NSO Group’s Pegasus Software Can Now Collect Your iCloud Data

iPhone and iPad users are more at risk now that NSO Group's Pegasus spyware can collect iCloud data. The Israeli firm earlier hacked WhatsApp on iPhones. Now, even data not on your device is vulnerable.

Pegasus, Israeli technology and surveillance firm NSO Group’s controversial monitoring software, has reportedly seen an increase in its invasive capabilities. According to a Financial Times report, Pegasus now has the ability to collect data stored on a user’s cloud accounts.

For iOS users, this means that sensitive information on iCloud is now potentially at risk. Earlier, Pegasus’ capabilities were limited to capturing on-device data from iPhones and iPads–this new revelation means that even data that’s not actually on your iDevice may be vulnerable.

NSO Group Has a History of iDevice Hacking

Pegasus isn’t malware in the conventional sense–it’s a commercial monitoring suite developed by NSO Group to address the surveillance needs of governments and law-enforcement agencies in situations where invasive tracking is a necessary part of the law enforcement process–tracking the activities of terrorists and organized crime affiliates, for example.

However, over the years, there have been worries that Pegasus could be used by state actors to clamp down on political dissent. In 2016, Citizen Lab reported that Ahmed Mansoor, a political activist from the UAE, was being tracked through Pegasus.

In the light of recent developments such as the Jamal Khashoggi murder case, there’s always the worry that invasive surveillance tools like Pegasus can be used to enhance extrajudicial action against vulnerable civilian targets.

Pegasus–and NSO Group–gained notoriety earlier this year due to their exploit of a critical vulnerability in WhatsApp that allowed Pegasus to be transmitted to users’ iPhones by means of a WhatsApp call. WhatsApp released a statement where they acknowledged that the attack took place and that they told human rights groups to be aware of the threat.

While the war on terror and organized crime require extraordinary solutions, invasive monitoring suites like Pegasus make it easy for unethical actors to illegally compromise civilian data without repercussions.

There’s no such thing as 100 percent digital security–Pegasus goes to show that even iOS users who adopt safe practices are at risk. However, there are ways to minimize your exposure to digital threats and monitoring. Read up on these tips on how to ensure your iOS device is as secure as possible.