Israeli Government Finally Decides To Start Looking Into NSO Group And Its Customers

from the laconic-ideal dept

The NSO Group’s latest scandal is the gift that keeps on giving. The malware purveyor has always been controversial, thanks to its decision to sell powerful cellphone exploits to known human rights violators. That these exploits have been used to place world leaders, journalists, activists, and religious leaders under surveillance is just the expected result of choosing to do business with extremely shady governments.

A list of 50,000 phone numbers portrayed as potential targets for NSO’s Pegasus malware is the latest black eye for the Israeli company. The list contains numbers linked to all of the sorts of individuals listed above — not exactly the criminals and “Bin Ladens” of the world, as NSO claims its software is used to surveil.

These revelations have led to a lot of obfuscation and backpedaling by NSO, which simultaneously claims its customers do not abuse its products while also claiming it has no insight into how its customers choose to deploy the Pegasus malware. So, when NSO says it takes action when customers use its product to target people who aren’t suspected criminals or terrorists, it’s pretty much just making stuff up because it really doesn’t know the malware is being used or who it’s being deployed against.

This has prompted reactions all over the world. In France (where activists are being sued for claiming governments have deployed this spyware), French President Emmanuel Macron recently acquired a new phone after discovering his old one had potentially been targeted by a foreign government using NSO’s spyware. This prompted a call from the French government to the Israeli government demanding some answers about NSO Group, its customers, and its targets.

It also prompted an investigation into the deployment of the Pegasus malware in France. And this shows you just how quickly a government can wrap up an investigation when it’s sure it will be pointing its finger at other governments or their constituents: it only took nine days to get some actionable results.

France’s cybersecurity agency has confirmed the mobile phones of two French journalists from the investigative news outlet Mediapart were hacked with the Pegasus spyware, the first instance of such surveillance being detected by a government agency.

The hacking of the phones of Lénaïg Bredoux and Edwy Plenel, the two journalists from Mediapart, was earlier detected by Amnesty International’s security lab as part of the reporting by an international consortium of journalists on the targeting of 50,000 phone numbers around the world by clients of the Isreali firm NSO Group, which developed Pegasus.

Meanwhile, the Israeli government has opened its own… something… of NSO Group. But this inquiry is moving much more cautiously with local agencies showing much less urgency.

The Record reports NSO Group was “raided” by Israeli government agencies, including the Ministry of Defense. But The Record’s own reporting shows this was much more casual than its headline suggests.

Israeli news outlet Calcalist, which also reported on the raids earlier today, cited an anonymous source who said the raids were more of a formal meeting than an in-depth audit of NSO’s documents and computer systems.

A tweet by the Ministry of Defense also appears to confirm this wasn’t really a raid.

Representatives from a number of bodies came to NSO today to examine the publications and allegations raised in this case.

NSO says it “welcomes” the investigation and is cooperating with the Israeli government. As for the Ministry of Defense, it won’t even go so far as to call it an “investigation.”

Israel’s Defense Ministry has been mum about its plans to investigate the firm and remained laconic about the matter on Wednesday, refusing to elaborate on the nature of the visit, if a formal investigation had been launched, who the officials were and what specific allegations they were checking.

NSO must be feeling some pressure. While it’s obligated to follow local export license laws when selling its products to foreign governments, it pretty much takes violating a UN embargo to run afoul of Israeli law, allowing NSO Group to sell its products to a number of countries that aren’t exactly on good terms with the company’s homeland. Nevertheless, for the first time ever, NSO Group is actually taking the sort of action it claims has always been standard operating procedure when its customers are suspected of abusing its products.

Israeli spyware company NSO Group has temporarily blocked several government clients around the world from using its technology as the company investigates their possible misuse, a company employee told NPR on Thursday.

The suspensions are in response to an investigation by the Pegasus Project, a consortium of media outlets that reported the company’s Pegasus spyware was linked to hacks and potential surveillance of telephones of people including journalists, human rights activists and heads of state.

This seems to indicate that the list of numbers is actually related to NSO Group and potential targets of its customer base. If the list has nothing to do with NSO or its customers — as NSO has claimed — it likely wouldn’t feel compelled to cut off customers and/or curtail their use of Pegasus malware. While this isn’t an explicit admission of culpability by NSO, the implication is that the company sold its products to governments it knew would abuse them to surveil people they didn’t like, rather than just criminals and terrorists.

Filed Under: , , , ,
Companies: nso group

Rate this comment as insightful
Rate this comment as funny
You have rated this comment as insightful
You have rated this comment as funny
Flag this comment as abusive/trolling/spam
You have flagged this comment
The first word has already been claimed
The last word has already been claimed
Insightful Lightbulb icon Funny Laughing icon Abusive/trolling/spam Flag icon Insightful badge Lightbulb icon Funny badge Laughing icon Comments icon

Comments on “Israeli Government Finally Decides To Start Looking Into NSO Group And Its Customers”

Subscribe: RSS Leave a comment
Annonymouse says:


It would be funny in a schadenfreude way if …. .uh, no … when it is revealed that certain French agencies have deployed the software. Remember that these are the same people who performed terrorist actions on foreign soil in the past for political expediency so I don’t see them not availing themselves of the opportunity.

That Anonymous Coward (profile) says:

Re: Hmmmm.

Its only bad when someone does it to us, not the little people.

Some journalists… meh if we have free time we might look into our using it on our own citizens…
ZOMG someone did it to Macron!?!?

I mean imagine what might happen to NSO if someone showed that ISIS or HAMAS managed to get the product and deployed it on Israeli leaders. Pretty sure they might suddenly care.

Anonymous Coward says:

A tweet by the Ministry of Defense also appears to confirm this wasn’t really a raid.

Yeah, but why pass up a great opportunity to make some backroom deals? Maybe NSO will be "shut down", and a suspicously high number of former employees will now work for an undisclosed employer near the MoD. Or they’ll make some kind of settlement. Either way, I forsee a result that benefits the Israeli government at the expense of whatever foreign governments they don’t like.

Leave a Reply to Anonymous Coward Cancel reply

Your email address will not be published. Required fields are marked *

Have a Techdirt Account? Sign in now. Want one? Register here

Comment Options:

Make this the or (get credits or sign in to see balance) what's this?

What's this?

Techdirt community members with Techdirt Credits can spotlight a comment as either the "First Word" or "Last Word" on a particular comment thread. Credits can be purchased at the Techdirt Insider Shop »

Follow Techdirt

Techdirt Daily Newsletter

Techdirt Deals
Techdirt Insider Discord
The latest chatter on the Techdirt Insider Discord channel...