Pegasus Spyware Highlights Urgent Need for Bastille Enterprise to Detect And Locate Compromised Cell Phones

SAN FRANCISCO, Calif. – July 21, 2021 – New stories this week about Pegasus “Spyware” show that a remote attacker can activate the camera and microphone on any cell phone to exfiltrate conversations or video meetings.

NSO Group, the Israeli maker of Pegasus, claims that their system is designed never to attack a phone with a U.S. phone number. But press reports suggest that Pegasus has exploited phones on U.S. soil which had overseas numbers.

“NSO isn’t the only hacker team in the world that has these capabilities.” said Chris Risley, CEO of Bastille Networks. “Other spyware from other nations won’t have the same hesitation to infect US phones. So, everyone should have heightened concern about allowing cell phones in areas with confidential or classified information.”

Spyware such as Pegasus only requires one errant click on a message or email to turn the whole phone over to a remote bad guy. The phone stays under hostile control forever. In some cases, applications like Pegasus can be installed even if the user never clicks the “trap” message. Given the ability for phones to communicate their location, surveillance can be set to begin only when a phone enters certain target locations e.g. R&D labs, Fortune 500 HQ, Film Studio, secure government facilities, etc.

Policies to exclude cell phones from sensitive areas, or from meetings at “sensitive moments” only work if they are backed with accurate cell phone detection/location systems. Bastille is trusted by military, government and Fortune 500 customers to instantly detect, locate and alert on the presence of rogue cell phones and other RF based devices anywhere within a facility.

“Bastille has been doing RF and Cellular Intrusion Detection and research for the Government for years and the Pegasus Projects reporting this week should put all enterprises on alert,” said Chris Risley, CEO at Bastille Networks. “Millions of vulnerable smartphones enter workplaces daily. A hacked smartphone can be used as a portal into an enterprise’s network, putting the organization’s sensitive and critical data at risk of being breached. It is imperative to have security protocols in place to manage the secure use of smartphones in the workplace. If security teams didn’t think smartphones in the facility were an important threat in July, they certainly should think they are an important threat now.”

The U.S. government is highly concerned about RF espionage because nation state actors such as China, North Korea, Russia, and Israel are very savvy at employing RF techniques to breach network security. The government has accepted the threat of RF espionage and because of this, government facilities with valuable secrets have policies to exclude RF devices such as cell phones to keep the threats at bay. While some government and commercial buildings have secure areas where no cell phones or other RF-emitting devices are allowed, detecting and locating radio-enabled devices is largely based on the honor system or one-time scans for devices. Unfortunately, nation states and other bad actors do not follow the honor system and one-time scans are just that: one time and cannot monitor 24x7.  

Only Bastille Enterprise can deliver: 

  • COMPLETE VISIBILITY: Detect all the wireless/cellular devices and connections in your facilities whether or not they have connected to your network.

  • THREAT DETECTION: Detect that a device such as one with a Bluetooth or cellular connection is transmitting data (and is not just an employee listening to music).

  • ACCURATE THREAT LOCATION: Locate offending devices on your floor plan. 

A LOT MORE THAN CELLULAR INTRUSION DETECTION
Though commonly thought of as Cellular Intrusion Detection, Bastille does a lot more than merely detecting the presence of cell phones. Customers can set up alerts based on wireless device behavior. Examples include:

  • COMPROMISED DEVICES: Bastille baselines facilities, all wireless devices (including Cellular, Wi-Fi, Bluetooth and BLE) and their typical behavior and can alert when a device is compromised and exhibits abnormal behavior

  • SECURE AREA DATA BREACHES: Alert when an allowed Bluetooth hearing aid performs an unauthorized BLE pairing with a device outside the secure area; or detect when a Company phone at a desk is joined by a personal phone at the same desk

  • MDM ENHANCEMENT: Alert when a phone which is not under Mobile Device Management is turned on

  • INSIDER THREATS: Alert when a device is seen in an area where it is not allowed, or forensically investigate to understand the devices and their behavior from weeks or months ago

For more information on Bastille, visit bastille.net and follow them on Twitter @bastillenet and LinkedIn.

About Bastille
Bastille is the leader in enterprise threat detection through software-defined radio. Bastille provides full visibility into the known and unknown mobile, wireless and Internet of Things devices inside an enterprise’s corporate airspace–together known as the Internet of Radios. Through its patented software-defined radio and machine learning technology, Bastille senses, identifies and localizes threats, providing security teams the ability to accurately quantify risk and mitigate airborne threats that could pose a danger to network infrastructure. For more information, visit www.bastille.net and follow them on Twitter @bastillenet and LinkedIn.

Media Contact:
Noe Sacoco
Sacoco PR
408-340-8130
[email protected] 


Bastille In the News