Members of Indian opposition parties, including Congress and others like the All India Majlis-e-Ittehadul Muslimeen on Monday demanded a parliamentary committee probe into the "Pegasus" spyware that reportedly targeted around 300 Indians, including journalists, politicians, activists, businesspersons, and scientists to extract sensitive data from their phones.
While suggesting a serious investigation be conducted into the matter, key leaders of the Congress party -- Rahul Gandhi and Priyanka Gandhi Vadra -- have raised questions over the Indian government's potential involvement in the hacking attack.
Several cyber-enthusiastic Indians are also extensively discussing on social media if they are being watched by the government.
The #Pegasus revelations are abhorrent. If true, the Modi government seems to have launched a grave and sinister attack on the Right to Privacy - constitutionally guaranteed to Indian citizens as a Fundamental Right. This is an affront to democracy and has.. 1/2— Priyanka Gandhi Vadra (@priyankagandhi) July 19, 2021
This raises an important question that won’t be answered today… who are these people doing the snooping?— Shivam Shankar Singh (@ShivamShankarS) July 18, 2021
We know it’s the govt, but who in it? It’s likely it’s under MHA, but someone must follow up exactly who… the potential for misuse and blackmail is tremendous.
#Pegasus use is hacking, not “authorised interception” or tapping. Hacking is a crime, whether it’s done by individuals or govt— Asaduddin Owaisi (@asadowaisi) July 18, 2021
Govt has to expressly disclose or deny only 2 things:
1 Did you use NSO spyware or not?
2 Did you target specific people named in news reports? 1/2
A Forensic Methodology Report by Amnesty International released over the weekend claims that Pegasus spyware has been used in a widespread and persistent manner to unlawfully spy on over 50,000 influential people around the world, including in India.
A total of 17 global media outlets including The Washington Post and the Indian publication The Wire were among others who joined Amnesty International to report the spyware attack.
Speaking to Sputnik, Shamsher Bahadur, Cyber Security Practice Head of software consultancy Armantec Systems, said that it is feasible indeed for such spyware to mine confidential data from the phones of important people who could put the national security of their country at risk.
"Once the spyware is able to access the target devices, it collects the data and transmits it to the Command and Control Centre established by the attacker," Bahadur stated. "The targeted victims are compelled to click on malicious links by several ways including bombarding them with messages involving their areas of interest."
"Since Pegasus is being used to snoop on key individuals like journalists, activists, scientists and politicians -- it could gather secret information from their devices and expose them as well as their countries to major cyber threats," he explained.
How the Government Has Reacted
Indian news agency ANI released a "government statement" late at night on 18 July that strongly denied all allegations regarding any surveillance of people.
The statement does not contain the name of an official or the ministry that issued it, so it remains unclear as to who is looking into the matter, the Ministry of Information and Broadcasting (I&B) or the Ministry of Electronics and Information Technology (MeitY).
This statement is floating around as the 'government response' to the hack-attack on Indian biggies by 'Israeli spyware Pegasus' .— Radhika Parashar (@_RadhikaReports) July 18, 2021
It remains unclear, which ministry or minister is this coming from.
No signatures..no letter head.. nothing @GoI_MeitY @AshwiniVaishnaw pic.twitter.com/08qn1uNN3E
Sputnik reached out to the Indian Ministries of I&B as well as MeitY for a reaction about the developments, but the queries remain unanswered.
India's newly-appointed IT Minister Ashwini Vaishnaw on Monday addressed the subject in the Parliament, saying it is all too "coincidental" that this Pegasus spyware case was revealed in India just a day before the Parliament's Monsoon Session began.
Mr Ashwinin Vaishnaw:— Supriya Bhardwaj (@Supriya23bh) July 19, 2021
Any form of illegal surveillance isn't possible with checks & balances in our laws &robust institutions
In India, there's well-established procedure through which lawful interception of electronic comm is carried out 4 purpose of national security#Pegasus pic.twitter.com/VNCE6ZvZb5
Cyber-Vulnerabilities Plaguing Data Security of Indians
The busting of this cyber-spy racket comes at a time when India is witnessing a rise in web attacks from a number of countries, including -- supposedly -- China and Pakistan.
Senior Indian cyber security expert Nandakishore Harikumar told Sputnik that the scarier part of this Pegasus attack is that nobody is sure how many victims were attacked in India and around the world because more targets could still be under surveillance.
"One last line by The Wire says that the investigators are not sure about how many got compromised. It's just like counting the number of cyber scams one could come across in a day and even more. It's extremely concerning that there is no way to identify a victim of Pegasus attack until and unless the target is exploited," he said.
"This highlights the unfortunately weak cyber security awareness in India and other nations during these times when the internet has penetrated deeply into our daily lives," Harikumar added.
This is not the first time that the Pegasus spyware has been found to have been targeting Indian nationals.
In November 2019, WhatsApp claimed that the NSO Group was snooping on Indian activists and journalists using Pegasus.