Finnish diplomats’ mobile devices hacked with spyware

STOCKHOLM (AP) — The mobile devices of Finnish diplomats working abroad have been hacked with the use of sophisticated spyware, the Nordic country’s government said Friday.

The Finnish Foreign Ministry said the victims were targeted through Pegasus software developed by Israeli spyware company NSO Group. The software can seamlessly infiltrate a mobile phone and allow its operators to gain access to the device’s contents and location history.

“The highly sophisticated malware has infected users’ Apple or Android telephones without their noticing and without any action from the user’s part,” the Foreign Ministry said in a statement. “Through the spyware, the perpetrators may have been able to harvest data from the device and exploit its features.”

Jarmo Sareva, Finland’s Ambassador for Cyber Security, would not disclose the data harvested, but said under government protocols information transmitted by phone must be public or classified at the lowest level.

“As you know Pegasus spyware does take the phone under its control,” Sareva said. “Even the microphone and camera of these device were being spied on.”

He wouldn’t say how many diplomats were targeted and in which countries they were stationed.

Asked who was believed to be behind the cyber espionage he said: “we have our suspicions of course,” but declined to elaborate.

The Foreign Ministry said it had been investigating the case since the fall, adding that “the espionage is no longer active.”

NSO says it sells Pegasus only to governments for the purpose of fighting crime and terrorism. All sales require approval from Israel’s Defense Ministry. While it says it has safeguards in place to prevent abuse, NSO says it has no control over how a client uses the product and no access to the data they collect. It says it has terminated several contracts due to inappropriate use of Pegasus.

Confirmed targets have included Mexican and Saudi journalists, British attorneys and Palestinian human rights activists. The phones of 11 U.S. State Department employees, including some foreign service officers, working in Uganda were hacked with NSO spyware, The Associated Press and other media outlets reported last year.

AP also revealed in exclusive reports based on findings by Citizen Lab, an internet watchdog at the University of Toronto, that critics of Poland’s right-wing government were hacked using Pegasus. The hacking triggered a scandal some Poles compare to Watergate.