Data Protection & Privacy

Amazon shuts down NSO Group related infrastructure and accounts

Amazon’s cloud service unit Amazon Web Services has shut down cloud infrastructure and accounts related to the Israel- based Pegasus spyware developer NSO Group.

On Sunday, a consortium of 17 international journalistic organizations reported alleged spying of journalists, human rights activists, and government officials. Following the report, Amazon issued a statement and said:

When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts.”

The Amazon Connection

The report is a result of a joint investigation of Forbidden Stories and Amnesty International. They got a leaked list of around 50,000 phone numbers, and even perform forensics on a small number of devices.

Amnesty wrote that a phone infected with Pegasus sent information “to a service fronted by Amazon CloudFront, suggesting NSO group has switched to using AWS services in recent months.”

CloudFront is a content delivery network (CDN) that allows customers to deliver information to users more quickly and reliably. Pegasus used the CloudFront infrastructure against targets. It also protects NSO’s infrastructure from security researchers or other third parties trying to gather information about it.

Amnesty had informed Amazon about this information who then “acted quickly to shut down the implicated infrastructure and accounts”.

India’s response

While the consortium of journalistic organizations has said that this is only the beginning of a series of revelations and it will release more information about the identity of targets, the Indian government has responded to the allegations of spying.

Addressing the Parliament yesterday, the Minister of Information Technology and Electronics has denied the allegations. He said that the story has no factual basis and India has a well-established procedure against any illegal surveillance.

Do subscribe to our Telegram channel for more resources and discussions on tech-law. To receive weekly updates, don’t forget to subscribe to our Newsletter.

Rohit Ranjan Praveer

Rohit is a practicing advocate at Delhi. Beginning as a tech enthusiast, Rohit always had a keen interest in computer forensics and information security. Building upon these fundamentals, he has undertaken extensive research on various techno-legal topics and continues his pursuit pass on valuable information to the masses, with a zeal to build something that outlasts him.​

Share your thoughts!

This site uses Akismet to reduce spam. Learn how your comment data is processed.