Nigeria spends more than any other African country in spying its citizens

Although this was massive news a few years ago, Israeli tech firm NSO Group and its sophisticated spying software Pegasus have once again grabbed headlines after Amnesty International published a report claiming that the governments of dozens of countries around the world had purchased the company’s services in order to maintain strict vigilance against political rivals, journalists, activists and dissidents.

One of the main revelations in this case relates to the leak of a list of 50,000 phone numbers identified as potential targets of Pegasus spyware since 2016. While not all of these users of interest were infected, the information contained in this list shows that countries such as Nigeria, Saudi Arabia, India or Morocco are among NSO Group’s top customers worldwide.

In the past, state intelligence organizations such as the U.S. National Security Agency (NSA) had developed advanced systems to gather information for specific purposes and using all kinds of resources, primarily online search logs and social media activity. Nonetheless, NSO Group raised the bet by developing Pegasus, a powerful spyware capable of extracting all kinds of information from a compromised device, including text messages, documents, images, videos and system information.

This tool had been developed for national security purposes, although this did not prevent the rulers of multiple countries from beginning to use Pegasus for purposes unrelated to national security. In the case of Nigeria, this tool was used for years to compile lists of people upset with the government, going so far as to harass multiple activists and political opponents.

In this regard, the company issued a statement categorically denying that the solutions developed by its teams have the specific purpose of spying on people of interest, adding that these allegations are based on unconfirmed theories and that they come from sources of questionable veracity.

Still, NSO Group seems to enter into a serious contradiction by not denying the possible abuses in this technology and pledging to investigate these allegations: “We will analyze the credible allegations about the abusive use of our solutions and act according to the results obtained. Among the possible consequences is the interruption of access provided to certain customers; we have done this in the past and we will not hesitate to implement it again,” says a brief statement from the company.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.