Pegasus Spyware Scandal has shaken whole India and several other countries. What will be its fallout no one knows as we know only tip of iceberg. Amidst Pegasus Spyware Scandal USA and Australia both have shown serious concerns about Cyber Attacks on US and Australian interests. Both say that China is hub of malware software and both face millions of such attacks daily.
I am trying to understand why a software is needed to spy on a particular individual when all calls, messages, data, emails are easily accessible from server. In most of cases these servers are located in USA and some cases these are located in host country. In certain sensitive cases Government Agencies have their own server like Central Intelligence Agency and hundreds of other agencies and military establishment world over including India. Now point is who installs those servers.
A couple of years back I had talked to Mr Mike Molloy who is Chief Executive Officer of Orion Global Technologies previously known as Orion SAS. He had explained me how his company installs servers in host countries on request of private or gov bodies. He talks about contract and trust. That means even when a company or Gov buys a server or software for designated uses the “Secrecy” Factor remain on discretion of company which has supplied server or software.
Now if all data, e-mail, chat, messages, calls are accessible to Gov as per law and technology (Through Server all components of Communication are accessible and thats why me and you see start seeing call recording of a person even after many years later), I am unable to understand why a Gov will be needing a software to Spy on any one.
Now coming to where Australia and USA wants to carry the whole debate.
Australian Foreign Minister Sen Marise Payne said, “Australian Government joins international partners in expressing serious concerns about malicious cyber activities by China’s Ministry of State Security.
“In consultation with our partners, the Australian Government has determined that China’s Ministry of State Security exploited vulnerabilities in the Microsoft Exchange software to affect thousands of computers and networks worldwide, including in Australia. These actions have undermined international stability and security by opening the door to a range of other actors, including cybercriminals, who continue to exploit this vulnerability for illicit gain”, She further added.
She opined, ”The Australian Government is also seriously concerned about reports from our international partners that China’s Ministry of State Security is engaging contract hackers who have carried out cyber-enabled intellectual property theft for personal gain and to provide commercial advantage to the Chinese Government”.
She warned China by saying, “Australia calls on all countries – including China – to act responsibly in cyberspace. China must adhere to the commitments it has made in the G20, and bilaterally, to refrain from cyber-enabled theft of intellectual property, trade secrets and confidential business information with the intent of obtaining competitive advantage”.
On other hand USA’s The National Security Agency (NSA), Cybersecurity and Infrastructure Security Agency (CISA) and Federal Bureau of Investigation (FBI) released a Cybersecurity Advisory on Chinese State-Sponsored Cyber Operations. National Security Advisor said, ”Chinese state-sponsored cyber activity poses a major threat to U.S. and allied systems. These actors aggressively target political, economic, military, educational, and critical infrastructure personnel and organizations to access valuable, sensitive data. These cyber operations support China’s long-term economic and military objectives”.
The information in this advisory builds on NSA’s previous release “Chinese State-Sponsored Actors Exploit Publicly Known Vulnerabilities.” The NSA, CISA, and FBI recommended mitigations empower our customers to reduce the risk of Chinese malicious cyber activity, and increase the defensive posture of their critical networks.
