Pegasus (Spyware)

 SOURCE :

 (a) https://en.wikipedia.org/wiki/Pegasus_(spyware)

                                                           Pegasus (Spyware)

Pegasus is a spyware developed by the Israeli cyberarms firm NSO Group that can be covertly installed on mobile phones (and other devices) running most^[1] versions of iOS and Android.^[2] The 2021 Project Pegasus revelations suggest that the current Pegasus software can exploit all recent iOS versions up to iOS 14.6.^[1] As of 2016, Pegasus was capable of reading text messages, tracking calls, collecting passwords, location tracking, accessing the target device's microphone and camera, and harvesting information from apps. ^[3] The spyware is named after the mythical winged horse Pegasus—it is a Trojan horse that can be sent "flying through the air" to infect phones.^[4]

NSO Group was previously owned by American private equity firm Francisco Partners,^[5], but it was bought back by its founders in 2019.^[6] The company states that it provides "authorized governments with technology that helps them combat terror and crime."^[7][8] NSO Group has published sections of contracts which require customers to use its products only for criminal and national security investigations and has stated that it has an industry-leading approach to human rights.^[9]

Pegasus was discovered in August 2018 after a failed installation attempt on the iPhone of a human rights activist^{[citation needed]} led to an investigation revealing details about the spyware, its abilities, and the security vulnerabilities it exploited. News of the spyware caused significant media coverage. It was called the "most sophisticated" smartphone attack ever, and marked the first time that a malicious remote exploit using jailbreak to gain unrestricted access to an iPhone had been detected.^[7]

On August 23, 2020, according to intelligence obtained by the Israeli newspaper Haaretz, NSO Group sold Pegasus spyware software for hundreds of millions of US dollars to the United Arab Emirates and the other Gulf States, for surveillance of anti-regime activists, journalists, and political leaders from rival nations, with encouragement and mediation by the Israeli government.^[10] Later, in December 2020, the Al Jazeera investigative show The Tip of the Iceberg, Spy partners, exclusively covered Pegasus and its penetration into the phones of media professionals and activists; and its use by Israel to eavesdrop on both opponents and allies.^[11][12]

In July 2021, widespread media coverage part of the Project Pegasus revelations along with an in-depth analysis by human rights group Amnesty International uncovered that Pegasus was still being widely used against high-profile targets. It showed that Pegasus was able to infect all modern iOS versions up to the latest release, iOS 14.6, through a zero-click iMessage exploit.^[1]

Contents

• 1Discovery
• 2Spyware details
  • 2.1Pegasus Anonymizing Transmission Network
• 3Use of spyware
  • 3.1Use by India
  • 3.2Use by Mexican drug cartels
  • 3.3Use by Saudi Arabia
  • 3.4Project Pegasus revelations
• 4Vulnerabilities
• 5Reactions
  • 5.1Media
  • 5.2NSO Group comment
  • 5.3Developers
  • 5.4Bug-bounty program skepticism
• 6See also
• 7References

Discovery

Pegasus' iOS exploitation was identified in August 2016. Arab human rights defender Ahmed Mansoor received a text message promising "secrets" about torture happening in prisons in the United Arab Emirates by following a link. Mansoor sent the link to Citizen Lab, who investigated, with the collaboration of Lookout, finding that if Mansoor had followed the link it would have jailbroken his phone and implanted the spyware into it, in a form of social engineering.^[13] Citizen Lab linked the attack to the NSO Group.

Regarding how widespread the issue was, Lookout explained in a blog post: "We believe that this spyware has been in the wild for a significant amount of time based on some of the indicators within the code" and pointed out that the code shows signs of a "kernel mapping table that has valued all the way back to iOS 7" (released 2013).^[14] The New York Times and The Times of Israel both reported that it appeared that the United Arab Emirates was using this spyware as early as 2013.^[15][16][17]

Several lawsuits outstanding in 2018 claimed that NSO Group helped clients operate the software and therefore participated in numerous violations of human rights initiated by its clients.^[17] Two months after the murder and dismemberment of Washington Post journalist Jamal Khashoggi, a Saudi human rights activist, in the Saudi Arabian Consulate in Istanbul, Turkey, Saudi dissident Omar Abdulaziz, a Canadian resident, filed suit in Israel against NSO Group, accusing the firm of providing the Saudi government with the surveillance software to spy on him and his friends, including Khashoggi.^[3]

Spyware Details

The spyware can be installed on devices running certain versions of iOS, Apple's mobile operating system, as well as some Android devices.^[1] Rather than being a specific exploit, Pegasus is a suite of exploits that uses many vulnerabilities in the system. Infection vectors include clicking links, the Photos app, the Apple Music app, and iMessage. Some of the exploits Pegasus uses are zero-click—that is, they can run without any interaction from the victim. Once installed, Pegasus has been reported to be able to run arbitrary code, extract contacts, call logs, messages, photos, web browsing history, settings,^[18] as well as gather information from apps including but not limited to communications apps iMessage, Gmail, Viber, Facebook, WhatsApp, Telegram, and Skype.^[19]

At the 2017 Security Analyst Summit held by Kaspersky Lab, researchers revealed that Pegasus was available for Android in addition to iOS; Google refers to the Android version as Chrysaor, the brother of the winged horse Pegasus. Its functionality is similar to the iOS version, but the mode of attack is different. The Android version tries to gain root access (similar to jailbreaking in iOS); if it fails, it asks the user for permissions that enable it to harvest at least some data. At the time Google said that only a few Android devices had been infected.^[20]

Pegasus hides itself as far as is possible and self-destructs in an attempt to eliminate evidence if unable to communicate with its command-and-control server for over 60 days, or if on the wrong device. Pegasus can also do this on command.^[20]

Pegasus Anonymizing Transmission Network

Human rights group Amnesty International reported in the 2021 Project Pegasus revelations that Pegasus employs a sophisticated command-and-control (C&C) infrastructure to deliver exploit payloads and send commands to Pegasus targets. There are at least four known iterations of the C&C infrastructure, dubbed the Pegasus Anonymizing Transmission Network (PATN) by NSO group, each encompassing up to 500 domain names, DNS servers, and other network infrastructure. The PATN reportedly utilizes techniques such as registering high port numbers for their online infrastructure as to avoid conventional Internet scanning. PATN also uses up to three randomised subdomains unique per exploit attempt as well as randomised URL paths.^[1]

Use of Spyware

Although Pegasus is stated as intended to be used against criminals and terrorists,^[9] use by authoritarian governments to spy on critics and opponents has often been reported.

Use by India

In late 2019, Facebook initiated a suit against NSO, claiming that Pegasus had been used to intercept the WhatsApp communications of a number of activists, journalists, and bureaucrats in India, leading to accusations that the Indian government was involved.^[21][22][23]

Phone numbers of Indian ministers, opposition leaders, ex-election commissioners and journalists were allegedly found on a database of NSO hacking targets by Project Pegasus in 2021.^[24][25][26]

Independent digital forensic analysis conducted on 10 Indian phones whose numbers were present in the data showed signs of either an attempted or successful Pegasus hack. The results of the forensic analysis threw up shows sequential correlations between the time and date a phone number is entered in the list and the beginning of surveillance. The gap usually ranges between a few minutes and a couple of hours.^[27]

11 phone numbers associated with a female employee of the Supreme Court of India and her immediate family, who accused the former Chief Justice of India, Ranjan Gogoi, of sexual harrasment, are also allegedly found on a database indicating possibility of their phones being snooped.^[28][29]

Records also indicate that phone numbers of some of the key political players in Karnataka appear to have been selected around the time when an intense power struggle was taking place between the Bharatiya Janata Party and the Janata Dal (Secular)-Congress-led state government in 2019.^[30][31]

It was reported that the Indian government used Pegasus to spy on Pakistan Prime Minister Imran Khan and diplomats from Iran, Afghanistan, China, Nepal and Saudi Arabia.^[32]

Use by Mexican drug cartels

Reversing the intended use against criminals, Pegasus has been used to target and intimidate Mexican journalists by drug cartels and cartel-entwined government actors.^[33][34]

Use by Saudi Arabia

Pegasus software, whose sales are licensed by the government of Israel to foreign governments, helped Saudi Arabia spy on Jamal Kashoggi,^[35] who was later killed in Turkey.

Pegasus was also used to spy on Jeff Bezos after Mohammed bin Salman, the crown-prince of Saudi Arabia, exchanged messages with him that exploited then-unknown vulnerabilities in WhatsApp.^[36][37]

Project Pegasus Revelations

Main article: Project Pegasus revelations

A leak of a list of over 50,000 phone numbers believed to have been identified as those of people of interest by clients of NSO since 2016 became available to Paris-based media nonprofit organisation Forbidden Stories and Amnesty International. They shared the information with seventeen news media organisations in what has been called "Project Pegasus", and a months-long investigation was carried out, which reported from mid-July 2021. The Pegasus Project involved 80 journalists from the media partners: The Guardian (UK), Radio France and Le Monde (France), Die Zeit and Süddeutsche Zeitung (Germany), The Washington Post (United States), Haaretz/TheMarker (Israel), Aristegui Noticias, Proceso, OCCRP, Knack, Le Soir, The Wire (India),^[38] Daraj,^[39] Direkt36 (Hungary),^[40] and PBS Frontline.^[41] Evidence was found that many phones with numbers in the list had been targets of Pegasus spyware.^[9][42] However, The CEO of NSO Group categorically claimed that the list in question is unrelated to them, the source of the allegations can't be verified as reliable one. "This is an attempt to build something on a crazy lack of information...There is fundementally wrong with this investigation".^[43]

Vulnerabilities

Lookout provided details of the three iOS vulnerabilities:^[14]

• CVE-2016-4655: Information leak in kernel – A kernel base mapping vulnerability that leaks information to the attacker allowing them to calculate the kernel's location in memory.
• CVE-2016-4656: Kernel memory corruption leads to jailbreak – 32 and 64 bit iOS kernel-level vulnerabilities that allow the attacker to secretly jailbreak the device and install surveillance software – details in reference.^[44]
• CVE-2016-4657: Memory corruption in the webkit – A vulnerability in the Safari WebKit that allows the attacker to compromise the device when the user clicks on a link.

As of July 2021, Pegasus likely uses many exploits, some not listed in the above CVEs.^[1]

Reactions

Media

News of the spyware received significant media attention,^{[18][45][46][47][48]} particularly for being called the "most sophisticated" smartphone attack ever,^[49][50] and, for being the first detection of a remote Apple jailbreak exploit.^[51]

NSO Group Comment

Dan Tynant of The Guardian wrote an August 2016 article that featured comments from NSO Group, where they stated that they provide "authorized governments with technology that helps them combat terror and crime", although the Group told him that they had no knowledge of any incidents.^[52]

Developers

The organization developing the open source phone Librem 5, Purism, stated that the best defense against such spyware would be for users and developers to have control over the software – so that they can and do fully inspect it to quickly detect and patch vulnerabilities globally – and the hardware – so that they can switch components off physically.^[53]

Bug-Bounty Program Skepticism

In the aftermath of the news, critics asserted that Apple's bug-bounty program, which rewards people for finding flaws in its software, might not have offered sufficient rewards to prevent exploits being sold on the black market, rather than being reported back to Apple. Russell Brandom of The Verge commented that Apple's bug-bounty program, which rewards people who manage to find faults in its software, maxes out at payments of $200,000, "just a fraction of the millions that are regularly spent for iOS exploits on the black market". He goes on to ask why Apple doesn't "spend its way out of security vulnerabilities?", but also writes that "as soon as [the Pegasus] vulnerabilities were reported, Apple patched them—but there are plenty of other bugs left. While spyware companies see an exploit purchase as a one-time payout for years of access, Apple’s bounty has to be paid out every time a new vulnerability pops up." Brandom also wrote; "The same researchers participating in Apple’s bug bounty could make more money selling the same finds to an exploit broker." He concluded the article by writing; "It's hard to say how much damage might have been caused if Mansoor had clicked on the spyware link... The hope is that, when the next researcher finds the next bug, that thought matters more than the money."^[54]

See Also

• WhatsApp snooping scandal
• DROPOUTJEEP
• RCSAndroid from Hacking Team

References

1. ^ Jump up to:^{a b c d e f} "Forensic Methodology Report: How to catch NSO Group's Pegasus". www.amnesty.org. Retrieved July 19, 2021.
2. ^ Timberg, Craig; Albergotti, Reed; Guéguen, Elodie (July 19, 2021). "Despite the hype, iPhone security no match for NSO spyware - International investigation finds 23 Apple devices that were successfully hacked". The Washington Post. Retrieved July 19, 2021.
3. ^ Jump up to:^a b Boot, Max (December 5, 2018). "An Israeli tech firm is selling spy software to dictators, betraying the country's ideals". The Washington Post. Retrieved April 19, 2019.
4. ^ Bouquet, Jonathan (May 19, 2019). "May I have a word about… Pegasus spyware". The Guardian.
5. ^ Marczak, Bill; Scott-Railton, John (August 24, 2016). "The Million Dollar Dissident: NSO Group's iPhone Zero-Days used against a UAE Human Rights Defender". Citizen Lab. Retrieved December 21, 2016.
6. ^ Amitai Ziv "Israeli Cyberattack Firm NSO Bought Back by Founders at $1b Company Value; Two founders are partnering with European private equity fund Novalpina to purchase the controversial firm from Francisco Partners" February 14, 2019, Haaretz
7. ^ Jump up to:^a b Franceschi-Bicchierai, Lorenzo (August 26, 2016). "Government Hackers Caught Using Unprecedented iPhone Spy Tool". Motherboard (website). Vice Media. Retrieved May 15, 2019.
8. ^ "What is Pegasus spyware and how does it hack phones?". The Guardian. July 18, 2021. Retrieved July 19, 2021.
9. ^ Jump up to:^a b c Kirchgaessner, Stephanie; Lewis, Paul; Pegg, David; Cutler, Sam (July 18, 2021). "Revealed: leak uncovers global abuse of cyber-surveillance weapon". The Observer.
10. ^ "With Israel's Encouragement, NSO Sold Spyware to UAE and Other Gulf States". Haaretz. Retrieved August 23, 2020.
11. ^ "Al Jazeera journalists 'hacked via NSO Group spyware'". BBC News. December 21, 2020. Retrieved March 10, 2021.
12. ^ "Al Jazeera journalists hacked using Israeli firm's spyware". Al Jazeera. Retrieved March 10, 2021.
13. ^ Lee, Dave (August 26, 2016). "Who are the hackers who cracked the iPhone?". BBC News.
14. ^ Jump up to:^a b "Sophisticated, persistent mobile attack against high-value targets on iOS". Lookout. August 25, 2016. Retrieved December 21, 2016.
15. ^ Kirkpatrick, David; Ahmed, Azam (August 31, 2018). "Hacking a Prince, an Emir and a Journalist to Impress a Client". The New York Times. Retrieved August 31, 2018.
16. ^ Perlroth, Nicole (September 2, 2016). "How Spy Tech Firms Let Governments See Everything on a Smartphone". The New York Times. Retrieved August 31, 2018.
17. ^ Jump up to:^a b "Lawsuits claim Israeli spyware firm helped UAE regime hack opponents' phones". The Times of Israel. August 31, 2018. Retrieved August 31, 2018.
18. ^ Jump up to:^a b Perlroth, Nicole (August 25, 2016). "IPhone Users Urged to Update Software After Security Flaws Are Found". The New York Times. Retrieved December 21, 2016.
19. ^ Fox-Brewster, Thomas (August 25, 2016). "Everything We Know About NSO Group: The Professional Spies Who Hacked iPhones With A Single Text". Forbes. Retrieved December 21, 2016.
20. ^ Jump up to:^a b John Snow (August 17, 2017). "Pegasus: The ultimate spyware for iOS and Android". Kaspersky Daily.
21. ^ Bhattacharya, Ananya. "What is Pegasus and how did it target Indians on WhatsApp?". Quartz. Retrieved March 10, 2021.
22. ^ "Did Indian Govt Buy Pegasus Spyware? Home Ministry's Answer Is Worrying". HuffPost. November 19, 2019. Retrieved March 10, 2021.
23. ^ "Indian Activists, Lawyers Were 'Targeted' Using Israeli Spyware Pegasus". The Wire. Retrieved March 10, 2021.
24. ^ "Phones Of Indian Politicians, Journalists Hacked Using Pegasus: 10 Facts On Report". NDTV. Retrieved July 19, 2021.
25. ^ "Pegasus spyware used to 'snoop' on Indian journalists, activists". The Hindu. Special Correspondent. July 19, 2021. ISSN 0971-751X. Retrieved July 19, 2021.
26. ^ "Phones of 2 Ministers, 3 Opp leaders among many targeted for surveillance: report". The Indian Express. July 19, 2021. Retrieved July 19, 2021.
27. ^ "Snoop List Has 40 Indian Journalists, Forensic Tests Confirm Presence of Pegasus Spyware on Some". thewire.in. Retrieved July 21, 2021.
28. ^ "Eleven phones targeted: Of woman who accused ex-CJI of harassment, kin". The Indian Express. July 20, 2021. Retrieved July 21, 2021.
29. ^ "Days After Accusing CJI Gogoi of Sexual Harassment, Staffer Put on List of Potential Snoop Targets". thewire.in. Retrieved July 21, 2021.
30. ^ "Leaked Snoop List Suggests Surveillance May Have Played Role in Toppling of Karnataka Govt in 2019". thewire.in. Retrieved July 21, 2021.
31. ^ Bureau, Karnataka Bureau & New Delhi (July 20, 2021). "Key Cong-JDS leaders were 'possible targets' of Pegasus spyware during 2019 crisis: report". The Hindu. ISSN 0971-751X. Retrieved July 21, 2021.
32. ^ https://www.hindustantimes.com/world-news/china-iran-diplomats-among-people-in-list-report-101626736108335.html
33. ^ "'It's a free-for-all': how hi-tech spyware ends up in the hands of Mexico's cartels". The Guardian. December 7, 2020.
34. ^ Ahmed, Azam, and Perlroth, Nicole, "Using Texts as Lures, Government Spyware Targets Mexican Journalists and Their Families", The New York Times, June 19, 2017
35. ^ Kirkpatrick, David D. (December 2, 2018). "Israeli Software Helped Saudis Spy on Khashoggi, Lawsuit Says (Published 2018)". The New York Times. ISSN 0362-4331. Retrieved March 10, 2021.
36. ^ Burgess, Matt (January 23, 2020). "If Saudi Arabia did hack Jeff Bezos, this is probably how it went down". Wired UK. Archived from the original on July 20, 2021.
37. ^ Sarkar, Debashis (January 23, 2020). "Forensic report reveals Israeli spyware Pegasus behind Jeff Bezos's phone hack". Times of India. Archived from the original on July 20, 2021.
38. ^ "BJP Fields State Leaders to Tackle Pegasus Allegations, Uses 'International Conspiracy' Bogey". The Wire. Retrieved July 21, 2021.
39. ^ "Israel Helped Over Ten Countries Tap Over 50,000 Phones". Daraj. July 18, 2021.
40. ^ "Direkt36". Direkt36 (in Hungarian). Retrieved July 19, 2021.
41. ^ "About The Pegasus Project". Forbidden Stories. Retrieved July 19, 2021.
42. ^ "THE PEGASUS PROJECT Live Blog: Major Stories from Partners". FRONTLINE. Retrieved July 21, 2021.
43. ^ "NSO CEO exclusively responds to allegations: "The list of 50,000 phone numbers has nothing to do with us" | Ctech". m.calcalistech.com. Retrieved July 21, 2021.
44. ^ Esser, Stefan (September 5, 2016). "PEGASUS iOS Kernel Vulnerability Explained – Part 2". SektionEins GmbH. Retrieved August 31, 2019.
45. ^ Szoldra, Paul (August 26, 2016). "Inside 'Pegasus,' the impossible-to-detect software that hacks your iPhone". Business Insider. Axel Springer SE. Retrieved December 21, 2016.
46. ^ Roettgers, Janko (August 26, 2016). "This App Can Tell if an iPhone Was Hacked With Latest Pegasus Spy Malware". Variety. Retrieved December 21, 2016.
47. ^ Newman, Lily Hay (August 25, 2016). "A Hacking Group Is Selling iPhone Spyware to Governments". Wired. Retrieved December 21, 2016.
48. ^ Swartz, Jon; Weise, Elizabeth (August 26, 2016). "Apple issues security update to prevent iPhone spyware". USA Today. Retrieved December 21,2016.
49. ^ Tamblyn, Thomas (August 26, 2016). "What Is The "Pegasus" iPhone Spyware And Why Was It So Dangerous?". HuffPost. AOL. Retrieved December 21, 2016.
50. ^ Khan, Sami (August 27, 2016). "Meet Pegasus, the most-sophisticated spyware that hacks iPhones: How serious was it?". International Business Times. IBT Media. Retrieved December 21, 2016.
51. ^ Brandom, Russell (August 25, 2016). "A serious attack on the iPhone was just seen in use for the first time". The Verge. Retrieved December 21, 2016.
52. ^ Tynan, Dan (August 25, 2016). "Apple issues global iOS update after attempt to use spyware on activist's iPhone". The Guardian. Retrieved December 21,2016.
53. ^ "Defending Against Spyware Like Pegasus". Purism. July 21, 2021. Retrieved July 22, 2021.
54. ^ Brandom, Russell (August 26, 2016). "Why can't Apple spend its way out of security vulnerabilities?". The Verge. Retrieved December 21, 2016.

Hacking in the 2010s
← 2000s Timeline 2020s →
Major incidents	2010 Operation Aurora Australian cyberattacks Operation ShadowNet Operation Payback 2011 DigiNotar DNSChanger HBGary Federal Operation AntiSec Operation Tunisia PlayStation RSA SecurID compromise 2012 LinkedIn hack Stratfor email leak Operation High Roller 2013 South Korea cyberattack Snapchat hack Cyberterrorism Attack of June 25 2013 Yahoo! data breach Singapore cyberattacks 2014 Anthem medical data breach Operation Tovar iCloud leaks of celebrity photos 2014 JPMorgan Chase data breach Sony Pictures hack Russian hacker password theft 2014 Yahoo! data breach 2015 Office of Personnel Management data breach Hacking Team Ashley Madison data breach VTech data breach Ukrainian Power Grid Cyberattack SWIFT banking hack 2016 Bangladesh Bank robbery Hollywood Presbyterian Medical Center ransomware incident Commission on Elections data breach Democratic National Committee cyber attacks Vietnam Airport Hacks DCCC cyber attacks Indian Bank data breaches Surkov leaks Dyn cyberattack Russian interference in the 2016 U.S. elections 2017 2017 Macron e-mail leaks WannaCry ransomware attack Westminster cyberattack Petya cyberattack  2017 cyberattacks on Ukraine Equifax data breach Deloitte breach Disqus breach 2018 Trustico Atlanta cyberattack SingHealth data breach 2019 Sri Lanka cyberattack Baltimore ransomware attack 2019 Bulgarian revenue agency hack
Groups	Hacktivism Anonymous  associated events CyberBerkut GNAA Goatse Security Lizard Squad LulzRaft LulzSec New World Hackers NullCrew OurMine PayPal 14 RedHack TeaMp0isoN UGNazi Advanced Persistent Threat Bureau 121 Charming Kitten Cozy Bear Dark Basin Elfin Team Equation Group Fancy Bear Guccifer 2.0 Hacking Team Helix Kitten Iranian Cyber Army Lazarus Group (BlueNorOff) (AndAriel) NSO Group PLA Unit 61398 PLA Unit 61486 PLATINUM Pranknet Red Apollo Rocket Kitten Syrian Electronic Army Tailored Access Operations The Shadow Brokers Yemen Cyber Army
Individuals	DkD[|| George Hotz Guccifer Jeremy Hammond Junaid Hussain Kristoffer von Hassel Mustafa Al-Bassam MLT Ryan Ackroyd Sabu Topiary Track2 The Jester weev
Major vulnerabilities publicly disclosed	Evercookie (2010) iSeeYou (2013) Heartbleed (2014) Shellshock (2014) POODLE (2014) Rootpipe (2014) Row hammer (2014) JASBUG (2015) Stagefright (2015) DROWN (2016) Badlock (2016) Dirty COW (2016) Cloudbleed (2017) Broadcom Wi-Fi (2017) EternalBlue (2017) DoublePulsar (2017) Silent Bob is Silent (2017) KRACK (2017) ROCA vulnerability (2017) BlueBorne (2017) Meltdown (2018) Spectre (2018) EFAIL (2018) Exactis (2018) Speculative Store Bypass (2018) Lazy FP State Restore (2018) TLBleed (2018) SigSpoof (2018) Foreshadow (2018) Microarchitectural Data Sampling (2019) BlueKeep (2019) Kr00k (2019)
Malware	2010 Bad Rabbit Stuxnet SpyEye 2011 Kelihos Stars Metulji botnet Duqu Alureon 2012 Mahdi Carna Flame FBI Shamoon Red October Dexter 2013 DarkSeoul CryptoLocker 2014 Careto DarkHotel Duqu 2.0 FinFisher Brambul Gameover ZeuS Carbanak 2015 Dridex Rombertik TeslaCrypt Hidden Tear 2016 Hitler Petya (NotPetya) KeRanger Jigsaw MEMZ Pegasus Mirai X-Agent 2017 LogicLocker BrickerBot Kirk Rensenware ransomware WannaCry XafeCopy Triton 2019 Grum Joanap NetTraveler NSA ANT catalog R2D2 Regin Tinba Titanium Vault 7 ZeroAccess botnet

Categories: 

• Hacking in the 2010s
• Malware toolkits
• IOS malware
• Espionage scandals and incidents
• Spyware

Navigation menu

• 
  

• This page was last edited on 23 July 2021, at 00:07 (UTC).

AKSAI CHIN : Enemy at the Gates and a 910-km walk

 SOURCE : https://www.tribuneindia.com/news/features/enemy-at-the-gates-and-a-910-km-walk-105625

Aksai Chin:Enemy at the Gates & a 910km Walk

                                Lt-Gen Baljit Singh (retd)

60 years ago, Capt SL Tugnait walked the distance to assess the situation arising from Chinese intrusions in Ladakh

                          Brig (Captain) SL Tugnait 

Unbelievable as it may sound, but way back in 1957, our prudent mandarins in South Block had prescience of China’s impending military intrusions across the well-acknowledged boundary of Northeastern Ladakh. So, an audacious reconnaissance was conceived to assess the ramifications arising therefrom and Captain SL Tugnait was picked from among volunteers to lead the assignment.

            Ladakh and Karakorams showing Tugnait’s reconnaissance route.

                                             Retracing his steps

             :Zoomed insegment of a panorama of Kashmir,

When Tugnait walked out from Leh for Darbuk on his outward journey, he trudged across the very same place names that today are among proven PLA strongholds (Pangong Ridge South Top, Phobrang, Kongka la, Lingzithang, Aksai Chin plateau, Hazilangar and so on). And on the return journey, he passed by places (Karakoram Pass, Daulat Beg Oldie, Saser la, Khardung la ) in whose vicinity the Indian armed forces have stood entrenched in counter-poise to checkmate the PLA from any further westwards mischief.

The plucky Captain covered a hitherto unchartered route of some 910 km at mean elevation of 15,700 ft above sea level, crossing four among the world’s highest mountain passes and terminating at Leh about three months later! Bravo Tugnait for the kind of perseverance truly beyond the call of duty!

Fundamental provocation for this incredible exploration arose from the emergence of the two sibling sovereign republics in 1947 and 1949 namely, India and China in that order. While India’s freedom movement was anchored by Mahatma Gandhi around the ideology of non-violence, China’s was the offshoot of a full-blown war against the Japanese invasion of mainland China in 1938, followed by another decade of bloody civil war during the PLA’s “Long March”.

Admittedly, there was no formal unity of purpose between these two Asian nations during their struggles for national emancipation, yet there was a sense of unstated sympathy for each other’s goal. So much so that in 1938 Chinese General Zhu De made a formal request to Jawaharlal Nehru for a team of physicians and surgeons to manage their mounting battlefield casualties. The Congress party promptly dispatched a team of five volunteers led by Dr Kotnis and a respectable gift of Rs22,000 stacked during the All-India China Day Fund Raising drive while another donor wisely provided an ambulance.

On disembarkation at Hankou port in Wuhan province, the Indian medicos were received personally by Mao Zedong, General Zhu De and other top leaders of the Communist Party. This bonhomie received further boost with an invitation for a visit by Nehru which may have sown the idea of Nehru’s latter days’ optimism in the spirit of “Hindi Chini Bhai Bhai!” and who could fault him but narrow-minded sceptics? For that matter PM Narendra Modi’s Wuhan outreach to China, 80 years later, is in the same league; both efforts were afloat on wings of optimism in India but, soon after, floundered by deceit of China.

But this maiden ideal of peaceful coexistence was rudely jolted by China in 1954 when PLA besieged Lhasa with a garrison of about 4,000 combat hardened and motivated soldiers and commenced the process of building a road linking Xinjiang province to Lhasa. So, what for aeons had been a peaceful Indo-Tibet border would sadly become the most bitterly disputed Sino-Indian border that has remained on the boil to present times.

The most worrisome for India was the alignment of the road to Lhasa (NH 219) as it cuts across Ladakh’s Aksai Chin plateau and thus unilaterally altered the border alignment of the northeastern segment of India’s Ladakh province. India had barely stemmed military hostilities ignited by Pakistan in J&K by January 1949 and here was NH 219 with portents of even bigger military challenges to India in the Ladakh region.

Captain Tugnait, who retired as a Brigadier, on his part completed his mission successfully, yet his accomplishment lies all but forgotten except for an entry in the Register for MacGregor Memorial Medal, for 1958. It goes:

“Captain S.L. Tugnait... Air OP Squadron, Regiment of Artillery. Valuable Military Recce in Northern Ladakh. Covered the route from Leh over the 21,000 ft Chang La (Sic. 17,590 ft) into the Shyok River Valley to Ponyvang Lake (Sic. Pangong Tso). From there to Quazi-Haji Langer-Quaratag Pass, and back by the Karakuram Pass to Daulat Beg Oldi - Sasar Kangri over the Sasar La into the Nubra Valley and back to Leh over the 19,600 ft Kharding La”.

As may be imagined, Tugnait’s report remains off limits for public perusal but we may safely conclude that it led to (i) the positioning of an Indian Army brigade-sized force in Ladakh in 1959, subsequently upgraded to a division by 1962; and (ii) occupation of a chain of platoon-company outposts (armed with bolt action rifles and limited ammunition) starting from Daulat Beg Oldie all along the India-Tibet/China boundary eastwards to Longju in Siang Valley and Kibithu in the farthest corner of Lohit valley (Arunachal Pradesh). In the strict cartographic domain, this should have left no scope of misinterpretations pertaining to what both by authenticated cartography as also “by custom and usage” principle had always been India’s frontiers with her neighbours.

It is almost impossible for any Indian citizen to truly “dream” up from the contours on cartographic map sheets, the barren and inhospitable terra firma in extreme, of Tugnait’s reconnaissance region or the logistical nightmare for sustaining such a military deployment against the adversary as an ongoing posture. Fortunately, there exists a three-dimensional panorama by Serbjeet Singh (an extraordinary cinematographer and painter of the Himalayas) which shows up both the magical and the maddening dimensions of the region as nothing else can and is reproduced by the kind courtesy of his son. As per a notation by Serbjeet on the lower margin of the painting, the framed original used to be in the Prime Minister’s Office.

When I zoom in the precise area of reconnaissance route from the panorama, I am simply awed by Tugnait’s mental and physical endurance and his gutsy perseverance to cheerfully face extreme odds in the discharge of his duty. I am proud and humbled to have served the first two years of my career under him.