Catalan Chief Accuses Spain’s Intelligence Agency of Hacking
The head of Catalonia’s regional government is accusing Spain’s intelligence agency of conducting what he calls “massive political espionage” on the northeastern region’s independence movement and says that relations with Spain’s national authorities are “on hold” as a consequence.
Pere Aragonès on Thursday shared examples of techniques used to infiltrate the phones of dozens of elected Catalan officials, activists, lawyers and others that he said led unequivocally to Spain’s National Intelligence Center, known as CNI in Spanish. The leftist leader said CNI has yet to deny having purchased controversial spyware from Israel’s NSO Group.
The NSO program named Pegasus silently infiltrates phones to harvest their data and potentially turns them into spying devices on their owners. For its installation, the user usually needs to follow a link within a targeted message, although a click is not required in all versions.
“We can be sure that it is CNI,” Aragonès told foreign correspondents in Madrid. “Because the level of information used to infiltrate the phones suggests that they had previous data of the innocents targeted that wasn’t known publicly” including flight numbers that they were going to take.
“It’s massive political espionage that, from our point of view, has a political motivation,” he said.
Citizen Lab, a cybersecurity research group affiliated with the University of Toronto, has revealed that at least 65 people, most of them directly linked to the Catalan separatist camp, were targeted with Pegasus or similar spyware sold only to government agencies to target criminals and terrorists.
[ Read: Citizen Lab Documents Israeli Surveillance Spyware Infections in Spain ]
Almost all of the incidents occurred between 2017 and 2020, when efforts to carve out an independent state in northeastern Spain led to the country’s deepest political crisis in decades. The former Catalan Cabinet that pushed ahead with an illegal referendum on independence was sacked. Most of its members were imprisoned before they were eventually pardoned. Half a dozen people fled the country.
The Spanish government has not denied nor confirmed whether it uses Pegasus or other hard-to-detect spyware. Defense Minister Margarita Robles on Wednesday said that laws protecting state secrets prevent the agency from disclosing details on the activities of the country’s intelligence services.
“We cannot sow suspicion about an organization that cannot defend itself,” Robles told Spanish state broadcaster, TVE, adding that CNI’s actions fall under the oversight of judges.
Aragonès, whose device was among those infiltrated, according to Citizen Lab, said his leftist party’s crucial support for Socialist Prime Minister Pedro Sánchez’s left-to-center national coalition and the ongoing negotiations about the future of the wealthy Catalan region can’t continue unless the Spanish government launches a full investigation and purges those responsible for the hacking.
If the targeted espionage by CNI is confirmed, Aragonès said the responsibility within Sánchez’s administration “will be based on who knew, who authorized these actions or who didn’t.”
“And when I speak of responsibility, I mean that we’ll need to see resignations,” he told The Associated Press.
Rounds of talks between the central government in Madrid and Catalan regional authorities have yielded some progress in solving some of the separatists’ long-term grievances but have not resolved the fundamental issues of Catalonia’s status within Spain.
Polling and recent elections show that the percent of Catalans who support independence grew since last decade’s financial crisis but have since then remained divided, with majorities fluctuating recently between those in favor or against breaking away from Spain.
Related: Secretive Israeli Exploit Company Behind Wave of Zero-Day Exploits
Related: Microsoft Patches 128 Windows Flaws, New Zero-Day Reported by NSA
Related: Microsoft Patches 3 Under-Attack Windows Zero-Days
Related: Google Confirms Sixth Zero-Day Chrome Attack in 2021