London Daily

Focus on the big picture.
Wednesday, Jul 02, 2025

No 10 suspected of being target of NSO spyware attack, Boris Johnson ‘told’

No 10 suspected of being target of NSO spyware attack, Boris Johnson ‘told’

No 10 subjected to UAE-linked spyware attack, says report, but Israeli firm suggests allegations are false

Boris Johnson has been told his Downing Street office has been targeted with “multiple” suspected infections using Pegasus, the sophisticated hacking software that can turn a phone into a remote listening device, it was claimed on Monday.

A report released by Citizen Lab at the University of Toronto said the United Arab Emirates was suspected of orchestrating spyware attacks on No 10 in 2020 and 2021.

Pegasus is the hacking software – or spyware – developed, marketed and licensed to governments around the world by the Israeli firm NSO Group. It has the capability to infect phones running either iOS or Android operating systems.

Citizen Lab added there had also been suspected attacks on the Foreign Office over the same two years that were also associated with Pegasus operators linked to the UAE – as well as India, Cyprus and Jordan.

The researchers, considered among the world’s leading experts in detecting digital attacks, announced they had taken the rare step of notifying Whitehall of the attack as it “believes that our actions can reduce harm”.

However, they were not able to identify the specific individuals within No 10 and the Foreign Office who are suspected of having been hacked.

In a statement, Citizen Lab said: “We confirm that in 2020 and 2021 we observed and notified the government of the United Kingdom of multiple suspected instances of Pegasus spyware infections within official UK networks. These included: the prime minister’s office (10 Downing Street) [and] the Foreign and Commonwealth Office …

“The suspected infections relating to the FCO were associated with Pegasus operators that we link to the UAE, India, Cyprus and Jordan. The suspected infection at the UK prime minister’s office was associated with a Pegasus operator we link to the UAE.”

The allegations will raise serious questions for Boris Johnson about a possible security breach.


The Biden administration took the extraordinary step of placing NSO on a US blacklist last November, saying it had evidence the company had sold surveillance spyware to foreign governments that had used it for “transnational repression”. At the time, an NSO spokesperson said it was ‘“dismayed by the decision”.

The allegations will raise significant questions about a possible national security breach at the highest levels of the British government.

The governments of the UAE, India, Cyprus and Jordan have been approached for comment.

A UK government spokesperson said: “We do not routinely comment on security matters.”

An NSO spokesperson said: “NSO continues to be targeted by a number of politically motivated advocacy organisations like Citizen Lab and Amnesty to produce inaccurate and unsubstantiated reports based on vague and incomplete information.

“We have repeatedly cooperated with governmental investigations, where credible allegations merit. However, information raised regarding these allegations are, yet again, false and could not be related to NSO products for technological and contractual reasons.”

The Pegasus project, a collaborative investigation into NSO that included the Guardian, the Wire, Le Monde and the Washington Post, revealed dozens of cases last year in which NSO’s Pegasus was used by government clients, from Saudi Arabia to Mexico, to target dissidents and journalists. The work was among the recipients of the prestigious 2021 George Polk awards in journalism.

NSO is regulated by the Israeli defence ministry and sells Pegasus spyware to governments around the world. When it is successfully deployed against a target, Pegasus can infect any phone. It can intercept phone calls, view photographs, track an individual’s location and turn a phone into a remote listening device.


The Citizen Lab director, Ron Deibert, said he believed the infections could have been related to FCO devices located abroad. Explaining his reasoning for alerting Johnson, he explained that the UK “is currently in the midst of several ongoing legislative and judicial efforts relating to regulatory questions surrounding cyber policy”. Therefore, he added “we believe that it is critically important that such efforts are allowed to unfold free from the undue influence of spyware”.

The UK development comes months after an investigation into NSO found that the mobile phone of a serving French minister, François de Rugy, showed digital traces of activity associated with Pegasus spyware. His details appeared on a leaked database, which also included mobile numbers for the French president, Emmanuel Macron, and most of his 20-strong cabinet, along with the then prime minister, Édouard Philippe.

In response, an NSO Group spokesperson said Macron and other French officials on the list “are not and never have been Pegasus targets”. They added: “It is not a list of targets or potential targets of NSO’s customers.”

In October last year, a UK court found that Sheikh Mohammed bin Rashid al-Maktoum of Dubai used Pegasus to hack the phone of his ex-wife Princess Haya and five of her associates.

The court found that the hacking of Haya and her associates, including Fiona Shackleton, who sits in the House of Lords, occurred while the former couple were locked in court proceedings in connection to the welfare of their two children.

Johnson’s government was accused by some MPs last November of prioritising trade agreements over national security in its handling of surveillance abuses on British soil by governments using Pegasus.

In November, a letter to the prime minister signed by 10 MPs and peers called on the government to end its cybersecurity programmes with countries that are known to have used NSO spyware to target dissidents, journalists and lawyers – and impose sanctions on NSO.

It also called for the suspension of all UK spyware licences and cybersecurity contracts with Gulf nations implicated in cyber-attacks in the UK.

Newsletter

Related Articles

0:00
0:00
Close
Poland Implements Border Checks Amid Growing Migration Tensions
Political Dispute Escalates Between Trump and Musk
Emirates Airline Expands Market Share with New $20 Million Campaign
Amazon Reaches Milestone with Deployment of One Millionth Robot
US Senate Votes to Remove AI Regulation Moratorium from Domestic Policy Bill
Yulia Putintseva Calls for Spectator Ejection at Wimbledon Over Safety Concerns
Jury Deliberations in Diddy Trial Yield Partial Verdict in Serious Criminal Charges
House Oversight Committee Subpoenas Former Jill Biden Aide Amid Investigation into Alleged Concealment of President Biden's Cognitive Health
King Charles Plans Significant Role for Prince Harry in Coronation
Two Chinese Nationals Arrested for Espionage Activities Against U.S. Navy
Amazon Reaches Major Automation Milestone with Over One Million Robots
Extreme Heat Wave Sweeps Across Europe, Hitting Record Temperatures
Meta Announces Formation of Ambitious AI Unit, Meta Superintelligence Labs
Robots Compete in Football Tournament in China Amid Injuries
Trump Administration Considers Withdrawal of Funding for Hospitals Providing Gender Treatment to Minors
Texas Enacts Law Allowing Gold and Silver Transactions
China Unveils Miniature Insect-Like Surveillance Drone
OpenAI Secures Multimillion-Dollar AI Contracts with Pentagon, India, and Grab
Marc Marquez Claims Victory at Dutch Grand Prix Amidst Family Misfortune
Germany Votes to Suspend Family Reunification for Asylum Seekers
Elon Musk Critiques Senate Budget Proposal Over Job Losses and Strategic Risks
Los Angeles Riots ended with Federal Investigations into Funding
Budapest Pride Parade Draws 200,000 Participants Amid Government Ban
Southern Europe Experiences Extreme Heat
Xiaomi's YU7 SUV Launch Garners Record Pre-Orders Amid Market Challenges
Jeff Bezos and Lauren Sanchez's Lavish Wedding in Venice
Russia Launches Largest Air Assault on Ukraine Since Invasion
Education Secretary Announces Overhaul of Complaints System Amid Rising Parental Grievances
Massive Anti-Government Protests Erupt in Belgrade
Trump Ends Trade Talks with Canada Over Digital Services Tax
UK Government Softens Welfare Reform Plans Amid Labour Party Rebellion
Labour Faces Rebellion Over Disability Benefit Reforms Ahead of Key Vote
Jeff Bezos and Lauren Sánchez Host Lavish Wedding in Venice Amid Protests
Trump Asserts Readiness for Further Strikes on Iran Amid Nuclear Tensions
North Korea to Open New Beach Resort to Boost Tourism Economy
UK Labour Party Faces Internal Tensions Over Welfare Reforms
Andrew Cuomo Hints at Potential November Comeback Amid Democratic Primary Results
Curtis Sliwa Champions His Vision for New York City Amid Rising Crime Concerns
Federal Reserve Proposes Changes to Capital Rule Affecting Major Banks
EU TO HUNGARY: LET THEM PRIDE OR PREP FOR SHADE. ORBÁN TO EU: STAY IN YOUR LANE AND FIX YOUR OWN MESS.
Trump Escalates Criticism of Media Over Iran Strike Coverage
Trump Announces Upcoming US-Iran Meeting Amid Controversial Airstrikes
Trump Moves to Reshape Middle East Following Israel-Iran Conflict
Big Four Accounting Firms Fined in Exam Cheating Scandal
NATO Members Agree to 5% Defense Spending Target by 2035
Australia's Star Casino Secures $195 Million Rescue Package Amid Challenges
UK to Enhance Nuclear Capabilities with Acquisition of F-35A Fighter Jets
Russian Shadow Payments via Cryptocurrency Reach $9 Billion
Explosions Rock Doha as Iranian Missiles Target Qatar
“You Have 12 Hours to Flee”: Israeli Threat Campaign Targets Surviving Iranian Officials
×