Bastille Networks, the leader in enterprise threat detection through software-defined radio, states that their solution Bastille Enterprise provides corporations and agencies the ability to discover, locate, and mitigate radio borne threats from the Pegasus Spyware.
Pegasus “Spyware” shows that a remote attacker can activate the camera and microphone on any cell phone to exfiltrate conversations or video meetings. NSO Group, the Israeli maker of Pegasus, claims that their system is designed never to attack a phone with a U.S. phone number. However, findings suggest that Pegasus has exploited phones on U.S. soil which had overseas numbers.
We spoke with Chris Risley, CEO at Bastille Networks, to discuss Pegasus in more detail and how their solution works to detect and locate compromised mobile devices.
Is Pegasus Spyware rare? Or has this type of malware been around for a while?
Pegasus is just the best known version of cell phone spyware. Because Pegasus comes from a commercial firm in Israel, it courts some publicity to better sell its product. Many of the makers of spyware, especially nation-states, keep their capabilities entir
ely secret but that spyware is still out there, infecting phones.
What makes it dangerous?
Pegasus “Spyware” demonstrates that without the user making any mistake whatsoever, their phone can receive a message which the user never sees and that message can give the attacker complete access to a user’s phone. “Complete Access” includes all the email and text messages on a cell phone, all the photographs, videos, recordings, locations, and notes stored on the phone. Complete Access also allows the attacker to listen in on every conversation on the phone, or turn on the camera and microphone to stream everything that is happening in a meeting. That streaming can go out of the building across the street or two any location in the world.
Could this issue bleed into mainstream consumer products? Or is this highly specialized malware for very specific targets?
Pegasus is already on consumer products: 34 of the 37 phone numbers publicized by the Pegasus project were Apple iPhones. Few products are more consumer oriented than the iPhone. Pegasus only sells to governments and for very high prices. However, other spyware from criminal gangs and from nation-states may be available for much less, making it economic to use in corporate espionage and even personal disputes.
How should governments and big tech respond to this issue of powerful spyware?
The reporting on Pegasus Spyware should put government agencies and enterprises on alert about allowing cell phones in areas with confidential or classified information. Just trusting your employees is no longer enough. Completely trustworthy employees may be carrying a phone that has been invisibly infected with spyware. Letting a phone ride into a classified area in the pocket of an employee risks having “uninvited guests” join your organization’s internal conversations.
Policies to exclude cell phones from sensitive areas, or from meetings at “sensitive moments” only work if they are backed with accurate cell phone detection/location systems.
How does Bastille protect against Pegasus Spyware? What makes your solution unique?
Bastille is trusted by Fortune 500 customers, military and government to instantly detect, locate and alert on the presence of rogue cell phones and other RF based devices anywhere within a facility.
Bastille detects and locates unauthorized cellphones to produce an accurate dots-on-the- floor-plan of your facility, offering security teams situational awareness with features such as geofencing, hotspot detection, SIEMS integration, and DVR forensics.
Bastille customers can detect and locate all the cellphones in their facilities whether or not those phones have WiFi or Bluetooth turned on. Bastille is the only civilian product which can locate cell phones indoors merely by their cellular signal. Bastille, to ensure there are no non-authorized cell phones and therefore no infected phones in sensitive areas.
Use Cases from Enterprises, Defense and Civilian Agencies include:
Enforce device policy: Detect cell phones in breach of cell phone policies for sensitive or no-cellphone areas.
Scan tent sites, buildings and remote offices: Scan a room or building to understand the presence and location of all emitters/transmitters and building systems.
Secure meeting areas: Detect transmitting electronic devices in secure meeting areas.
Where can governments and enterprises find out more information about how you defend against Pegasus Spyware?