Watan-Human Rights Watch revealed that two of its employees residing in Jordan were repeatedly targeted with sophisticated spy and surveillance programs.

According to the organization’s report, the targeting, which violates their privacy rights, began in October 2022 and successfully infiltrated one of their mobile phones for a brief period.

The same software was also used to target at least 33 journalists, activists, and politicians in Jordan between 2019 and September 2023, according to a report by Access Now, published on January 18, 2024, based on a criminal investigation conducted in partnership with the Canadian research center, Citizen Lab.

Comprehensive Targeting of Dozens of Activists and Journalists

The investigation found traces of Pegasus software on their mobile devices, some of which were penetrated multiple times. However, the investigation could not determine the government responsible for the attack.

The director of the Middle East and North Africa division at Human Rights Watch stated, “The comprehensive targeting of dozens of activists and journalists residing in Jordan is a stark reminder of the urgent need to protect digital rights and privacy.”

Adam Kugel, Deputy Director of the Middle East and North Africa division and Director of the Human Rights Watch office in Jordan, had his personal iPhone compromised with Pegasus software on October 2, 2022. The intrusion continued until October 3, 2022. Apple notified Kugel of the attack on March 2, 2023, stating that state-sponsored attackers might have targeted his device.

After a technical analysis of their devices, the Information Security team at Human Rights Watch, in collaboration with the International Amnesty Lab, confirmed the intrusion. Kugel’s iPhone was breached using a “zero-click” vulnerability, meaning the device was compromised without any action from the user, such as clicking on a link. This sophisticated and complex attack is challenging for the targeted individual to detect or prevent.

How Did the Breach Operation Occur?

The analysis indicated that the breach was associated with the “HomeKit” feature on iPhones, confirming findings by Citizen Lab regarding the exploitation of Apple’s HomeKit by NSO Group, the developer of Pegasus software, in October 2022.

In August 2023, Kugel and another Human Rights Watch employee, Hiba Zayadin, received notifications from Apple about state-sponsored attackers attempting remote compromises of their personal cell phones.

Zayadin’s iPhone, which also had a Jordanian phone number, was targeted. She received an additional notification from Apple regarding another attempted compromise on her phone on October 30, 2023.

The forensic analysis showed that all intrusion attempts targeting Kugel and Zayadin in 2023 were unsuccessful, likely due to the “Lockdown Mode” feature on iPhones, enhancing the device’s security.

Both Kugel and Zayadin investigate human rights violations in several countries in the Middle East and North Africa, including Jordan, documenting and exposing them.

Pegasus software is clandestinely loaded onto people’s mobile phones, and once installed, clients can turn it into a powerful surveillance tool with full access to the camera, calls, media, microphone, emails, text messages, and other functions, enabling monitoring of the targeted individual and their contacts.

This attack on Human Rights Watch employees is not the first of its kind. In 2021, the iPhone of Lama Fakih, then-director of the Middle East and North Africa division at Human Rights Watch, was compromised five times between April and August. Pegasus software has been documented previously for targeting local activists in Jordan, including lawyer and human rights activist Hala Ahed in March 2021, as reported by Front Line Defenders in January 2022.

In April 2022, Citizen Lab reported that four Jordanian human rights activists, lawyers, and journalists had their devices compromised with Pegasus software between August 2019 and December 2021. Front Line Defenders mentioned in January 2022 that Hala Ahed’s phone was compromised in March 2021.

In April 2021, Axios reported that the Jordanian government was in talks with NSO Group for advanced surveillance software, but there was no confirmation at that time that the deal had been finalized.

The targeting of researchers, journalists, activists, and political party members in Jordan with spyware raises concerns amid an intensified crackdown on civil society in the country. The Jordanian authorities increasingly harass citizens involved in peaceful organizing and political opposition using vague and abusive laws that criminalize freedom of expression, association, and assembly.

Recently, in August, the Jordanian government enacted strict legislation on cybercrimes that makes it difficult for individuals to freely express themselves online, threatens their right to remain anonymous on the internet, and grants the government more power to monitor social media, potentially leading to increased online censorship.

In response to the evidence pointing to the use of Pegasus software to target human rights defenders, journalists, and activists, NSO Group has repeatedly claimed that its technology is licensed only to enable governments and law enforcement agencies to legally combat terrorism and serious crimes and does not operate spyware sold to governments it deals with.

Human Rights Watch has contacted the Jordanian authorities and NSO Group regarding the targeting of its employees with Pegasus software on October 10. On October 19, NSO Group responded, stating that their contractual terms stipulate that clients use their products in a manner consistent with international human rights standards, and only for suspected terrorism or serious crimes.

The extensive use of Pegasus software for spying on human rights and civil society movements in Jordan underscores the urgent need for international regulation of surveillance technology. Human Rights Watch argues that governments should suspend the sale, export, transfer, and use of surveillance technology until safeguards for human rights are established.

Fakih commented, “The ongoing erosion of civil and political rights in Jordan is deeply concerning, and what appears to be the misuse of surveillance technology to hack local activists will only exacerbate this chilling impact. The Jordanian authorities must promptly assess the current situation and reaffirm their commitments to human rights to prevent further erosion in civil society.”