Israeli Government Finally Decides To Start Looking Into NSO Group And Its Customers
from the laconic-ideal dept
The NSO Group's latest scandal is the gift that keeps on giving. The malware purveyor has always been controversial, thanks to its decision to sell powerful cellphone exploits to known human rights violators. That these exploits have been used to place world leaders, journalists, activists, and religious leaders under surveillance is just the expected result of choosing to do business with extremely shady governments.
A list of 50,000 phone numbers portrayed as potential targets for NSO's Pegasus malware is the latest black eye for the Israeli company. The list contains numbers linked to all of the sorts of individuals listed above -- not exactly the criminals and "Bin Ladens" of the world, as NSO claims its software is used to surveil.
These revelations have led to a lot of obfuscation and backpedaling by NSO, which simultaneously claims its customers do not abuse its products while also claiming it has no insight into how its customers choose to deploy the Pegasus malware. So, when NSO says it takes action when customers use its product to target people who aren't suspected criminals or terrorists, it's pretty much just making stuff up because it really doesn't know the malware is being used or who it's being deployed against.
This has prompted reactions all over the world. In France (where activists are being sued for claiming governments have deployed this spyware), French President Emmanuel Macron recently acquired a new phone after discovering his old one had potentially been targeted by a foreign government using NSO's spyware. This prompted a call from the French government to the Israeli government demanding some answers about NSO Group, its customers, and its targets.
It also prompted an investigation into the deployment of the Pegasus malware in France. And this shows you just how quickly a government can wrap up an investigation when it's sure it will be pointing its finger at other governments or their constituents: it only took nine days to get some actionable results.
France’s cybersecurity agency has confirmed the mobile phones of two French journalists from the investigative news outlet Mediapart were hacked with the Pegasus spyware, the first instance of such surveillance being detected by a government agency.
The hacking of the phones of Lénaïg Bredoux and Edwy Plenel, the two journalists from Mediapart, was earlier detected by Amnesty International’s security lab as part of the reporting by an international consortium of journalists on the targeting of 50,000 phone numbers around the world by clients of the Isreali firm NSO Group, which developed Pegasus.
Meanwhile, the Israeli government has opened its own... something... of NSO Group. But this inquiry is moving much more cautiously with local agencies showing much less urgency.
The Record reports NSO Group was "raided" by Israeli government agencies, including the Ministry of Defense. But The Record's own reporting shows this was much more casual than its headline suggests.
Israeli news outlet Calcalist, which also reported on the raids earlier today, cited an anonymous source who said the raids were more of a formal meeting than an in-depth audit of NSO’s documents and computer systems.
A tweet by the Ministry of Defense also appears to confirm this wasn't really a raid.
Representatives from a number of bodies came to NSO today to examine the publications and allegations raised in this case.
NSO says it "welcomes" the investigation and is cooperating with the Israeli government. As for the Ministry of Defense, it won't even go so far as to call it an "investigation."
Israel’s Defense Ministry has been mum about its plans to investigate the firm and remained laconic about the matter on Wednesday, refusing to elaborate on the nature of the visit, if a formal investigation had been launched, who the officials were and what specific allegations they were checking.
NSO must be feeling some pressure. While it's obligated to follow local export license laws when selling its products to foreign governments, it pretty much takes violating a UN embargo to run afoul of Israeli law, allowing NSO Group to sell its products to a number of countries that aren't exactly on good terms with the company's homeland. Nevertheless, for the first time ever, NSO Group is actually taking the sort of action it claims has always been standard operating procedure when its customers are suspected of abusing its products.
Israeli spyware company NSO Group has temporarily blocked several government clients around the world from using its technology as the company investigates their possible misuse, a company employee told NPR on Thursday.
The suspensions are in response to an investigation by the Pegasus Project, a consortium of media outlets that reported the company's Pegasus spyware was linked to hacks and potential surveillance of telephones of people including journalists, human rights activists and heads of state.
This seems to indicate that the list of numbers is actually related to NSO Group and potential targets of its customer base. If the list has nothing to do with NSO or its customers -- as NSO has claimed -- it likely wouldn't feel compelled to cut off customers and/or curtail their use of Pegasus malware. While this isn't an explicit admission of culpability by NSO, the implication is that the company sold its products to governments it knew would abuse them to surveil people they didn't like, rather than just criminals and terrorists.
Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.
Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.
While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.
–The Techdirt Team
Filed Under: israel, malware, pegasus, spyware, surveillance
Companies: nso group
Reader Comments
Subscribe: RSS
View by: Time | Thread
That said, I'm pretty sure NSO was also selling its products to criminals and terrorists.
[ link to this | view in chronology ]
Re:
The awkward thing is that there isn't any difference really. All governments engage in actions which would be criminal elsewhere just by operating as a sovereign nation. Use of fear and violence towards political purposes, that is terrorism is basically a description of monopoly on legitimate violence.
[ link to this | view in chronology ]
Hmmmm.
It would be funny in a schadenfreude way if .... .uh, no ... when it is revealed that certain French agencies have deployed the software. Remember that these are the same people who performed terrorist actions on foreign soil in the past for political expediency so I don't see them not availing themselves of the opportunity.
[ link to this | view in chronology ]
Re: Hmmmm.
Its only bad when someone does it to us, not the little people.
Some journalists... meh if we have free time we might look into our using it on our own citizens...
ZOMG someone did it to Macron!?!?
LAUNCH ALL THE MISSILES!!!!
I mean imagine what might happen to NSO if someone showed that ISIS or HAMAS managed to get the product and deployed it on Israeli leaders. Pretty sure they might suddenly care.
[ link to this | view in chronology ]
Simply a black-hat malware group, nothing less
NSO is no different from any other spyware maker, and people should recognize that. The fact that the Israeli government hasn't shut them down means that it is complicit in these abuses.
[ link to this | view in chronology ]
Yeah, but why pass up a great opportunity to make some backroom deals? Maybe NSO will be "shut down", and a suspicously high number of former employees will now work for an undisclosed employer near the MoD. Or they'll make some kind of settlement. Either way, I forsee a result that benefits the Israeli government at the expense of whatever foreign governments they don't like.
[ link to this | view in chronology ]