Finland’s Ministry for Foreign Affairs revealed that the devices of some Finnish diplomats have been compromised with the infamous NSO Group’s Pegasus spyware.
The diplomats were targeted with the popular surveillance software as part of a cyber-espionage campaign.
“Finnish diplomats have been targets of cyber espionage by means of the Pegasus spyware, developed by NSO Group Technologies, which has received wide publicity. The highly sophisticated malware has infected users’ Apple or Android telephones without their noticing and without any action from the user’s part. Through the spyware, the perpetrators may have been able to harvest data from the device and exploit its features.” reads a statement published by the Ministry.
According to the statement, threat actors have stolen data from the infected devices belonging to employees working in Finnish missions abroad. The attacks were spotted following an investigation that started in the autumn of 2021, anyway, according to the government experts the campaign is no longer active.
The announcement pointed out that the data transmitted or stored on diplomats’ devices are either public or classified at the lowest level of classified information (level 4).
Finland’s Ministry for Foreign Affairs warns that even if the information is not directly classified, the information itself and its source may be subject to diplomatic confidentiality.
“The Ministry for Foreign Affairs is continually monitoring events and activities in its operating environment and assessing related risks. The Ministry for Foreign Affairs monitors its services and strives to prevent harmful activities. The preparation of and decisions on foreign and security policy, in particular, are matters that attract much interest, which may also manifest itself as unlawful intelligence.” concludes the Ministry. “The Ministry responds to the risk by various means, but complete protection against unlawful intelligence is impossible.”
In December, Apple warned that the mobile devices of at least nine US Department of State employees were compromised with NSO Group ‘s Pegasus spyware.
(SecurityAffairs – hacking, Pegasus spyware)