Minister: Spyware used to track citizens involved in national security, drug cases

A Thai minister acknowledged the country was using surveillance software to track people in cases involving “national security or drug matters,” after a report revealed this week that phones of pro-democracy activists and government critics were targeted with Israeli-made spyware. 

Chaiwut Thanakamanusorn, the minister of Digital Economy and Society, told lawmakers that spyware was used in “limited and special cases,” but he didn’t specify which software was used by what government agency or agencies, and against whom. 

“Regarding the spyware embedded on a cell phone that can eavesdrop, monitor the display, listen in to the conversation, and read messages, I know there is such a system. … As far as I know, it is used for natural security or drug matters,” Chaiwut said during a televised debate in parliament on Tuesday. 

“We studied about it, but the Ministry of Digital Economy and Society did not use it because we have no authority. … There is an authority [for other agencies] to do so.” 

His ministry had previously denied any knowledge of the matter.

Chaiwut made the comments after three cybersecurity research groups said Monday that at least 30 people were targeted for surveillance with Pegasus spyware produced by the NSO Group, an Israeli cybersecurity company. After the researchers released their findings, Royal Thai Police denied that they were using surveillance technology.

A rapper, an actress, Thai academics and pro-democracy protest leaders who are facing charges of royal defamation and sedition were among dozens whose phones were hacked with spyware likely linked to the government, the researchers said.

The three organizations involved in the research were Canada-based cyber research group Citizen Lab, Thai digital and legal rights NGO iLaw, and Southeast Asian tech rights group Digital Reach.

The hacks took place between October 2020 and November 2021, at the height of the pro-democracy protests, when young Thai took to the streets demanding changes to the constitution, for Prime Minister Prayuth Chan-o-cha to resign and for the monarchy to be reformed.

The phone hacks were revealed in November 2021, when Apple warned several Thai iPhone users that “state-sponsored attackers” may have targeted their devices, said Ruchapong Chamjirachaikul, advocacy officer at iLaw.

Meanwhile on Monday, the NSO Group that the cybersecurity groups’ report did not reveal the names of the company’s customers.

“We refer you to the report itself, which states that the forensic evidence they collected from infected [or hacked] devices did not, in itself, provide strong evidence pointing to a specific NSO customer,” a company spokesperson told BenarNews via email.

“Politically motivated organizations continue to make unverifiable claims against NSO hoping they will result in an outright ban on all cyber intelligence technologies, despite their well-documented successes saving lives.”

The company’s website said: “NSO products are used exclusively by government intelligence and law enforcement agencies to fight crime and terror.”

Last year, the U.S. government blacklisted the NSO Group for supplying spyware that foreign governments allegedly used against peaceful dissidents and their associates worldwide.

Nontarat Phaicharoen in Bangkok contributed to this report.