Investigation finds mobile phones of human rights defenders were hacked multiple times
The plight of women’s rights campaigners in Bahrain and Jordan is in the spotlight after new revelations that two prominent female activists were hacked multiple times by countries using NSO Group spyware.
Ebtisam al-Saegh in 2017. Photograph: LuaLuaTV
An investigation by the human rights group Front Line Defenders (FLD) and the digital rights non-profit group Access Now found that the mobile phones of Ebtisam al-Saegh, a Bahraini human rights defender, and Hala Ahed Deeb, who works with human rights and feminist groups in Jordan, had been hacked using NSO’s Pegasus spyware.
Both women said the discoveries, which were confirmed by security researchers at the University of Toronto’s Citizen Lab, felt like life-changing violations of their privacy, underscoring how such attacks against women were “particularly grievous” given how sensitive information could be weaponised against them.
“Since they discovered their phones were infected, they have each been living in a state of daily anxiety and fear. They are especially afraid of the possibility of exposing other female activists and victims they work with, and concerned that their families and friends are now at risk,” FLD and Access Now said.
According to Citizen Lab’s analysis, al-Saegh’s mobile device was found to have been hacked at least eight times between August and November 2019 using NSO spyware. It followed various incidents in which al-Saegh, who works for Salam for Democracy and Human Rights, was harassed by Bahraini authorities, including being summoned to a Muharraq police station, being interrogated, physically and sexually assaulted, and threatened with rape if she did not stop her activism, FLD and Access Now said.
Al-Saegh said the knowledge that she had been hacked put her in a state of “daily fear and terror” and had taken away a sense of security she had felt within her own home, because she now felt her phone was “spying” on her at all times.
“Home used to be the only safe space for me, a place for personal freedom where I can take off the veil and exercise my religious and social freedoms without limits,” she said in a statement shared by FLD. “The fear has restricted my work. I am constantly anxious and afraid that I have put others at risk because of their contact with me.”
When it is successfully deployed against a mobile phone, Pegasus can intercept a mobile user’s messages and photographs, track their location and turn the phone into a remote listening device.
NSO has said that its software is licensed to be used by client countries against suspected terrorists and other serious criminals, and that it investigates credible allegations of abuse by its clients.
A spokesperson for NSO said: “We cannot directly comment on a report we haven’t seen, nor investigate based on names received in a press inquiry.”
The spokesperson added: “NSO’s firm stance on these issues is that the use of cyber tools in order to monitor dissidents, activists and journalists, regardless of their gender, is a severe misuse of any technology and goes against the desired use of such critical tools. The international community should have zero tolerance policy towards such acts, therefore a global regulation is needed. NSO has proven in the past it has zero tolerance for these types of misuse, by terminating multiple contracts.”
The discovery of spyware on the two activists’ phones follows multiple reports of other female activists and journalists who have been targeted in the past, including the late Emirati activist Alaa Al-Siddiq, and the Al Jazeera broadcast journalist Ghada Oueiss.
Researchers confirmed that Deeb’s mobile device was infected with Pegasus in March 2021. Deeb said the hacking had made her feel “violated, naked, and with no dignity”.
“I have often said that I have nothing to hide, but I realised that privacy in itself is my right,” she said in a statement that was shared by FLD.
She added: “I do not communicate with my friends and I avoid talking on the phone as much as I can. I practise a kind of self-censorship sometimes when I wonder what behaviours would provoke those who hacked my phone?”