Experts warn as phones of politicians are hacked
Kampala, Uganda | IAN KATUSIIME | Sometime in February 2020, then-Uganda Prime Minister Ruhakana Rugunda’s phone might have been hacked by Pegasus; a spyware manufactured by the Israel firm, NSO.
The collaborative media investigation dubbed “Pegaus project” that outed the global spying scheme reported that Rwanda might have used the Pegasus spyware to tap the phones of Uganda’s former Prime Minister Ruhakana Rugunda, former Chief of Defence Forces Gen. David Muhoozi, and former foreign affairs minister Sam Kutesa.
According to recently released data by a group of journalists and human rights activists, Rugunda’s phone was found among possible targets of spying operation by clients of NSO.
Rugunda’s phone was found in the same data set as that of then-Chief of Defence Forces, Gen. Muhoozi, and then-Foreign Affairs Minister, Kutesa and other prominent Ugandans.
According to its manufacturers, the Pegasus spyware is designed to collect files, photos, call logs, location records, communications and other private data from smartphones.
The spyware literally takes over the target smartphone and the spy can read and send mail, edit photos, listen to phone conversations.
It can activate cameras and microphones and offer real-time surveillance at key moments.
The Pegasus attacks can happen without the targets knowing – in so-called `Zero click’ attacks.
The suspected hack on the prominent Ugandans has gained attention because, according to the French journalism nonprofit, Forbidden Stories, and the human rights group Amnesty International, who released the data of possible targets; the Ugandans’ data was found among a group dominated by Rwandan phone numbers. And Rwanda is suspected to be a client of the manufacturers of the spyware.
Other targets in the Rwanda-dominated group included South Africa’s President Cyril Ramaphosa, top Burundi officials. These are areas where Rwanda equally has interests.
Even French President Emmanuel Macron’s phone number was added to the list as he was about to embark on a tour of Africa, with stops in Kenya and Ethiopia.
The revelations of Rwanda spying on Uganda have fueled the intrigue and suspicion that has been running between the two countries for close to four years now. In 2019, Rwanda shut down its border with Uganda alleging harassment of its citizens in Uganda, an accusation denied by Uganda.
It is not abnormal for countries to spy on each other; especially neighbouring ones like Rwanda and Uganda which have a shared history through liberation wars and ancestry. The two countries have allegedly run espionage campaigns against each other resulting in arrests, blackmail and soured relations over the years.
The investigative report says the tapping of phones belonging to top Ugandan officials happened in February 2020 at the time there was a summit between President Yoweri Museveni and his Rwandan counterpart Paul Kagame at the Uganda-Rwanda border.
Then Minister of Foreign Affairs Sam Kutesa was heavily involved in the talks mediated by Angola and DR Congo. Minister of state for international affairs Okello Oryem was quoted as saying it would be wrong and unacceptable for Rwanda to be engaging in the spying.
Tensions between the two states were only dulled by the pandemic that broke out in 2020 but arrests, killings and retaliatory actions have gone on.
Rwanda has issued official statements denying involvement in the spying.
Rwanda’s minister of foreign affairs, Vincent Biruta, said his country “does not possess this technical capability in any form.”
Despite Rwanda’s denial, many commentators are saying Uganda must be ready for similar cyber espionage in the future.
In an interview with The Independent, Daniel Mwesigwa, a digital rights activist and ICT researcher at The Collaboration on International ICT Policy for East and Southern Africa (CIPESA), says governments such as Uganda must boost cybersecurity readiness and capacity for such attacks.
He says the government needs to invest in human resources and protective equipment.
Mwesigwa’s recommendation is similar to what experts elsewhere have been making.
This spying is so bad and devastating. I would encourage the Government of Uganda come up with measures that will mitigate the challenges of cyber insecurity.
Another harebrained defence project. Not subject to any form of evaluation. What the thick skulls of our strategists have failed to grasp in Africa is that it pays to be your brother’s keeper. Any urgency attached to real or perceived enemies is a waste of time simply because here in Africa regime failure follows a very familiar pattern. You just have to have lived here long enough to recognize it before hand.