Journalists are shown working at their desks behind the scenes of a TV news studio.
Al-Jazeera staff work at their TV station in Doha, Qatar on June 8, 2017. Dozens of journalists at the media company have been targeted by advanced spyware in an attack attributed to the governments of Saudi Arabia and the United Arab Emirates, Citizen Lab reported on December 20, 2020. (AP/Malak Harb)

Dozens of journalists newly identified as NSO Group spyware targets

New York, December 21, 2020 – NSO Group’s advanced Pegasus spyware was identified on phones of at least 36 journalists and media executives in July and August 2020, according to the University of Toronto-based Citizen Lab, which said the surveillance product was installed via a vulnerability in the iPhone messaging application. Most targets were affiliated with the Qatar-headquartered Al-Jazeera media network, according to Al-Jazeera English; Citizen Lab said a journalist at London-based Al-Araby TV was also targeted.

NSO Group says it markets its advanced surveillance tool only to governments for law enforcement purposes; the company has told CPJ in the past that it would investigate allegations of abuse to spy on journalists. Citizen Lab attributed some of the attacks to government operatives likely affiliated with Saudi Arabia and the UAE.

“Citizen Lab presents mounting evidence that for clients in the Middle East, the ability to spy on journalists and other critics is a feature, rather than a side benefit, of NSO Group’s surveillance products,” said CPJ Middle East and North Africa Program Coordinator Sherif Mansour. “Advanced surveillance tools should not be sold without regulation to governments with a long history of abusing the press.”

CPJ requested comment from the NSO Group by email. Via an intermediary, the company declined to provide a statement that could be attributed to a named spokesperson. In a statement published by the The Guardian newspaper, NSO Group said: “As we have repeatedly stated we do not have access to any information with respect to the identities of individuals our system is used to conduct surveillance on. However, where we receive credible evidence of misuse, combined with the basic identifiers of the alleged targets and timeframes, we take all necessary steps in accordance with our product misuse investigation procedure to review the allegations.”