Cherie Blair and the Dubai ruler who spied on his ex-wife’s phone with Pegasus spyware

Cherie Blair and the Dubai ruler who spied on his ex-wife's phone with Pegasus spyware

It’s a pretty juicy story.

The UK High Court has determined that the ruler of Dubai, Sheikh Mohammed Al Maktoum, had his ex-wife’s smartphone hacked with the notorious Pegasus spyware, sold by the equally notorious NSO Group.

Furthermore, during court proceedings between Princess Haya of Jordan and Sheikh Mohammed over the welfare of their children, the phones of the Princess’s UK-based solicitors, bodyguards, and personal assistant were also targeted.

The Pegasus spyware used in the attack has the ability to track a target’s location, read messages on the phone, listen to telephone calls, access contact lists, passwords, calendars, and photographs, and even allows for audio and video surveillance.

According to the court judgment, 265 megabytes of data was found to have been uploaded from Princess Haya’s phone, during a period described by the judge as “a particularly busy and financially interesting time in these proceedings, with the buildup to key hearings relating to the mother’s long-term financial claims for herself and the children.”

There’s much more to the story than this and it’s probably worth reading the full judgment or at least some of the many media reports if you’re interested in learning more.

Sign up to our free newsletter.
Security news, advice, and tips.

But one element that definitely caused me to raise an eyebrow was the revelation of the key role that Cherie Blair played in the story.

Cherie Blair, who is – of course – the barrister wife of former British Prime Minister Tony Blair, rang Princess Haya’s solicitor Fiona Shackleton to warn her that her phone was being spied upon.


How did Cherie Blair know that Shackleton’s phone had been infected by the Pegasus spyware? Because NSO Group told her.

Why would NSO Group tell Cherie Blair about someone’s phone being infected by its Pegasus spyware? Because – and this is the real crazy bit – Cherie Blair works as an “adviser to NSO group.”

That’s something I, and I suspect many other people, didn’t know before today.

Here’s how The Guardian described the course of events:

Blair, a successful barrister who carried on practising as much as she could when her husband was prime minister, had stepped up her professional activities again after leaving Downing Street, starting a law firm, Omnia Strategy. Recent work included acting as an adviser to NSO Group, a company repeatedly embroiled in ethical crises, on business and human rights matters. Well into the evening, according to one of the judgments, Blair’s phone rang.

On the line – “at nearly midnight Israeli time” – was a “senior member of the management team of NSO Group” with a message to pass on.

The senior manager is not named by McFarlane, but he recounts what Blair was told: “It had come to the attention of NSO that their software may have been misused to monitor the mobile phone of Baroness Shackleton and her client, Her Royal Highness Princess Haya.” Blair made contact with Shackleton to pass on the information; the alarm was raised and it quickly became clear that the hacking allegation would form part of the welfare battle, whose truth would have to be determined by the courts.

I know everyone deserves legal advice, and a barrister is probably no stranger to representing all manner of unsavoury individuals and organisations in court, but the optics on this really don’t look good at all.

NSO Group is a highly controversial organisation, whose spyware has been used over and over again to spy on human rights activists and journalists.

It seems once again the Pegasus spyware was used in a way which NSO Group says it should never be used, and a public figure has chosen to turn a blind eye to working with shady organisation if the payday is big enough.

Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.