Amazon’s cloud service unit Amazon Web Services has shut down cloud infrastructure and accounts related to the Israel- based Pegasus spyware developer NSO Group.
On Sunday, a consortium of 17 international journalistic organizations reported alleged spying of journalists, human rights activists, and government officials. Following the report, Amazon issued a statement and said:
When we learned of this activity, we acted quickly to shut down the relevant infrastructure and accounts.”
The Amazon Connection
The report is a result of a joint investigation of Forbidden Stories and Amnesty International. They got a leaked list of around 50,000 phone numbers, and even perform forensics on a small number of devices.
Amnesty wrote that a phone infected with Pegasus sent information “to a service fronted by Amazon CloudFront, suggesting NSO group has switched to using AWS services in recent months.”
CloudFront is a content delivery network (CDN) that allows customers to deliver information to users more quickly and reliably. Pegasus used the CloudFront infrastructure against targets. It also protects NSO’s infrastructure from security researchers or other third parties trying to gather information about it.
Amnesty had informed Amazon about this information who then “acted quickly to shut down the implicated infrastructure and accounts”.
While the consortium of journalistic organizations has said that this is only the beginning of a series of revelations and it will release more information about the identity of targets, the Indian government has responded to the allegations of spying.
Addressing the Parliament yesterday, the Minister of Information Technology and Electronics has denied the allegations. He said that the story has no factual basis and India has a well-established procedure against any illegal surveillance.