Dozens of declassified internal FBI documents The New York Times(Opens in a new window) show that FBI officials came close to using the controversial Pegasus hacking tool in their own criminal investigations.
The Times FBI officials are reported to have “worked” to use hacking software in their own criminal investigations in late 2020 and the first half of 2021. But it’s unclear how the bureau planned to use the hacking tool, made by the Israeli group NSO, or whether it was considering using spyware against American citizens.
Heavily redacted documents published in Times according to a Freedom of Information request, agency officials were in an “advanced” stage of planning to inform FBI leaders about the spyware and had written guidelines for federal prosecutors on how the use of Pegasus should be disclosed during legal proceedings .
Pegasus has been used by various government actors around the world to infiltrate a target’s cell phone, where the infiltrator gains access to messages, emails, and contacts, and can remotely turn on the device’s cameras and microphone. It was condemned by human rights groups(Opens in a new window) due to its no-click hacking capability, where the hacked user does not need to click a link, read a message or answer a call for their device to be infiltrated.
The FBI has been known to have obtained the surveillance tool for some time, but until now the agency has maintained that it is only interested in the software for research and development purposes.
In December 2021, during a closed-door congressional hearing, FBI Director Chris Wray responded to a question from Senator Ron Wyden about the agency’s use of Pegasus(Opens in a new window) that the agency only acquired a license for hacking software for research and development.
He said: “If you mean whether we’ve used it in any of our investigations to collect or target somebody, the answer – as I’m sure – is no. The reason I’m guarding myself and wanting to be transparent is that we acquired some of their R&D tools. In other words, to figure out how the bad guys could use it, for example.’
In response to the revelations, Senator Wyden excoriated Wray for providing “misleading testimony about the bureau’s acquisition of powerful hacking tools.”
In a conversation with Times an FBI spokeswoman said “the director’s testimony was accurate when it was given and remains true today – the NSO product was not used operationally to support an FBI investigation.”
Recommended by our editors
Despite the FBI deciding against using Pegasus in criminal investigations, the FBI stated in a legal brief(Opens in a new window) last month that it would be open to the use of other spyware in the future.
The statement read: “Just because the FBI has ultimately decided not to use a tool to support criminal investigations does not mean that it will not test, evaluate and ultimately use other similar tools to access encrypted communications that used by criminals.”
The NSO group was blacklisted by the US(Opens in a new window), while the European Union Data Protection Supervisor (EDPS) called on the EU to ban the software. A Dutch member of the European Parliament last week called Pegasus, which has been used against journalists, activists and government critics around the world, a “serious threat to democracy”.(Opens in a new window).”
Amid the swirling controversy, the Israeli company has cut its workforce by 15% and raised prices by about 20% to stave off cash losses that have totaled tens of millions of dollars this year, according to Bloomberg.(Opens in a new window).
Do you like what you read?
Sign up for SecurityWatch newsletter with our top privacy and security stories delivered right to your inbox.