Parliament Sitting on 13 September 2021


60. Mr Leon Perera: To ask the Minister for Communications and Information in light of the findings by the Pegasus Project on the spyware of Israeli cyber-arms firm NSO (a) whether there has been or will be any investigation conducted to identify if the operators behind the suspected infection of mobile devices in Singapore, including the operators named “Merlion” and “Ganges”, are operated by NSO’s spyware; and (b) what is the recourse which victims have against such infection.


1. Members of the public who suspect that their mobile device has been infected with spyware, including Pegasus, are advised to lodge a Police report or report the incident to the Singapore Computer Emergency Response Team (or SingCERT).  We are aware of open source claims of potential Singaporean victims of Pegasus, dating from 2018.  These claims cannot be verified as no report has been filed.

2. The threat of electronic surveillance by hostile actors is not new.  Our security agencies continually invest resources to guard against such threats to our systems.  At the individual level, to mitigate the risk of spyware and other malware, we should also adopt good cyber hygiene practices, such as avoiding untrustworthy websites and not opening suspicious attachments.