Digital trail points to Pegasus, state role: Experts told SC panel

The phones show “ample deployment of malware” that is consistent with digital fingerprints of Pegasus available in the public domain, the experts said.

One of the experts is Anand Venkatanarayanan, Strategic Adviser with Deepstrat, a New Delhi-based think tank. He has told the SC panel that a command and control (C&C) mechanism used to scan the internet for Internet Protocol (IP) addresses and domain names linked to Pegasus found many such IP networks “within India.”

“The scan found a total of 1019 IP addresses mapped to 1014 domain names. The scan also found many IP networks within India identified by Autonomous System Numbers (ASN), from which the infected devices were talking to these C&C servers,” Venkatanarayanan said in his deposition.

The ASN is a group of one or more IP addresses accessible on a network, which is run by one or more network operators. Network operators maintain a single, clearly defined routing policy and need ASN to control routing within their network and to exchange the routing information with other networks.

Venkatanarayanan told the SC panel that of the several ASN found in India, ASN 24560 is, particularly, interesting because it’s typically reserved by networks for “very selective corporate clients including the Government of India.”

Further evidence of the use of Pegasus, according to Venkatanarayanan, was the forensic analysis of phones of two journalists, which revealed digital fingerprints associated with the spyware.

A second security researcher told the SC panel that based on publicly available documentation for Pegasus, it is clear that a local “system integrator” was essential for deploying it here. In other words, a system in India had to be set up to conduct the surveillance.

“Knowing the level of Indian cybersecurity maturity, I think they needed to be handheld by NSO (the creator of the spyware). I do not see them using this totally independently,” the second expert told The Indian Express.

The Supreme Court, had on October 27 last year, appointed a three-member panel, under the supervision of retired Supreme Court judge Justice R V Raveendran, to look into the allegations of unauthorised surveillance using Pegasus.

On the three-member technical committee were Dr Naveen Kumar Chaudhary, Dean of National Forensic Sciences University in Gandhinagar; Dr Prabaharan P, Professor at Amrita Vishwa Vidyapeetham in Kerala; and Dr Ashwin Anil Gumaste, Institute Chair Associate Professor at IIT Bombay.

On January 2 this year, the three-member panel issued an advertisement asking people who suspected their devices to be infected by the spyware to contact the committee before 12 pm on January 7.