Researchers detect ‘multiple spyware infections’ of Downing St and FCDO since 2020

Written by Sam Trendall on 19 April 2022 in News

Canadian academics claim that attack on No. 10 using Pegasus software was launched from the UAE

Credit: Paul Bloch/Pixabay

Over the last two years Downing Street has been repeatedly infected with spyware in attacks perpetrated from the United Arab Emirates, according to academic research.

An announcement published yesterday by the University of Toronto’s Citizen Lab reveals that, during 2020 and 2021, the unit’s researchers “observed and notified the government of the UK of multiple suspected instances of Pegasus spyware infections within official UK network”.

Infections were detected at the Prime Minister’s Office and the-then Foreign and Commonwealth Office, according to the statement, which is attributed to professor Ron Deibert, director of the lab.

The Pegasus technology reportedly used to target the government entities is a spyware program developed by Israeli company NSO Group.

The FCO was targeted by “Pegasus operators that we link to the United Arab Emirates, India, Cyprus, and Jordan”, Deibert said. 

“Because the FCO – and its successor office: the Foreign Commonwealth and Development Office – have personnel in many countries, the suspected infections we observed could have related to devices located abroad and using foreign SIM cards,” he added.

Related content

Citizen Lab researchers ascertained that “the suspected infection at the UK Prime Minister’s Office was associated with a Pegasus operator we link to the UAE,” according to Deibert.

The UAE is understood to have previously been a customer of Pegagus. However, the company ended its engagement with the state in light of a judgement published by the UK High Court six months ago which found that the software had been used by agents acting on behalf of the ruler of Dubai, Sheikh Mohammed bin Rashid al Maktoum, who had ordered the unlawful hacking of the phone of his ex-wife and five of her associates.

“The UK is currently in the midst of several ongoing legislative and judicial efforts relating to regulatory questions surrounding cyber policy, as well as redress for spyware victims,” Deibert said. “We believe that it is critically important that such efforts are allowed to unfold free from the undue influence of spyware. Given that a UK-based lawyer involved in a lawsuit against NSO Group was hacked with Pegasus in 2019, we felt compelled to ensure that the UK government was aware of the ongoing spyware threat, and took appropriate action to mitigate it.”

The government has indicated that it does not comment on security matters.

The NSO Group, meanwhile, said that it “continues to be targeted by a number of politically motivated advocacy organisations like Citizen Lab and Amnesty to produce inaccurate and unsubstantiated reports based on vague and incomplete information”.

“We have repeatedly cooperated with governmental investigations, where credible allegations merit,” a spokesperson added. “However, information raised regarding these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons.”

The company’s website claims that is Pegasus spyware platform and other products “are used exclusively by government intelligence and law enforcement agencies to fight crime and terror”.

The Citizen Lab is based in the University of Toronto’s Munk School of Global Affairs and Public Policy. It describes its work as being focused on “research, development, and high-level strategic policy and legal engagement at the intersection of information and communication technologies, human rights, and global security”.


About the author

Sam Trendall is editor of PublicTechnology. He can be reached on

Share this page




Please login to post a comment or register for a free account.

Related Articles

Royal Navy seeks digital and IT chief to lead transformation
27 September 2022

Role comes with remit to oversee team of 350 military and civilian personnel

Brexit: ‘No known data breaches’ of EU citizens’ digital status since programme launch, minister claims
20 September 2022

Home Office databases have not been compromised, according to Tom Pursglove

Police investigated 4,300 cyber offences last year – but charged fewer than 100 criminals
12 August 2022

The proportion of offences resulting in a formal charge increased slightly, but remains at barely more than one in every 50

Critics turn up the heat on Scotland’s schools partnership with China
11 August 2022

Education secretary’s defence of Confucius hubs branded ‘unbelievably naive and frankly dangerous'


Related Sponsored Articles

Keeping tabs on work-issued mobile activity with Antenna
7 September 2022

How can public sector organisations keep track of calls, texts and instant messages in the world of ultra-flexi, hybrid working? Stuart Williams, CTO at FourNet, and Andrew Bale, EVP at Tango...