After Months Of Troubling News, Israel's Government Finally Limits Who NSO Group Can Sell To

from the tough-to-stay-solvent-using-a-'scorch-your-own-earth'-policy dept

Well, it's been yet another hilarious couple of days for Israel's NSO Group. I mean, not so much for NSO, which is currently sitting at the center of a raging dumpster fire of its own creation. But just because NSO isn't laughing doesn't mean it's not funny.

For years, it sold spyware to whoever wanted it. Those customers used the powerful phone exploits to target journalists, activists, dissidents, and high-ranking government officials.

Some of this had already been exposed by security researchers like Canada's Citizen Lab before the bombshell dropped: a list of 50,000 alleged NSO malware targets. NSO denied having anything to do with the list, but report after report tied its spyware to abuse by government agencies and quasi-political leaders like kings and princes in the United Arab Emirates, one who used the malware to hack the phone of his ex-wife and her lawyer.

France's President, Emmanuel Macron, was one of those on the target list obtained by journalists. This prompted the President (and other French government officials) to acquire new phones. Because of this, the French government has decided it won't be requiring the services of NSO in the future.

At the exact same time, MIT Technology Review has learned, French government officials were in the final stages of contract negotiations to purchase Pegasus hacking tools from NSO. The French were on the verge of buying the tool—in the type of deal that is typically worth millions of dollars—despite years of allegations that it was regularly being used to surveil and harass dissidents, journalists, and human rights activists worldwide.

But sources familiar with the deal say that the process fell apart after the accusations that French politicians potentially were among those targeted, and negotiations were broken off just a few days before the sale was set to take place. After publication, France’s Ministry of Foreign Affairs denied it was in the process of purchasing NSO Group tools.

That takes one customer off the list for NSO. The Israeli government -- after years of ignoring NSO's sales to human rights violators -- has further limited the company's market base, removing nearly two-thirds of the countries on its approved purchasers list.

The Defense Ministry has dramatically scaled back the number of countries to which Israeli companies can sell cyber technologies amid global fallout over Israeli spyware firm NSO Group, according to a report Thursday.

The updated November list consists of 37 countries, down from 102, according to the Calcalist business news daily.

Countries with questionable human rights records, including Israel’s new allies Morocco and the UAE, have been removed, the report said.

Much like everything related to the fallout from the NSO target list obtained in July, this could have been prevented if NSO had decided not to sell to governments known to routinely violate human rights or -- if it just couldn't help itself -- its government had forbidden sales of powerful malware to these countries.

Having fewer customers isn't going to help NSO climb back out of the hole it dug for itself. This trimming of its potential user base follows blacklisting by the US Commerce Department -- something that had an almost-immediate effect on the company's credit rating.

According to Bloomberg, Moody’s dropped NSO’s credit rating by two levels, asserting that the company’s risk of defaulting on its debts had increased and noting that the company has been losing money since 2020.

Not that NSO was in great financial shape to begin with. This was the second downgrade by Moody's, the first of which came a month before the July release of the alleged NSO spyware target list.

Moody’s said in June that it downgraded the company’s rating from B2 to B3, adding that its outlook remains negative. The report said most of the debt is supposed to be repaid in March 2025.

NSO has been offering up nonsensical and contradictory defenses of its actions for several months. Now, it's just flailing. It now wants people to believe its current woes are the end result of an anti-Israel conspiracy.

In a letter, [NSO] argued that the U.S. blacklisting arose from "an orchestrated campaign by anti-Israel organizations" that would result in hundreds of employees losing their job, according to Israeli news site Walla.

That's a ridiculous assertion. NSO would be toxic no matter where it was located. And it has had years to head off this sort of worldwide reckoning but chose to reap the profits, rather than control use of its powerful phone hacking tools. Investigations attributing phone hacks of journalists and human rights activists to NSO malware have been public knowledge for a few years now, and the company's response (until now) has been to do nothing.

By waiting this long to finally start addressing these allegations, NSO has limited its options to making nonsensical defensive statements and, presumably, starting to figure out how much its office furniture might go for at auction.

The same can be said for the Israeli government, which has been aware of these troubling allegations about NSO for just as long, but instead chose to urge on sales to human rights abusers, rather than discourage NSO from pursuing business relationships with governments that were always going to end up abusing the powerful malware. Due to this close relationship, NSO's problems are also Israel's problems, which is likely why even the Israeli government is trying to distance itself from the country's most toxic asset.

Hide this

Thank you for reading this Techdirt post. With so many things competing for everyone’s attention these days, we really appreciate you giving us your time. We work hard every day to put quality content out there for our community.

Techdirt is one of the few remaining truly independent media outlets. We do not have a giant corporation behind us, and we rely heavily on our community to support us, in an age when advertisers are increasingly uninterested in sponsoring small, independent sites — especially a site like ours that is unwilling to pull punches in its reporting and analysis.

While other websites have resorted to paywalls, registration requirements, and increasingly annoying/intrusive advertising, we have always kept Techdirt open and available to anyone. But in order to continue doing so, we need your support. We offer a variety of ways for our readers to support us, from direct donations to special subscriptions and cool merchandise — and every little bit helps. Thank you.

–The Techdirt Team

Filed Under: israel, malware, pegasus, spyware, surveillance
Companies: nso group


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. icon
    sumgai (profile), 1 Dec 2021 @ 2:21pm

    The updated November list consists of 37 countries, down from 102, according to the Calcalist business news daily.

    All it's going to take is just one person from just one of those 37 countries, and the "gray market" will thrive like there's no tomorrow.

    What would be truly 'funny' would be if that gray marketeer were to not continually purchase new copies for resale, i.e. if they simply copied the spyware and sold those copies onward. That would force NSO to sue them, and thus admit that the IP in question is, indeed, spyware.

    Good times....

    link to this | view in thread ]

  2. identicon
    Anonymous Coward, 1 Dec 2021 @ 2:59pm

    Re:

    I thought "Pegasus is spyware" was firmly established by the fact that spies were buying it?

    link to this | view in thread ]

  3. identicon
    Anonymous Coward, 1 Dec 2021 @ 3:52pm

    Re: Re:

    Its just that governments think that it is bing used to spy on the wrong people... themselves.

    link to this | view in thread ]

  4. identicon
    Anonymous Coward, 1 Dec 2021 @ 4:07pm

    The Defense Ministry has dramatically scaled back the number of countries to which Israeli companies can sell cyber technologies amid global fallout over Israeli spyware firm NSO Group, according to a report Thursday.

    The updated November list consists of 37 countries, down from 102, according to the Calcalist business news daily.

    This is actually bigger news than it seems: NSO Group hasn't just limited its own ability to enable rights abusing countries. It's limited ALL Israeli companies' ability to enable rights abusing countries.

    This is important because NSO Group can't now just spin up new shell corporations and declare bankruptcy...

    AND, other tech firms spun up by veterans of the Israeli intelligence services (like the one that deployed spyware/root access in HP and Lenovo laptops, or the one that sells the world's majority of branded VPN services via various shell company names) ALSO have to cease working in these countries.

    This is HUGE.

    link to this | view in thread ]

  5. identicon
    Arijirija, 1 Dec 2021 @ 5:57pm

    foot in mouth, shoots self in foot

    not pretty.

    So typical about the NSO claiming there's an anti-Israel conspiracy going on. Anyone claiming (with proof) that Israel is committing major human rights abuses against the Palestinians it controls, usually gets labelled anti-Semitic. So typical ... you don't need to be Jewish to be a fool; but equally, being Jewish is no defense against also being a fool.

    Does the NSO really want to tar all Israelis with their repulsive mess?

    link to this | view in thread ]

  6. identicon
    Pixelation, 1 Dec 2021 @ 8:13pm

    Thank you Israel!!

    Now that the cat's out of the bag...

    Well, way to go. Very... um... helpful?

    link to this | view in thread ]

  7. icon
    sumgai (profile), 1 Dec 2021 @ 9:08pm

    Re: Re

    I meant that as in, all of their products are essentially spyware, no exceptions. But I'll freely admit that spyware is a sub-category of malware, so I probably should've used the latter term, to be more inclusive.

    link to this | view in thread ]

  8. icon
    Upstream (profile), 2 Dec 2021 @ 3:09am

    Government SOP

    Israel's actions here are an excellent example of the "too little, too late" modus operandi so typical of government attempts at reform.

    When they put everyone at NSO on trial for criminal / terrorist activity then it might mean something. Until then, this is just a lame attempt at PR.

    link to this | view in thread ]

  9. identicon
    Anonymous Coward, 2 Dec 2021 @ 7:10am

    Re:

    It's limited ALL Israeli companies' ability to enable rights abusing countries.

    Though I do wonder whether that's as good as it sounds. At least we knew about NSO Group; people like Citizen Lab were watching them and learning what software flaws they were exploiting, which led to those vulnerabilities getting fixed. Things could get harder when every country's able to have their own malware, each taking advantage of a different unknown flaw.

    link to this | view in thread ]

  10. identicon
    Anonymous Coward, 2 Dec 2021 @ 4:29pm

    Re: foot in mouth, shoots self in foot

    Well apparently the Israeli government is part of the anti-Israeli conspiracy. Although they failed to take Israel off the list also, so NSO has that going for them.

    link to this | view in thread ]


Follow Techdirt
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Discord

The latest chatter on the Techdirt Insider Discord channel...

Loading...
Recent Stories

This site, like most other sites on the web, uses cookies. For more information, see our privacy policy. Got it
Close

Email This

This feature is only available to registered users. Register or sign in to use it.