The National Cryptologic Center (CCN) is already checking the mobile phones of the rest of the members of the Government that until now they have agreed to hand over their terminals to Defense for a review, sources from State Security and Moncloa itself report. The collection of mobile phones began last Saturday, with some direct requests from the minister herself Margaret Oaks colleagues from the Executive. The purpose of this review is to find out what has gone wrong so that the phones of the president and the head of Defense have been infected, Moncloa revealed on Monday based on two reports from the CCN, an agency dependent on the National Intelligence Center (CNI). .
At the top of State security, they point to a failure in the management of the Pegasus system as an explanation for an infection detected so late.
For the same price, those who purchase Pegasus phone spy software also have an infection detection tool by that system or similar, explain the sources consulted. The firm NSO Group sells its clients, in the same package, espionage software and something similar to a shield: it does not prevent infections but it does prevent their success, as it alerts them to the presence of a strange computer program. In fact, NSO Group sells its customers “the patch” for each update of the terminal’s operating system made by the user, these sources explain. And in 2021 that patch didn’t work.
Only those who own Pegasus can be 100% sure that the infection they have suffered is from the same spyware. The problem on this occasion is what mistake was made by mobile users (in this case, Sánchez and Robles) or what a software hole Israeli has allowed the infection to go undetected in its day.
“Clear Failure”
The mobile phones of other members of the Executive are being examined, confirm the sources consulted, despite the fact that two security systems are available, the communication encryption (Spanish) and alert encryption (Israeli), “are reviewed periodically”, indicates one of the senior officials asked by this newspaper.
This source has not ruled out that, in a second phase, they will also be analyzed the mobile phones of all the secretaries of State and of the general directors of sensitive areas of decision in the Executive.
When a member of the Government takes office, the CNI gives them a mobile terminal that has previously been insured by the CCN to detect intrusions and Trojan viruses. In addition, you are instructed on a brief security protocol. The main rule is not to diversify communication: to senior management it is recommended that you do your best to use only that terminal. You are also asked to notify of each update of your mobile or the applications and software that it incorporates.
At least every two months -although this period has varied in recent years- the terminal is reviewed… if the minister makes it available to the examiner, which “doesn’t always happen”indicates one of the sources consulted.
The nervousness in the areas of the Government affected by the Pegasus scandal is evident. “We are facing a resounding failure of national security – regret State Security leaders -. Nothing less than the president’s mobile has been infected without being detected.”
Related news
This interference in a very delicate flank of Spain’s security occurred in May and June 2021, at a key moment in the Government’s action. Not only was the diplomatic and security front with Morocco hot, and judicial and intelligence investigations into Russian interventions in Catalonia were underway; various first-rate political scenarios in Barcelona and Madrid were also very active.
Pegasus is an old system. Those responsible for the security of members of the Executive are now concerned that other more modern telephone espionage programs that are already on the market have been used in other attacks that State Security has not detected.