Phones of Spanish Prime Minister and Defence Minister hacked with Pegasus spy software

by Lorraine Williamson
Pegasus software hacked phones

Not only Catalan separatists have been bugged, but the mobile phones of Spanish Prime Minister Pedro Sánchez and Defence Minister Margarita Robles have also been tapped using Pegasus software from Israeli company NSO.  

The Pegasus software has been used in numerous countries to monitor politicians, activists and also journalists. The software can extract all kinds of important data from a person’s phone. Furthermore, it can intercept messages, switch on the microphone and camera and share location data. 

In Spain, there has been a fuss about it for weeks. The same spy software was previously used by the government to eavesdrop on Catalan separatists. The Spanish defence ministry said the software had always been used ‘legally’. Catalonia declared independence in 2017 after many people voted for secession in a referendum banned by Madrid. Afterwards, involved separatist leaders were arrested and tried. 

Sánchez and Robles victims 

Now it appears that the phones of Prime Minister Pedro Sánchez and Defence Minister Margarita Robles were tapped in May and June 2021 using the Israeli program Pegasus. The Spanish government has filed a complaint with the Audiencia Nacional, claiming that the intrusions, in which a large amount of information was stolen, have an ‘external’ origin. 

The hackers extracted a huge amount of information from Sánchez’s phone: 2.6 gigabytes in the first break-in, and 130 megabytes in the second. The loot on the Defence Minister’s mobile phone was much smaller, at least in volume: 9 megabytes. However, the government does not yet know what information was stolen and how sensitive it was, but in both cases it was her work phone and not her private phones. 

Report by Minister Bolaños 

The Minister of the Presidency, Félix Bolaños, appeared early Monday morning in La Moncloa. He was accompanied by spokesperson Isabel Rodríguez and reported ‘committed intrusions; whereby a certain amount of data was extracted from the terminals’ and described the interventions as ‘illegal’ and ‘external’. 

Bolaños did not make it clear who was behind it or whether the perpetrators acted on behalf of another country. According to him, the Spanish government and the Ministry of Justice did not authorise it. The Spanish government assures that the computer attacks come ‘from outside the state organs’. ‘When we talk about intrusions from outside, we mean that they take place outside the state organs. Therefore, they do not have judicial authorisation. That is why we describe them as illegal and external,’ Bolaños stressed.  

Cogesa Expats

On Monday morning, the Public Prosecutor’s Office filed a complaint with the judge of the Audiencia Nacional to investigate. The complaint does not mention the possible perpetrators by name. However, it relies on ‘verified and contrasted’ data, about which ‘there is no doubt’, said Bolaños.  

Hack-proof phone  

When a high-ranking official takes office, he receives an encrypted and theoretically hack-proof mobile phone from the Departemento de Securidad Nacional (DSN). This, in turn, is provided by the Centro Criptológico Nacional (CCN), which is responsible for ensuring the secrecy of state communications. The fact that the phones of the President and the Minister of Defence were spied on without the attack being detected is a clear breach of security. 

Sources in La Moncloa point out that intrusions of this type have been detected in some 20 countries. Furthermore, this was without it being possible to discover the source in most cases. Theoretically, the Pegasus programme is not in the possession of the secret services of supposedly hostile countries, such as Russia or China, but rather of friendly countries, such as Morocco, Saudi Arabia, the Emirates or Mexico. 

Thorough forensic analysis 

The discovery was made after the CCN conducted a thorough forensic analysis of the two mobile phones. During this time, Sánchez and Robles had to hand them over for a period of 24 to 36 hours. This was because the periodic and routine checks to which the phones of high-ranking officials are subjected had not detected them. Following the publication of the list of more than 60 Catalan pro-independence leaders who, according to Citizen Lab, a group of experts from the University of Toronto (Canada), had been infected by Pegasus and the realisation that many of them had never been spied on by the CNI, the government decided to check its own mobile phones. 

Strengthening security systems  

One of the government’s conclusions is that we will strengthen our security systems. We are going to make all the knowledge and capabilities of the central government available to regional governments and parliaments,’ Bolaños added. The government claims that this discovery will not affect Congressional hearings to clarify the Catalan wiretapping scandal.  

No new intrusions after June 2021 according to minister 

The government claims that on Sunday it had in its hands the report of the National Cryptologic Centre (CCN). This is the CNI body that oversees the security of senior officials’ communications. According to the report, the phones of Sánchez and Robles were not broken into again after June 2021. ‘We know that since those dates, there has been no intrusion into those two terminals. There is no evidence that there has been another break-in,’ the minister concluded. 

Also read: Spain asks officials to change passwords due to cyberattacks

You may also like