Beirut, April 6, 2022 – Jordanian authorities should conduct a swift and thorough investigation into allegations that two journalists were targeted with Pegasus spyware, the Committee to Protect Journalists said Wednesday.
Throughout 2021, Suhair Jaradat, a freelance columnist for media outlets including the London-based Arabic news website Today’s Opinion, was repeatedly targeted by the spyware, according to a joint report published on Tuesday, April 5, by the human rights group Front Line Defenders and digital rights group Citizen Lab, as well as Jaradat, who spoke to CPJ in a phone interview.
From February to December of that year, Jaradat’s phone was infected with Pegasus spyware on at least six separate occasions, according to the journalist and that report.
The report states that a second journalist, who also works as a human rights activist, had her phone infected by the spyware at least twice in 2021; the report does not name that journalist, and CPJ was unable to immediately identify them.
“Jordanian authorities must swiftly and transparently investigate the alleged surveillance of journalist Suhair Jaradat and a second unidentified journalist, and ensure those responsible are held to account,” said Sherif Mansour, CPJ’s Middle East and North Africa program coordinator. “Journalists must be able to work without fear that hackers will gain access to their sources or their private lives.”
Jaradat told CPJ that she discovered her phone had been infected in May 2021, and officers with the local Criminal Investigation Department’s cybercrime unit were able to remove the spyware from her device. At a cybersecurity conference in February 2022, she again found that her phone had been compromised, she said. The Front Line Defenders and Citizen Lab report said that a forensic examination of her phone showed that it had been infected with Pegasus six times from February to December of 2021.
The joint report said that researchers suspected two groups of hackers were behind the campaigns targeting Jaradat, that anonymous journalist, and human rights advocates in Jordan. One of those groups was focused entirely on Jordan, and the other also had activities in Iraq, Lebanon, and Saudi Arabia. Front Line Defenders and Citizen Lab wrote that both groups were “likely agencies of the Jordanian government.” CPJ was unable to immediately determine the origin of the spyware infections.
When CPJ contacted Jordanian Ministry of Information manager Dina Doud via messaging app for comment, she referred CPJ to a statement published by the country’s National Cyber Security Center, which denied any government involvement in the use of spyware against journalists, and said it would have been illegal for authorities to have been involved in such activities.
Jaradat noted, “In Jordan, authorities stated before that they don’t use this spyware, and that people inside the Royal Court were also attacked by it. Then who is behind this attack?”
Jaradat writes commentary about Jordanian politics, and is often critical of authorities. She has covered topics including sedition, the silencing of the country’s political opposition, and the recent arrests of political and union figures.
“I can’t think of a reason but my articles” for prompting the hack, Jaradat told CPJ. “I don’t know for sure, but I can analyze that the goal behind affecting my phone with a spyware is to reach my sources or the people I work with.”
She added that the hack could be “a way of pressuring me to stop writing.”
CPJ has documented the use of Pegasus, spyware software made by the Israeli company NSO Group, to target journalists around the world and monitor their phones’ cameras, microphones, emails, texts, and calls. Journalists have been targeted with the software in Morocco, the United Arab Emirates, and Saudi Arabia, among other countries.
CPJ emailed NSO Group for comment, but received no response. NSO Group says it only licenses its Pegasus spyware to government agencies investigating crime and terrorism.