for democratic processes.