Polish Senators Investigate Misuse of Spyware by Government

Close up of a Smartphone with the NSO Group logo on Screen

A Polish Senate Commission is looking into the misuse of the pegasus spyware against critics of the government. On Monday, January 17th, the commission received testimony from cybersecurity experts who confirmed that data was stolen from a Polish senator’s phone.

Polish Senator, Lawyer, and Prosecutor were Pegasus Spyware Targets

The experts, who are senior researchers at Citizen Lab, added that a Polish lawyer and prosecutor were also aggressively targeted. Israeli cybersecurity firm NSO Group is the proprietor of the pegasus spyware.

Governments ought to use the spyware for national security purposes, such as anti-terrorism and tracking dangerous criminals. Pegasus gives its operator complete access to an infected device. It allows the operator to exfiltrate stored information like photos, messages, and so on. Furthermore, the operator can access the device’s microphone and camera to snoop on targets in real-time.

Last year, several news reports broke about the misuse of the spyware by governments against critics and political opponents. Targets also include journalists and human rights activists.

Polish Senate Formed the Committee after Ruling Party Refused to Investigate

According to Polish media, the operator is the Central Anti-Corruption Bureau. This is a special service public organization whose objective is to combat corruption in public life. The Bureau is apparently under the control of the ruling party.

The Law and Justice party rejected the opposition’s calls to conduct an investigation into the hacking. As a consequence, the Polish Senate, where the opposition has a small majority, took up the issue.

It decided to form a committee to look into the allegations. Senator Marcin Bosacki is the committee’s chairman. He said the intervention took place “due to the deepest concern for our democracy and the future of the Polish state.”

Citizen Lab Researchers Confirm Breach of Senator’s Phone

John Scott-Railton and Bill Marczak, both from Citizen Lab, testified before the committee on Monday. They confirmed the exfiltration of data from Polish senator Kryzstof Brejza’s phone. In fact, Brejza’s phone was hacked multiple times in 2019 when he ran the opposition’s election campaign.

The ruling party used doctored messages from Brejza’s phone in a smear campaign during the parliamentary election race. The ruling Law and Justice party ended up winning the election by a narrow margin.

The committee was also to hear the testimony of a third cybersecurity expert, a Polish professor. However, the professor canceled two hours prior to the meeting. According to Bosacki, this was “due to talks with his superiors, who strongly advised him not to do so.”

Reports also state that the families of Brejza and Roman Giertych, the Polish lawyer, have come under scrutiny.

If you found this story interesting and want to learn more about spyware, our detailed resource is the perfect place to start.

Technology policy researcher
Prateek is a technology policy researcher with a background in law. His areas of interest include data protection, privacy, digital currencies, and digital literacy. Outside of his research interests, Prateek is an avid reader and is engaged in projects on sustainable farming practices in India.